Skip to main content

A limited OpenStack Identity API v3 client in Python (with fewer dependencies)

Project description

keystone-light implements a Python interface to a very limited subset of the OpenStack Identity API v3.

Initial goal: access to OpenStack Swift, using the Identity API v3, but with a lot fewer dependencies.

As of this writing, the python-keystoneclient requires keystoneauth1 and oslo.*, which in turn require some more. We only require the ubiquitous requests (and PyYAML), which you generally already have installed anyway.

Example usage

#!/usr/bin/env python3
from urllib.parse import urljoin

import requests
from keystone_light import Cloud, CloudConfig, PermissionDenied

def get_projects(cloud):
    "Yields projects, sorted by domain and project name"
    domains = cloud.get_domains()
    for domain in sorted(domains, key=(lambda x:
        if == 'Default':
            # print('WARN: skipping domain Default (fixme?)')

        projects = domain.get_projects()
        for project in sorted(projects, key=(lambda x:
            project.domain = domain
            yield project

def get_swift_stat_ensuring_permissions(project):
    "Get Swift v1 stat on a project (previously: tenant)"
        stat = project.get_swift().get_stat()
    except PermissionDenied:
        # We don't have permission to access the project? Upgrade the
        # permissions and try again.
        cloud =
        admin_role = cloud.get_role(name='admin')  # or 'reader'
        dom_admin_group = project.domain.get_admin_group()

        url = urljoin(
        out = requests.put(
            url, headers={'X-Auth-Token': str(cloud.get_system_token())})
        assert out.status_code in (201, 204), (out.status_code, out.text)

        # Try again. Should succeed if the cloud admin user is in the
        # dom_admin_group.
        stat = project.get_swift().get_stat()

    return stat

# Take config from ~/.config/openstack/clouds.yaml and select
# 'my-cloud-admin', like the openstack(1) --os-cloud option.
config = CloudConfig('my-cloud-admin')
cloud = Cloud(config)
for project in get_projects(cloud):
    swift_stat = get_swift_stat_ensuring_permissions(project)
    print('{:15s} {:23s} {:21d} B ({} objects, {} containers)'.format([0:15],,

Example output

$ python3
domainx         project                  3489 B (2 objects, 1 containers)
domainx         otherproject       1455042022 B (267 objects, 1 containers)

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for keystone-light, version 0.2
Filename, size File type Python version Upload date Hashes
Filename, size keystone-light-0.2.tar.gz (8.3 kB) File type Source Python version None Upload date Hashes View

Supported by

Pingdom Pingdom Monitoring Google Google Object Storage and Download Analytics Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page