Add RBAC support
Add support for managing floating ip pools. Owner and global
access to this pool can be managed. Also share rules can be
managed.
PROD-17455
Change-Id: I195dacbe7637f6ac4f23b63dc4fa9310267c032d
diff --git a/_states/contrail.py b/_states/contrail.py
index b729d26..21a1d35 100644
--- a/_states/contrail.py
+++ b/_states/contrail.py
@@ -363,6 +363,21 @@
forwading_mode: 'l2_l3'
rpf: 'disabled'
mirror_destination: False
+
+
+
+Enforce Floating Ip Pool configuration
+----------------------------------------
+
+.. code-block: yaml
+
+ floating_ip_pool_present
+ - vn_name: virtual_network_name
+ - vn_project:
+ - vn_domain
+ - owner_access: owner_access_permission
+ - global_access: global_access_permission
+ - projects: list of project-permission pairs
'''
@@ -829,3 +844,33 @@
ret = __salt__['contrail.virtual_network_create'](name, conf, **kwargs)
return ret
+
+def floating_ip_pool_present(vn_name,
+ vn_project,
+ vn_domain=None,
+ owner_access=None,
+ global_access=None,
+ projects=None,
+ **kwargs):
+ '''
+ Ensure that floating ip pool existst
+ Virtual network with flag external need to be created before this
+ function is called
+
+ :param vn_name: Name of the virtual network with external flag,
+ tell us which floating ip pool we want to manage
+ :param vn_project: Name of the project in which floating pool exists
+ :param vn_domain: Name of the domain in which floating pool exists
+ :param owner_access: permissions rights for owner of the pool
+ :param global_access: permissions rights for other users than owner
+ :param projects: list of pairs (project, permission for given project)
+ '''
+
+ ret = __salt__['contrail.update_floating_ip_pool'](vn_name,
+ vn_project,
+ vn_domain,
+ owner_access,
+ global_access,
+ projects,
+ **kwargs)
+ return ret