Module netapp_ontap.resources.security_saml_sp
Copyright © 2019 NetApp Inc. All rights reserved.
Overview
You can use this API to retrieve and display relevant information pertaining to the SAML service provider configuration in the cluster. The POST operation creates a SAML service provider configuration if there is none present.
The DELETE operation removes the SAML service provider configuration.
The PATCH operation enables and disables SAML in the cluster.
Various responses are shown in the examples below.
Examples
Retrieving the SAML service provider configuration in the cluster.
The following output shows the SAML service provider configuration in the cluster.
# The API:
/api/security/authentication/cluster/saml-sp
# The call:
curl -X GET "https://<mgmt-ip>/api/security/authentication/cluster/saml-sp" -H "accept: application/hal+json"
# The response:
{
"idp_uri": "https://examplelab.customer.com/idp/Metadata",
"enabled": true,
"host": "172.21.74.181",
"certificate": {
"ca": "cluster1",
"serial_number": "156F10C3EB4C51C1",
"common_name": "cluster1"
},
"_links": {
"self": {
"href": "/api/security/authentication/cluster/saml-sp"
}
}
}
Creating the SAML service provider configuration
The following output shows how to create a SAML service provider configuration in the cluster.
# The API:
/api/security/authentication/cluster/saml-sp
# The call:
curl -X POST "https://<mgmt-ip>/api/security/authentication/cluster/saml-sp?return_records=true" -H "accept: application/hal+json" -d '{ "idp_uri": "https://examplelab.customer.com/idp/Metadata", "host": "172.21.74.181", "certificate": { "ca": "cluster1", "serial_number": "156F10C3EB4C51C1" }}'
Updating the SAML service provider configuration
The following output shows how to enable a SAML service provider configuration in the cluster.
Disabling the configuration requires the client to be authenticated through SAML prior to performing the operation.
# The API:
/api/security/authentication/cluster/saml-sp
# The call:
curl -X PATCH "https://<mgmt-ip>/api/security/authentication/cluster/saml-sp/" -d '{ "enabled": true }'
Deleting the SAML service provider configuration
# The API:
/api/security/authentication/cluster/saml-sp
# The call:
curl -X DELETE "https://<mgmt-ip>/api/security/authentication/cluster/saml-sp/"
Classes
class SecuritySamlSp (*args, **kwargs)
-
Allows interaction with SecuritySamlSp objects on the host
Initialize the instance of the resource.
Any keyword arguments are set on the instance as properties. For example, if the class was named 'MyResource', then this statement would be true:
MyResource(name='foo').name == 'foo'
Args
*args
- Each positional argument represents a parent key as used in the URL of the object. That is, each value will be used to fill in a segment of the URL which refers to some parent object. The order of these arguments must match the order they are specified in the URL, from left to right.
**kwargs
- each entry will have its key set as an attribute name on the instance and its value will be the value of that attribute.
Ancestors
Methods
def delete(self, poll: bool = True, poll_interval: typing.Union = None, poll_timeout: typing.Union = None, **kwargs) -> NetAppResponse
-
Deletes a SAML service provider configuration.
Learn more
Send a deletion request to the host for this object.
Args
poll
- If set to True, the call will not return until the asynchronous job on the host has completed. Has no effect if the host did not return a job response.
poll_interval
- If the operation returns a job, this specifies how often to query the job for updates.
poll_timeout
- If the operation returns a job, this specifies how long to continue monitoring the job's status for completion.
**kwargs
- Any key/value pairs passed will be sent as query parameters to the host.
Returns
A
NetAppResponse
object containing the details of the HTTP response.Raises
NetAppRestError
: If the API call returned a status code >= 400 def get(self, **kwargs) -> NetAppResponse
-
Retrieves a SAML service provider configuration.
Learn more
Fetch the details of the object from the host.
Requires the keys to be set (if any). After returning, new or changed properties from the host will be set on the instance.
Returns
A
NetAppResponse
object containing the details of the HTTP response.Raises
NetAppRestError
: If the API call returned a status code >= 400 def patch(self, hydrate: bool = False, poll: bool = True, poll_interval: typing.Union = None, poll_timeout: typing.Union = None, **kwargs) -> NetAppResponse
-
Updates a SAML service provider configuration.
Learn more
Send the difference in the object's state to the host as a modification request.
Calculates the difference in the object's state since the last time we interacted with the host and sends this in the request body.
Args
hydrate
- If set to True, after the response is received from the call, a a GET call will be made to refresh all fields of the object.
poll
- If set to True, the call will not return until the asynchronous job on the host has completed. Has no effect if the host did not return a job response.
poll_interval
- If the operation returns a job, this specifies how often to query the job for updates.
poll_timeout
- If the operation returns a job, this specifies how long to continue monitoring the job's status for completion.
**kwargs
- Any key/value pairs passed will be sent as query parameters to the host.
Returns
A
NetAppResponse
object containing the details of the HTTP response.Raises
NetAppRestError
: If the API call returned a status code >= 400 def post(self, hydrate: bool = False, poll: bool = True, poll_interval: typing.Union = None, poll_timeout: typing.Union = None, **kwargs) -> NetAppResponse
-
Creates a SAML service provider configuration. Note that "common_name" is mutually exclusive with "serial_number" and "ca" in the POST. SAML will initially be disabled, requiring a patch to set "enabled" to "true", so that the user has time to complete the setup of the IdP.
Required properties
idp_uri
Optional properties
certificate
enabled
host
Learn more
Send this object to the host as a creation request.
Args
hydrate
- If set to True, after the response is received from the call, a a GET call will be made to refresh all fields of the object.
poll
- If set to True, the call will not return until the asynchronous job on the host has completed. Has no effect if the host did not return a job response.
poll_interval
- If the operation returns a job, this specifies how often to query the job for updates.
poll_timeout
- If the operation returns a job, this specifies how long to continue monitoring the job's status for completion.
**kwargs
- Any key/value pairs passed will be sent as query parameters to the host.
Returns
A
NetAppResponse
object containing the details of the HTTP response.Raises
NetAppRestError
: If the API call returned a status code >= 400
Inherited members
class SecuritySamlSpSchema (only=None, exclude=(), many=False, context=None, load_only=(), dump_only=(), partial=False, unknown=None)
-
The fields of the SecuritySamlSp object
Ancestors
- netapp_ontap.resource.ResourceSchema
- marshmallow.schema.Schema
- marshmallow.schema.BaseSchema
- marshmallow.base.SchemaABC
Class variables
var certificate
-
The certificate field of the security_saml_sp.
var enabled
-
The SAML service provider is enabled. Valid for PATCH and GET operations only.
var host
-
The SAML service provider host.
var idp_uri
-
The identity provider (IdP) metadata location. Required for POST operations.
Example: https://idp.example.com/FederationMetadata/2007-06/FederationMetadata.xml
var links
-
The links field of the security_saml_sp.
var opts