Table of Contents
Shortcuts

Credential

class geodesic.account.credentials.Credential(**credential)[source]

Bases: geodesic.bases._APIObject

Credentials to access secure resources such as a cloud storage bucket. Credentials have a name, type and data. Credentials can be created or deleted but not accessed again except by internal services. This is for security reasons. Credentials are stored using symmetric PGP encryption at rest.

uid

(str) - the unique ID for this credential. Set automatically

Descriptor: _StringDescr

name

(str) - the name of this credential. Unique to the user and how a user will typically reference it

Descriptor: _StringDescr

type

(str) - the type of the credential. Supported types are SERVICE_ACCOUNT_KEY, AWS_KEY_PAIR, AZURE_ACCESS_KEY, JWT, OAUTH2_CLIENT_CREDENTIALS, OAUTH2_REFRESH_TOKEN, BASIC_AUTH, API_KEY, DOCKER_PULL

Descriptor: _StringDescr

create(ignore_if_exists=True)[source]

Creates a new Credentials. Encodes the data to be sent.

from_docker_registry(*, username, host, email, password=None)[source]

creates a new Docker Pull Credential for a Docker Registry

Creates a Credential object that allows internal resources to pull a container image from a registry. Most registries support this method of pulling images and specifically this is how this is done in Kubernetes in most cases.

Details for GCP/GCR: https://cloud.google.com/container-registry/docs/advanced-authentication#json-key

Parameters

  • name – the name of the Credential to create

  • username – the username (varies by registry provider, username for Dockerhub, “_json_key” for GCR, etc)

  • host – the hostname for the registry (e.g. https://docker.io)

  • email – the email address associated with this account

  • password – the password or token for this account

Returns

a new Credential object that can be saved to the backend.

static from_gcp_service_account(*, name, key=None)[source]

creates new GCP Service Account Credential

Creates a new Credential object for a GCP Service Account (e.g. Google Earth Engine, BigQuery, etc)

Parameters

  • name – the name of the Credential to create

  • key – the full service account, either a string or dict. If None, user will be prompted via stdin

Returns

a new Credential object that can be saved to backend

static from_aws_key_pair(*, name, aws_access_key_id, aws_secret_access_key=None)[source]

creates new AWS Key Pair Credential

Creates a new Credential object for an AWS Key Pair (such as from an IAM User)

Parameters

  • name – the name of the Credential to create

  • aws_access_key_id – the access key id

  • aws_secret_access_key – the secret key. If None, user will be prompted via stdin.

Returns

a new Credential object that can be saved to backend

static from_azure_storage_account(*, name, account_name, account_key=None)[source]

creates new Azure Storage Account Credential

Creates a new Credential object for an Azure Storage Account (e.g. Blob storage)

Parameters

  • name – the name of the Credential to create

  • account_name – the Azure account name

  • account_key – the secret key for the account. If None, user will be prompted via stdin.

Returns

a new Credential object that can be saved to backend

static from_azure_connection_string(*, name, connection_string=None)[source]

creates new Azure Storage Account Credential

Creates a new Credential object for an Azure Storage Account (e.g. Blob storage)

Parameters

  • name – the name of the Credential to create

  • connection_string – the Azure account’s connection string. If None, user will be prompted via stdin.

Returns

a new Credential object that can be saved to backend

static from_jwt(*, name, jwt=None)[source]

creates new JSON Web Token Credential

Creates a new Credential object for an arbitrary JWT

Parameters

  • name – the name of the Credential to create

  • jwt – the string/encoded JWT. If None, user will be prompted via stdin.

Returns

a new Credential object that can be saved to backend

static from_oauth2_client_credentials(*, name, client_id, client_secret=None, token_url=None, authorization_url=None, audience=None, scope=None)[source]

creates new OAuth2 Client Credentials Credential

Creates a new Credential object for an OAuth2 Application

Parameters

  • name – the name of the Credential to create

  • client_id – the client_id of the oauth2 app

  • client_secret – the client secret of the oauth2 app. If None, user will be prompted via stdin.

  • token_url – the token url/uri to request an access token

  • authorization_url – the authorization url for certain auth flows

  • audience – (optional) the audience of the access_token

  • scope – (optional) custom scope to be requested with the token

Returns

a new Credential object that can be saved to backend

static from_basic_auth(*, name, username, password=None)[source]

creates new Basic Auth Credential

Creates a new Credential object for a username/password

Parameters

  • name – the name of the Credential to create

  • username – the username

  • password – the password. If None, user will be prompted via stdin.

Returns

a new Credential object that can be saved to backend

Docs

Developer documentation for Seer AI APIs

View Docs

Tutorials

Get in-depth tutorials for beginners and advanced developers

View Tutorials

Resources

Find development resources and get your questions answered

View Resources

To analyze traffic and optimize your experience, we serve cookies on this site. By clicking or navigating, you agree to allow our usage of cookies. As the current maintainers of this site, Facebook’s Cookies Policy applies. Learn more, including about available controls: Cookies Policy.