Globus Connect Server API#

The Globus Connect Server Manager API (GCS Manager API) runs on a Globus Connect Server Endpoint and allows management of the Endpoint, Storage Gateways, Collections, and other resources.

Unlike other Globus services, there is no single central API used to contact GCS Manager instances. Therefore, the GCSClient is always initialized with the FQDN (DNS name) of the GCS Endpoint. e.g. gcs = GCSClient("abc.def.data.globus.org")

Client#

The primary interface for the GCS Manager API is the GCSClient class.

class globus_sdk.GCSClient(gcs_address, *, environment=None, authorizer=None, app_name=None, transport_params=None)[source]#

Bases: BaseClient

A GCSClient provides communication with the GCS Manager API of a Globus Connect Server instance. For full reference, see the documentation for the GCS Manager API.

Unlike other client types, this must be provided with an address for the GCS Manager. All other arguments are the same as those for BaseClient.

Parameters:

gcs_address (str) – The FQDN (DNS name) or HTTPS URL for the GCS Manager API.

Methods

static get_gcs_endpoint_scopes(endpoint_id)[source]#

Given a GCS Endpoint ID, this helper constructs an object containing the scopes for that Endpoint.

Parameters:

endpoint_id (UUID | str) – The ID of the Endpoint

Return type:

GCSEndpointScopeBuilder

See documentation for globus_sdk.scopes.GCSEndpointScopeBuilder for more information.

static get_gcs_collection_scopes(collection_id)[source]#

Given a GCS Collection ID, this helper constructs an object containing the scopes for that Collection.

Parameters:

collection_id (UUID | str) – The ID of the Collection

Return type:

GCSCollectionScopeBuilder

See documentation for globus_sdk.scopes.GCSCollectionScopeBuilder for more information.

static connector_id_to_name(connector_id)[source]#

Helper that converts a given connector_id into a human readable connector name string. Will return None if the id is not recognized.

Note that it is possible for valid connector_ids to be unrecognized due to differing SDK and GCS versions.

Parameters:

connector_id (UUID | str) – The ID of the connector

Return type:

str | None

get_endpoint(query_params=None)[source]#

Get the details of the Endpoint that this client is configured to talk to.

Parameters:

query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

UnpackingGCSResponse

GET /endpoint

See Get Endpoint in the API documentation for details.

update_endpoint(endpoint_data, *, include=None, query_params=None)[source]#

Update a GCSv5 Endpoint

Parameters:

  • endpoint_data (dict[str, Any] | EndpointDocument) – The endpoint document for the modified endpoint

  • include (Iterable[Literal['endpoint']] | ~typing.Literal['endpoint'] | None) – Optional list of document types to include in the response (currently only supports the value ["endpoint"])

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

UnpackingGCSResponse

PATCH /endpoint

See Update Endpoint in the API documentation for details.

get_collection_list(*, mapped_collection_id=None, filter=None, include=None, page_size=None, marker=None, query_params=None)[source]#

List the Collections on an Endpoint

Parameters:

  • mapped_collection_id (UUID | str | None) – Filter collections which were created using this mapped collection ID.

  • filter (Iterable[str] | str | None) – Filter the returned set to any combination of the following: mapped_collections, guest_collections, managed_by_me, created_by_me.

  • include (Iterable[str] | str | None) – Names of additional documents to include in the response

  • page_size (int | None) – Number of results to return per page

  • marker (str | None) – Pagination marker supplied by previous API calls in the event a request returns more values than the page size

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

IterableGCSResponse

GET /collections

See List Collections in the API documentation for details.

get_collection(collection_id, *, query_params=None)[source]#

Lookup a Collection on an Endpoint

Parameters:

  • collection_id (UUID | str) – The ID of the collection to lookup

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

UnpackingGCSResponse

GET /collections/{collection_id}

See Get Collection in the API documentation for details.

create_collection(collection_data)[source]#

Create a collection. This is used to create either a mapped or a guest collection. When created, a collection:administrator role for that collection will be created using the caller’s identity.

In order to create a guest collection, the caller must have an identity that matches the Storage Gateway policies.

In order to create a mapped collection, the caller must have an endpoint:administrator or endpoint:owner role.

Parameters:

collection_data (dict[str, Any] | CollectionDocument) – The collection document for the new collection

Return type:

UnpackingGCSResponse

POST /collections

See Create Collection in the API documentation for details.

update_collection(collection_id, collection_data, *, query_params=None)[source]#

Update a Collection

Parameters:

  • collection_id (UUID | str) – The ID of the collection to update

  • collection_data (dict[str, Any] | CollectionDocument) – The collection document for the modified collection

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

UnpackingGCSResponse

PATCH /collections/{collection_id}

See Update Collection in the API documentation for details.

delete_collection(collection_id, *, query_params=None)[source]#

Delete a Collection

Parameters:

  • collection_id (UUID | str) – The ID of the collection to delete

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

GlobusHTTPResponse

DELETE /collections/{collection_id}

See Delete Collection in the API documentation for details.

get_storage_gateway_list(*, include=None, page_size=None, marker=None, query_params=None)[source]#

List Storage Gateways

Parameters:

  • include (None | str | Iterable[str]) – Optional document types to include in the response. If ‘private_policies’ is included, then include private storage gateway policies in the attached storage_gateways document. This requires an administrator role on the Endpoint.

  • page_size (int | None) – Number of results to return per page

  • marker (str | None) – Pagination marker supplied by previous API calls in the event a request returns more values than the page size

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

IterableGCSResponse

This method supports paginated access. To use the paginated variant, give the same arguments as normal, but prefix the method name with paginated, as in

client.paginated.get_storage_gateway_list(...)

For more information, see how to make paginated calls.

GET /storage_gateways

See Delete Collection in the API documentation for details.

create_storage_gateway(data, *, query_params=None)[source]#

Create a Storage Gateway

Parameters:

  • data (dict[str, Any] | StorageGatewayDocument) – Data in the format of a Storage Gateway document, it is recommended to use the StorageGatewayDocument class to construct this data.

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

UnpackingGCSResponse

POST /storage_gateways

See Create Storage Gateway in the API documentation for details.

get_storage_gateway(storage_gateway_id, *, include=None, query_params=None)[source]#

Lookup a Storage Gateway by ID

Parameters:

  • storage_gateway_id (UUID | str) – UUID for the Storage Gateway to be gotten

  • include (None | str | Iterable[str]) – Optional document types to include in the response. If ‘private_policies’ is included, then include private storage gateway policies in the attached storage_gateways document. This requires an administrator role on the Endpoint.

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

UnpackingGCSResponse

GET /storage_gateways/<storage_gateway_id>

See Get a Storage Gateway in the API documentation for details.

update_storage_gateway(storage_gateway_id, data, *, query_params=None)[source]#

Update a Storage Gateway

Parameters:

  • storage_gateway_id (UUID | str) – UUID for the Storage Gateway to be updated

  • data (dict[str, Any] | StorageGatewayDocument) – Data in the format of a Storage Gateway document, it is recommended to use the StorageGatewayDocument class to construct this data.

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

GlobusHTTPResponse

PATCH /storage_gateways/<storage_gateway_id>

See Update a Storage Gateway in the API documentation for details.

delete_storage_gateway(storage_gateway_id, *, query_params=None)[source]#

Delete a Storage Gateway

Parameters:

  • storage_gateway_id (str | UUID) – UUID for the Storage Gateway to be deleted

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

GlobusHTTPResponse

DELETE /storage_gateways/<storage_gateway_id>

See Delete a Storage Gateway in the API documentation for details.

get_role_list(collection_id=None, include=None, page_size=None, marker=None, query_params=None)[source]#

List Roles

Parameters:

  • collection_id (UUID | str | None) – UUID of a Collection. If given then only roles related to that Collection are returned, otherwise only Endpoint roles are returned.

  • include (str | None) – Pass “all_roles” to request all roles relevant to the resource instead of only those the caller has on the resource

  • page_size (int | None) – Number of results to return per page

  • marker (str | None) – Pagination marker supplied by previous API calls in the event a request returns more values than the page size

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

IterableGCSResponse

GET /roles

See Delete a Storage Gateway in the API documentation for details.

create_role(data, query_params=None)[source]#

Create a Role

Parameters:

  • data (dict[str, Any] | GCSRoleDocument) – Data in the format of a Role document, it is recommended to use the GCSRoleDocument class to construct this data.

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

UnpackingGCSResponse

POST /roles

See Create Role in the API documentation for details.

get_role(role_id, query_params=None)[source]#

Get a Role by ID

Parameters:

  • role_id (UUID | str) – UUID for the Role to be gotten

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

UnpackingGCSResponse

GET /roles/{role_id}

See Get Role in the API documentation for details.

delete_role(role_id, query_params=None)[source]#

Delete a Role

Parameters:

  • role_id (UUID | str) – UUID for the Role to be deleted

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

GlobusHTTPResponse

DELETE /roles/{role_id}

See Delete Role in the API documentation for details.

get_user_credential_list(storage_gateway=None, query_params=None, page_size=None, marker=None)[source]#

List User Credentials

Parameters:

  • storage_gateway (UUID | str | None) – UUID of a storage gateway to limit results to

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

  • page_size (int | None) – Number of results to return per page

  • marker (str | None) – Pagination marker supplied by previous API calls in the event a request returns more values than the page size

Return type:

IterableGCSResponse

GET /user_credentials

See Get User Credential List in the API documentation for details.

create_user_credential(data, query_params=None)[source]#

Create a User Credential

Parameters:

  • data (dict[str, Any] | UserCredentialDocument) – Data in the format of a UserCredential document, it is recommended to use the UserCredential class to construct this

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

UnpackingGCSResponse

POST /user_credentials

See Create User Credential in the API documentation for details.

get_user_credential(user_credential_id, query_params=None)[source]#

Get a User Credential by ID

Parameters:

  • user_credential_id (UUID | str) – UUID for the UserCredential to be gotten

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

UnpackingGCSResponse

GET /user_credentials/{user_credential_id}

See Get a User Credential in the API documentation for details.

update_user_credential(user_credential_id, data, query_params=None)[source]#

Update a User Credential

Parameters:

  • user_credential_id (UUID | str) – UUID for the UserCredential to be updated

  • data (dict[str, Any] | UserCredentialDocument) – Data in the format of a UserCredential document, it is recommended to use the UserCredential class to construct this

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

UnpackingGCSResponse

PATCH /user_credentials/{user_credential_id}

See Update a User Credential in the API documentation for details.

delete_user_credential(user_credential_id, query_params=None)[source]#

Delete a User Credential

Parameters:

  • user_credential_id (UUID | str) – UUID for the UserCredential to be deleted

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

GlobusHTTPResponse

DELETE /user_credentials/{user_credential_id}

See Delete User Credential in the API documentation for details.

Helper Objects#

class globus_sdk.EndpointDocument(*, data_type=MISSING, contact_email=MISSING, contact_info=MISSING, department=MISSING, description=MISSING, display_name=MISSING, info_link=MISSING, network_use=MISSING, organization=MISSING, subscription_id=MISSING, keywords=MISSING, allow_udt=MISSING, public=MISSING, max_concurrency=MISSING, max_parallelism=MISSING, preferred_concurrency=MISSING, preferred_parallelism=MISSING, gridftp_control_channel_port=MISSING, additional_fields=MISSING)[source]#

Bases: PayloadWrapper

Parameters:

  • data_type (str | MissingType) – Explicitly set the DATA_TYPE value for this endpoint document. Normally DATA_TYPE is deduced from the provided parameters and should not be set. To maximize compatibility with different versions of GCS, only set this value when necessary.

  • contact_email (str | MissingType) – Email address of the support contact for this endpoint. This is visible to end users so that they may contact your organization for support.

  • contact_info (str | MissingType) – Other non-email contact information for the endpoint, e.g. phone and mailing address. This is visible to end users for support.

  • department (str | MissingType) – Department within organization that runs the server(s). Searchable. Unicode string, max 1024 characters, no new lines.

  • description (str | MissingType) – A description of the endpoint.

  • display_name (str | MissingType) – Friendly name for the endpoint, not unique. Unicode string, no new lines (r or n). Searchable.

  • info_link (str | MissingType) – Link to a web page with more information about the endpoint. The administrator is responsible for running a website at this URL and verifying that it is accepting public connections.

  • network_use (t.Literal['normal', 'minimal', 'aggressive', 'custom'] | MissingType) –

    Control how Globus interacts with this endpoint over the network. Allowed values are:

    • normal: (Default) Uses an average level of concurrency and parallelism. The levels depend on the number of physical servers in the endpoint.

    • minimal: Uses a minimal level of concurrency and parallelism.

    • aggressive: Uses a high level of concurrency and parallelism.

    • custom: Uses custom values of concurrency and parallelism set by the endpoint admin. When setting this level, you must also set the max_concurrency, preferred_concurrency, max_parallelism, and preferred_parallelism properties.

  • organization (str | MissingType) – Organization that runs the server(s). Searchable. Unicode string, max 1024 characters, no new lines.

  • subscription_id (str | None | MissingType) – The id of the subscription that is managing this endpoint. This may be the special value DEFAULT when using this as input to PATCH or PUT to use the caller’s default subscription id.

  • keywords (t.Iterable[str] | MissingType) – List of search keywords for the endpoint. Unicode string, max 1024 characters total across all strings.

  • allow_udt (bool | MissingType) – Allow data transfer on this endpoint using the UDT protocol.

  • public (bool | MissingType) – Flag indicating whether this endpoint is visible to all other Globus users. If false, only users which have been granted a role on the endpoint or one of its collections, or belong to a domain allowed access to any of its storage gateways may view it.

  • gridftp_control_channel_port (int | None | MissingType) – TCP port for the Globus control channel to listen on. By default, the control channel is passed through 443 with an ALPN header containing the value “ftp”.

  • max_concurrency (int | MissingType) – Admin-specified value when the network_use property’s value is "custom"; otherwise the preset value for the specified network_use.

  • max_parallelism (int | MissingType) – Admin-specified value when the network_use property’s value is "custom"; otherwise the preset value for the specified network_use.

  • preferred_concurrency (int | MissingType) – Admin-specified value when the network_use property’s value is "custom"; otherwise the preset value for the specified network_use.

  • preferred_parallelism (int | MissingType) – Admin-specified value when the network_use property’s value is "custom"; otherwise the preset value for the specified network_use.

class globus_sdk.GCSRoleDocument(DATA_TYPE='role#1.0.0', collection=None, principal=None, role=None, additional_fields=None)[source]#

Bases: PayloadWrapper

Convenience class for constructing a Role document to use as the data parameter to create_role

Parameters:

  • DATA_TYPE (str) – Versioned document type.

  • collection (UUIDLike | None) – Collection ID for the collection the role will apply to. This value is omitted when creating an endpoint role or when creating role definitions when creating collections.

  • principal (str | None) – Auth identity or group id URN. Should be in the format urn:globus:auth:[identity|group]:{uuid of identity or group}

  • role (str | None) – Role assigned to the principal. Known values are owner, administrator, access_manager, activity_manager, and activity_monitor

class globus_sdk.StorageGatewayDocument(DATA_TYPE=None, display_name=None, connector_id=None, root=None, identity_mappings=None, policies=None, allowed_domains=None, high_assurance=None, require_mfa=None, authentication_timeout_mins=None, users_allow=None, users_deny=None, additional_fields=None)[source]#

Bases: PayloadWrapper

Convenience class for constructing a Storage Gateway document to use as the data parameter to create_storage_gateway or update_storage_gateway

Parameters:

  • DATA_TYPE (str | None) – Versioned document type. Defaults to the appropriate type for this class.

  • display_name (str | None) – Name of the Storage Gateway

  • connector_id (UUIDLike | None) – UUID of the connector type that this Storage Gateway interacts with.

  • identity_mappings (None | t.Iterable[dict[str, t.Any]]) – A list of IdentityMapping objects which are applied to user identities to attempt to determine what accounts are available for access.

  • policies (StorageGatewayPolicies | dict[str, t.Any] | None) – Connector specific storage policies. It is recommended that you use one of the policy helper classes (e.g. POSIXStoragePolicies if you are using the POSIX connector) to create these.

  • allowed_domains (t.Iterable[str] | None) – List of allowed domains. Users creating credentials or collections on this Storage Gateway must have an identity in one of these domains.

  • restrict_paths – Path restrictions within this Storage Gateway. Private.

  • high_assurance (bool | None) – Flag indicating if the Storage Gateway requires high assurance features.

  • authentication_timeout_mins (int | None) – Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway.

  • users_allow (t.Iterable[str] | None) – List of connector-specific usernames allowed to access this Storage Gateway. Private.

  • users_deny (t.Iterable[str] | None) – List of connector-specific usernames denied access to this Storage Gateway. Private.

  • process_user – Local POSIX user the GridFTP server should run as when accessing this Storage Gateway.

  • load_dsi_module – Name of the DSI module to load by the GridFTP server when accessing this Storage Gateway.

  • require_mfa (bool | None) – Flag indicating that the Storage Gateway requires multi-factor authentication. Only usable on high assurance Storage Gateways.

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the Storage Gateway document

class globus_sdk.UserCredentialDocument(DATA_TYPE='user_credential#1.0.0', identity_id=None, connector_id=None, username=None, display_name=None, storage_gateway_id=None, policies=None, additional_fields=None)[source]#

Bases: PayloadWrapper

Convenience class for constructing a UserCredential document to use as the data parameter to create_user_credential and update_user_credential

Parameters:

  • DATA_TYPE (str) – Versioned document type.

  • identity_id (UUIDLike | None) – UUID of the Globus identity this credential will provide access for

  • connector_id (UUIDLike | None) – UUID of the connector this credential is for

  • username (str | None) – Username of the local account this credential will provide access to, format is connector specific

  • display_name (str | None) – Display name for this credential

  • storage_gateway_id (UUIDLike | None) – UUID of the storage gateway this credential is for

  • policies (dict[str, t.Any] | None) – Connector specific policies for this credential

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the document

Collections#

class globus_sdk.CollectionDocument(*, data_type=None, collection_base_path=None, contact_email=None, contact_info=None, default_directory=None, department=None, description=None, display_name=None, identity_id=None, info_link=None, organization=None, user_message=None, user_message_link=None, keywords=None, disable_verify=None, enable_https=None, force_encryption=None, force_verify=None, public=None, additional_fields=None)[source]#

Bases: PayloadWrapper, ABC

This is the base class for MappedCollectionDocument and GuestCollectionDocument.

Parameters common to both of those are defined and documented here.

Parameters:

  • data_type (str | None) – Explicitly set the DATA_TYPE value for this collection. Normally DATA_TYPE is deduced from the provided parameters and should not be set. To maximize compatibility with different versions of GCS, only set this value when necessary.

  • collection_base_path (str | None) – The location of the collection on its underlying storage. For a mapped collection, this is an absolute path on the storage system named by the storage_gateway_id. For a guest collection, this is a path relative to the value of the root_path attribute on the mapped collection identified by the mapped_collection_id. This parameter is optional for updates but required when creating a new collection.

  • contact_email (str | None) – Email address of the support contact for the collection

  • contact_info (str | None) – Other contact information for the collection, e.g. phone number or mailing address

  • default_directory (str | None) – Default directory when using the collection

  • department (str | None) – The department which operates the collection

  • description (str | None) – A text description of the collection

  • display_name (str | None) – Friendly name for the collection

  • identity_id (UUIDLike | None) – The Globus Auth identity which acts as the owner of the collection

  • info_link (str | None) – Link for more info about the collection

  • organization (str | None) – The organization which maintains the collection

  • user_message (str | None) – A message to display to users when interacting with this collection

  • user_message_link (str | None) – A link to additional messaging for users when interacting with this collection

  • keywords (t.Iterable[str] | None) – A list of keywords used to help searches for the collection

  • disable_verify (bool | None) – Disable verification checksums on transfers to and from this collection

  • enable_https (bool | None) – Enable or disable HTTPS support (requires a managed endpoint)

  • force_encryption (bool | None) – When set to True, all transfers to and from the collection are always encrypted

  • force_verify (bool | None) – Force verification checksums on transfers to and from this collection

  • public (bool | None) – If True, the collection will be visible to other Globus users

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the collection document

class globus_sdk.MappedCollectionDocument(*, data_type=None, collection_base_path=None, contact_email=None, contact_info=None, default_directory=None, department=None, description=None, display_name=None, identity_id=None, info_link=None, organization=None, user_message=None, user_message_link=None, keywords=None, disable_verify=None, enable_https=None, force_encryption=None, force_verify=None, public=None, domain_name=None, guest_auth_policy_id=None, storage_gateway_id=None, sharing_users_allow=None, sharing_users_deny=None, sharing_restrict_paths=None, delete_protected=None, allow_guest_collections=None, disable_anonymous_writes=None, policies=None, additional_fields=None)[source]#

Bases: CollectionDocument

An object used to represent a Mapped Collection for creation or update operations. The initializer supports all writable fields on Mapped Collections but does not include read-only fields like id.

Because these documents may be used for updates, no fields are strictly required. However, GCS will require the following fields for creation:

  • storage_gateway_id

  • collection_base_path

All parameters for CollectionDocument are supported in addition to the parameters below.

Parameters:

  • storage_gateway_id (UUIDLike | None) – The ID of the storage gateway which hosts this mapped collection. This parameter is required when creating a collection.

  • domain_name (str | None) – DNS name of the virtual host serving this collection

  • guest_auth_policy_id (UUIDLike | None) – Globus Auth policy ID to set on a mapped collection which is then inherited by its guest collections.

  • sharing_users_allow (t.Iterable[str] | None) – Connector-specific usernames allowed to create guest collections

  • sharing_users_deny (t.Iterable[str] | None) – Connector-specific usernames forbidden from creating guest collections

  • delete_protected (bool | None) – Enable or disable deletion protection on this collection. Defaults to True during creation.

  • allow_guest_collections (bool | None) – Enable or disable creation and use of Guest Collections on this Mapped Collection

  • disable_anonymous_writes (bool | None) – Allow anonymous write ACLs on Guest Collections attached to this Mapped Collection. This option is only usable on non high-assurance collections

  • policies (CollectionPolicies | dict[str, t.Any] | None) – Connector-specific collection policies

  • sharing_restrict_paths (dict[str, t.Any] | None) – A PathRestrictions document

class globus_sdk.GuestCollectionDocument(*, data_type=None, collection_base_path=None, contact_email=None, contact_info=None, default_directory=None, department=None, description=None, display_name=None, identity_id=None, info_link=None, organization=None, user_message=None, user_message_link=None, keywords=None, disable_verify=None, enable_https=None, force_encryption=None, force_verify=None, public=None, mapped_collection_id=None, user_credential_id=None, additional_fields=None)[source]#

Bases: CollectionDocument

An object used to represent a Guest Collection for creation or update operations. The initializer supports all writable fields on Guest Collections but does not include read-only fields like id.

Because these documents may be used for updates, no fields are strictly required. However, GCS will require the following fields for creation:

  • mapped_collection_id

  • user_credential_id

  • collection_base_path

All parameters for CollectionDocument are supported in addition to the parameters below.

Parameters:

  • mapped_collection_id (UUIDLike | None) – The ID of the mapped collection which hosts this guest collection

  • user_credential_id (UUIDLike | None) – The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id.

Storage Gateway Policies#

class globus_sdk.StorageGatewayPolicies(dict=None, /, **kwargs)[source]#

Bases: PayloadWrapper, ABC

This is the abstract base type for Storage Policies documents to use as the policies parameter when creating a StorageGatewayDocument.

Several fields on policy documents are marked as Private. This means that they are not visible except to admins and owners of the storage gateway.

class globus_sdk.ActiveScaleStoragePolicies(DATA_TYPE='s3_storage_policies#1.0.0', s3_endpoint=None, s3_buckets=None, s3_user_credential_required=None, additional_fields=None)[source]#

Bases: S3StoragePolicies

The ActiveScale Storage Policy is an alias for the S3 Storage Policy. It even uses S3 policy DATA_TYPE.

class globus_sdk.AzureBlobStoragePolicies(DATA_TYPE='azure_blob_storage_policies#1.0.0', client_id=None, secret=None, tenant=None, account=None, auth_type=None, adls=None, additional_fields=None)[source]#

Bases: StorageGatewayPolicies

Convenience class for constructing a Azure Blob Storage Policy document to use as the policies parameter when creating a StorageGatewayDocument

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • client_id (str | None) – Client ID registered with the MS Application console to access Azure Blob Private.

  • secret (str | None) – Secret created to access access MS with the client_id in this policy. Private.

  • tenant (str | None) – MS Tenant ID from which to allow user logins. Private.

  • account (str | None) – Azure Storage account. Private.

  • auth_type (str | None) – Auth type: user, service_principal or user_service_principal

  • adls (bool | None) – ADLS support enabled or not. Private.

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the policy document

class globus_sdk.BlackPearlStoragePolicies(DATA_TYPE='blackpearl_storage_policies#1.0.0', s3_endpoint=None, bp_access_id_file=None, additional_fields=None)[source]#

Bases: StorageGatewayPolicies

Convenience class for constructing a BlackPearl Storage Policy document to use as the policies parameter when creating a StorageGatewayDocument.

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • s3_endpoint (str | None) – The URL of the S3 endpoint of the BlackPearl appliance to use to access collections on this Storage Gateway.

  • bp_access_id_file (str | None) – Path to the file which provides mappings from usernames within the configured identity domain to the ID and secret associated with the user’s BlackPearl account

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the policy document

class globus_sdk.BoxStoragePolicies(DATA_TYPE='box_storage_policies#1.0.0', enterpriseID=None, boxAppSettings=None, additional_fields=None)[source]#

Bases: StorageGatewayPolicies

Convenience class for constructing a Box Storage Policy document to use as the policies parameter when creating a StorageGatewayDocument

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • enterpriseID (str | None) – Identifies which Box Enterprise this Storage Gateway is authorized to access. Private.

  • boxAppSettings (dict[str, t.Any] | None) – Values that the Storage Gateway uses to identify and authenticate with the Box API. Private.

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the policy document

class globus_sdk.CephStoragePolicies(DATA_TYPE='ceph_storage_policies#1.0.0', s3_endpoint=None, s3_buckets=None, ceph_admin_key_id=None, ceph_admin_secret_key=None, additional_fields=None)[source]#

Bases: StorageGatewayPolicies

Convenience class for constructing a Ceph Storage Policy document to use as the policies parameter when creating a StorageGatewayDocument

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • s3_endpoint (str | None) – URL of the S3 API endpoint

  • s3_buckets (t.Iterable[str] | None) – List of buckets not owned by the collection owner that will be shown in the root of collections created at the base of this Storage Gateway.

  • ceph_admin_key_id (str | None) – Administrator key id used to authenticate with the ceph admin service to obtain user credentials. Private.

  • ceph_admin_secret_key (str | None) – Administrator secret key used to authenticate with the ceph admin service to obtain user credentials. Private.

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the policy document

class globus_sdk.CollectionPolicies(dict=None, /, **kwargs)[source]#

Bases: PayloadWrapper, ABC

This is the abstract base type for Collection Policies documents to use as the policies parameter when creating a MappedCollectionDocument.

class globus_sdk.GoogleCloudStorageCollectionPolicies(DATA_TYPE='google_cloud_storage_collection_policies#1.0.0', project=None, additional_fields=None)[source]#

Bases: CollectionPolicies

Convenience class for constructing a Google Cloud Storage Collection Policy document to use as the policies parameter when creating a CollectionDocument

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • project (str | None) – Google Cloud Platform project ID that is used by this collection

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the policy document

class globus_sdk.GoogleCloudStoragePolicies(DATA_TYPE='google_cloud_storage_policies#1.0.0', client_id=None, secret=None, service_account_key=None, buckets=None, projects=None, additional_fields=None)[source]#

Bases: StorageGatewayPolicies

Convenience class for constructing a Google Cloud Storage Policy document to use as the policies parameter when creating a StorageGatewayDocument

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • client_id (str | None) – Client ID registered with the Google Application console to access Google Drive. Private.

  • secret (str | None) – Secret created to access access Google Drive with the client_id in this policy. Private.

  • service_account_key (dict[str, t.Any] | None) – Credentials for use with service account auth, read from a Google-provided json file. Private.

  • buckets (t.Iterable[str] | None) – The list of Google Cloud Storage buckets which the Storage Gateway is allowed to access, as well as the list of buckets that will be shown in root level directory listings. If this list is unset, bucket access is unrestricted and all non public credential accessible buckets will be shown in root level directory listings. The value is a list of bucket names.

  • projects (t.Iterable[str] | None) – The list of Google Cloud Storage projects which the Storage Gateway is allowed to access. If this list is unset, project access is unrestricted. The value is a list of project id strings.

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the policy document

class globus_sdk.GoogleDriveStoragePolicies(DATA_TYPE='google_drive_storage_policies#1.0.0', client_id=None, secret=None, user_api_rate_quota=None, additional_fields=None)[source]#

Bases: StorageGatewayPolicies

Convenience class for constructing a Google Drive Storage Policy document to use as the policies parameter when creating a StorageGatewayDocument

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • client_id (str | None) – Client ID registered with the Google Application console to access Google Drive. Private.

  • secret (str | None) – Secret created to access access Google Drive with the client_id in this policy. Private.

  • user_api_rate_quota (int | None) – User API Rate quota associated with this client ID.

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the policy document

class globus_sdk.HPSSStoragePolicies(DATA_TYPE='hpss_storage_policies#1.0.0', authentication_mech=None, authenticator=None, uda_checksum_support=None, additional_fields=None)[source]#

Bases: StorageGatewayPolicies

Convenience class for constructing a HPSS Storage Policy document to use as the policies parameter when creating a StorageGatewayDocument

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • authentication_mech (str | None) – Authentication mechanism to use with HPSS.

  • authenticator (str | None) – Authentication credentials to use with HPSS.

  • uda_checksum_support (bool | None) – Flag indicating whether checksums should be stored in metadata.

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the policy document

class globus_sdk.IrodsStoragePolicies(DATA_TYPE='irods_storage_policies#1.0.0', irods_environment_file=None, irods_authentication_file=None, additional_fields=None)[source]#

Bases: StorageGatewayPolicies

Convenience class for constructing an iRODS Storage Policy document to use as the policies parameter when creating a StorageGatewayDocument

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • irods_environment_file (str | None) – Path to iRODS environment file on the endpoint

  • irods_authentication_file (str | None) – Path to iRODS authentication file on the endpoint

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the policy document

class globus_sdk.OneDriveStoragePolicies(DATA_TYPE='onedrive_storage_policies#1.0.0', client_id=None, secret=None, tenant=None, user_api_rate_limit=None, additional_fields=None)[source]#

Bases: StorageGatewayPolicies

Convenience class for constructing a OneDrive Storage Policy document to use as the policies parameter when creating a StorageGatewayDocument

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • client_id (str | None) – Client ID registered with the MS Application console to access OneDrive. Private.

  • secret (str | None) – Secret created to access access MS with the client_id in this policy. Private.

  • tenant (str | None) – MS Tenant ID from which to allow user logins. Private.

  • user_api_rate_limit (int | None) – User API Rate limit associated with this client ID.

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the policy document

class globus_sdk.POSIXCollectionPolicies(DATA_TYPE='posix_collection_policies#1.0.0', sharing_groups_allow=None, sharing_groups_deny=None, additional_fields=None)[source]#

Bases: CollectionPolicies

Convenience class for constructing a Posix Collection Policy document to use as the policies parameter when creating a CollectionDocument

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • sharing_groups_allow (None | str | t.Iterable[str]) – POSIX groups which are allowed to create guest collections.

  • sharing_groups_deny (None | str | t.Iterable[str]) – POSIX groups which are not allowed to create guest collections.

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the policy document

class globus_sdk.POSIXStagingCollectionPolicies(DATA_TYPE='posix_staging_collection_policies#1.0.0', sharing_groups_allow=None, sharing_groups_deny=None, additional_fields=None)[source]#

Bases: CollectionPolicies

Convenience class for constructing a Posix Staging Collection Policy document to use as the policies parameter when creating a CollectionDocument

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • sharing_groups_allow (None | str | t.Iterable[str]) – POSIX groups which are allowed to create guest collections.

  • sharing_groups_deny (None | str | t.Iterable[str]) – POSIX groups which are not allowed to create guest collections.

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the policy document

class globus_sdk.POSIXStagingStoragePolicies(DATA_TYPE='posix_staging_storage_policies#1.0.0', groups_allow=None, groups_deny=None, stage_app=None, environment=None, additional_fields=None)[source]#

Bases: StorageGatewayPolicies

Convenience class for constructing a POSIX Staging Storage Policy document to use as the policies parameter when creating a StorageGatewayDocument

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • groups_allow (t.Iterable[str] | None) – List of POSIX group IDs allowed to access this Storage Gateway. Private.

  • groups_deny (t.Iterable[str] | None) – List of POSIX group IDs denied access this Storage Gateway. Private.

  • stage_app (str | None) – Path to the stage app. Private.

  • environment (t.Iterable[dict[str, str]] | None) – A mapping of variable names to values to set in the environment when executing the stage_app. Private.

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the policy document

class globus_sdk.POSIXStoragePolicies(DATA_TYPE='posix_storage_policies#1.0.0', groups_allow=None, groups_deny=None, additional_fields=None)[source]#

Bases: StorageGatewayPolicies

Convenience class for constructing a POSIX Storage Policy document to use as the policies parameter when creating a StorageGatewayDocument

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • groups_allow (t.Iterable[str] | None) – List of POSIX group IDs allowed to access this Storage Gateway. Private.

  • groups_deny (t.Iterable[str] | None) – List of POSIX group IDs denied access this Storage Gateway. Private.

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the policy document

class globus_sdk.S3StoragePolicies(DATA_TYPE='s3_storage_policies#1.0.0', s3_endpoint=None, s3_buckets=None, s3_user_credential_required=None, additional_fields=None)[source]#

Bases: StorageGatewayPolicies

Convenience class for constructing a Google Cloud Storage Policy document to use as the policies parameter when creating a StorageGatewayDocument

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • s3_endpoint (str | None) – URL of the S3 API endpoint

  • s3_buckets (t.Iterable[str] | None) – List of buckets not owned by the collection owner that will be shown in the root of collections created at the base of this Storage Gateway.

  • s3_user_credential_required (bool | None) – Flag indicating if a Globus User must register a user credential in order to create a Guest Collection on this Storage Gateway.

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the policy document

Client Errors#

When an error occurs, a GCSClient will raise this specialized type of error, rather than a generic GlobusAPIError.

class globus_sdk.GCSAPIError(r)[source]#

Bases: GlobusAPIError

Error class for the GCS Manager API client

GCS Responses#

class globus_sdk.IterableGCSResponse(response, client=None, *, iter_key=None)[source]#

Bases: IterableResponse

Response class for non-paged list oriented resources. Allows top level fields to be accessed normally via standard item access, and also provides a convenient way to iterate over the sub-item list in the data key:

>>> print("Path:", r["path"])
>>> # Equivalent to: for item in r["data"]
>>> for item in r:
>>>     print(item["name"], item["type"])
class globus_sdk.UnpackingGCSResponse(response, match)[source]#

Bases: GlobusHTTPResponse

An “unpacking” response looks for a “data” array in the response data, which is expected to have dict elements. The “data” is traversed until the first matching object is found, and this is presented as the data property of the response.

The full response data is available as full_data.

If the expected datatype is not found in the array, or the array is missing, the data will be the full response data (identical to full_data).

Parameters:

match (str | t.Callable[[dict[str, t.Any]], bool]) – Either a string containing a DATA_TYPE prefix, or an arbitrary callable which does the matching

property full_data: Any#

The full, parsed JSON response data. None if the data cannot be parsed as JSON.