cinder/api-ref/source/v3/index.rst
Alan Bishop 31b34e91e0 Remove the need for project_id from API endpoints
Inclusion of a project_id in API URLs is now optional, and no longer
required. Removing the project_id requirement facilitates supporting
Secure RBAC's notion of system scope, in which an API method is not
associated with a specific project.

The API v3 routing is enhanced to provide duplicate routes for API
methods that traditionally required a project_id in the URL:
- The existing route for which a project_id is in the URL
- A new route for when the URL does not include a project_id

To test both routes and ensure there are no regresssions, the "API
samples" functional tests include a project_id in the URLs, and the
rest of the functional tests do not include the project_id. This is
handled by changing the 'noauth' WSGI middleware to no longer add the
project_id, and adding a new 'noauth_include_project_id' middleware
filter that implements the legacy behavior.

A new microversion V3.67 is introduced, but it only serves to inform
clients whether the project_id is optional or required. When an API
node supports mv 3.67, the project_id is optional in all API requests,
even when the request specifies a earlier microversion. See the spec
Ia44f199243be8f862520d7923007e7182b32f67d for more details on this
behavior.

Note: Much of the groundwork for this is based on manila's patch
I5127e150e8a71e621890f30dba6720b3932cf583.

DocImpact
APIImpact

Implements: blueprint project-id-optional-in-urls
Change-Id: I3729cbe1902ab4dc335451d13ed921ec236fb8fd
2022-02-08 08:32:23 -08:00

2.7 KiB

tocdepth

2

Block Storage API V3 (CURRENT)

Note

The URL for most API methods includes a {project_id} placeholder that represents the caller's project ID. As of V3.67, the project_id is optional in the URL, and the following are equivalent:

  • GET /v3/{project_id}/volumes
  • GET /v3/volumes

In both instances, the actual project_id used by the API method is the one in the caller's keystone context. For that reason, including a project_id in the URL is redundant.

The V3.67 microversion is only used as an indicator that the API accepts a URL without a project_id, and this applies to all requests regardless of the microversion in the request. For example, an API node serving V3.67 or greater will accept a URL without a project_id even if the request asks for V3.0. Likewise, it will accept a URL containing a project_id even if the request asks for V3.67.