Globus Connect Server API

The Globus Connect Server Manager API (GCS Manager API) runs on a Globus Connect Server Endpoint and allows management of the Endpoint, Storage Gateways, Collections, and other resources.

Unlike other Globus services, there is no single central API used to contact GCS Manager instances. Therefore, the GCSClient is always initialized with the FQDN (DNS name) of the GCS Endpoint. e.g. gcs = GCSClient("abc.def.data.globus.org")

Client

The primary interface for the GCS Manager API is the GCSClient class.

class globus_sdk.GCSClient(gcs_address, *, app=None, app_scopes=None, environment=None, authorizer=None, app_name=None, transport_params=None)[source]

Bases: BaseClient

A GCSClient provides communication with the GCS Manager API of a Globus Connect Server instance. For full reference, see the documentation for the GCS Manager API.

Unlike other client types, this must be provided with an address for the GCS Manager. All other arguments are the same as those for BaseClient.

Parameters:

  • gcs_address (str) – The FQDN (DNS name) or HTTPS URL for the GCS Manager API.

  • app (GlobusApp | None) – A GlobusApp which will be used for handling authorization and storing and validating tokens. Passing an app will automatically include a client’s default scopes in the app’s scope requirements unless specific app_scopes are given. If app_name is not given, the app’s app_name will be used. Mutually exclusive with authorizer.

  • app_scopes (list[Scope] | None) – Optional list of Scope objects to be added to app’s scope requirements instead of default_scope_requirements. Requires app.

  • authorizer (GlobusAuthorizer | None) – A GlobusAuthorizer which will generate Authorization headers. Mutually exclusive with app.

  • app_name (str | None) – Optional “nice name” for the application. Has no bearing on the semantics of client actions. It is just passed as part of the User-Agent string, and may be useful when debugging issues with the Globus Team. If both``app`` and app_name are given, this value takes priority.

  • base_url – The URL for the service. Most client types initialize this value intelligently by default. Set it when inheriting from BaseClient or communicating through a proxy. This value takes precedence over the class attribute of the same name.

  • transport_params (dict[str, t.Any] | None) – Options to pass to the transport for this client

Methods

static get_gcs_endpoint_scopes(endpoint_id)[source]

Given a GCS Endpoint ID, this helper constructs an object containing the scopes for that Endpoint.

Parameters:

endpoint_id (UUID | str) – The ID of the Endpoint

Return type:

GCSEndpointScopes

See documentation for globus_sdk.scopes.GCSEndpointScopes for more information.

static get_gcs_collection_scopes(collection_id)[source]

Given a GCS Collection ID, this helper constructs an object containing the scopes for that Collection.

Parameters:

collection_id (UUID | str) – The ID of the Collection

Return type:

GCSCollectionScopes

See documentation for globus_sdk.scopes.GCSCollectionScopes for more information.

static connector_id_to_name(connector_id)[source]

Warning

This method is deprecated – use ConnectorTable.lookup instead.

Helper that converts a given connector ID into a human-readable connector name string.

Parameters:

connector_id (UUID | str) – The ID of the connector

Return type:

str | None

property default_scope_requirements: list[Scope]

Scopes that will automatically be added to this client’s app’s scope_requirements during _finalize_app.

For clients with static scope requirements this can just be a static value. Clients with dynamic requirements should use @property and must return sane results while the Base Client is being initialized.

property endpoint_client_id: str

The UUID of the GCS Manager client of the endpoint this client is configured for. This will be equal to the endpoint_id in most cases, but when they differ the client_id is the canonical value for the endpoint’s resource server and scopes.

get_gcs_info(query_params=None)[source]

Get information about the GCS Manager service this client is configured for. This call is made unauthenticated.

Parameters:

query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

UnpackingGCSResponse

GET /info

See Get Endpoint in the API documentation for details.

get_endpoint(query_params=None)[source]

Get the details of the Endpoint that this client is configured to talk to.

Parameters:

query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

UnpackingGCSResponse

GET /endpoint

See Get Endpoint in the API documentation for details.

update_endpoint(endpoint_data, *, include=MISSING, query_params=None)[source]

Update a GCSv5 Endpoint

Parameters:

  • endpoint_data (dict[str, Any] | EndpointDocument) – The endpoint document for the modified endpoint

  • include (Iterable[Literal['endpoint']] | ~typing.Literal['endpoint'] | ~globus_sdk._missing.MissingType) – Optional list of document types to include in the response (currently only supports the value ["endpoint"])

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

UnpackingGCSResponse

PATCH /endpoint

See Update Endpoint in the API documentation for details.

get_collection_list(*, mapped_collection_id=MISSING, filter=MISSING, include=MISSING, page_size=MISSING, marker=MISSING, query_params=None)[source]

List the Collections on an Endpoint

Parameters:

  • mapped_collection_id (UUID | str | MissingType) – Filter collections which were created using this mapped collection ID.

  • filter (Iterable[str] | str | MissingType) – Filter the returned set to any combination of the following: mapped_collections, guest_collections, managed_by_me, created_by_me.

  • include (Iterable[str] | str | MissingType) – Names of additional documents to include in the response

  • page_size (int | MissingType) – Number of results to return per page

  • marker (str | MissingType) – Pagination marker supplied by previous API calls in the event a request returns more values than the page size

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

IterableGCSResponse

GET /collections

See List Collections in the API documentation for details.

get_collection(collection_id, *, query_params=None)[source]

Lookup a Collection on an Endpoint

Parameters:

  • collection_id (UUID | str) – The ID of the collection to lookup

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

UnpackingGCSResponse

GET /collections/{collection_id}

See Get Collection in the API documentation for details.

create_collection(collection_data)[source]

Create a collection. This is used to create either a mapped or a guest collection. When created, a collection:administrator role for that collection will be created using the caller’s identity.

In order to create a guest collection, the caller must have an identity that matches the Storage Gateway policies.

In order to create a mapped collection, the caller must have an endpoint:administrator or endpoint:owner role.

Parameters:

collection_data (dict[str, Any] | CollectionDocument) – The collection document for the new collection

Return type:

UnpackingGCSResponse

POST /collections

See Create Collection in the API documentation for details.

update_collection(collection_id, collection_data, *, query_params=None)[source]

Update a Collection

Parameters:

  • collection_id (UUID | str) – The ID of the collection to update

  • collection_data (dict[str, Any] | CollectionDocument) – The collection document for the modified collection

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

UnpackingGCSResponse

PATCH /collections/{collection_id}

See Update Collection in the API documentation for details.

delete_collection(collection_id, *, query_params=None)[source]

Delete a Collection

Parameters:

  • collection_id (UUID | str) – The ID of the collection to delete

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

GlobusHTTPResponse

DELETE /collections/{collection_id}

See Delete Collection in the API documentation for details.

get_storage_gateway_list(*, include=MISSING, page_size=MISSING, marker=MISSING, query_params=None)[source]

List Storage Gateways

Parameters:

  • include (Iterable[str] | str | MissingType) – Optional document types to include in the response. If ‘private_policies’ is included, then include private storage gateway policies in the attached storage_gateways document. This requires an administrator role on the Endpoint.

  • page_size (int | MissingType) – Number of results to return per page

  • marker (str | MissingType) – Pagination marker supplied by previous API calls in the event a request returns more values than the page size

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

IterableGCSResponse

This method supports paginated access. To use the paginated variant, give the same arguments as normal, but prefix the method name with paginated, as in

client.paginated.get_storage_gateway_list(...)

For more information, see how to make paginated calls.

GET /storage_gateways

See Delete Collection in the API documentation for details.

create_storage_gateway(data, *, query_params=None)[source]

Create a Storage Gateway

Parameters:

  • data (dict[str, Any] | StorageGatewayDocument) – Data in the format of a Storage Gateway document, it is recommended to use the StorageGatewayDocument class to construct this data.

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

UnpackingGCSResponse

POST /storage_gateways

See Create Storage Gateway in the API documentation for details.

get_storage_gateway(storage_gateway_id, *, include=MISSING, query_params=None)[source]

Lookup a Storage Gateway by ID

Parameters:

  • storage_gateway_id (UUID | str) – UUID for the Storage Gateway to be gotten

  • include (Iterable[str] | str | MissingType) – Optional document types to include in the response. If ‘private_policies’ is included, then include private storage gateway policies in the attached storage_gateways document. This requires an administrator role on the Endpoint.

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

UnpackingGCSResponse

GET /storage_gateways/<storage_gateway_id>

See Get a Storage Gateway in the API documentation for details.

update_storage_gateway(storage_gateway_id, data, *, query_params=None)[source]

Update a Storage Gateway

Parameters:

  • storage_gateway_id (UUID | str) – UUID for the Storage Gateway to be updated

  • data (dict[str, Any] | StorageGatewayDocument) – Data in the format of a Storage Gateway document, it is recommended to use the StorageGatewayDocument class to construct this data.

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

GlobusHTTPResponse

PATCH /storage_gateways/<storage_gateway_id>

See Update a Storage Gateway in the API documentation for details.

delete_storage_gateway(storage_gateway_id, *, query_params=None)[source]

Delete a Storage Gateway

Parameters:

  • storage_gateway_id (str | UUID) – UUID for the Storage Gateway to be deleted

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

GlobusHTTPResponse

DELETE /storage_gateways/<storage_gateway_id>

See Delete a Storage Gateway in the API documentation for details.

get_role_list(collection_id=MISSING, include=MISSING, page_size=MISSING, marker=MISSING, query_params=None)[source]

List Roles

Parameters:

  • collection_id (UUID | str | MissingType) – UUID of a Collection. If given then only roles related to that Collection are returned, otherwise only Endpoint roles are returned.

  • include (str | MissingType) – Pass “all_roles” to request all roles relevant to the resource instead of only those the caller has on the resource

  • page_size (int | MissingType) – Number of results to return per page

  • marker (str | MissingType) – Pagination marker supplied by previous API calls in the event a request returns more values than the page size

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

IterableGCSResponse

GET /roles

See Delete a Storage Gateway in the API documentation for details.

create_role(data, query_params=None)[source]

Create a Role

Parameters:

  • data (dict[str, Any] | GCSRoleDocument) – Data in the format of a Role document, it is recommended to use the GCSRoleDocument class to construct this data.

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

UnpackingGCSResponse

POST /roles

See Create Role in the API documentation for details.

get_role(role_id, query_params=None)[source]

Get a Role by ID

Parameters:

  • role_id (UUID | str) – UUID for the Role to be gotten

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

UnpackingGCSResponse

GET /roles/{role_id}

See Get Role in the API documentation for details.

delete_role(role_id, query_params=None)[source]

Delete a Role

Parameters:

  • role_id (UUID | str) – UUID for the Role to be deleted

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

GlobusHTTPResponse

DELETE /roles/{role_id}

See Delete Role in the API documentation for details.

get_user_credential_list(storage_gateway=MISSING, page_size=MISSING, marker=MISSING, query_params=None)[source]

List User Credentials

Parameters:

  • storage_gateway (UUID | str | MissingType) – UUID of a storage gateway to limit results to

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

  • page_size (int | MissingType) – Number of results to return per page

  • marker (str | MissingType) – Pagination marker supplied by previous API calls in the event a request returns more values than the page size

Return type:

IterableGCSResponse

GET /user_credentials

See Get User Credential List in the API documentation for details.

create_user_credential(data, query_params=None)[source]

Create a User Credential

Parameters:

  • data (dict[str, Any] | UserCredentialDocument) – Data in the format of a UserCredential document, it is recommended to use the UserCredential class to construct this

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

UnpackingGCSResponse

POST /user_credentials

See Create User Credential in the API documentation for details.

get_user_credential(user_credential_id, query_params=None)[source]

Get a User Credential by ID

Parameters:

  • user_credential_id (UUID | str) – UUID for the UserCredential to be gotten

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

UnpackingGCSResponse

GET /user_credentials/{user_credential_id}

See Get a User Credential in the API documentation for details.

update_user_credential(user_credential_id, data, query_params=None)[source]

Update a User Credential

Parameters:

  • user_credential_id (UUID | str) – UUID for the UserCredential to be updated

  • data (dict[str, Any] | UserCredentialDocument) – Data in the format of a UserCredential document, it is recommended to use the UserCredential class to construct this

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

UnpackingGCSResponse

PATCH /user_credentials/{user_credential_id}

See Update a User Credential in the API documentation for details.

delete_user_credential(user_credential_id, query_params=None)[source]

Delete a User Credential

Parameters:

  • user_credential_id (UUID | str) – UUID for the UserCredential to be deleted

  • query_params (dict[str, Any] | None) – Additional passthrough query parameters

Return type:

GlobusHTTPResponse

DELETE /user_credentials/{user_credential_id}

See Delete User Credential in the API documentation for details.

Helper Objects

class globus_sdk.EndpointDocument(*, data_type=MISSING, contact_email=MISSING, contact_info=MISSING, department=MISSING, description=MISSING, display_name=MISSING, info_link=MISSING, network_use=MISSING, organization=MISSING, subscription_id=MISSING, keywords=MISSING, allow_udt=MISSING, public=MISSING, max_concurrency=MISSING, max_parallelism=MISSING, preferred_concurrency=MISSING, preferred_parallelism=MISSING, gridftp_control_channel_port=MISSING, additional_fields=MISSING)[source]

Bases: GlobusPayload

Parameters:

  • data_type (str | MissingType) – Explicitly set the DATA_TYPE value for this endpoint document. Normally DATA_TYPE is deduced from the provided parameters and should not be set. To maximize compatibility with different versions of GCS, only set this value when necessary.

  • contact_email (str | MissingType) – Email address of the support contact for this endpoint. This is visible to end users so that they may contact your organization for support.

  • contact_info (str | MissingType) – Other non-email contact information for the endpoint, e.g. phone and mailing address. This is visible to end users for support.

  • department (str | MissingType) – Department within organization that runs the server(s). Searchable. Unicode string, max 1024 characters, no new lines.

  • description (str | MissingType) – A description of the endpoint.

  • display_name (str | MissingType) – Friendly name for the endpoint, not unique. Unicode string, no new lines (r or n). Searchable.

  • info_link (str | MissingType) – Link to a web page with more information about the endpoint. The administrator is responsible for running a website at this URL and verifying that it is accepting public connections.

  • network_use (t.Literal['normal', 'minimal', 'aggressive', 'custom'] | MissingType) –

    Control how Globus interacts with this endpoint over the network. Allowed values are:

    • normal: (Default) Uses an average level of concurrency and parallelism. The levels depend on the number of physical servers in the endpoint.

    • minimal: Uses a minimal level of concurrency and parallelism.

    • aggressive: Uses a high level of concurrency and parallelism.

    • custom: Uses custom values of concurrency and parallelism set by the endpoint admin. When setting this level, you must also set the max_concurrency, preferred_concurrency, max_parallelism, and preferred_parallelism properties.

  • organization (str | MissingType) – Organization that runs the server(s). Searchable. Unicode string, max 1024 characters, no new lines.

  • subscription_id (str | None | MissingType) – The id of the subscription that is managing this endpoint. This may be the special value DEFAULT when using this as input to PATCH or PUT to use the caller’s default subscription id.

  • keywords (t.Iterable[str] | MissingType) – List of search keywords for the endpoint. Unicode string, max 1024 characters total across all strings.

  • allow_udt (bool | MissingType) – Allow data transfer on this endpoint using the UDT protocol.

  • public (bool | MissingType) – Flag indicating whether this endpoint is visible to all other Globus users. If false, only users which have been granted a role on the endpoint or one of its collections, or belong to a domain allowed access to any of its storage gateways may view it.

  • gridftp_control_channel_port (int | None | MissingType) – TCP port for the Globus control channel to listen on. By default, the control channel is passed through 443 with an ALPN header containing the value “ftp”.

  • max_concurrency (int | MissingType) – Admin-specified value when the network_use property’s value is "custom"; otherwise the preset value for the specified network_use.

  • max_parallelism (int | MissingType) – Admin-specified value when the network_use property’s value is "custom"; otherwise the preset value for the specified network_use.

  • preferred_concurrency (int | MissingType) – Admin-specified value when the network_use property’s value is "custom"; otherwise the preset value for the specified network_use.

  • preferred_parallelism (int | MissingType) – Admin-specified value when the network_use property’s value is "custom"; otherwise the preset value for the specified network_use.

class globus_sdk.GCSRoleDocument(DATA_TYPE='role#1.0.0', collection=MISSING, principal=MISSING, role=MISSING, additional_fields=None)[source]

Bases: GlobusPayload

Convenience class for constructing a Role document to use as the data parameter to create_role

Parameters:

  • DATA_TYPE (str) – Versioned document type.

  • collection (UUIDLike | MissingType) – Collection ID for the collection the role will apply to. This value is omitted when creating an endpoint role or when creating role definitions when creating collections.

  • principal (str | MissingType) – Auth identity or group id URN. Should be in the format urn:globus:auth:[identity|group]:{uuid of identity or group}

  • role (str | MissingType) – Role assigned to the principal. Known values are owner, administrator, access_manager, activity_manager, and activity_monitor

class globus_sdk.StorageGatewayDocument(DATA_TYPE=MISSING, display_name=MISSING, connector_id=MISSING, root=MISSING, identity_mappings=MISSING, policies=MISSING, allowed_domains=MISSING, high_assurance=MISSING, require_mfa=MISSING, authentication_timeout_mins=MISSING, users_allow=MISSING, users_deny=MISSING, additional_fields=None)[source]

Bases: GlobusPayload

Convenience class for constructing a Storage Gateway document to use as the data parameter to create_storage_gateway or update_storage_gateway

Parameters:

  • DATA_TYPE (str | MissingType) – Versioned document type. Defaults to the appropriate type for this class.

  • display_name (str | MissingType) – Name of the Storage Gateway

  • connector_id (UUIDLike | MissingType) – UUID of the connector type that this Storage Gateway interacts with.

  • identity_mappings (t.Iterable[dict[str, t.Any]] | MissingType) – A list of IdentityMapping objects which are applied to user identities to attempt to determine what accounts are available for access.

  • policies (StorageGatewayPolicies | dict[str, t.Any] | MissingType) – Connector specific storage policies. It is recommended that you use one of the policy helper classes (e.g. POSIXStoragePolicies if you are using the POSIX connector) to create these.

  • allowed_domains (t.Iterable[str] | MissingType) – List of allowed domains. Users creating credentials or collections on this Storage Gateway must have an identity in one of these domains.

  • restrict_paths – Path restrictions within this Storage Gateway. Private.

  • high_assurance (bool | MissingType) – Flag indicating if the Storage Gateway requires high assurance features.

  • authentication_timeout_mins (int | MissingType) – Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway.

  • users_allow (t.Iterable[str] | MissingType) – List of connector-specific usernames allowed to access this Storage Gateway. Private.

  • users_deny (t.Iterable[str] | MissingType) – List of connector-specific usernames denied access to this Storage Gateway. Private.

  • process_user – Local POSIX user the GridFTP server should run as when accessing this Storage Gateway.

  • load_dsi_module – Name of the DSI module to load by the GridFTP server when accessing this Storage Gateway.

  • require_mfa (bool | MissingType) – Flag indicating that the Storage Gateway requires multi-factor authentication. Only usable on high assurance Storage Gateways.

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the Storage Gateway document

class globus_sdk.UserCredentialDocument(DATA_TYPE='user_credential#1.0.0', identity_id=MISSING, connector_id=MISSING, username=MISSING, display_name=MISSING, storage_gateway_id=MISSING, policies=MISSING, additional_fields=None)[source]

Bases: GlobusPayload

Convenience class for constructing a UserCredential document to use as the data parameter to create_user_credential and update_user_credential

Parameters:

  • DATA_TYPE (str) – Versioned document type.

  • identity_id (UUIDLike | MissingType) – UUID of the Globus identity this credential will provide access for

  • connector_id (UUIDLike | MissingType) – UUID of the connector this credential is for

  • username (str | MissingType) – Username of the local account this credential will provide access to, format is connector specific

  • display_name (str | MissingType) – Display name for this credential

  • storage_gateway_id (UUIDLike | MissingType) – UUID of the storage gateway this credential is for

  • policies (dict[str, t.Any] | MissingType) – Connector specific policies for this credential

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the document

Collections

class globus_sdk.CollectionDocument(*args, **kwargs)[source]

Bases: AbstractGlobusPayload

This is the base class for MappedCollectionDocument and GuestCollectionDocument.

Parameters common to both of those are defined and documented here.

Parameters:

  • data_type (str | MissingType) – Explicitly set the DATA_TYPE value for this collection. Normally DATA_TYPE is deduced from the provided parameters and should not be set. To maximize compatibility with different versions of GCS, only set this value when necessary.

  • collection_base_path (str | MissingType) – The location of the collection on its underlying storage. For a mapped collection, this is an absolute path on the storage system named by the storage_gateway_id. For a guest collection, this is a path relative to the value of the root_path attribute on the mapped collection identified by the mapped_collection_id. This parameter is optional for updates but required when creating a new collection.

  • contact_email (str | None | MissingType) – Email address of the support contact for the collection

  • contact_info (str | None | MissingType) – Other contact information for the collection, e.g. phone number or mailing address

  • default_directory (str | MissingType) – Default directory when using the collection

  • department (str | None | MissingType) – The department which operates the collection

  • description (str | None | MissingType) – A text description of the collection

  • display_name (str | MissingType) – Friendly name for the collection

  • identity_id (UUIDLike | MissingType) – The Globus Auth identity which acts as the owner of the collection

  • info_link (str | None | MissingType) – Link for more info about the collection

  • organization (str | MissingType) – The organization which maintains the collection

  • restrict_transfers_to_high_assurance (t.Literal['inbound', 'outbound', 'all'] | MissingType) – Require that transfers of the given type involve only collections that are high assurance. Valid values: “inbound”, “outbound”, “all”, None

  • user_message (str | None | MissingType) – A message to display to users when interacting with this collection

  • user_message_link (str | None | MissingType) – A link to additional messaging for users when interacting with this collection

  • keywords (t.Iterable[str] | MissingType) – A list of keywords used to help searches for the collection

  • disable_verify (bool | MissingType) – Disable verification checksums on transfers to and from this collection

  • enable_https (bool | MissingType) – Enable or disable HTTPS support (requires a managed endpoint)

  • force_encryption (bool | MissingType) – When set to True, all transfers to and from the collection are always encrypted

  • force_verify (bool | MissingType) – Force verification checksums on transfers to and from this collection

  • public (bool | MissingType) – If True, the collection will be visible to other Globus users

  • acl_expiration_mins (int | MissingType) – Length of time that guest collection permissions are valid. Only settable on HA guest collections and HA mapped collections and used by guest collections attached to it. When set on both the mapped and guest collections, the lesser value is in effect.

  • associated_flow_policy (dict[str, t.Any] | MissingType) – Policy describing Globus flows to run when the collection is accessed. See https://docs.globus.org/api/transfer/endpoints_and_collections/#associated_flow_policy for expected shape.

  • additional_fields (dict[str, t.Any] | MissingType) – Additional data for inclusion in the collection document

class globus_sdk.MappedCollectionDocument(*args, **kwargs)[source]

Bases: CollectionDocument

An object used to represent a Mapped Collection for creation or update operations. The initializer supports all writable fields on Mapped Collections but does not include read-only fields like id.

Because these documents may be used for updates, no fields are strictly required. However, GCS will require the following fields for creation:

  • storage_gateway_id

  • collection_base_path

All parameters for CollectionDocument are supported in addition to the parameters below.

Parameters:

  • storage_gateway_id (UUIDLike | MissingType) – The ID of the storage gateway which hosts this mapped collection. This parameter is required when creating a collection.

  • domain_name (str | MissingType) – DNS name of the virtual host serving this collection

  • guest_auth_policy_id (UUIDLike | None | MissingType) – Globus Auth policy ID to set on a mapped collection which is then inherited by its guest collections.

  • sharing_users_allow (t.Iterable[str] | None | MissingType) – Connector-specific usernames allowed to create guest collections

  • sharing_users_deny (t.Iterable[str] | None | MissingType) – Connector-specific usernames forbidden from creating guest collections

  • delete_protected (bool | MissingType) – Enable or disable deletion protection on this collection. Defaults to True during creation.

  • allow_guest_collections (bool | MissingType) – Enable or disable creation and use of Guest Collections on this Mapped Collection

  • disable_anonymous_writes (bool | MissingType) – Allow anonymous write ACLs on Guest Collections attached to this Mapped Collection. This option is only usable on non high-assurance collections

  • auto_delete_timeout (int | MissingType) – Delete child guest collections that have not been accessed within the specified timeout period in days.

  • policies (CollectionPolicies | dict[str, t.Any] | MissingType) – Connector-specific collection policies

  • sharing_restrict_paths (dict[str, t.Any] | None | MissingType) – A PathRestrictions document

class globus_sdk.GuestCollectionDocument(*args, **kwargs)[source]

Bases: CollectionDocument

An object used to represent a Guest Collection for creation or update operations. The initializer supports all writable fields on Guest Collections but does not include read-only fields like id.

Because these documents may be used for updates, no fields are strictly required. However, GCS will require the following fields for creation:

  • mapped_collection_id

  • user_credential_id

  • collection_base_path

All parameters for CollectionDocument are supported in addition to the parameters below.

Parameters:

  • mapped_collection_id (UUIDLike | MissingType) – The ID of the mapped collection which hosts this guest collection

  • user_credential_id (UUIDLike | MissingType) – The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id.

  • skip_auto_delete (bool | MissingType) – Indicates whether the collection is exempt from its parent mapped collection’s automatic deletion policy.

  • activity_notification_policy (dict[str, list[str]] | MissingType) – Specification for when a notification email should be sent to a guest collection administrator, activity_manager, and activity_monitor roles when a transfer task reaches completion.

Storage Gateway Policies

class globus_sdk.StorageGatewayPolicies(*args, **kwargs)[source]

Bases: AbstractGlobusPayload

This is the abstract base type for Storage Policies documents to use as the policies parameter when creating a StorageGatewayDocument.

Several fields on policy documents are marked as Private. This means that they are not visible except to admins and owners of the storage gateway.

Return type:

Self

class globus_sdk.ActiveScaleStoragePolicies(*args, **kwargs)[source]

Bases: S3StoragePolicies

The ActiveScale Storage Policy is an alias for the S3 Storage Policy. It even uses S3 policy DATA_TYPE.

class globus_sdk.AzureBlobStoragePolicies(*args, **kwargs)[source]

Bases: StorageGatewayPolicies

Convenience class for constructing a Azure Blob Storage Policy document to use as the policies parameter when creating a StorageGatewayDocument

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • client_id (str | MissingType) – Client ID registered with the MS Application console to access Azure Blob Private.

  • secret (str | MissingType) – Secret created to access access MS with the client_id in this policy. Private.

  • tenant (str | MissingType) – MS Tenant ID from which to allow user logins. Private.

  • account (str | MissingType) – Azure Storage account. Private.

  • auth_type (str | MissingType) – Auth type: user, service_principal or user_service_principal

  • adls (bool | MissingType) – ADLS support enabled or not. Private.

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the policy document

class globus_sdk.BlackPearlStoragePolicies(*args, **kwargs)[source]

Bases: StorageGatewayPolicies

Convenience class for constructing a BlackPearl Storage Policy document to use as the policies parameter when creating a StorageGatewayDocument.

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • s3_endpoint (str | MissingType) – The URL of the S3 endpoint of the BlackPearl appliance to use to access collections on this Storage Gateway.

  • bp_access_id_file (str | MissingType) – Path to the file which provides mappings from usernames within the configured identity domain to the ID and secret associated with the user’s BlackPearl account

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the policy document

class globus_sdk.BoxStoragePolicies(*args, **kwargs)[source]

Bases: StorageGatewayPolicies

Convenience class for constructing a Box Storage Policy document to use as the policies parameter when creating a StorageGatewayDocument

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • enterpriseID (str | MissingType) – Identifies which Box Enterprise this Storage Gateway is authorized to access. Private.

  • boxAppSettings (dict[str, t.Any] | MissingType) – Values that the Storage Gateway uses to identify and authenticate with the Box API. Private.

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the policy document

class globus_sdk.CephStoragePolicies(*args, **kwargs)[source]

Bases: StorageGatewayPolicies

Convenience class for constructing a Ceph Storage Policy document to use as the policies parameter when creating a StorageGatewayDocument

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • s3_endpoint (str | MissingType) – URL of the S3 API endpoint

  • s3_buckets (t.Iterable[str] | MissingType) – List of buckets not owned by the collection owner that will be shown in the root of collections created at the base of this Storage Gateway.

  • ceph_admin_key_id (str | MissingType) – Administrator key id used to authenticate with the ceph admin service to obtain user credentials. Private.

  • ceph_admin_secret_key (str | MissingType) – Administrator secret key used to authenticate with the ceph admin service to obtain user credentials. Private.

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the policy document

class globus_sdk.CollectionPolicies(*args, **kwargs)[source]

Bases: AbstractGlobusPayload

This is the abstract base type for Collection Policies documents to use as the policies parameter when creating a MappedCollectionDocument.

Return type:

Self

class globus_sdk.GoogleCloudStorageCollectionPolicies(*args, **kwargs)[source]

Bases: CollectionPolicies

Convenience class for constructing a Google Cloud Storage Collection Policy document to use as the policies parameter when creating a CollectionDocument

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • project (str | MissingType) – Google Cloud Platform project ID that is used by this collection

  • additional_fields (dict[str, t.Any] | MissingType) – Additional data for inclusion in the policy document

class globus_sdk.GoogleCloudStoragePolicies(*args, **kwargs)[source]

Bases: StorageGatewayPolicies

Convenience class for constructing a Google Cloud Storage Policy document to use as the policies parameter when creating a StorageGatewayDocument

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • client_id (str | MissingType) – Client ID registered with the Google Application console to access Google Drive. Private.

  • secret (str | MissingType) – Secret created to access access Google Drive with the client_id in this policy. Private.

  • service_account_key (dict[str, t.Any] | MissingType) – Credentials for use with service account auth, read from a Google-provided json file. Private.

  • buckets (t.Iterable[str] | MissingType) – The list of Google Cloud Storage buckets which the Storage Gateway is allowed to access, as well as the list of buckets that will be shown in root level directory listings. If this list is unset, bucket access is unrestricted and all non public credential accessible buckets will be shown in root level directory listings. The value is a list of bucket names.

  • projects (t.Iterable[str] | MissingType) – The list of Google Cloud Storage projects which the Storage Gateway is allowed to access. If this list is unset, project access is unrestricted. The value is a list of project id strings.

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the policy document

class globus_sdk.GoogleDriveStoragePolicies(*args, **kwargs)[source]

Bases: StorageGatewayPolicies

Convenience class for constructing a Google Drive Storage Policy document to use as the policies parameter when creating a StorageGatewayDocument

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • client_id (str | MissingType) – Client ID registered with the Google Application console to access Google Drive. Private.

  • secret (str | MissingType) – Secret created to access access Google Drive with the client_id in this policy. Private.

  • user_api_rate_quota (int | MissingType) – User API Rate quota associated with this client ID.

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the policy document

class globus_sdk.HPSSStoragePolicies(*args, **kwargs)[source]

Bases: StorageGatewayPolicies

Convenience class for constructing a HPSS Storage Policy document to use as the policies parameter when creating a StorageGatewayDocument

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • authentication_mech (str | MissingType) – Authentication mechanism to use with HPSS.

  • authenticator (str | MissingType) – Authentication credentials to use with HPSS.

  • uda_checksum_support (bool | MissingType) – Flag indicating whether checksums should be stored in metadata.

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the policy document

class globus_sdk.IrodsStoragePolicies(*args, **kwargs)[source]

Bases: StorageGatewayPolicies

Convenience class for constructing an iRODS Storage Policy document to use as the policies parameter when creating a StorageGatewayDocument

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • irods_environment_file (str | MissingType) – Path to iRODS environment file on the endpoint

  • irods_authentication_file (str | MissingType) – Path to iRODS authentication file on the endpoint

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the policy document

class globus_sdk.OneDriveStoragePolicies(*args, **kwargs)[source]

Bases: StorageGatewayPolicies

Convenience class for constructing a OneDrive Storage Policy document to use as the policies parameter when creating a StorageGatewayDocument

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • client_id (str | MissingType) – Client ID registered with the MS Application console to access OneDrive. Private.

  • secret (str | MissingType) – Secret created to access access MS with the client_id in this policy. Private.

  • tenant (str | MissingType) – MS Tenant ID from which to allow user logins. Private.

  • user_api_rate_limit (int | MissingType) – User API Rate limit associated with this client ID.

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the policy document

class globus_sdk.POSIXCollectionPolicies(*args, **kwargs)[source]

Bases: CollectionPolicies

Convenience class for constructing a Posix Collection Policy document to use as the policies parameter when creating a CollectionDocument

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • sharing_groups_allow (str | t.Iterable[str] | None | MissingType) – POSIX groups which are allowed to create guest collections.

  • sharing_groups_deny (str | t.Iterable[str] | None | MissingType) – POSIX groups which are not allowed to create guest collections.

  • additional_fields (dict[str, t.Any] | MissingType) – Additional data for inclusion in the policy document

class globus_sdk.POSIXStagingCollectionPolicies(*args, **kwargs)[source]

Bases: CollectionPolicies

Convenience class for constructing a Posix Staging Collection Policy document to use as the policies parameter when creating a CollectionDocument

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • sharing_groups_allow (str | t.Iterable[str] | None | MissingType) – POSIX groups which are allowed to create guest collections.

  • sharing_groups_deny (str | t.Iterable[str] | None | MissingType) – POSIX groups which are not allowed to create guest collections.

  • additional_fields (dict[str, t.Any] | MissingType) – Additional data for inclusion in the policy document

class globus_sdk.POSIXStagingStoragePolicies(*args, **kwargs)[source]

Bases: StorageGatewayPolicies

Convenience class for constructing a POSIX Staging Storage Policy document to use as the policies parameter when creating a StorageGatewayDocument

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • groups_allow (t.Iterable[str] | MissingType) – List of POSIX group IDs allowed to access this Storage Gateway. Private.

  • groups_deny (t.Iterable[str] | MissingType) – List of POSIX group IDs denied access this Storage Gateway. Private.

  • stage_app (str | MissingType) – Path to the stage app. Private.

  • environment (t.Iterable[dict[str, str]] | MissingType) – A mapping of variable names to values to set in the environment when executing the stage_app. Private.

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the policy document

class globus_sdk.POSIXStoragePolicies(*args, **kwargs)[source]

Bases: StorageGatewayPolicies

Convenience class for constructing a POSIX Storage Policy document to use as the policies parameter when creating a StorageGatewayDocument

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • groups_allow (t.Iterable[str] | MissingType) – List of POSIX group IDs allowed to access this Storage Gateway. Private.

  • groups_deny (t.Iterable[str] | MissingType) – List of POSIX group IDs denied access this Storage Gateway. Private.

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the policy document

class globus_sdk.S3StoragePolicies(*args, **kwargs)[source]

Bases: StorageGatewayPolicies

Convenience class for constructing a Google Cloud Storage Policy document to use as the policies parameter when creating a StorageGatewayDocument

Parameters:

  • DATA_TYPE (str) – Versioned document type. Defaults to the appropriate type for this class.

  • s3_endpoint (str | MissingType) – URL of the S3 API endpoint

  • s3_buckets (t.Iterable[str] | MissingType) – List of buckets not owned by the collection owner that will be shown in the root of collections created at the base of this Storage Gateway.

  • s3_user_credential_required (bool | MissingType) – Flag indicating if a Globus User must register a user credential in order to create a Guest Collection on this Storage Gateway.

  • additional_fields (dict[str, t.Any] | None) – Additional data for inclusion in the policy document

class globus_sdk.ConnectorTable[source]

Bases: object

This class defines the known Globus Connect Server Connectors in a mapping structure.

It supports access by attribute or via a helper method for doing lookups. For example, all of the following three usages retrieve the Azure Blob connector:

>>> ConnectorTable.AZURE_BLOB
>>> ConnectorTable.lookup("Azure Blob")
>>> ConnectorTable.lookup("9436da0c-a444-11eb-af93-12704e0d6a4d")

Given the results of such a lookup, you can retrieve the canonical name and ID for a connector like so:

>>> connector = ConnectorTable.AZURE_BLOB
>>> connector.name
'Azure Blob'
>>> connector.connector_id
'9436da0c-a444-11eb-af93-12704e0d6a4d'
classmethod all_connectors()[source]

Return an iterator of all known connectors.

Return type:

Iterable[GlobusConnectServerConnector]

classmethod extend(*, connector_name, connector_id, attribute_name=None)[source]

Extend the ConnectorTable class with a new connector, returning a new ConnectorTable subclass.

Usage example:

>>> MyTable = ConnectorTable.extend(
...     connector_name="Star Trek Transporter",
...     connector_id="0b19772d-729a-4c8f-93e1-59d5778cecf3",
... )
>>> obj = MyTable.STAR_TREK_TRANSPORTER
>>> obj.connector_id
'0b19772d-729a-4c8f-93e1-59d5778cecf3'
>>> obj.name
'Star Trek Transporter'
Parameters:

  • connector_name (str) – The name of the connector to add

  • connector_id (UUID | str) – The ID of the connector to add

  • attribute_name (str | None) – The attribute name with which the connector will be attached to the new subclass. Defaults to the connector name uppercased and with spaces converted to underscores.

Return type:

type[ConnectorTable]

classmethod lookup(name_or_id)[source]

Convert a name or ID into a connector object. Returns None if the name or ID is not recognized.

Names are normalized before lookup so that they are case-insensitive and spaces, dashes, and underscores are all treated equivalently. For example, Google Drive, google-drive, and gOOgle_dRiVe are all equivalent.

Parameters:

name_or_id (UUID | str) – The name or ID of the connector

Return type:

GlobusConnectServerConnector | None

class globus_sdk.GlobusConnectServerConnector(name, connector_id)[source]

Bases: object

A container for Globus Connect Server Connector descriptions. Contains a name and a connector_id.

Client Errors

When an error occurs, a GCSClient will raise this specialized type of error, rather than a generic GlobusAPIError.

class globus_sdk.GCSAPIError(r)[source]

Bases: GlobusAPIError

Error class for the GCS Manager API client

GCS Responses

class globus_sdk.IterableGCSResponse(response, client=None, *, iter_key=None)[source]

Bases: IterableResponse

Response class for non-paged list oriented resources. Allows top level fields to be accessed normally via standard item access, and also provides a convenient way to iterate over the sub-item list in the data key:

>>> print("Path:", r["path"])
>>> # Equivalent to: for item in r["data"]
>>> for item in r:
>>>     print(item["name"], item["type"])
class globus_sdk.UnpackingGCSResponse(response, match)[source]

Bases: GlobusHTTPResponse

An “unpacking” response looks for a “data” array in the response data, which is expected to have dict elements. The “data” is traversed until the first matching object is found, and this is presented as the data property of the response.

The full response data is available as full_data.

If the expected datatype is not found in the array, or the array is missing, the data will be the full response data (identical to full_data).

Parameters:

match (str | t.Callable[[dict[str, t.Any]], bool]) – Either a string containing a DATA_TYPE prefix, or an arbitrary callable which does the matching

property full_data: Any

The full, parsed JSON response data. None if the data cannot be parsed as JSON.