Command Line Interface¶
These pages are auto-generated from the argparse argument parsers in each module. They serve as the definitive reference for all CLI options, flags, and subcommands.
tcurl¶
Main CLI tool for REST API calls, credential management, and token operations.
Call T Cloud Public API
usage: tcurl.py [-h] [--verbose] [--version]
{login,logout,metadata,aksk,get,GET,put,PUT,post,POST,delete,DELETE,patch,PATCH,head,HEAD,options,OPTIONS}
...
Positional Arguments¶
- verb
Possible choices: login, logout, metadata, aksk, get, GET, put, PUT, post, POST, delete, DELETE, patch, PATCH, head, HEAD, options, OPTIONS
REST API verbs or sub commands
Named Arguments¶
- --verbose, -v
Default:
False- --version, -V
show program’s version number and exit
Sub-commands¶
login¶
Issue token using username and password or unscoped token
tcurl.py login [-h] [--project PROJECT | --region REGION]
[--auth-url AUTH_URL]
(--token TOKEN | --username USERNAME | --interactive)
[--password PASSWORD] [--domain DOMAIN] [--totp TOTP]
[--format {raw,json,shell,yaml}]
Named Arguments¶
- --project, -p
Scope the token to the given project (or environment OS_PROJECT_NAME)
- --region, -R
Unscoped token for the given region (or environment OS_TENANT_NAME)
- --auth-url, -A
Auth URL (or environment OS_AUTH_URL)
- --token, -t
Unscoped token to exchange for a scoped one
- --username, --user, -u
Username for password-based authentication
- --interactive, -i
Input login credentials interactively
Default:
False- --password, --passwd, -P
Password for username+password authentication (or environment: OS_PASSWORD)
- --domain, --user-domain-name, --domain-name, -D
User Domain name e.g. OTC0000xxxx (or environment: OS_USER_DOMAIN_NAME)
- --totp
Virtual MFA OTP code
- --format, -f
Possible choices: raw, json, shell, yaml
Output format: [‘raw’, ‘json’, ‘shell’, ‘yaml’] (default: ‘raw’)
Default:
'raw'
Ignores other token and AK/SK authentication credentials
logout¶
Discard issued tokens
tcurl.py logout [-h] [--region REGION | --auth-url AUTH_URL] [--shell]
[--format {shell}] [--token TOKEN]
Named Arguments¶
- --region, -R
Region (used to generate auth-url)
- --auth-url, -A
Auth URL (or environment OS_AUTH_URL)
- --shell
Generate shell commands
- --format, -f
Possible choices: shell
Compatibility only
- --token, -t
Token to discard (or environment: OS_AUTH_TOKEN or OS_TOKEN)
metadata¶
Retrieve Agency credentials from metadata server
tcurl.py metadata [-h] [--format {raw,json,shell,yaml}] [--url URL]
Named Arguments¶
- --format, -f
Possible choices: raw, json, shell, yaml
Output format: [‘raw’, ‘json’, ‘shell’, ‘yaml’] (default: ‘raw’)
Default:
'raw'- --url
Optional URL to use (defaults to http://169.254.169.254/openstack/latest/securitykey)
Default:
'http://169.254.169.254/openstack/latest/securitykey'
aksk¶
Issue temporary AK/SK credentials
tcurl.py aksk [-h] [--region REGION | --auth-url AUTH_URL]
[--format {raw,json,shell,yaml}] [--ttl TTL] [--token TOKEN]
Named Arguments¶
- --region, -R
Region (used to generate auth-url)
- --auth-url, -A
Auth URL (or environment OS_AUTH_URL)
- --format, -f
Possible choices: raw, json, shell, yaml
Output format: [‘raw’, ‘json’, ‘shell’, ‘yaml’] (default: ‘raw’)
Default:
'raw'- --ttl, --maxage, --limit, --duration, -M
Max age for AK/SK in seconds (default: 900)
Default:
900- --token, -t
Bearer token to use (or environment: OS_AUTH_TOKEN or OS_TOKEN)
get (GET)¶
Make a GET REST API call
tcurl.py get [-h] [--metadata | --url METADATA_URL | --token TOKEN | --ak AK]
[--sk SK] [--securitytoken SECURITYTOKEN] [--header HEADER]
[--project-id PROJECT_ID | --project-name PROJECT_NAME | --domain-id DOMAIN_ID | --domain]
[--awsv4-region AWSV4_REGION] [--auth-url AUTH_URL]
url
Positional Arguments¶
- url
URL endpoint to call
Named Arguments¶
- --metadata, -m
Retrieve credentials from the standard metadata endpoint
- --url, -U
Retrieve credentials from a custom metadata URL (overrides –metadata)
- --token, -t
Bearer token for token authentication (or environment: OS_AUTH_TOKEN or OS_TOKEN)
- --ak, --access-key, -a
Access Key for AK/SK authentication (or environment: OS_ACCESS_KEY)
- --sk, --secret-key, -s
Secret Key for AK/SK authentication (or environment: OS_SECRET_KEY)
- --securitytoken, --security-token, -T
Security token for temporary AK/SK authentication (or environment: OS_SECURITY_TOKEN)
- --header, -H
Additional header in Key:Value format (can be specified multiple times)
Default:
[]
AK/SK options¶
Options specific to AK/SK credentials
- --project-id
Scope the AK/SK-signed request to the given project ID
- --project-name
Scope the AK/SK-signed request to the given project by name
- --domain-id
Scope the AK/SK-signed request to the given domain ID
- --domain
Scope the AK/SK-signed request to the user’s domain
Default:
False- --awsv4-region, --s3region
If specified it will use it as the region for AWS V4 Signatures for AK/SK authentication. Otherwise SDK-HMAC-SHA256 signatures will be used.
- --auth-url, -A
Auth URL (or environment OS_AUTH_URL)
put (PUT)¶
Make a PUT REST API call
tcurl.py put [-h] [--metadata | --url METADATA_URL | --token TOKEN | --ak AK]
[--sk SK] [--securitytoken SECURITYTOKEN] [--header HEADER]
[--project-id PROJECT_ID | --project-name PROJECT_NAME | --domain-id DOMAIN_ID | --domain]
[--awsv4-region AWSV4_REGION] [--auth-url AUTH_URL]
url body
Positional Arguments¶
- url
URL endpoint to call
- body
Payload for REST API call
Named Arguments¶
- --metadata, -m
Retrieve credentials from the standard metadata endpoint
- --url, -U
Retrieve credentials from a custom metadata URL (overrides –metadata)
- --token, -t
Bearer token for token authentication (or environment: OS_AUTH_TOKEN or OS_TOKEN)
- --ak, --access-key, -a
Access Key for AK/SK authentication (or environment: OS_ACCESS_KEY)
- --sk, --secret-key, -s
Secret Key for AK/SK authentication (or environment: OS_SECRET_KEY)
- --securitytoken, --security-token, -T
Security token for temporary AK/SK authentication (or environment: OS_SECURITY_TOKEN)
- --header, -H
Additional header in Key:Value format (can be specified multiple times)
Default:
[]
AK/SK options¶
Options specific to AK/SK credentials
- --project-id
Scope the AK/SK-signed request to the given project ID
- --project-name
Scope the AK/SK-signed request to the given project by name
- --domain-id
Scope the AK/SK-signed request to the given domain ID
- --domain
Scope the AK/SK-signed request to the user’s domain
Default:
False- --awsv4-region, --s3region
If specified it will use it as the region for AWS V4 Signatures for AK/SK authentication. Otherwise SDK-HMAC-SHA256 signatures will be used.
- --auth-url, -A
Auth URL (or environment OS_AUTH_URL)
post (POST)¶
Make a POST REST API call
tcurl.py post [-h] [--metadata | --url METADATA_URL | --token TOKEN | --ak AK]
[--sk SK] [--securitytoken SECURITYTOKEN] [--header HEADER]
[--project-id PROJECT_ID | --project-name PROJECT_NAME | --domain-id DOMAIN_ID | --domain]
[--awsv4-region AWSV4_REGION] [--auth-url AUTH_URL]
url body
Positional Arguments¶
- url
URL endpoint to call
- body
Payload for REST API call
Named Arguments¶
- --metadata, -m
Retrieve credentials from the standard metadata endpoint
- --url, -U
Retrieve credentials from a custom metadata URL (overrides –metadata)
- --token, -t
Bearer token for token authentication (or environment: OS_AUTH_TOKEN or OS_TOKEN)
- --ak, --access-key, -a
Access Key for AK/SK authentication (or environment: OS_ACCESS_KEY)
- --sk, --secret-key, -s
Secret Key for AK/SK authentication (or environment: OS_SECRET_KEY)
- --securitytoken, --security-token, -T
Security token for temporary AK/SK authentication (or environment: OS_SECURITY_TOKEN)
- --header, -H
Additional header in Key:Value format (can be specified multiple times)
Default:
[]
AK/SK options¶
Options specific to AK/SK credentials
- --project-id
Scope the AK/SK-signed request to the given project ID
- --project-name
Scope the AK/SK-signed request to the given project by name
- --domain-id
Scope the AK/SK-signed request to the given domain ID
- --domain
Scope the AK/SK-signed request to the user’s domain
Default:
False- --awsv4-region, --s3region
If specified it will use it as the region for AWS V4 Signatures for AK/SK authentication. Otherwise SDK-HMAC-SHA256 signatures will be used.
- --auth-url, -A
Auth URL (or environment OS_AUTH_URL)
delete (DELETE)¶
Make a DELETE REST API call
tcurl.py delete [-h]
[--metadata | --url METADATA_URL | --token TOKEN | --ak AK]
[--sk SK] [--securitytoken SECURITYTOKEN] [--header HEADER]
[--project-id PROJECT_ID | --project-name PROJECT_NAME | --domain-id DOMAIN_ID | --domain]
[--awsv4-region AWSV4_REGION] [--auth-url AUTH_URL]
url
Positional Arguments¶
- url
URL endpoint to call
Named Arguments¶
- --metadata, -m
Retrieve credentials from the standard metadata endpoint
- --url, -U
Retrieve credentials from a custom metadata URL (overrides –metadata)
- --token, -t
Bearer token for token authentication (or environment: OS_AUTH_TOKEN or OS_TOKEN)
- --ak, --access-key, -a
Access Key for AK/SK authentication (or environment: OS_ACCESS_KEY)
- --sk, --secret-key, -s
Secret Key for AK/SK authentication (or environment: OS_SECRET_KEY)
- --securitytoken, --security-token, -T
Security token for temporary AK/SK authentication (or environment: OS_SECURITY_TOKEN)
- --header, -H
Additional header in Key:Value format (can be specified multiple times)
Default:
[]
AK/SK options¶
Options specific to AK/SK credentials
- --project-id
Scope the AK/SK-signed request to the given project ID
- --project-name
Scope the AK/SK-signed request to the given project by name
- --domain-id
Scope the AK/SK-signed request to the given domain ID
- --domain
Scope the AK/SK-signed request to the user’s domain
Default:
False- --awsv4-region, --s3region
If specified it will use it as the region for AWS V4 Signatures for AK/SK authentication. Otherwise SDK-HMAC-SHA256 signatures will be used.
- --auth-url, -A
Auth URL (or environment OS_AUTH_URL)
patch (PATCH)¶
Make a PATCH REST API call
tcurl.py patch [-h]
[--metadata | --url METADATA_URL | --token TOKEN | --ak AK]
[--sk SK] [--securitytoken SECURITYTOKEN] [--header HEADER]
[--project-id PROJECT_ID | --project-name PROJECT_NAME | --domain-id DOMAIN_ID | --domain]
[--awsv4-region AWSV4_REGION] [--auth-url AUTH_URL]
url body
Positional Arguments¶
- url
URL endpoint to call
- body
Payload for REST API call
Named Arguments¶
- --metadata, -m
Retrieve credentials from the standard metadata endpoint
- --url, -U
Retrieve credentials from a custom metadata URL (overrides –metadata)
- --token, -t
Bearer token for token authentication (or environment: OS_AUTH_TOKEN or OS_TOKEN)
- --ak, --access-key, -a
Access Key for AK/SK authentication (or environment: OS_ACCESS_KEY)
- --sk, --secret-key, -s
Secret Key for AK/SK authentication (or environment: OS_SECRET_KEY)
- --securitytoken, --security-token, -T
Security token for temporary AK/SK authentication (or environment: OS_SECURITY_TOKEN)
- --header, -H
Additional header in Key:Value format (can be specified multiple times)
Default:
[]
AK/SK options¶
Options specific to AK/SK credentials
- --project-id
Scope the AK/SK-signed request to the given project ID
- --project-name
Scope the AK/SK-signed request to the given project by name
- --domain-id
Scope the AK/SK-signed request to the given domain ID
- --domain
Scope the AK/SK-signed request to the user’s domain
Default:
False- --awsv4-region, --s3region
If specified it will use it as the region for AWS V4 Signatures for AK/SK authentication. Otherwise SDK-HMAC-SHA256 signatures will be used.
- --auth-url, -A
Auth URL (or environment OS_AUTH_URL)
head (HEAD)¶
Make a HEAD REST API call
tcurl.py head [-h] [--metadata | --url METADATA_URL | --token TOKEN | --ak AK]
[--sk SK] [--securitytoken SECURITYTOKEN] [--header HEADER]
[--project-id PROJECT_ID | --project-name PROJECT_NAME | --domain-id DOMAIN_ID | --domain]
[--awsv4-region AWSV4_REGION] [--auth-url AUTH_URL]
url
Positional Arguments¶
- url
URL endpoint to call
Named Arguments¶
- --metadata, -m
Retrieve credentials from the standard metadata endpoint
- --url, -U
Retrieve credentials from a custom metadata URL (overrides –metadata)
- --token, -t
Bearer token for token authentication (or environment: OS_AUTH_TOKEN or OS_TOKEN)
- --ak, --access-key, -a
Access Key for AK/SK authentication (or environment: OS_ACCESS_KEY)
- --sk, --secret-key, -s
Secret Key for AK/SK authentication (or environment: OS_SECRET_KEY)
- --securitytoken, --security-token, -T
Security token for temporary AK/SK authentication (or environment: OS_SECURITY_TOKEN)
- --header, -H
Additional header in Key:Value format (can be specified multiple times)
Default:
[]
AK/SK options¶
Options specific to AK/SK credentials
- --project-id
Scope the AK/SK-signed request to the given project ID
- --project-name
Scope the AK/SK-signed request to the given project by name
- --domain-id
Scope the AK/SK-signed request to the given domain ID
- --domain
Scope the AK/SK-signed request to the user’s domain
Default:
False- --awsv4-region, --s3region
If specified it will use it as the region for AWS V4 Signatures for AK/SK authentication. Otherwise SDK-HMAC-SHA256 signatures will be used.
- --auth-url, -A
Auth URL (or environment OS_AUTH_URL)
options (OPTIONS)¶
Make a OPTIONS REST API call
tcurl.py options [-h]
[--metadata | --url METADATA_URL | --token TOKEN | --ak AK]
[--sk SK] [--securitytoken SECURITYTOKEN] [--header HEADER]
[--project-id PROJECT_ID | --project-name PROJECT_NAME | --domain-id DOMAIN_ID | --domain]
[--awsv4-region AWSV4_REGION] [--auth-url AUTH_URL]
url
Positional Arguments¶
- url
URL endpoint to call
Named Arguments¶
- --metadata, -m
Retrieve credentials from the standard metadata endpoint
- --url, -U
Retrieve credentials from a custom metadata URL (overrides –metadata)
- --token, -t
Bearer token for token authentication (or environment: OS_AUTH_TOKEN or OS_TOKEN)
- --ak, --access-key, -a
Access Key for AK/SK authentication (or environment: OS_ACCESS_KEY)
- --sk, --secret-key, -s
Secret Key for AK/SK authentication (or environment: OS_SECRET_KEY)
- --securitytoken, --security-token, -T
Security token for temporary AK/SK authentication (or environment: OS_SECURITY_TOKEN)
- --header, -H
Additional header in Key:Value format (can be specified multiple times)
Default:
[]
AK/SK options¶
Options specific to AK/SK credentials
- --project-id
Scope the AK/SK-signed request to the given project ID
- --project-name
Scope the AK/SK-signed request to the given project by name
- --domain-id
Scope the AK/SK-signed request to the given domain ID
- --domain
Scope the AK/SK-signed request to the user’s domain
Default:
False- --awsv4-region, --s3region
If specified it will use it as the region for AWS V4 Signatures for AK/SK authentication. Otherwise SDK-HMAC-SHA256 signatures will be used.
- --auth-url, -A
Auth URL (or environment OS_AUTH_URL)
Works with Permanent and Temporary AK/SK pairs as well as bearer tokens
tcurl_login¶
Interactive TUI-based credential collection form (requires urwid).