openstack.identity.v3.trust¶
The Trust Class¶
The Trust
class inherits from Resource
.
- class openstack.identity.v3.trust.Trust(_synchronized=False, connection=None, **attrs)¶
The base resource
- Parameters
_synchronized (bool) – This is not intended to be used directly. See
new()
andexisting()
.connection (openstack.connection.Connection) – Reference to the Connection being used. Defaults to None to allow Resource objects to be used without an active Connection, such as in unit tests. Use of
self._connection
in Resource code should protect itself with a check for None.
- allow_redelegation¶
A boolean indicating whether the trust can be issued by the trustee as a regulart trust. Default is
False
.
- expires_at¶
Specifies the expiration time of the trust. A trust may be revoked ahead of expiration. If the value represents a time in the past, the trust is deactivated.
- is_impersonation¶
If
impersonation
is set to true, then theuser
attribute of tokens that are generated based on the trust will represent that of the trustor rather than the trustee, thus allowing the trustee to impersonate the trustor. Ifimpersonation
is set toFalse
, then the token’suser
attribute will represent that of the trustee. Type: bool
- links¶
Links for the trust resource.
- project_id¶
ID of the project upon which the trustor is delegating authorization. Type: string
- role_links¶
A role links object that includes ‘next’, ‘previous’, and self links for roles.
- roles¶
Specifies the subset of the trustor’s roles on the
project_id
to be granted to the trustee when the token in consumed. The trustor must already be granted these roles in the project referenced by theproject_id
attribute. Type: list
- redelegated_trust_id¶
Returned with redelegated trust provides information about the predecessor in the trust chain.
- redelegation_count¶
Redelegation count
- remaining_uses¶
How many times the trust can be used to obtain a token. The value is decreased each time a token is issued through the trust. Once it reaches zero, no further tokens will be isued through the trust.
- trustee_user_id¶
Represents the user ID who is capable of consuming the trust. Type: string
- trustor_user_id¶
Represents the user ID who created the trust, and who’s authorization is being delegated. Type: string