role

Identity v2, v3

role add

Add role to a user or group in a project or domain

os role add
    --domain <domain> | --project <project> [--project-domain <project-domain>]
    --user <user> [--user-domain <user-domain>] | --group <group> [--group-domain <group-domain>]
    --inherited
    <role>
--domain <domain>

Include <domain> (name or ID)

New in version 3.

--project <project>

Include <project> (name or ID)

--user <user>

Include <user> (name or ID)

--group <group>

Include <group> (name or ID)

New in version 3.

--user-domain <user-domain>

Domain the user belongs to (name or ID). This can be used in case collisions between user names exist.

New in version 3.

--group-domain <group-domain>

Domain the group belongs to (name or ID). This can be used in case collisions between group names exist.

New in version 3.

--project-domain <project-domain>

Domain the project belongs to (name or ID). This can be used in case collisions between project names exist.

New in version 3.

--inherited

Specifies if the role grant is inheritable to the sub projects.

New in version 3.

<role>

Role to add to <project>:<user> (name or ID)

role create

Create new role

os role create
    [--or-show]
    <name>
--or-show

Return existing role

If the role already exists return the existing role data and do not fail.

<name>

New role name

role delete

Delete role(s)

os role delete
    <role> [<role> ...]
<role>

Role to delete (name or ID)

role list

List roles

os role list
    --domain <domain> | --project <project> [--project-domain <project-domain>]
    --user <user> [--user-domain <user-domain>] | --group <group> [--group-domain <group-domain>]
    --inherited
--domain <domain>

Filter roles by <domain> (name or ID)

New in version 3.

--project <project>

Filter roles by <project> (name or ID)

New in version 3.

--user <user>

Filter roles by <user> (name or ID)

New in version 3.

--group <group>

Filter roles by <group> (name or ID)

New in version 3.

--user-domain <user-domain>

Domain the user belongs to (name or ID). This can be used in case collisions between user names exist.

New in version 3.

--group-domain <group-domain>

Domain the group belongs to (name or ID). This can be used in case collisions between group names exist.

New in version 3.

--project-domain <project-domain>

Domain the project belongs to (name or ID). This can be used in case collisions between project names exist.

New in version 3.

--inherited

Specifies if the role grant is inheritable to the sub projects.

New in version 3.

role remove

Remove role from domain/project : user/group

os role remove
    --domain <domain> | --project <project> [--project-domain <project-domain>]
    --user <user> [--user-domain <user-domain>] | --group <group> [--group-domain <group-domain>]
    --inherited
    <role>
--domain <domain>

Include <domain> (name or ID)

New in version 3.

--project <project>

Include <project> (name or ID)

--user <user>

Include <user> (name or ID)

--group <group>

Include <group> (name or ID)

New in version 3.

--user-domain <user-domain>

Domain the user belongs to (name or ID). This can be used in case collisions between user names exist.

New in version 3.

--group-domain <group-domain>

Domain the group belongs to (name or ID). This can be used in case collisions between group names exist.

New in version 3.

--project-domain <project-domain>

Domain the project belongs to (name or ID). This can be used in case collisions between project names exist.

New in version 3.

--inherited

Specifies if the role grant is inheritable to the sub projects.

New in version 3.

<role>

Role to remove (name or ID)

role set

Set role properties

New in version 3.

os role set
    [--name <name>]
    <role>
--name <name>

Set role name

<role>

Role to modify (name or ID)

role show

Display role details

os role show
    <role>
<role>

Role to display (name or ID)

Table Of Contents

Previous topic

request token

Next topic

role assignment

Project Source

This Page

Navigation

© Copyright 2012-2013 OpenStack Foundation. Created using Sphinx 1.2.3.