trust¶

A trust provide project-specific role delegation between users, with optional impersonation. Requires the OS-TRUST extension. Applies to Identity v3.

trust create¶

Create new trust

openstack trust create
    --project <project>
    --role <role>
    [--impersonate]
    [--expiration <expiration>]
    [--project-domain <project-domain>]
    [--trustor-domain <trustor-domain>]
    [--trustee-domain <trustee-domain>]
    <trustor-user>
    <trustee-user>

--project <project>¶: Project being delegated (name or ID) (required)

--role <role>¶: Roles to authorize (name or ID) (repeat option to set multiple values, required)

--impersonate¶: Tokens generated from the trust will represent <trustor> (defaults to False)

--expiration <expiration>¶: Sets an expiration date for the trust (format of YYYY-mm-ddTHH:MM:SS)

--project-domain <project-domain>¶: Domain the project belongs to (name or ID). This can be used in case collisions between project names exist.

--trustor-domain <trustor-domain>¶: Domain that contains <trustor> (name or ID)

--trustee-domain <trustee-domain>¶: Domain that contains <trustee> (name or ID)

trustor-user¶: User that is delegating authorization (name or ID)

trustee-user¶: User that is assuming authorization (name or ID)

trust delete¶

Delete trust(s)

openstack trust delete <trust> [<trust> ...]

trust¶: Trust(s) to delete

trust list¶

List trusts

openstack trust list
    [--sort-column SORT_COLUMN]
    [--sort-ascending | --sort-descending]
    [--trustor <trustor-user>]
    [--trustee <trustee-user>]
    [--trustor-domain <trustor-domain>]
    [--trustee-domain <trustee-domain>]
    [--auth-user]

--sort-column SORT_COLUMN¶: specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated

--sort-ascending¶: sort the column(s) in ascending order

--sort-descending¶: sort the column(s) in descending order

--trustor <trustor-user>¶: Trustor user to filter (name or ID)

--trustee <trustee-user>¶: Trustee user to filter (name or ID)

--trustor-domain <trustor-domain>¶: Domain that contains <trustor> (name or ID)

--trustee-domain <trustee-domain>¶: Domain that contains <trustee> (name or ID)

--auth-user¶: Only list trusts related to the authenticated user

trust show¶

Display trust details

openstack trust show <trust>

trust¶: Trust to display

trust

trust¶

trust create¶

trust delete¶

trust list¶

trust show¶

OpenStack Command Line Client 6.2.1.dev5

Page Contents