openstack.identity.v3.trust

openstack.identity.v3.trust¶

The Trust Class¶

The Trust class inherits from Resource.

class openstack.identity.v3.trust.Trust(_synchronized=False, connection=None, **attrs)¶

The base resource

Parameters

_synchronized (bool) – This is not intended to be used directly. See new() and existing().
connection (openstack.connection.Connection) – Reference to the Connection being used. Defaults to None to allow Resource objects to be used without an active Connection, such as in unit tests. Use of self._connection in Resource code should protect itself with a check for None.

allow_redelegation¶: A boolean indicating whether the trust can be issued by the trustee as a regulart trust. Default is False.

expires_at¶: Specifies the expiration time of the trust. A trust may be revoked ahead of expiration. If the value represents a time in the past, the trust is deactivated.

is_impersonation¶: If impersonation is set to true, then the user attribute of tokens that are generated based on the trust will represent that of the trustor rather than the trustee, thus allowing the trustee to impersonate the trustor. If impersonation is set to False, then the token’s user attribute will represent that of the trustee. Type: bool

links¶: Links for the trust resource.

project_id¶: ID of the project upon which the trustor is delegating authorization. Type: string

role_links¶: A role links object that includes ‘next’, ‘previous’, and self links for roles.

roles¶: Specifies the subset of the trustor’s roles on the project_id to be granted to the trustee when the token in consumed. The trustor must already be granted these roles in the project referenced by the project_id attribute. Type: list

redelegated_trust_id¶: Returned with redelegated trust provides information about the predecessor in the trust chain.

redelegation_count¶: Redelegation count

remaining_uses¶: How many times the trust can be used to obtain a token. The value is decreased each time a token is issued through the trust. Once it reaches zero, no further tokens will be isued through the trust.

trustee_user_id¶: Represents the user ID who is capable of consuming the trust. Type: string

trustor_user_id¶: Represents the user ID who created the trust, and who’s authorization is being delegated. Type: string

this page last updated: 2018-01-10 09:10:40

Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.