trust

trust

A trust provide project-specific role delegation between users, with optional impersonation. Requires the OS-TRUST extension. Applies to Identity v3.

trust create

Create new trust

openstack trust create
    --project <project>
    --role <role>
    [--impersonate]
    [--expiration <expiration>]
    [--project-domain <project-domain>]
    [--trustor-domain <trustor-domain>]
    [--trustee-domain <trustee-domain>]
    <trustor-user>
    <trustee-user>
--project <project>

Project being delegated (name or ID) (required)

--role <role>

Roles to authorize (name or ID) (repeat option to set multiple values, required)

--impersonate

Tokens generated from the trust will represent <trustor> (defaults to False)

--expiration <expiration>

Sets an expiration date for the trust (format of YYYY-mm-ddTHH:MM:SS)

--project-domain <project-domain>

Domain the project belongs to (name or ID). This can be used in case collisions between project names exist.

--trustor-domain <trustor-domain>

Domain that contains <trustor> (name or ID)

--trustee-domain <trustee-domain>

Domain that contains <trustee> (name or ID)

trustor-user

User that is delegating authorization (name or ID)

trustee-user

User that is assuming authorization (name or ID)

This command is provided by the python-openstackclient plugin.

trust delete

Delete trust(s)

openstack trust delete <trust> [<trust> ...]
trust

Trust(s) to delete

This command is provided by the python-openstackclient plugin.

trust list

List trusts

openstack trust list

This command is provided by the python-openstackclient plugin.

trust show

Display trust details

openstack trust show <trust>
trust

Trust to display

This command is provided by the python-openstackclient plugin.

Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.