trust¶
A trust provide project-specific role delegation between users, with optional impersonation. Requires the OS-TRUST extension. Applies to Identity v3.
trust create¶
Create new trust
openstack trust create
--project <project>
--role <role>
[--impersonate]
[--expiration <expiration>]
[--project-domain <project-domain>]
[--trustor-domain <trustor-domain>]
[--trustee-domain <trustee-domain>]
<trustor-user>
<trustee-user>
-
--project<project>¶ Project being delegated (name or ID) (required)
-
--role<role>¶ Roles to authorize (name or ID) (repeat option to set multiple values, required)
-
--impersonate¶ Tokens generated from the trust will represent <trustor> (defaults to False)
-
--expiration<expiration>¶ Sets an expiration date for the trust (format of YYYY-mm-ddTHH:MM:SS)
-
--project-domain<project-domain>¶ Domain the project belongs to (name or ID). This can be used in case collisions between project names exist.
-
--trustor-domain<trustor-domain>¶ Domain that contains <trustor> (name or ID)
-
--trustee-domain<trustee-domain>¶ Domain that contains <trustee> (name or ID)
-
trustor-user¶ User that is delegating authorization (name or ID)
-
trustee-user¶ User that is assuming authorization (name or ID)
This command is provided by the python-openstackclient plugin.
trust delete¶
Delete trust(s)
openstack trust delete <trust> [<trust> ...]
-
trust¶ Trust(s) to delete
This command is provided by the python-openstackclient plugin.
Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.