A trust provide project-specific role delegation between users, with optional impersonation. Requires the OS-TRUST extension. Applies to Identity v3.
Create new trust
openstack trust create
--project <project>
--role <role>
[--impersonate]
[--expiration <expiration>]
[--project-domain <project-domain>]
[--trustor-domain <trustor-domain>]
[--trustee-domain <trustee-domain>]
<trustor-user>
<trustee-user>
--project
<project>
¶Project being delegated (name or ID) (required)
--role
<role>
¶Roles to authorize (name or ID) (repeat option to set multiple values, required)
--impersonate
¶Tokens generated from the trust will represent <trustor> (defaults to False)
--expiration
<expiration>
¶Sets an expiration date for the trust (format of YYYY-mm-ddTHH:MM:SS)
--project-domain
<project-domain>
¶Domain the project belongs to (name or ID). This can be used in case collisions between project names exist.
--trustor-domain
<trustor-domain>
¶Domain that contains <trustor> (name or ID)
--trustee-domain
<trustee-domain>
¶Domain that contains <trustee> (name or ID)
trustor-user
¶User that is delegating authorization (name or ID)
trustee-user
¶User that is assuming authorization (name or ID)
Delete trust(s)
openstack trust delete <trust> [<trust> ...]
trust
¶Trust(s) to delete
List trusts
openstack trust list
[--sort-column SORT_COLUMN]
[--sort-ascending | --sort-descending]
--sort-column
SORT_COLUMN
¶specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated
--sort-ascending
¶sort the column(s) in ascending order
--sort-descending
¶sort the column(s) in descending order
Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.