trust¶

A trust provide project-specific role delegation between users, with optional impersonation. Requires the OS-TRUST extension. Applies to Identity v3.

trust create¶

Create new trust

openstack trust create
    --project <project>
    --role <role>
    [--impersonate]
    [--expiration <expiration>]
    [--project-domain <project-domain>]
    [--trustor-domain <trustor-domain>]
    [--trustee-domain <trustee-domain>]
    <trustor-user>
    <trustee-user>
--project <project>¶

Project being delegated (name or ID) (required)

--role <role>¶

Roles to authorize (name or ID) (repeat option to set multiple values, required)

--impersonate¶

Tokens generated from the trust will represent <trustor> (defaults to False)

--expiration <expiration>¶

Sets an expiration date for the trust (format of YYYY-mm-ddTHH:MM:SS)

--project-domain <project-domain>¶

Domain the project belongs to (name or ID). This can be used in case collisions between project names exist.

--trustor-domain <trustor-domain>¶

Domain that contains <trustor> (name or ID)

--trustee-domain <trustee-domain>¶

Domain that contains <trustee> (name or ID)

trustor-user¶

User that is delegating authorization (name or ID)

trustee-user¶

User that is assuming authorization (name or ID)

trust delete¶

Delete trust(s)

openstack trust delete <trust> [<trust> ...]
trust¶

Trust(s) to delete

trust list¶

List trusts

openstack trust list
    [--sort-column SORT_COLUMN]
    [--sort-ascending | --sort-descending]
    [--trustor <trustor-user>]
    [--trustee <trustee-user>]
    [--trustor-domain <trustor-domain>]
    [--trustee-domain <trustee-domain>]
    [--auth-user]
--sort-column SORT_COLUMN¶

specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated

--sort-ascending¶

sort the column(s) in ascending order

--sort-descending¶

sort the column(s) in descending order

--trustor <trustor-user>¶

Trustor user to filter (name or ID)

--trustee <trustee-user>¶

Trustee user to filter (name or ID)

--trustor-domain <trustor-domain>¶

Domain that contains <trustor> (name or ID)

--trustee-domain <trustee-domain>¶

Domain that contains <trustee> (name or ID)

--auth-user¶

Only list trusts related to the authenticated user

trust show¶

Display trust details

openstack trust show <trust>
trust¶

Trust to display