openstack.identity.v3.trust

openstack.identity.v3.trust

The Trust Class

The Trust class inherits from Resource.

class openstack.identity.v3.trust.Trust(attrs=None, loaded=False)

Construct a Resource to interact with a service’s REST API.

The Resource class offers two class methods to construct resource objects, which are preferrable to entering through this initializer. See Resource.new() and Resource.existing().

Parameters:
  • attrs (dict) – The attributes to set when constructing this Resource.
  • loaded (bool) – True if this Resource exists on the server, False if it does not.
project_id = None

ID of the project upon which the trustor is delegating authorization. Type: string

expires_at = None

Specifies the expiration time of the trust. A trust may be revoked ahead of expiration. If the value represents a time in the past, the trust is deactivated. Type: string

id = None

ID of the trust object. Type: string

impersonation = None

If impersonation is set to true, then the user attribute of tokens that are generated based on the trust will represent that of the trustor rather than the trustee, thus allowing the trustee to impersonate the trustor. If impersonation is set to False, then the token’s user attribute will represent that of the trustee. Type: boolean

trustee_user_id = None

Represents the user ID who is capable of consuming the trust. Type: string

trustor_user_id = None

Represents the user ID who created the trust, and who’s authorization is being delegated. Type: string

roles = None

Specifies the subset of the trustor’s roles on the project_id to be granted to the trustee when the token in consumed. The trustor must already be granted these roles in the project referenced by the project_id attribute. Type: list

redelegation_count = None

Redelegation count

Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.