e816ce8e8f
Change-Id: Ia1002013803564f80c1ad1fc8dbf748713cee055
1386 lines
41 KiB
XML
1386 lines
41 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<chapter xmlns="http://docbook.org/ns/docbook"
|
|
xmlns:xi="http://www.w3.org/2001/XInclude"
|
|
xmlns:xlink="http://www.w3.org/1999/xlink"
|
|
version="5.0"
|
|
xml:id="keystoneclient_commands">
|
|
|
|
<!-- This file is automatically generated, do not edit -->
|
|
|
|
<?dbhtml stop-chunking?>
|
|
|
|
<title>Identity service command-line client</title>
|
|
|
|
<warning>
|
|
<para>The keystone CLI is deprecated in favor of
|
|
python-openstackclient. For a Python library, continue using
|
|
python-keystoneclient.</para>
|
|
</warning>
|
|
|
|
<para>The <command>keystone</command> client is the command-line
|
|
interface (CLI) for the OpenStack Identity API and its extensions.
|
|
|
|
This chapter documents <command>keystone</command> version
|
|
<literal>1.8.0</literal>.
|
|
</para>
|
|
|
|
<para>For help on a specific <command>keystone</command>
|
|
command, enter:
|
|
</para>
|
|
<screen><prompt>$</prompt> <userinput><command>keystone</command> <option>help</option> <replaceable>COMMAND</replaceable></userinput></screen>
|
|
|
|
<section xml:id="keystoneclient_command_usage">
|
|
<title>keystone usage</title>
|
|
<screen><computeroutput>usage: keystone [--version] [--debug] [--os-username <auth-user-name>]
|
|
[--os-password <auth-password>]
|
|
[--os-tenant-name <auth-tenant-name>]
|
|
[--os-tenant-id <tenant-id>] [--os-auth-url <auth-url>]
|
|
[--os-region-name <region-name>]
|
|
[--os-identity-api-version <identity-api-version>]
|
|
[--os-token <service-token>]
|
|
[--os-endpoint <service-endpoint>] [--os-cache]
|
|
[--force-new-token] [--stale-duration <seconds>] [--insecure]
|
|
[--os-cacert <ca-certificate>] [--os-cert <certificate>]
|
|
[--os-key <key>] [--timeout <seconds>]
|
|
<subcommand> ...</computeroutput></screen>
|
|
<variablelist wordsize="10">
|
|
<title>Subcommands</title>
|
|
<varlistentry>
|
|
<term><command>catalog</command></term>
|
|
<listitem>
|
|
<para>
|
|
List service catalog, possibly filtered by
|
|
service.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>ec2-credentials-create</command></term>
|
|
<listitem>
|
|
<para>
|
|
Create EC2-compatible credentials for user per
|
|
tenant.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>ec2-credentials-delete</command></term>
|
|
<listitem>
|
|
<para>
|
|
Delete EC2-compatible credentials.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>ec2-credentials-get</command></term>
|
|
<listitem>
|
|
<para>
|
|
Display EC2-compatible credentials.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>ec2-credentials-list</command></term>
|
|
<listitem>
|
|
<para>
|
|
List EC2-compatible credentials for a user.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>endpoint-create</command></term>
|
|
<listitem>
|
|
<para>
|
|
Create a new endpoint associated with a service.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>endpoint-delete</command></term>
|
|
<listitem>
|
|
<para>
|
|
Delete a service endpoint.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>endpoint-get</command></term>
|
|
<listitem>
|
|
<para>
|
|
Find endpoint filtered by a specific attribute or
|
|
service type.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>endpoint-list</command></term>
|
|
<listitem>
|
|
<para>
|
|
List configured service endpoints.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>password-update</command></term>
|
|
<listitem>
|
|
<para>
|
|
Update own password.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>role-create</command></term>
|
|
<listitem>
|
|
<para>
|
|
Create new role.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>role-delete</command></term>
|
|
<listitem>
|
|
<para>
|
|
Delete role.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>role-get</command></term>
|
|
<listitem>
|
|
<para>
|
|
Display role details.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>role-list</command></term>
|
|
<listitem>
|
|
<para>
|
|
List all roles.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>service-create</command></term>
|
|
<listitem>
|
|
<para>
|
|
Add service to Service Catalog.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>service-delete</command></term>
|
|
<listitem>
|
|
<para>
|
|
Delete service from Service Catalog.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>service-get</command></term>
|
|
<listitem>
|
|
<para>
|
|
Display service from Service Catalog.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>service-list</command></term>
|
|
<listitem>
|
|
<para>
|
|
List all services in Service Catalog.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>tenant-create</command></term>
|
|
<listitem>
|
|
<para>
|
|
Create new tenant.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>tenant-delete</command></term>
|
|
<listitem>
|
|
<para>
|
|
Delete tenant.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>tenant-get</command></term>
|
|
<listitem>
|
|
<para>
|
|
Display tenant details.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>tenant-list</command></term>
|
|
<listitem>
|
|
<para>
|
|
List all tenants.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>tenant-update</command></term>
|
|
<listitem>
|
|
<para>
|
|
Update tenant name, description, enabled status.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>token-get</command></term>
|
|
<listitem>
|
|
<para>
|
|
Display the current user token.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>user-create</command></term>
|
|
<listitem>
|
|
<para>
|
|
Create new user.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>user-delete</command></term>
|
|
<listitem>
|
|
<para>
|
|
Delete user.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>user-get</command></term>
|
|
<listitem>
|
|
<para>
|
|
Display user details.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>user-list</command></term>
|
|
<listitem>
|
|
<para>
|
|
List users.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>user-password-update</command></term>
|
|
<listitem>
|
|
<para>
|
|
Update user password.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>user-role-add</command></term>
|
|
<listitem>
|
|
<para>
|
|
Add role to user.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>user-role-list</command></term>
|
|
<listitem>
|
|
<para>
|
|
List roles granted to a user.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>user-role-remove</command></term>
|
|
<listitem>
|
|
<para>
|
|
Remove role from user.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>user-update</command></term>
|
|
<listitem>
|
|
<para>
|
|
Update user's name, email, and enabled status.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>discover</command></term>
|
|
<listitem>
|
|
<para>
|
|
Discover Keystone servers, supported API versions
|
|
and extensions.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>bootstrap</command></term>
|
|
<listitem>
|
|
<para>
|
|
Grants a new role to a new user on a new tenant,
|
|
after creating each.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>bash-completion</command></term>
|
|
<listitem>
|
|
<para>
|
|
Prints all of the commands and options to stdout.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>help</command></term>
|
|
<listitem>
|
|
<para>
|
|
Display help about this program or one of its
|
|
subcommands.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_command_optional">
|
|
<title>keystone optional arguments</title>
|
|
<variablelist wordsize="10">
|
|
<varlistentry>
|
|
<term><command>--version</command></term>
|
|
<listitem>
|
|
<para>
|
|
Shows the client version and exits.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--debug</command></term>
|
|
<listitem>
|
|
<para>
|
|
Prints debugging output onto the console, this
|
|
includes the curl request and response calls.
|
|
Helpful for debugging and understanding the API
|
|
calls.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--os-username <auth-user-name></command></term>
|
|
<listitem>
|
|
<para>
|
|
Name used for authentication with the OpenStack
|
|
Identity service. Defaults to <code>env[OS_USERNAME]</code>.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--os-password <auth-password></command></term>
|
|
<listitem>
|
|
<para>
|
|
Password used for authentication with the
|
|
OpenStack Identity service. Defaults to
|
|
<code>env[OS_PASSWORD]</code>.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--os-tenant-name <auth-tenant-name></command></term>
|
|
<listitem>
|
|
<para>
|
|
Tenant to request authorization on. Defaults to
|
|
<code>env[OS_TENANT_NAME]</code>.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--os-tenant-id <tenant-id></command></term>
|
|
<listitem>
|
|
<para>
|
|
Tenant to request authorization on. Defaults to
|
|
<code>env[OS_TENANT_ID]</code>.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--os-auth-url <auth-url></command></term>
|
|
<listitem>
|
|
<para>
|
|
Specify the Identity endpoint to use for
|
|
authentication. Defaults to <code>env[OS_AUTH_URL]</code>.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--os-region-name <region-name></command></term>
|
|
<listitem>
|
|
<para>
|
|
Specify the region to use. Defaults to
|
|
<code>env[OS_REGION_NAME]</code>.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--os-identity-api-version <identity-api-version></command></term>
|
|
<listitem>
|
|
<para>
|
|
Specify Identity API version to use. Defaults to
|
|
<code>env[OS_IDENTITY_API_VERSION]</code> or 2.0.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--os-token <service-token></command></term>
|
|
<listitem>
|
|
<para>
|
|
Specify an existing token to use instead of
|
|
retrieving one via authentication (e.g. with
|
|
username & password). Defaults to
|
|
<code>env[OS_SERVICE_TOKEN]</code>.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--os-endpoint <service-endpoint></command></term>
|
|
<listitem>
|
|
<para>
|
|
Specify an endpoint to use instead of retrieving
|
|
one from the service catalog (via authentication).
|
|
Defaults to <code>env[OS_SERVICE_ENDPOINT]</code>.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--os-cache</command></term>
|
|
<listitem>
|
|
<para>
|
|
Use the auth token cache. Defaults to
|
|
<code>env[OS_CACHE]</code>.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--force-new-token</command></term>
|
|
<listitem>
|
|
<para>
|
|
If the keyring is available and in use, token will
|
|
always be stored and fetched from the keyring
|
|
until the token has expired. Use this option to
|
|
request a new token and replace the existing one
|
|
in the keyring.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--stale-duration <seconds></command></term>
|
|
<listitem>
|
|
<para>
|
|
Stale duration (in seconds) used to determine
|
|
whether a token has expired when retrieving it
|
|
from keyring. This is useful in mitigating process
|
|
or network delays. Default is 30 seconds.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--insecure</command></term>
|
|
<listitem>
|
|
<para>
|
|
Explicitly allow client to perform "insecure" TLS
|
|
(https) requests. The server's certificate will
|
|
not be verified against any certificate
|
|
authorities. This option should be used with
|
|
caution.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--os-cacert <ca-certificate></command></term>
|
|
<listitem>
|
|
<para>
|
|
Specify a CA bundle file to use in verifying a TLS
|
|
(https) server certificate. Defaults to
|
|
<code>env[OS_CACERT]</code>.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--os-cert <certificate></command></term>
|
|
<listitem>
|
|
<para>
|
|
Defaults to <code>env[OS_CERT]</code>.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--os-key <key></command></term>
|
|
<listitem>
|
|
<para>
|
|
Defaults to <code>env[OS_KEY]</code>.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--timeout <seconds></command></term>
|
|
<listitem>
|
|
<para>
|
|
Set request timeout (in seconds).
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_bootstrap">
|
|
<title>keystone bootstrap</title>
|
|
<screen><computeroutput>usage: keystone bootstrap [--user-name <user-name>] --pass <password>
|
|
[--role-name <role-name>]
|
|
[--tenant-name <tenant-name>]</computeroutput></screen>
|
|
<para>
|
|
Grants a new role to a new user on a new tenant, after creating each.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command>--user-name <user-name></command></term>
|
|
<listitem>
|
|
<para>
|
|
The name of the user to be created (default="admin").
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--pass <password></command></term>
|
|
<listitem>
|
|
<para>
|
|
The password for the new user.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--role-name <role-name></command></term>
|
|
<listitem>
|
|
<para>
|
|
The name of the role to be created and granted to the
|
|
user (default="admin").
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--tenant-name <tenant-name></command></term>
|
|
<listitem>
|
|
<para>
|
|
The name of the tenant to be created
|
|
(default="admin").
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_catalog">
|
|
<title>keystone catalog</title>
|
|
<screen><computeroutput>usage: keystone catalog [--service <service-type>]</computeroutput></screen>
|
|
<para>
|
|
List service catalog, possibly filtered by service.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command>--service <service-type></command></term>
|
|
<listitem>
|
|
<para>
|
|
Service type to return.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_discover">
|
|
<title>keystone discover</title>
|
|
<screen><computeroutput>usage: keystone discover</computeroutput></screen>
|
|
<para>
|
|
Discover Keystone servers, supported API versions and extensions.
|
|
</para>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_ec2-credentials-create">
|
|
<title>keystone ec2-credentials-create</title>
|
|
<screen><computeroutput>usage: keystone ec2-credentials-create [--user-id <user-id>]
|
|
[--tenant-id <tenant-id>]</computeroutput></screen>
|
|
<para>
|
|
Create EC2-compatible credentials for user per tenant.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command>--user-id <user-id></command></term>
|
|
<listitem>
|
|
<para>
|
|
User ID for which to create credentials. If not
|
|
specified, the authenticated user will be used.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--tenant-id <tenant-id></command></term>
|
|
<listitem>
|
|
<para>
|
|
Tenant ID for which to create credentials. If not
|
|
specified, the authenticated tenant ID will be used.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_ec2-credentials-delete">
|
|
<title>keystone ec2-credentials-delete</title>
|
|
<screen><computeroutput>usage: keystone ec2-credentials-delete [--user-id <user-id>] --access
|
|
<access-key></computeroutput></screen>
|
|
<para>
|
|
Delete EC2-compatible credentials.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command>--user-id <user-id></command></term>
|
|
<listitem>
|
|
<para>
|
|
User ID.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--access <access-key></command></term>
|
|
<listitem>
|
|
<para>
|
|
Access Key.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_ec2-credentials-get">
|
|
<title>keystone ec2-credentials-get</title>
|
|
<screen><computeroutput>usage: keystone ec2-credentials-get [--user-id <user-id>] --access
|
|
<access-key></computeroutput></screen>
|
|
<para>
|
|
Display EC2-compatible credentials.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command>--user-id <user-id></command></term>
|
|
<listitem>
|
|
<para>
|
|
User ID.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--access <access-key></command></term>
|
|
<listitem>
|
|
<para>
|
|
Access Key.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_ec2-credentials-list">
|
|
<title>keystone ec2-credentials-list</title>
|
|
<screen><computeroutput>usage: keystone ec2-credentials-list [--user-id <user-id>]</computeroutput></screen>
|
|
<para>
|
|
List EC2-compatible credentials for a user.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command>--user-id <user-id></command></term>
|
|
<listitem>
|
|
<para>
|
|
User ID.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_endpoint-create">
|
|
<title>keystone endpoint-create</title>
|
|
<screen><computeroutput>usage: keystone endpoint-create [--region <endpoint-region>] --service
|
|
<service> --publicurl <public-url>
|
|
[--adminurl <admin-url>]
|
|
[--internalurl <internal-url>]</computeroutput></screen>
|
|
<para>
|
|
Create a new endpoint associated with a service.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command>--region <endpoint-region></command></term>
|
|
<listitem>
|
|
<para>
|
|
Endpoint region.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--service <service>, --service-id <service>, --service_id <service></command></term>
|
|
<listitem>
|
|
<para>
|
|
Name or ID of service associated with endpoint.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--publicurl <public-url></command></term>
|
|
<listitem>
|
|
<para>
|
|
Public URL endpoint.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--adminurl <admin-url></command></term>
|
|
<listitem>
|
|
<para>
|
|
Admin URL endpoint.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--internalurl <internal-url></command></term>
|
|
<listitem>
|
|
<para>
|
|
Internal URL endpoint.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_endpoint-delete">
|
|
<title>keystone endpoint-delete</title>
|
|
<screen><computeroutput>usage: keystone endpoint-delete <endpoint-id></computeroutput></screen>
|
|
<para>
|
|
Delete a service endpoint.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command><endpoint-id></command></term>
|
|
<listitem>
|
|
<para>
|
|
ID of endpoint to delete.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_endpoint-get">
|
|
<title>keystone endpoint-get</title>
|
|
<screen><computeroutput>usage: keystone endpoint-get --service <service-type>
|
|
[--endpoint-type <endpoint-type>]
|
|
[--attr <service-attribute>] [--value <value>]</computeroutput></screen>
|
|
<para>
|
|
Find endpoint filtered by a specific attribute or service type.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command>--service <service-type></command></term>
|
|
<listitem>
|
|
<para>
|
|
Service type to select.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--endpoint-type <endpoint-type></command></term>
|
|
<listitem>
|
|
<para>
|
|
Endpoint type to select.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--attr <service-attribute></command></term>
|
|
<listitem>
|
|
<para>
|
|
Service attribute to match for selection.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--value <value></command></term>
|
|
<listitem>
|
|
<para>
|
|
Value of attribute to match.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_endpoint-list">
|
|
<title>keystone endpoint-list</title>
|
|
<screen><computeroutput>usage: keystone endpoint-list</computeroutput></screen>
|
|
<para>
|
|
List configured service endpoints.
|
|
</para>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_password-update">
|
|
<title>keystone password-update</title>
|
|
<screen><computeroutput>usage: keystone password-update [--current-password <current-password>]
|
|
[--new-password <new-password>]</computeroutput></screen>
|
|
<para>
|
|
Update own password.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command>--current-password <current-password></command></term>
|
|
<listitem>
|
|
<para>
|
|
Current password, Defaults to the password as set by
|
|
--os-password or <code>env[OS_PASSWORD]</code>.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--new-password <new-password></command></term>
|
|
<listitem>
|
|
<para>
|
|
Desired new password.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_role-create">
|
|
<title>keystone role-create</title>
|
|
<screen><computeroutput>usage: keystone role-create --name <role-name></computeroutput></screen>
|
|
<para>
|
|
Create new role.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command>--name <role-name></command></term>
|
|
<listitem>
|
|
<para>
|
|
Name of new role.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_role-delete">
|
|
<title>keystone role-delete</title>
|
|
<screen><computeroutput>usage: keystone role-delete <role></computeroutput></screen>
|
|
<para>
|
|
Delete role.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command><role></command></term>
|
|
<listitem>
|
|
<para>
|
|
Name or ID of role to delete.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_role-get">
|
|
<title>keystone role-get</title>
|
|
<screen><computeroutput>usage: keystone role-get <role></computeroutput></screen>
|
|
<para>
|
|
Display role details.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command><role></command></term>
|
|
<listitem>
|
|
<para>
|
|
Name or ID of role to display.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_role-list">
|
|
<title>keystone role-list</title>
|
|
<screen><computeroutput>usage: keystone role-list</computeroutput></screen>
|
|
<para>
|
|
List all roles.
|
|
</para>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_service-create">
|
|
<title>keystone service-create</title>
|
|
<screen><computeroutput>usage: keystone service-create --type <type> [--name <name>]
|
|
[--description <service-description>]</computeroutput></screen>
|
|
<para>
|
|
Add service to Service Catalog.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command>--type <type></command></term>
|
|
<listitem>
|
|
<para>
|
|
Service type (one of: identity, compute, network,
|
|
image, object-store, or other service identifier
|
|
string).
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--name <name></command></term>
|
|
<listitem>
|
|
<para>
|
|
Name of new service (must be unique).
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--description <service-description></command></term>
|
|
<listitem>
|
|
<para>
|
|
Description of service.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_service-delete">
|
|
<title>keystone service-delete</title>
|
|
<screen><computeroutput>usage: keystone service-delete <service></computeroutput></screen>
|
|
<para>
|
|
Delete service from Service Catalog.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command><service></command></term>
|
|
<listitem>
|
|
<para>
|
|
Name or ID of service to delete.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_service-get">
|
|
<title>keystone service-get</title>
|
|
<screen><computeroutput>usage: keystone service-get <service></computeroutput></screen>
|
|
<para>
|
|
Display service from Service Catalog.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command><service></command></term>
|
|
<listitem>
|
|
<para>
|
|
Name or ID of service to display.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_service-list">
|
|
<title>keystone service-list</title>
|
|
<screen><computeroutput>usage: keystone service-list</computeroutput></screen>
|
|
<para>
|
|
List all services in Service Catalog.
|
|
</para>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_tenant-create">
|
|
<title>keystone tenant-create</title>
|
|
<screen><computeroutput>usage: keystone tenant-create --name <tenant-name>
|
|
[--description <tenant-description>]
|
|
[--enabled <true|false>]</computeroutput></screen>
|
|
<para>
|
|
Create new tenant.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command>--name <tenant-name></command></term>
|
|
<listitem>
|
|
<para>
|
|
New tenant name (must be unique).
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--description <tenant-description></command></term>
|
|
<listitem>
|
|
<para>
|
|
Description of new tenant. Default is none.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--enabled <true|false></command></term>
|
|
<listitem>
|
|
<para>
|
|
Initial tenant enabled status. Default is true.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_tenant-delete">
|
|
<title>keystone tenant-delete</title>
|
|
<screen><computeroutput>usage: keystone tenant-delete <tenant></computeroutput></screen>
|
|
<para>
|
|
Delete tenant.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command><tenant></command></term>
|
|
<listitem>
|
|
<para>
|
|
Name or ID of tenant to delete.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_tenant-get">
|
|
<title>keystone tenant-get</title>
|
|
<screen><computeroutput>usage: keystone tenant-get <tenant></computeroutput></screen>
|
|
<para>
|
|
Display tenant details.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command><tenant></command></term>
|
|
<listitem>
|
|
<para>
|
|
Name or ID of tenant to display.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_tenant-list">
|
|
<title>keystone tenant-list</title>
|
|
<screen><computeroutput>usage: keystone tenant-list</computeroutput></screen>
|
|
<para>
|
|
List all tenants.
|
|
</para>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_tenant-update">
|
|
<title>keystone tenant-update</title>
|
|
<screen><computeroutput>usage: keystone tenant-update [--name <tenant_name>]
|
|
[--description <tenant-description>]
|
|
[--enabled <true|false>]
|
|
<tenant></computeroutput></screen>
|
|
<para>
|
|
Update tenant name, description, enabled status.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command>--name <tenant_name></command></term>
|
|
<listitem>
|
|
<para>
|
|
Desired new name of tenant.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--description <tenant-description></command></term>
|
|
<listitem>
|
|
<para>
|
|
Desired new description of tenant.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--enabled <true|false></command></term>
|
|
<listitem>
|
|
<para>
|
|
Enable or disable tenant.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command><tenant></command></term>
|
|
<listitem>
|
|
<para>
|
|
Name or ID of tenant to update.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_token-get">
|
|
<title>keystone token-get</title>
|
|
<screen><computeroutput>usage: keystone token-get [--wrap <integer>]</computeroutput></screen>
|
|
<para>
|
|
Display the current user token.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command>--wrap <integer></command></term>
|
|
<listitem>
|
|
<para>
|
|
Wrap PKI tokens to a specified length, or 0 to disable.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_user-create">
|
|
<title>keystone user-create</title>
|
|
<screen><computeroutput>usage: keystone user-create --name <user-name> [--tenant <tenant>]
|
|
[--pass [<pass>]] [--email <email>]
|
|
[--enabled <true|false>]</computeroutput></screen>
|
|
<para>
|
|
Create new user.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command>--name <user-name></command></term>
|
|
<listitem>
|
|
<para>
|
|
New user name (must be unique).
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--tenant <tenant>, --tenant-id <tenant></command></term>
|
|
<listitem>
|
|
<para>
|
|
New user default tenant.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--pass [<pass>]</command></term>
|
|
<listitem>
|
|
<para>
|
|
New user password; required for some auth backends.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--email <email></command></term>
|
|
<listitem>
|
|
<para>
|
|
New user email address.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--enabled <true|false></command></term>
|
|
<listitem>
|
|
<para>
|
|
Initial user enabled status. Default is true.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_user-delete">
|
|
<title>keystone user-delete</title>
|
|
<screen><computeroutput>usage: keystone user-delete <user></computeroutput></screen>
|
|
<para>
|
|
Delete user.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command><user></command></term>
|
|
<listitem>
|
|
<para>
|
|
Name or ID of user to delete.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_user-get">
|
|
<title>keystone user-get</title>
|
|
<screen><computeroutput>usage: keystone user-get <user></computeroutput></screen>
|
|
<para>
|
|
Display user details.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command><user></command></term>
|
|
<listitem>
|
|
<para>
|
|
Name or ID of user to display.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_user-list">
|
|
<title>keystone user-list</title>
|
|
<screen><computeroutput>usage: keystone user-list [--tenant <tenant>]</computeroutput></screen>
|
|
<para>
|
|
List users.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command>--tenant <tenant>, --tenant-id <tenant></command></term>
|
|
<listitem>
|
|
<para>
|
|
Tenant; lists all users if not specified.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_user-password-update">
|
|
<title>keystone user-password-update</title>
|
|
<screen><computeroutput>usage: keystone user-password-update [--pass <password>] <user></computeroutput></screen>
|
|
<para>
|
|
Update user password.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command>--pass <password></command></term>
|
|
<listitem>
|
|
<para>
|
|
Desired new password.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command><user></command></term>
|
|
<listitem>
|
|
<para>
|
|
Name or ID of user to update password.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_user-role-add">
|
|
<title>keystone user-role-add</title>
|
|
<screen><computeroutput>usage: keystone user-role-add --user <user> --role <role> [--tenant <tenant>]</computeroutput></screen>
|
|
<para>
|
|
Add role to user.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command>--user <user>, --user-id <user>, --user_id <user></command></term>
|
|
<listitem>
|
|
<para>
|
|
Name or ID of user.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--role <role>, --role-id <role>, --role_id <role></command></term>
|
|
<listitem>
|
|
<para>
|
|
Name or ID of role.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--tenant <tenant>, --tenant-id <tenant></command></term>
|
|
<listitem>
|
|
<para>
|
|
Name or ID of tenant.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_user-role-list">
|
|
<title>keystone user-role-list</title>
|
|
<screen><computeroutput>usage: keystone user-role-list [--user <user>] [--tenant <tenant>]</computeroutput></screen>
|
|
<para>
|
|
List roles granted to a user.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command>--user <user>, --user-id <user></command></term>
|
|
<listitem>
|
|
<para>
|
|
List roles granted to specified user.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--tenant <tenant>, --tenant-id <tenant></command></term>
|
|
<listitem>
|
|
<para>
|
|
List only roles granted on specified tenant.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_user-role-remove">
|
|
<title>keystone user-role-remove</title>
|
|
<screen><computeroutput>usage: keystone user-role-remove --user <user> --role <role>
|
|
[--tenant <tenant>]</computeroutput></screen>
|
|
<para>
|
|
Remove role from user.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command>--user <user>, --user-id <user>, --user_id <user></command></term>
|
|
<listitem>
|
|
<para>
|
|
Name or ID of user.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--role <role>, --role-id <role>, --role_id <role></command></term>
|
|
<listitem>
|
|
<para>
|
|
Name or ID of role.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--tenant <tenant>, --tenant-id <tenant></command></term>
|
|
<listitem>
|
|
<para>
|
|
Name or ID of tenant.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
<section xml:id="keystoneclient_subcommand_user-update">
|
|
<title>keystone user-update</title>
|
|
<screen><computeroutput>usage: keystone user-update [--name <user-name>] [--email <email>]
|
|
[--enabled <true|false>]
|
|
<user></computeroutput></screen>
|
|
<para>
|
|
Update user's name, email, and enabled status.
|
|
</para> <variablelist wordsize="10">
|
|
<title>Arguments</title>
|
|
<varlistentry>
|
|
<term><command>--name <user-name></command></term>
|
|
<listitem>
|
|
<para>
|
|
Desired new user name.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--email <email></command></term>
|
|
<listitem>
|
|
<para>
|
|
Desired new email address.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command>--enabled <true|false></command></term>
|
|
<listitem>
|
|
<para>
|
|
Enable or disable user.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><command><user></command></term>
|
|
<listitem>
|
|
<para>
|
|
Name or ID of user to update.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|
|
</chapter>
|