Managing Trusts

Openstack Administrators should never have the need to directly work with the trusts created.

The cloud-trust is created during the Triliovault configuration and further trusts are created as necessary upon creating or modifying a workload.

get
List Trusts

https://$(tvm_address):8780/v1/$(tenant_id)/trusts
Provides the lists of trusts for the given Tenant.
Request
Response
Request
Path Parameters
tvm_name
required
string
IP or FQDN of TrilioVault Service
tenant_id
required
string
ID of the Tenant / Project to fetch the trusts from
Headers
X-Auth-Project-Id
required
string
project to run the authentication against
X-Auth-Token
required
string
Authentication token to use
Accept
required
string
application/json
User-Agent
optional
string
python-workloadmgrclient
Query Parameters
is_cloud_admin
optional
boolean
true/false
Response
200: OK
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Thu, 21 Jan 2021 11:21:57 GMT
Content-Type: application/json
Content-Length: 868
Connection: keep-alive
X-Compute-Request-Id: req-fa48f0ad-aa76-42fa-85ea-1e5461889fb3
{
"trust":[
{
"created_at":"2020-11-26T13:10:53.000000",
"updated_at":null,
"deleted_at":null,
"deleted":false,
"version":"4.0.115",
"name":"trust-6e290937-de9b-446a-a406-eb3944e5a034",
"project_id":"4dfe98a43bfa404785a812020066b4d6",
"user_id":"cloud_admin",
"value":"dbe2e160d4c44d7894836a6029644ea0",
"description":"token id for user adfa32d7746a4341b27377d6f7c61adb project 4dfe98a43bfa404785a812020066b4d6",
"category":"identity",
"type":"trust_id",
"public":false,
"hidden":true,
"status":"available",
"metadata":[
{
"created_at":"2020-11-26T13:10:54.000000",
"updated_at":null,
"deleted_at":null,
"deleted":false,
"version":"4.0.115",
"id":"e9ec386e-79cf-4f6b-8201-093315648afe",
"settings_name":"trust-6e290937-de9b-446a-a406-eb3944e5a034",
"settings_project_id":"4dfe98a43bfa404785a812020066b4d6",
"key":"role_name",
"value":"admin"
}
]
}
]
}

post
Create Trust

https://$(tvm_address):8780/v1/$(tenant_id)/trusts
Creates a workload in the provided Tenant/Project with the given details.
Request
Response
Request
Path Parameters
tvm_address
required
string
IP or FQDN of TrilioVault Service
tenant_id
required
string
ID of the Tenant/Project to create the Trust for
Headers
X-Auth-Project-Id
required
string
Project to run the authentication against
X-Auth-Token
required
string
Authentication token to use
Content-Type
required
string
application/json
Accept
required
string
application/json
User-Agent
optional
string
python-workloadmgrclient
Response
200: OK
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Thu, 21 Jan 2021 11:43:36 GMT
Content-Type: application/json
Content-Length: 868
Connection: keep-alive
X-Compute-Request-Id: req-2151b327-ea74-4eec-b606-f0df358bc2a0
{
"trust":[
{
"created_at":"2021-01-21T11:43:36.140407",
"updated_at":null,
"deleted_at":null,
"deleted":false,
"version":"4.0.115",
"name":"trust-b03daf38-1615-48d6-88f9-a807c728e786",
"project_id":"4dfe98a43bfa404785a812020066b4d6",
"user_id":"adfa32d7746a4341b27377d6f7c61adb",
"value":"1c981a15e7a54242ae54eee6f8d32e6a",
"description":"token id for user adfa32d7746a4341b27377d6f7c61adb project 4dfe98a43bfa404785a812020066b4d6",
"category":"identity",
"type":"trust_id",
"public":false,
"hidden":1,
"status":"available",
"is_public":false,
"is_hidden":true,
"metadata":[
]
}
]
}

Body Format

{
"trusts":{
"role_name":"member",
"is_cloud_trust":false
}
}

get
Show Trust

https://$(tvm_address):8780/v1/$(tenant_id)/trusts/<trust_id>
Shows all details of a specified trust
Request
Response
Request
Path Parameters
tvm_address
optional
string
IP or FQDN of TrilioVault Service
tenant_id
required
string
ID of the Project/Tenant where to find the Workload
workload_id
required
string
ID of the Workload to show
Headers
X-Auth-Project-Id
required
string
Project to run the authentication against
X-Auth-Token
required
string
Authentication token to use
Accept
required
string
application/json
User-Agent
optional
string
python-workloadmgrclient
Response
200: OK
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Thu, 21 Jan 2021 11:39:12 GMT
Content-Type: application/json
Content-Length: 888
Connection: keep-alive
X-Compute-Request-Id: req-3c2f6acb-9973-4805-bae3-cd8dbcdc2cb4
{
"trust":{
"created_at":"2020-11-26T13:15:29.000000",
"updated_at":null,
"deleted_at":null,
"deleted":false,
"version":"4.0.115",
"name":"trust-54e24d8d-6bcf-449e-8021-708b4ebc65e1",
"project_id":"4dfe98a43bfa404785a812020066b4d6",
"user_id":"adfa32d7746a4341b27377d6f7c61adb",
"value":"703dfabb4c5942f7a1960736dd84f4d4",
"description":"token id for user adfa32d7746a4341b27377d6f7c61adb project 4dfe98a43bfa404785a812020066b4d6",
"category":"identity",
"type":"trust_id",
"public":false,
"hidden":true,
"status":"available",
"metadata":[
{
"created_at":"2020-11-26T13:15:29.000000",
"updated_at":null,
"deleted_at":null,
"deleted":false,
"version":"4.0.115",
"id":"86aceea1-9121-43f9-b55c-f862052374ab",
"settings_name":"trust-54e24d8d-6bcf-449e-8021-708b4ebc65e1",
"settings_project_id":"4dfe98a43bfa404785a812020066b4d6",
"key":"role_name",
"value":"member"
}
]
}
}

delete
Delete Trust

https://$(tvm_address):8780/v1/$(tenant_id)/trusts/<trust_id>
Deletes the specified trust.
Request
Response
Request
Path Parameters
tvm_address
required
string
IP or FQDN of TrilioVault Service
tenant_id
required
string
ID of the Tenant where to find the Trust in
trust_id
required
string
ID of the Trust to delete
Headers
X-Auth-Project-Id
required
string
Project to run the authentication against
X-Auth-Token
required
string
Authentication Token to use
Accept
required
string
application/json
User-Agent
optional
string
python-workloadmgrclient
Response
200: OK
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Thu, 21 Jan 2021 11:41:51 GMT
Content-Type: application/json
Content-Length: 888
Connection: keep-alive
X-Compute-Request-Id: req-d838a475-f4d3-44e9-8807-81a9c32ea2a8

get
Validate Scheduler Trust

https://$(tvm_address):8780/v1/$(tenant_id)/trusts/validate/<workload_id>
Validates the Trust of a given Workload.
Request
Response
Request
Path Parameters
tvm_address
optional
string
IP or FQDN of TrilioVault Service
tenant_id
required
string
ID of the Project/Tenant where to find the Workload
workload_id
required
string
ID of the Workload to validate the Trust of
Headers
X-Auth-Project-Id
required
string
Project to run the authentication against
X-Auth-Token
required
string
Authentication token to use
Accept
required
string
application/json
User-Agent
optional
string
python-workloadmgrclient
Response
200: OK
{
"scheduler_enabled":true,
"trust":{
"created_at":"2021-01-21T11:43:36.000000",
"updated_at":null,
"deleted_at":null,
"deleted":false,
"version":"4.0.115",
"name":"trust-b03daf38-1615-48d6-88f9-a807c728e786",
"project_id":"4dfe98a43bfa404785a812020066b4d6",
"user_id":"adfa32d7746a4341b27377d6f7c61adb",
"value":"1c981a15e7a54242ae54eee6f8d32e6a",
"description":"token id for user adfa32d7746a4341b27377d6f7c61adb project 4dfe98a43bfa404785a812020066b4d6",
"category":"identity",
"type":"trust_id",
"public":false,
"hidden":true,
"status":"available",
"metadata":[
{
"created_at":"2021-01-21T11:43:36.000000",
"updated_at":null,
"deleted_at":null,
"deleted":false,
"version":"4.0.115",
"id":"d98d283a-b096-4a68-826a-36f99781787d",
"settings_name":"trust-b03daf38-1615-48d6-88f9-a807c728e786",
"settings_project_id":"4dfe98a43bfa404785a812020066b4d6",
"key":"role_name",
"value":"member"
}
]
},
"is_valid":true,
"scheduler_obj":{
"workload_id":"209c13fa-e743-4ccd-81f7-efdaff277a1f",
"user_id":"adfa32d7746a4341b27377d6f7c61adb",
"project_id":"4dfe98a43bfa404785a812020066b4d6",
"user_domain_id":"default",
"user":"adfa32d7746a4341b27377d6f7c61adb",
"tenant":"4dfe98a43bfa404785a812020066b4d6"
}
}