auto-generate docs for v3 identity resources

skipped shared v2/v3 identity resources.

Change-Id: I9e1fb5dee5506780fd79a0cbfbde059d0ccd1489

doc/source/cli/command-objects/access-token.rst

@@ -2,41 +2,9 @@
 access token
 ============
 
-Identity v3
+An **access token** is used by the Identity service's OS-OAUTH1 extension. It
+is used by the **consumer** to request new Identity API tokens on behalf of the
+authorizing **user**. Applicable to Identity v3.
 
-`Requires: OS-OAUTH1 extension`
-
-access token create
--------------------
-
-Create an access token
-
-.. program:: access token create
-.. code:: bash
-
-    openstack access token create
-        --consumer-key <consumer-key>
-        --consumer-secret <consumer-secret>
-        --request-key <request-key>
-        --request-secret <request-secret>
-        --verifier <verifier>
-
-.. option:: --consumer-key <consumer-key>
-
-    Consumer key (required)
-
-.. option:: --consumer-secret <consumer-secret>
-
-    Consumer secret (required)
-
-.. option:: --request-key <request-key>
-
-    Request token to exchange for access token (required)
-
-.. option:: --request-secret <request-secret>
-
-    Secret associated with <request-key> (required)
-
-.. option:: --verifier <verifier>
-
-    Verifier associated with <request-key> (required)
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: access token create

doc/source/cli/command-objects/catalog.rst

@@ -2,29 +2,11 @@
 catalog
 =======
 
-Identity v2, v3
+A **catalog** lists OpenStack services that are available on the cloud.
+Applicable to Identity v2 and v3
 
-catalog list
-------------
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: catalog list
 
-List services in the service catalog
-
-.. program:: catalog list
-.. code:: bash
-
-    openstack catalog list
-
-catalog show
-------------
-
-Display service catalog details
-
-.. program:: catalog show
-.. code:: bash
-
-    openstack catalog show
-        <service>
-
-.. describe:: <service>
-
-    Service to display (type or name)
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: catalog show

doc/source/cli/command-objects/consumer.rst

@@ -2,82 +2,21 @@
 consumer
 ========
 
-Identity v3
+An **consumer** is used by the Identity service's OS-OAUTH1 extension. It
+is used to create a **request token** and **access token**. Applicable to
+Identity v3.
 
-`Requires: OS-OAUTH1 extension`
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: consumer create
 
-consumer create
----------------
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: consumer delete
 
-Create new consumer
+.. autoprogram-cliff:: openstack.identity.v3
+  :command: consumer list
 
-.. program:: consumer create
-.. code:: bash
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: consumer set
 
-    openstack consumer create
-        [--description <description>]
-
-.. option:: --description <description>
-
-    New consumer description
-
-consumer delete
----------------
-
-Delete consumer(s)
-
-.. program:: consumer delete
-.. code:: bash
-
-    openstack consumer delete
-        <consumer> [<consumer> ...]
-
-.. describe:: <consumer>
-
-    Consumer(s) to delete
-
-consumer list
--------------
-
-List consumers
-
-.. program:: consumer list
-.. code:: bash
-
-    openstack consumer list
-
-consumer set
-------------
-
-Set consumer properties
-
-.. program:: consumer set
-.. code:: bash
-
-    openstack consumer set
-        [--description <description>]
-        <consumer>
-
-.. option:: --description <description>
-
-    New consumer description
-
-.. describe:: <consumer>
-
-    Consumer to modify
-
-consumer show
--------------
-
-Display consumer details
-
-.. program:: consumer show
-.. code:: bash
-
-    openstack consumer show
-        <consumer>
-
-.. _consumer_show-consumer:
-.. describe:: <consumer>
-
-    Consumer to display
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: consumer show

doc/source/cli/command-objects/domain.rst

@@ -2,114 +2,21 @@
 domain
 ======
 
-Identity v3
+A **domain** is a collection of **users**, **groups**, and **projects**. Each
+**group** and **project** is owned by exactly one **domain**. Applies to
+Identity v3.
 
-domain create
--------------
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: domain create
 
-Create new domain
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: domain delete
 
-.. program:: domain create
-.. code:: bash
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: domain list
 
-    openstack domain create
-        [--description <description>]
-        [--enable | --disable]
-        [--or-show]
-        <domain-name>
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: domain set
 
-.. option:: --description <description>
-
-    New domain description
-
-.. option:: --enable
-
-    Enable domain (default)
-
-.. option:: --disable
-
-    Disable domain
-
-.. option:: --or-show
-
-    Return existing domain
-
-    If the domain already exists, return the existing domain data and do not fail.
-
-.. describe:: <domain-name>
-
-    New domain name
-
-domain delete
--------------
-
-Delete domain(s)
-
-.. program:: domain delete
-.. code:: bash
-
-    openstack domain delete
-        <domain> [<domain> ...]
-
-.. describe:: <domain>
-
-    Domain(s) to delete (name or ID)
-
-domain list
------------
-
-List domains
-
-.. program:: domain list
-.. code:: bash
-
-    openstack domain list
-
-domain set
-----------
-
-Set domain properties
-
-.. program:: domain set
-.. code:: bash
-
-    openstack domain set
-        [--name <name>]
-        [--description <description>]
-        [--enable | --disable]
-        <domain>
-
-.. option:: --name <name>
-
-    New domain name
-
-.. option:: --description <description>
-
-    New domain description
-
-.. option:: --enable
-
-    Enable domain
-
-.. option:: --disable
-
-    Disable domain
-
-.. describe:: <domain>
-
-    Domain to modify (name or ID)
-
-domain show
------------
-
-Display domain details
-
-.. program:: domain show
-.. code:: bash
-
-    openstack domain show
-        <domain>
-
-.. describe:: <domain>
-
-    Domain to display (name or ID)
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: domain show

doc/source/cli/command-objects/federation-protocol.rst

@@ -2,111 +2,21 @@
 federation protocol
 ===================
 
-Identity v3
+A **federation protocol** is used by the Identity service's OS-FEDERATION
+extension. It is used by **identity providers** and **mappings**. Applicable to
+Identity v3.
 
-`Requires: OS-FEDERATION extension`
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: federation protocol create
 
-federation protocol create
---------------------------
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: federation protocol delete
 
-Create new federation protocol
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: federation protocol list
 
-.. program:: federation protocol create
-.. code:: bash
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: federation protocol set
 
-    openstack federation protocol create
-        --identity-provider <identity-provider>
-        --mapping <mapping>
-        <name>
-
-.. option:: --identity-provider <identity-provider>
-
-    Identity provider that will support the new federation protocol (name or ID) (required)
-
-.. option:: --mapping <mapping>
-
-    Mapping that is to be used (name or ID) (required)
-
-.. describe:: <name>
-
-    New federation protocol name (must be unique per identity provider)
-
-federation protocol delete
---------------------------
-
-Delete federation protocol(s)
-
-.. program:: federation protocol delete
-.. code:: bash
-
-    openstack federation protocol delete
-        --identity-provider <identity-provider>
-        <federation-protocol> [<federation-protocol> ...]
-
-.. option:: --identity-provider <identity-provider>
-
-    Identity provider that supports <federation-protocol> (name or ID) (required)
-
-.. describe:: <federation-protocol>
-
-    Federation protocol(s) to delete (name or ID)
-
-federation protocol list
-------------------------
-
-List federation protocols
-
-.. program:: federation protocol list
-.. code:: bash
-
-    openstack federation protocol list
-        --identity-provider <identity-provider>
-
-.. option:: --identity-provider <identity-provider>
-
-    Identity provider to list (name or ID) (required)
-
-federation protocol set
------------------------
-
-Set federation protocol properties
-
-.. program:: federation protocol set
-.. code:: bash
-
-    openstack federation protocol set
-        --identity-provider <identity-provider>
-        [--mapping <mapping>]
-        <federation-protocol>
-
-.. option:: --identity-provider <identity-provider>
-
-    Identity provider that supports <federation-protocol> (name or ID) (required)
-
-.. option:: --mapping <mapping>
-
-    Mapping that is to be used (name or ID)
-
-.. describe:: <federation-protocol>
-
-    Federation protocol to modify (name or ID)
-
-federation protocol show
-------------------------
-
-Display federation protocol details
-
-.. program:: federation protocol show
-.. code:: bash
-
-    openstack federation protocol show
-        --identity-provider <identity-provider>
-        <federation-protocol>
-
-.. option:: --identity-provider <identity-provider>
-
-    Identity provider that supports <federation-protocol> (name or ID) (required)
-
-.. describe:: <federation-protocol>
-
-    Federation protocol to display (name or ID)
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: federation protocol show

doc/source/cli/command-objects/identity-provider.rst

@@ -2,132 +2,21 @@
 identity provider
 =================
 
-Identity v3
+An **identity provider** is used by the Identity service's OS-FEDERATION
+extension. It is used by **federation protocols** and **mappings**. Applicable
+to Identity v3.
 
-`Requires: OS-FEDERATION extension`
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: identity provider create
 
-identity provider create
-------------------------
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: identity provider delete
 
-Create new identity provider
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: identity provider list
 
-.. program:: identity provider create
-.. code:: bash
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: identity provider set
 
-    openstack identity provider create
-        [--remote-id <remote-id> [...] | --remote-id-file <file-name>]
-        [--description <description>]
-        [--domain <domain>]
-        [--enable | --disable]
-        <name>
-
-.. option:: --remote-id <remote-id>
-
-    Remote IDs to associate with the Identity Provider
-    (repeat option to provide multiple values)
-
-.. option:: --remote-id-file <file-name>
-
-    Name of a file that contains many remote IDs to associate with the identity
-    provider, one per line
-
-.. option:: --description
-
-    New identity provider description
-
-.. option:: --domain
-
-    Name or ID of the domain to associate with the identity provider. If not
-    specified, one will be created automatically
-
-.. option:: --enable
-
-    Enable the identity provider (default)
-
-.. option:: --disable
-
-    Disable the identity provider
-
-.. describe:: <name>
-
-    New identity provider name (must be unique)
-
-identity provider delete
-------------------------
-
-Delete identity provider(s)
-
-.. program:: identity provider delete
-.. code:: bash
-
-    openstack identity provider delete
-        <identity-provider> [<identity-provider> ...]
-
-.. describe:: <identity-provider>
-
-    Identity provider(s) to delete
-
-identity provider list
-----------------------
-
-List identity providers
-
-.. program:: identity provider list
-.. code:: bash
-
-    openstack identity provider list
-
-identity provider set
----------------------
-
-Set identity provider properties
-
-.. program:: identity provider set
-.. code:: bash
-
-    openstack identity provider set
-        [--remote-id <remote-id> [...] | --remote-id-file <file-name>]
-        [--description <description>]
-        [--enable | --disable]
-        <identity-provider>
-
-.. option:: --remote-id <remote-id>
-
-    Remote IDs to associate with the Identity Provider
-    (repeat option to provide multiple values)
-
-.. option:: --remote-id-file <file-name>
-
-    Name of a file that contains many remote IDs to associate with the identity
-    provider, one per line
-
-.. option:: --description
-
-    Set identity provider description
-
-.. option:: --enable
-
-    Enable the identity provider
-
-.. option:: --disable
-
-    Disable the identity provider
-
-.. describe:: <identity-provider>
-
-    Identity provider to modify
-
-identity provider show
-----------------------
-
-Display identity provider details
-
-.. program:: identity provider show
-.. code:: bash
-
-    openstack identity provider show
-        <identity-provider>
-
-.. describe:: <identity-provider>
-
-    Identity provider to display
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: identity provider show

doc/source/cli/command-objects/mapping.rst

@@ -2,90 +2,21 @@
 mapping
 =======
 
-Identity v3
+A **mapping** is used by the Identity service's OS-FEDERATION
+extension. It is used by **federation protocols** and **identity providers**.
+Applicable to Identity v3.
 
-`Requires: OS-FEDERATION extension`
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: mapping create
 
-mapping create
---------------
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: mapping delete
 
-Create new mapping
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: mapping list
 
-.. program:: mapping create
-.. code:: bash
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: mapping set
 
-    openstack mapping create
-        --rules <filename>
-        <name>
-
-.. option:: --rules <filename>
-
-    Filename that contains a set of mapping rules (required)
-
-.. _mapping_create-mapping:
-.. describe:: <name>
-
-    New mapping name (must be unique)
-
-mapping delete
---------------
-
-Delete mapping(s)
-
-.. program:: mapping delete
-.. code:: bash
-
-    openstack mapping delete
-        <mapping> [<mapping> ...]
-
-.. _mapping_delete-mapping:
-.. describe:: <mapping>
-
-    Mapping(s) to delete
-
-mapping list
-------------
-
-List mappings
-
-.. program:: mapping list
-.. code:: bash
-
-    openstack mapping list
-
-mapping set
------------
-
-Set mapping properties
-
-.. program:: mapping set
-.. code:: bash
-
-    openstack mapping set
-        [--rules <filename>]
-        <mapping>
-
-.. option:: --rules <filename>
-
-    Filename that contains a new set of mapping rules
-
-.. _mapping_set-mapping:
-.. describe:: <mapping>
-
-    Mapping to modify
-
-mapping show
-------------
-
-Display mapping details
-
-.. program:: mapping show
-.. code:: bash
-
-    openstack mapping show
-        <mapping>
-
-.. _mapping_show-mapping:
-.. describe:: <mapping>
-
-    Mapping to display
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: mapping show

doc/source/cli/command-objects/policy.rst

@@ -2,94 +2,20 @@
 policy
 ======
 
-Identity v3
+A **policy** is an arbitrarily serialized policy engine rule set to be consumed
+by a remote service. Applies to Identity v3.
 
-policy create
--------------
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: policy create
 
-Create new policy
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: policy delete
 
-.. program:: policy create
-.. code:: bash
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: policy list
 
-    openstack policy create
-        [--type <type>]
-        <filename>
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: policy set
 
-.. option:: --type <type>
-
-    New MIME type of the policy rules file (defaults to application/json)
-
-.. describe:: <filename>
-
-    New serialized policy rules file
-
-policy delete
--------------
-
-Delete policy(s)
-
-.. program:: policy delete
-.. code:: bash
-
-    openstack policy delete
-        <policy> [<policy> ...]
-
-.. describe:: <policy>
-
-    Policy(s) to delete
-
-policy list
------------
-
-List policies
-
-.. program:: policy list
-.. code:: bash
-
-    openstack policy list
-        [--long]
-
-.. option:: --long
-
-    List additional fields in output
-
-policy set
-----------
-
-Set policy properties
-
-.. program:: policy set
-.. code:: bash
-
-    openstack policy set
-        [--type <type>]
-        [--rules <filename>]
-        <policy>
-
-.. option:: --type <type>
-
-    New MIME type of the policy rules file
-
-.. describe:: --rules <filename>
-
-    New serialized policy rules file
-
-.. describe:: <policy>
-
-    Policy to modify
-
-policy show
------------
-
-Display policy details
-
-.. program:: policy show
-.. code:: bash
-
-    openstack policy show
-        <policy>
-
-.. describe:: <policy>
-
-    Policy to display
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: policy show

doc/source/cli/command-objects/region.rst

@@ -2,103 +2,21 @@
 region
 ======
 
-Identity v3
+A **region** is a general division of an OpenStack deployment. You can associate
+zero or more sub-regions with a region to create a tree-like structured
+hierarchy. Applies to Identity v3.
 
-region create
--------------
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: region create
 
-Create new region
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: region delete
 
-.. program:: region create
-.. code:: bash
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: region list
 
-    openstack region create
-        [--parent-region <region-id>]
-        [--description <description>]
-        <region-id>
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: region set
 
-.. option:: --parent-region <region-id>
-
-    Parent region ID
-
-.. option:: --description <description>
-
-    New region description
-
-.. _region_create-region-id:
-.. describe:: <region-id>
-
-    New region ID
-
-region delete
--------------
-
-Delete region(s)
-
-.. program:: region delete
-.. code:: bash
-
-    openstack region delete
-        <region-id> [<region-id> ...]
-
-.. _region_delete-region-id:
-.. describe:: <region-id>
-
-    Region ID(s) to delete
-
-region list
------------
-
-List regions
-
-.. program:: region list
-.. code:: bash
-
-    openstack region list
-        [--parent-region <region-id>]
-
-.. option:: --parent-region <region-id>
-
-    Filter by parent region ID
-
-region set
-----------
-
-Set region properties
-
-.. program:: region set
-.. code:: bash
-
-    openstack region set
-        [--parent-region <region-id>]
-        [--description <description>]
-        <region-id>
-
-.. option:: --parent-region <region-id>
-
-    New parent region ID
-
-.. option:: --description <description>
-
-    New region description
-
-.. _region_set-region-id:
-.. describe:: <region-id>
-
-    Region to modify
-
-region show
------------
-
-Display region details
-
-.. program:: region show
-.. code:: bash
-
-    openstack region show
-        <region-id>
-
-.. _region_show-region-id:
-.. describe:: <region-id>
-
-    Region to display
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: region show

doc/source/cli/command-objects/request-token.rst

@@ -2,57 +2,12 @@
 request token
 =============
 
-Identity v3
+A **request token** is used by the Identity service's OS-OAUTH1 extension. It
+is used by the **consumer** to request **access tokens**. Applicable to
+Identity v3.
 
-`Requires: OS-OAUTH1 extension`
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: request token authorize
 
-request token authorize
------------------------
-
-Authorize a request token
-
-.. program:: request token authorize
-.. code:: bash
-
-    openstack request token authorize
-        --request-key <consumer-key>
-        --role <role>
-
-.. option:: --request-key <request-key>
-
-    Request token to authorize (ID only) (required)
-
-.. option:: --role <role>
-
-    Roles to authorize (name or ID)
-    (repeat option to set multiple values) (required)
-
-request token create
---------------------
-
-Create a request token
-
-.. program:: request token create
-.. code:: bash
-
-    openstack request token create
-        --consumer-key <consumer-key>
-        --consumer-secret <consumer-secret>
-        --project <project>
-        [--domain <domain>]
-
-.. option:: --consumer-key <consumer-key>
-
-    Consumer key (required)
-
-.. option:: --description <description>
-
-    Consumer secret (required)
-
-.. option:: --project <project>
-
-    Project that consumer wants to access (name or ID) (required)
-
-.. option:: --domain <domain>
-
-    Domain owning <project> (name or ID)
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: request token create

doc/source/cli/command-objects/service-provider.rst

@@ -1,125 +1,22 @@
-================
-service provider
-================
+=================
+identity provider
+=================
 
-Identity v3
+A **service provider** is used by the Identity service's OS-FEDERATION
+extension. It is used by to register another OpenStack Identity service.
+Applicable to Identity v3.
 
-`Requires: OS-FEDERATION extension`
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: service provider create
 
-service provider create
------------------------
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: service provider delete
 
-Create new service provider
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: service provider list
 
-.. program:: service provider create
-.. code:: bash
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: service provider set
 
-    openstack service provider create
-        [--description <description>]
-        [--enable | --disable]
-        --auth-url <auth-url>
-        --service-provider-url <sp-url>
-        <name>
-
-.. option:: --auth-url
-
-    Authentication URL of remote federated service provider (required)
-
-.. option:: --service-provider-url
-
-    A service URL where SAML assertions are being sent (required)
-
-.. option:: --description
-
-    New service provider description
-
-.. option:: --enable
-
-    Enable the service provider (default)
-
-.. option:: --disable
-
-    Disable the service provider
-
-.. describe:: <name>
-
-    New service provider name (must be unique)
-
-service provider delete
------------------------
-
-Delete service provider(s)
-
-.. program:: service provider delete
-.. code:: bash
-
-    openstack service provider delete
-        <service-provider> [<service-provider> ...]
-
-.. describe:: <service-provider>
-
-    Service provider(s) to delete
-
-service provider list
----------------------
-
-List service providers
-
-.. program:: service provider list
-.. code:: bash
-
-    openstack service provider list
-
-service provider set
---------------------
-
-Set service provider properties
-
-.. program:: service provider set
-.. code:: bash
-
-    openstack service provider set
-        [--enable | --disable]
-        [--description <description>]
-        [--auth-url <auth-url>]
-        [--service-provider-url <sp-url>]
-        <service-provider>
-
-.. option:: --service-provider-url
-
-    New service provider URL, where SAML assertions are sent
-
-.. option:: --auth-url
-
-    New Authentication URL of remote federated service provider
-
-.. option:: --description
-
-    New service provider description
-
-.. option:: --enable
-
-    Enable the service provider
-
-.. option:: --disable
-
-    Disable the service provider
-
-.. describe:: <service-provider>
-
-    Service provider to modify
-
-service provider show
----------------------
-
-Display service provider details
-
-.. program:: service provider show
-.. code:: bash
-
-    openstack service provider show
-        <service-provider>
-
-.. describe:: <service-provider>
-
-    Service provider to display
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: service provider show

doc/source/cli/command-objects/trust.rst

@@ -2,101 +2,17 @@
 trust
 =====
 
-Identity v3
+A **trust** provide project-specific role delegation between users, with
+optional impersonation. Requires the OS-TRUST extension. Applies to Identity v3.
 
-trust create
-------------
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: trust create
 
-Create new trust
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: trust delete
 
-.. program:: trust create
-.. code:: bash
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: trust list
 
-    openstack trust create
-        --project <project>
-        --role <role>
-        [--impersonate]
-        [--expiration <expiration>]
-        [--project-domain <domain>]
-        [--trustor-domain <domain>]
-        [--trustee-domain <domain>]
-        <trustor>
-        <trustee>
-
-.. option:: --project <project>
-
-    Project being delegated (name or ID) (required)
-
-.. option:: --role <role>
-
-    Roles to authorize (name or ID) (repeat option to set multiple values, required)
-
-.. option:: --impersonate
-
-    Tokens generated from the trust will represent <trustor> (defaults to False)
-
-.. option:: --expiration <expiration>
-
-    Sets an expiration date for the trust (format of YYYY-mm-ddTHH:MM:SS)
-
-.. option:: --project-domain <project-domain>
-
-    Domain the project belongs to (name or ID). This can be
-    used in case collisions between user names exist.
-
-.. option:: --trustor-domain <trustor-domain>
-
-    Domain that contains <trustor> (name or ID)
-
-.. option:: --trustee-domain <trustee-domain>
-
-    Domain that contains <trustee> (name or ID)
-
-.. describe:: <trustor-user>
-
-    User that is delegating authorization (name or ID)
-
-.. describe:: <trustee-user>
-
-    User that is assuming authorization (name or ID)
-
-
-trust delete
-------------
-
-Delete trust(s)
-
-.. program:: trust delete
-.. code:: bash
-
-    openstack trust delete
-        <trust> [<trust> ...]
-
-.. describe:: <trust>
-
-    Trust(s) to delete
-
-trust list
-----------
-
-List trusts
-
-.. program:: trust list
-.. code:: bash
-
-    openstack trust list
-
-trust show
-----------
-
-Display trust details
-
-.. program:: trust show
-.. code:: bash
-
-    openstack trust show
-        <trust>
-
-.. describe:: <trust>
-
-    Trust to display
+.. autoprogram-cliff:: openstack.identity.v3
+   :command: trust show