usage: rucio-admin [-h] [--version] [--verbose] [-H ADDRESS]
[--auth-host ADDRESS] [-a ACCOUNT] [-S AUTH_STRATEGY]
[-T TIMEOUT] [--vo VO] [-u USERNAME] [-pwd PASSWORD]
[--oidc-user OIDC_USERNAME] [--oidc-password OIDC_PASSWORD]
[--oidc-scope OIDC_SCOPE] [--oidc-audience OIDC_AUDIENCE]
[--oidc-auto] [--oidc-polling]
[--oidc-refresh-lifetime OIDC_REFRESH_LIFETIME]
[--oidc-issuer OIDC_ISSUER] [--certificate CERTIFICATE]
[--ca-certificate CA_CERTIFICATE]
{data,account,identity,rse,scope,config,subscription,replicas}
...
positional arguments:
{data,account,identity,rse,scope,config,subscription,replicas}
data Import and export data
account Account methods
identity Identity methods
rse RSE (Rucio Storage Element) methods
scope Scope methods
config Configuration methods. The global configuration of
data mangement system can by modified.
subscription Subscription methods. The methods for automated and
regular processing of some specific rules.
replicas Replica methods
optional arguments:
-h, --help show this help message and exit
--version show program's version number and exit
--verbose, -v Print more verbose output
-H ADDRESS, --host ADDRESS
The Rucio API host
--auth-host ADDRESS The Rucio Authentication host
-a ACCOUNT, --account ACCOUNT
Rucio account to use
-S AUTH_STRATEGY, --auth-strategy AUTH_STRATEGY
Authentication strategy (userpass, x509, ssh ...)
-T TIMEOUT, --timeout TIMEOUT
Set all timeout values to SECONDS
--vo VO VO to authenticate at. Only used in multi-VO mode.
-u USERNAME, --user USERNAME
username
-pwd PASSWORD, --password PASSWORD
password
--oidc-user OIDC_USERNAME
OIDC username
--oidc-password OIDC_PASSWORD
OIDC password
--oidc-scope OIDC_SCOPE
Defines which (OIDC) information user will share with
Rucio. Rucio requires at least -sc="openid profile".
To request refresh token for Rucio, scope must include
"openid offline_access" and there must be no active
access token saved on the side of the currently used
Rucio Client.
--oidc-audience OIDC_AUDIENCE
Defines which audience are tokens requested for.
--oidc-auto If not specified, username and password credentials
are not required and users will be given a URL to use
in their browser. If specified, the users explicitly
trust Rucio with their IdP credentials.
--oidc-polling If not specified, user will be asked to enter a code
returned by the browser to the command line. If
--polling is set, Rucio Client should get the token
without any further interaction of the user. This
option is active only if --auto is *not* specified.
--oidc-refresh-lifetime OIDC_REFRESH_LIFETIME
Max lifetime in hours for this an access token will be
refreshed by asynchronous Rucio daemon. If not
specified, refresh will be stopped after 4 days. This
option is effective only if --oidc-scope includes
offline_access scope for a refresh token to be granted
to Rucio.
--oidc-issuer OIDC_ISSUER
Defines which Identity Provider is goign to be used.
The issuer string must correspond to the keys
configured in the /etc/idpsecrets.json auth server
configuration file.
--certificate CERTIFICATE
Client certificate file
--ca-certificate CA_CERTIFICATE
CA certificate to verify peer against (SSL)