GLOBUS ENDPOINT ACTIVATE(1)
DESCRIPTION
globus endpoint activate activates an endpoint for use by assigning a short term security credential to that endpoint.
The Globus CLI can activate using Automatic activation, Myproxy activation, Delegate Proxy activation, or Web activation. Note that --myproxy --web and --delegate-proxy are mutually exclusive options as only one activation method other than autoactivation can be attempted at a time.
Autoactivation will always be attempted unless the --no-autoactivate option is given. If autoactivation succeeds any other activation options will be ignored as the endpoint has already been successfully activated.
To use Web activation use the --web option. The CLI will try to open your default browser to the endpoint’s activation page, but if a remote CLI session is detected, or the --no-browser option is given, a url will be printed for you to manually follow and activate the endpoint.
To use Myproxy activation give the --myproxy option. Myproxy activation requires your username and password for the myproxy server the endpoint is using for authentication. e.g. for default Globus Connect Server endpoints this will be your login credentials for the server the endpoint is hosted on. You can enter your username when prompted, give your username with the --myproxy-username option, or set a default myproxy username in config with "globus config init" or "globus config set cli.default_myproxy_username". For security it is recommended that you only enter your password when prompted to hide your inputs and keep your password out of your command history, but you may pass your password with the --myproxy-password or -P options.
To use Delegate Proxy activation use the --delegate-proxy option with a file containing an X.509 certificate as an argument (e.g. an X.509 gotten from the myproxy-logon command). This certificate must be a valid credential or proxy credential for the user from an identity provider accepted by the endpoint being activated, and the endpoint must be configured with a gridmap that will match the globus user using this command with the local user the certificate was made to. Note if the X.509 is valid, but the endpoint does not recognize the identity provider or the user the error will not be detected until the user attempts to perform an operation on the endpoint.
OPTIONS
- --web
-
Use web activation. Mutually exclusive with --myproxy.
- --no-browser
-
If using --web, Give a url to manually follow instead of opening your default web browser. Implied if on a remote session.
- --myproxy
-
Use myproxy activation. Mutually exclusive with --web and --delegate-proxy.
- --myproxy-lifetime INTEGER
-
The lifetime for the credential to request from the server under --myproxy activation, in hours. The myproxy server may be configured with a maximum lifetime which it will use if this value is too high
- -U, --myproxy-username TEXT
-
Give a username to use with --myproxy skipping the username prompt. Overrides any default myproxy username set in config.
- -P, --myproxy-password TEXT
-
WARNING: It is not recommended to use this option as it will leave your password in plain-text in your command history.
Give a password to use with --myproxy, skipping the password prompt.
- --delegate-proxy X.509_PEM_FILE
-
Use delegate proxy activation using the credential in the given file. Credential must be an X.509 in pem format. Mutually exclusive with --web and --myproxy.
- --proxy-lifetime INTEGER
-
Set a lifetime in hours for the proxy generated by --delegate-proxy. This sets an upper-bound on the endpoint’s activation, but the endpoint may become deactivated before this lifetime if the certificate used to make the proxy expires or the credential is revoked.
- --no-autoactivate
-
Don’t attempt to autoactivate the endpoint before using another activation method.
- --force
-
Force activation even if the endpoint is already activated.
- --map-http-status 'TEXT'
-
Map non success HTTP response codes to exit codes other than 1. e.g. "--map-http-satus 403=0,404=0" would exit with 0 even if a 403 or 404 http error code was received. Valid exit codes are 0,1,50-99.
- -F, --format '[json|text]'
-
Set the output format for stdout. Defaults to "text".
- --jq, --jmespath 'EXPR'
-
Supply a JMESPath expression to apply to json output. Takes precedence over any specified '--format' and forces the format to be json processed by this expression.
A full specification of the JMESPath language for querying JSON structures may be found at https://jmespath.org/
- -h, --help
-
Show help text for this command.
- -v, --verbose
-
Control the level of output.
Use -v or --verbose to show warnings and any additional text output.
Use -vv to add informative logging.
Use -vvv to add debug logging and full stack on any errors. (equivalent to -v --debug)
EXAMPLES
Activate an endpoint using just Automatic activation:
$ ep_id=ddb59aef-6d04-11e5-ba46-22000b92c6ec $ globus endpoint activate $ep_id
Activate an endpoint using Web activation
$ ep_id=ddb59aef-6d04-11e5-ba46-22000b92c6ec $ globus endpoint activate $ep_id --web
Activate an endpoiont using Myproxy activation, skipping the username prompt.
$ ep_id=ddb59aef-6d04-11e5-ba46-22000b92c6ec $ globus endpoint activate $ep_id --myproxy -U username