Globus Connect Server Collection Update

Show help message and exit.

Show the version and exit.

Output format for this command. If the format is json, then the resulting role document is displayed.

IP address of the GCS node to use for this request. If not specified, any available GCS node in the endpoint will be used.

Name for the Collection

Set the Collection to be public or private (defaults to public)

DNS host name for the collection (mapped collections only). This may be either a host name or a fully-qualified domain name, but if it is the latter it must be a subdomain of the endpoint’s domain.

Allow Guest Collections to be created on this Collection. This option is only usable on Mapped Collections. If this option is disabled on a Mapped Collection which already has associated Guest Collections, those collections will no longer be accessible

Set the auth policy on a mapped collection which is inherited by all guest collections attached to the mapped collection. Pass '--guest-auth-policy-id null' to remove the auth policy from the collection. This option is only usable on mapped collections.

Allow anonymous write permissions on Guest Collections attached to this Mapped Collection. This option is only usable on non high assurance Mapped Collections and the setting is inherited by the hosted Guest Collections. Anonymous write permissions are enabled by default.

Path restrictions for sharing data on guest collections based on this collection. This option is only usable on mapped collections. In the first syntax, you pass a PathRestrictions as a string; in the second syntax you pass the path to a file containing the PathRestrictions object. Support for $HOME and ~ was added in version 5.4.67.

Allow a user on this collection’s storage gateway to create guest collections. This option can be included multiple times on a single command-line invocation to allow multiple users. When updating a collection, setting the value to an empty string will clear this restriction. This policy is only evaluated if the account passes the storage gateway user and (if applicable) group allowed checks. If the parameter value begins with file:, read the input file path and parse as one or more lines of a whitespace delimited list of users to allow access to this storage gateway.

Deny a user on this collection’s storage gateway permission to create guest collections. This option can be included multiple times on a single command-line invocation to deny multiple users. When updating a collection, setting the value to an empty string will clear this restriction. This policy is only evaluated if the account passes the storage gateway user and (if applicable) group allowed checks. If the parameter value begins with file:, read the input file path and parse as one or more lines of a whitespace delimited list of users to deny access to this storage gateway.

Allow a user on this collection’s storage gateway to create guest collections if they are a member of the POSIX group GROUPNAME. This option can be included multiple times on a single command-line invocation to allow multiple groups. This is can only be used with collection on POSIX storage gateways. This policy is only evaluated if the account passes the storage gateway user and group allowed checks, and is not explicitly allowed or denied by the --sharing-user-allow and --sharing-user-deny values configured on this collection. If the parameter value begins with file:, read the input file path and parse as one or more lines of a whitespace delimited list of groups to allow access to this storage gateway.

Deny a user on this collection’s storage gateway permission to create guest collections if they are a member of the POSIX group GROUPNAME. This option can be included multiple times on a single command-line invocation to deny multiple groups. When updating a collection, setting the value to an empty string will clear this restriction. This is can only be used with collection on POSIX storage gateways. This policy is only evaluated if the account passes the storage gateway user and group allowed checks, and is not explicitly allowed or denied by the --sharing-user-allow and --sharing-user-deny values configured on this collection. If the parameter value begins with file:, read the input file path and parse as one or more lines of a whitespace delimited list of groups to deny access to this storage gateway.

Allow a user on this collection’s storage gateway to create guest collections if they are a member of the POSIX group GROUPNAME. This option can be included multiple times on a single command-line invocation to allow multiple groups. This is can only be used with collection on POSIX Staging storage gateways. This policy is only evaluated if the account passes the storage gateway user and group allowed checks, and is not explicitly allowed or denied by the --sharing-user-allow and --sharing-user-deny values configured on this collection. If the parameter value begins with file:, read the input file path and parse as one or more lines of a whitespace delimited list of groups to allow access to this storage gateway.

Deny a user on this collection’s storage gateway permission to create guest collections if they are a member of the POSIX group GROUPNAME. This option can be included multiple times on a single command-line invocation to deny multiple groups. When updating a collection, setting the value to an empty string will clear this restriction. This is can only be used with collection on POSIX Staging storage gateways. This policy is only evaluated if the account passes the storage gateway user and group allowed checks, and is not explicitly allowed or denied by the --sharing-user-allow and --sharing-user-deny values configured on this collection. If the parameter value begins with file:, read the input file path and parse as one or more lines of a whitespace delimited list of groups to allow deny to this storage gateway.

When set, all transfers to and from this collection are always encrypted. If not set, this can be configured on a per-transfer basis. If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections.

Comma separated list of keywords to help searches for the collection

Department which operates the collection

Organization for the Collection

Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support.

Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support.

Link to a web page containing info about the collection.

Description of the collection.

For Google Cloud Storage backed Collections only. The Google Cloud Platform project ID to use when accessing this collection. When a project ID is specified, users that access the collection must be a member of the project, and the buckets of this project are listed in the root directory. When the storage gateway has a single project ID configured, that will be the default project ID for collections. When no project is set on the collection or storage gateway, any user may access the collection and any buckets their credentials permit, but will not be able to list buckets in the root directory.

A message for clients to display to users when interacting with this collection. This can only be set on mapped collections, but its value is inherited by related guest collections.

Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an http or https URL with this collection. This can only be set on mapped collections, but its value is inherited by related guest collections.

Enable or disable the HTTPS interface to this collection. If HTTPS access is enabled for a mapped collection, it may be selectively disabled for individual guest collections. If HTTPS is is disabled for a mapped collection, it can not be enabled for a guest collection.

Set the policy for this collection for file integrity verification after transfer. 'force' requires all transfers to perform verification. 'disable' disables all verification checks. 'default' allows the user to decide on verification at Transfer task submit time. When set on mapped collections, this policy is inherited by any guest collections.

Default directory when browsing the collection. This value may include $USER. If the collection’s BASE_PATH is /, this may also include $HOME or ~. When used on guest collections, the mapped collection’s BASE_PATH must also be / in order to use $HOME or ~.

Enable or disable delete protection for the collection. Delete protection can only be set on mapped collections. When set, attempts to delete the collection fail with an error indicating the collection is protected from deletion.

Length of time that guest collection permissions are valid. Only settable on HA mapped collections and used by the guest collections attached to it. Pass '--acl-expiration-mins ""'. to drop any previous setting. (new in 5.4.75) Settable on HA guest collections. When set on both the HA mapped collection and guest collection, the lesser value is in effect.

Restrict inbound, outbound, or all transfers between high assurance collections. Only settable on high assurance mapped collections and inherited by all attached guest collections. Setting this feature will disable HTTPS access on the mapped collection and its attached guest collections. Setting to the value null removes this restriction.

Number of days before unused guest collections will be auto deleted. Only settable on mapped collections. Set to "" to disable auto deletion of guest collections for this mapped collection. Defaults to disabled.

When set on a guest collection, the guest will not be auto deleted when unused for greater than auto-delete-timeout days. Only settable on guest collections. Defaults to False (resulting in guest collections being in scope of the auto_delete_timeout threshold).

Configure activity notifications for guest collections. The value is a comma-separated list of one or more of the following values:

Restrict transfers using the collection as the source to only transfers invoked by the given Globus flow. UUID is the value of ID of the Globus flow. Specify null to remove the collection’s association with the flow. When this is enabled, retrieving files via the collection HTTPS interface is disabled.

Restrict transfers using the collection as the destination to only transfers invoked by the given Globus flow. UUID is the value of ID of the Globus flow. Specify null to remove the collection’s association with the flow. When this is enabled, storing files via the collection HTTPS interface is disabled.