barbican¶
acl delete¶
Delete ACLs for a secret or container as identified by its href.
openstack acl delete URI
- URI¶
The URI reference for the secret or container.
This command is provided by the python-barbicanclient plugin.
acl get¶
Retrieve ACLs for a secret or container by providing its href.
openstack acl get
[--sort-column SORT_COLUMN]
[--sort-ascending | --sort-descending]
URI
- --sort-column SORT_COLUMN¶
specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated
- --sort-ascending¶
sort the column(s) in ascending order
- --sort-descending¶
sort the column(s) in descending order
- URI¶
The URI reference for the secret or container.
This command is provided by the python-barbicanclient plugin.
acl submit¶
Submit ACL on a secret or container as identified by its href.
openstack acl submit
[--sort-column SORT_COLUMN]
[--sort-ascending | --sort-descending]
[--user [USERS]]
[--project-access | --no-project-access]
[--operation-type {read}]
URI
- --sort-column SORT_COLUMN¶
specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated
- --sort-ascending¶
sort the column(s) in ascending order
- --sort-descending¶
sort the column(s) in descending order
- --user <USERS>, -u <USERS>¶
Keystone userid(s) for ACL.
- --project-access¶
Flag to enable project access behavior.
- --no-project-access¶
Flag to disable project access behavior.
- --operation-type <OPERATION_TYPE>, -o <OPERATION_TYPE>¶
Type of Barbican operation ACL is set for
- URI¶
The URI reference for the secret or container.
This command is provided by the python-barbicanclient plugin.
acl user add¶
Add ACL users to a secret or container as identified by its href.
openstack acl user add
[--sort-column SORT_COLUMN]
[--sort-ascending | --sort-descending]
[--user [USERS]]
[--project-access | --no-project-access]
[--operation-type {read}]
URI
- --sort-column SORT_COLUMN¶
specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated
- --sort-ascending¶
sort the column(s) in ascending order
- --sort-descending¶
sort the column(s) in descending order
- --user <USERS>, -u <USERS>¶
Keystone userid(s) for ACL.
- --project-access¶
Flag to enable project access behavior.
- --no-project-access¶
Flag to disable project access behavior.
- --operation-type <OPERATION_TYPE>, -o <OPERATION_TYPE>¶
Type of Barbican operation ACL is set for
- URI¶
The URI reference for the secret or container.
This command is provided by the python-barbicanclient plugin.
acl user remove¶
Remove ACL users from a secret or container as identified by its href.
openstack acl user remove
[--sort-column SORT_COLUMN]
[--sort-ascending | --sort-descending]
[--user [USERS]]
[--project-access | --no-project-access]
[--operation-type {read}]
URI
- --sort-column SORT_COLUMN¶
specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated
- --sort-ascending¶
sort the column(s) in ascending order
- --sort-descending¶
sort the column(s) in descending order
- --user <USERS>, -u <USERS>¶
Keystone userid(s) for ACL.
- --project-access¶
Flag to enable project access behavior.
- --no-project-access¶
Flag to disable project access behavior.
- --operation-type <OPERATION_TYPE>, -o <OPERATION_TYPE>¶
Type of Barbican operation ACL is set for
- URI¶
The URI reference for the secret or container.
This command is provided by the python-barbicanclient plugin.
ca get¶
Retrieve a CA by providing its URI.
openstack ca get URI
- URI¶
The URI reference for the CA.
This command is provided by the python-barbicanclient plugin.
ca list¶
List CAs.
openstack ca list
[--sort-column SORT_COLUMN]
[--sort-ascending | --sort-descending]
[--limit LIMIT]
[--offset OFFSET]
[--name NAME]
- --sort-column SORT_COLUMN¶
specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated
- --sort-ascending¶
sort the column(s) in ascending order
- --sort-descending¶
sort the column(s) in descending order
- --limit <LIMIT>, -l <LIMIT>¶
specify the limit to the number of items to list per page (default: %(default)s; maximum: 100)
- --offset <OFFSET>, -o <OFFSET>¶
specify the page offset (default: %(default)s)
- --name <NAME>, -n <NAME>¶
specify the ca name (default: %(default)s)
This command is provided by the python-barbicanclient plugin.
secret container create¶
Store a container in Barbican.
openstack secret container create
[--name NAME]
[--type TYPE]
[--secret SECRET]
- --name <NAME>, -n <NAME>¶
a human-friendly name.
- --type <TYPE>¶
type of container to create (default: %(default)s).
- --secret <SECRET>, -s <SECRET>¶
one secret to store in a container (can be set multiple times). Example: –secret “private_key=https://url.test/v1/secrets/1-2-3-4”
This command is provided by the python-barbicanclient plugin.
secret container delete¶
Delete a container by providing its href.
openstack secret container delete URI
- URI¶
The URI reference for the container
This command is provided by the python-barbicanclient plugin.
secret container get¶
Retrieve a container by providing its URI.
openstack secret container get URI
- URI¶
The URI reference for the container.
This command is provided by the python-barbicanclient plugin.
secret container list¶
List containers.
openstack secret container list
[--sort-column SORT_COLUMN]
[--sort-ascending | --sort-descending]
[--limit LIMIT]
[--offset OFFSET]
[--name NAME]
[--type TYPE]
- --sort-column SORT_COLUMN¶
specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated
- --sort-ascending¶
sort the column(s) in ascending order
- --sort-descending¶
sort the column(s) in descending order
- --limit <LIMIT>, -l <LIMIT>¶
specify the limit to the number of items to list per page (default: %(default)s; maximum: 100)
- --offset <OFFSET>, -o <OFFSET>¶
specify the page offset (default: %(default)s)
- --name <NAME>, -n <NAME>¶
specify the container name (default: %(default)s)
- --type <TYPE>, -t <TYPE>¶
specify the type filter for the list (default: %(default)s).
This command is provided by the python-barbicanclient plugin.
secret delete¶
Delete a secret by providing its URI.
openstack secret delete URI
- URI¶
The URI reference for the secret
This command is provided by the python-barbicanclient plugin.
secret get¶
Retrieve a secret by providing its URI.
openstack secret get
[--decrypt | --payload | --file <filename>]
[--payload_content_type PAYLOAD_CONTENT_TYPE]
URI
- --decrypt, -d¶
if specified, retrieve the unencrypted secret data.
- --payload, -p¶
if specified, retrieve the unencrypted secret data.
- --file <filename>, -F <filename>¶
if specified, save the payload to a new file with the given filename.
- --payload_content_type <PAYLOAD_CONTENT_TYPE>, -t <PAYLOAD_CONTENT_TYPE>¶
the content type of the decrypted secret (default: %(default)s).
- URI¶
The URI reference for the secret.
This command is provided by the python-barbicanclient plugin.
secret list¶
List secrets.
openstack secret list
[--sort-column SORT_COLUMN]
[--sort-ascending | --sort-descending]
[--limit LIMIT]
[--offset OFFSET]
[--name NAME]
[--algorithm ALGORITHM]
[--bit-length BIT_LENGTH]
[--mode MODE]
[--secret-type SECRET_TYPE]
- --sort-column SORT_COLUMN¶
specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated
- --sort-ascending¶
sort the column(s) in ascending order
- --sort-descending¶
sort the column(s) in descending order
- --limit <LIMIT>, -l <LIMIT>¶
specify the limit to the number of items to list per page (default: %(default)s; maximum: 100)
- --offset <OFFSET>, -o <OFFSET>¶
specify the page offset (default: %(default)s)
- --name <NAME>, -n <NAME>¶
specify the secret name (default: %(default)s)
- --algorithm <ALGORITHM>, -a <ALGORITHM>¶
the algorithm filter for the list(default: %(default)s).
- --bit-length <BIT_LENGTH>, -b <BIT_LENGTH>¶
the bit length filter for the list (default: %(default)s).
- --mode <MODE>, -m <MODE>¶
the algorithm mode filter for the list (default: %(default)s).
- --secret-type <SECRET_TYPE>, -s <SECRET_TYPE>¶
specify the secret type (default: %(default)s).
This command is provided by the python-barbicanclient plugin.
secret order create¶
Create a new order.
openstack secret order create
[--name NAME]
[--algorithm ALGORITHM]
[--bit-length BIT_LENGTH]
[--mode MODE]
[--payload-content-type PAYLOAD_CONTENT_TYPE]
[--expiration EXPIRATION]
[--request-type REQUEST_TYPE]
[--subject-dn SUBJECT_DN]
[--source-container-ref SOURCE_CONTAINER_REF]
[--ca-id CA_ID]
[--profile PROFILE]
[--request-file REQUEST_FILE]
type
- --name <NAME>, -n <NAME>¶
a human-friendly name.
- --algorithm <ALGORITHM>, -a <ALGORITHM>¶
the algorithm to be used with the requested key (default: %(default)s).
- --bit-length <BIT_LENGTH>, -b <BIT_LENGTH>¶
the bit length of the requested secret key (default: %(default)s).
- --mode <MODE>, -m <MODE>¶
the algorithm mode to be used with the requested key (default: %(default)s).
- --payload-content-type <PAYLOAD_CONTENT_TYPE>, -t <PAYLOAD_CONTENT_TYPE>¶
the type/format of the secret to be generated (default: %(default)s).
- --expiration <EXPIRATION>, -x <EXPIRATION>¶
the expiration time for the secret in ISO 8601 format.
- --request-type <REQUEST_TYPE>¶
the type of the certificate request.
- --subject-dn <SUBJECT_DN>¶
the subject of the certificate.
- --source-container-ref <SOURCE_CONTAINER_REF>¶
the source of the certificate when using stored-key requests.
- --ca-id <CA_ID>¶
the identifier of the CA to use for the certificate request.
- --profile <PROFILE>¶
the profile of certificate to use.
- --request-file <REQUEST_FILE>¶
the file containing the CSR.
- type¶
the type of the order (key, asymmetric, certificate) to create.
This command is provided by the python-barbicanclient plugin.
secret order delete¶
Delete an order by providing its href.
openstack secret order delete URI
- URI¶
The URI reference for the order
This command is provided by the python-barbicanclient plugin.
secret order get¶
Retrieve an order by providing its URI.
openstack secret order get URI
- URI¶
The URI reference order.
This command is provided by the python-barbicanclient plugin.
secret order list¶
List orders.
openstack secret order list
[--sort-column SORT_COLUMN]
[--sort-ascending | --sort-descending]
[--limit LIMIT]
[--offset OFFSET]
- --sort-column SORT_COLUMN¶
specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated
- --sort-ascending¶
sort the column(s) in ascending order
- --sort-descending¶
sort the column(s) in descending order
- --limit <LIMIT>, -l <LIMIT>¶
specify the limit to the number of items to list per page (default: %(default)s; maximum: 100)
- --offset <OFFSET>, -o <OFFSET>¶
specify the page offset (default: %(default)s)
This command is provided by the python-barbicanclient plugin.
secret store¶
Store a secret in Barbican.
openstack secret store
[--name NAME]
[--secret-type SECRET_TYPE]
[--payload-content-type PAYLOAD_CONTENT_TYPE]
[--payload-content-encoding PAYLOAD_CONTENT_ENCODING]
[--algorithm ALGORITHM]
[--bit-length BIT_LENGTH]
[--mode MODE]
[--expiration EXPIRATION]
[--payload PAYLOAD | --file <filename>]
- --name <NAME>, -n <NAME>¶
a human-friendly name.
- --secret-type <SECRET_TYPE>, -s <SECRET_TYPE>¶
the secret type; must be one of symmetric, public, private, certificate, passphrase, opaque (default)
- --payload-content-type <PAYLOAD_CONTENT_TYPE>, -t <PAYLOAD_CONTENT_TYPE>¶
the type/format of the provided secret data; “text/plain” is assumed to be UTF-8; required when –payload is supplied.
- --payload-content-encoding <PAYLOAD_CONTENT_ENCODING>, -e <PAYLOAD_CONTENT_ENCODING>¶
required if –payload-content-type is “application/octet-stream”.
- --algorithm <ALGORITHM>, -a <ALGORITHM>¶
the algorithm (default: %(default)s).
- --bit-length <BIT_LENGTH>, -b <BIT_LENGTH>¶
the bit length (default: %(default)s).
- --mode <MODE>, -m <MODE>¶
the algorithm mode; used only for reference (default: %(default)s)
- --expiration <EXPIRATION>, -x <EXPIRATION>¶
the expiration time for the secret in ISO 8601 format.
- --payload <PAYLOAD>, -p <PAYLOAD>¶
the unencrypted secret data.
- --file <filename>, -F <filename>¶
file containing the secret payload
This command is provided by the python-barbicanclient plugin.
secret update¶
Update a secret with no payload in Barbican.
openstack secret update URI payload
- URI¶
The URI reference for the secret.
- payload¶
the unencrypted secret
This command is provided by the python-barbicanclient plugin.