barbican/api-guide/source/secret_metadata.rst
Priti Desai 953e45e88e Publishing API Guide to OpenStack site
Moving files from doc/source/api/userguide/*.rst
to api-guide/source/*.rst,
also add api-guide/source/conf.py for building api-guide,
add a new tox target named api-guide
Taking a reference from this patch which was used for the
similar migration of Nova api guide:
https://review.openstack.org/#/c/230186

Change-Id: I725e7939f9a88185de6ef32b311159b0924b7183
Partial-Bug: #1540665
Needed-By: I7b7c623e6299c803930e41d72510f1a67d909fa3
2016-03-16 12:44:50 -07:00

4.6 KiB

Secret Metadata API - User Guide

The Secret Metadata resource is an additional resource associated with Secrets. It allows a user to be able to associate various key/value pairs with a Secret.

How to Create/Update Secret Metadata

To create/update the secret metadata for a specific secret, we will need to know the secret reference of the secret we wish to add user metadata to. Any metadata that was previously set will be deleted and replaced with this metadata. For more information on creating/updating secret metadata, you can view the PUT /v1/secrets/{uuid}/metadata <http://docs.openstack.org/developer/barbican/api/reference/secret_metadata.html#put-secret-metadata> section.

curl -X PUT -H "content-type:application/json" -H "X-Auth-Token: $TOKEN" \
-d '{ "metadata": {
        "description": "contains the AES key",
        "geolocation": "12.3456, -98.7654"
      }
    }' \
http://localhost:9311/v1/secrets/2a549393-0710-444b-8aa5-84cf0f85ea79/metadata

This should provide a response as follows:

{"metadata_ref": "http://localhost:9311/v1/secrets/2a549393-0710-444b-8aa5-84cf0f85ea79/metadata"}

How to Retrieve Secret Metadata

To retrieve the secret metadata for a single key/value pair, we will need to know the secret reference of the secret we wish to see the user metadata of. If there is no metadata for a particular secret, then an empty metadata object will be returned.

curl -H "X-Auth-Token: $TOKEN" \
http://localhost:9311/v1/secrets/2a549393-0710-444b-8aa5-84cf0f85ea79/metadata/

This should provide a response as follows:

{
    "metadata": {
        "description": "contains the AES key",
        "geolocation": "12.3456, -98.7654"
    }
}

How to Create Individual Secret Metadata

To create the secret metadata for a single key/value pair, we will need to know the secret reference. This will create a new key/value pair. In order to update an already existing key, please see the update section below.

curl -X POST -H "content-type:application/json" -H "X-Auth-Token: $TOKEN" \
-d '{ "key": "access-limit", "value": "11" }' \
http://localhost:9311/v1/secrets/2a549393-0710-444b-8aa5-84cf0f85ea79/metadata

This should provide a response as follows:

Secret Metadata Location: http://example.com:9311/v1/secrets/{uuid}/metadata/access-limit
{
    "key": "access-limit",
    "value": 11
}

How to Update an Individual Secret Metadata

To update the secret metadata for a single key/value pair, we will need to know the secret reference as well as the name of the key.

curl -X PUT -H "content-type:application/json" -H "X-Auth-Token: $TOKEN" \
-d '{ "key": "access-limit", "value": "0" }' \
http://localhost:9311/v1/secrets/2a549393-0710-444b-8aa5-84cf0f85ea79/metadata/access-limit

This should provide a response as follows:

{
    "key": "access-limit",
    "value": 0
}

How to Retrieve an Individual Secret Metadata

To retrieve the secret metadata for a specific key/value pair, we will need to know the secret reference as well as the name of the metadata key.

curl -H "X-Auth-Token: $TOKEN" \
http://localhost:9311/v1/secrets/2a549393-0710-444b-8aa5-84cf0f85ea79/metadata/access-limit

This should provide a response as follows:

{
    "key": "access-limit",
    "value": 0
}

How to Delete an Individual Secret Metadata

To delete a single secret metadata key/value, we will need to know the secret reference as well as the name of the metadata key to delete. In order to delete all metadata for a secret, please see the create/update section at the top of this page.

curl -X DELETE -H "X-Auth-Token: $TOKEN" \
http://localhost:9311/v1/secrets/2a549393-0710-444b-8aa5-84cf0f85ea79/metadata/access-limit

No response will be provided. This is expected behavior! If you do receive a response, something went wrong and you will have to address that before moving forward.