c907826614
This change adds configuration and policy example files, to make the setup and usage of the PyKMIP client and server easier for users.
167 lines
7.5 KiB
JSON
167 lines
7.5 KiB
JSON
{
|
|
"example": {
|
|
"CERTIFICATE": {
|
|
"LOCATE": "ALLOW_ALL",
|
|
"CHECK": "ALLOW_ALL",
|
|
"GET": "ALLOW_ALL",
|
|
"GET_ATTRIBUTES": "ALLOW_ALL",
|
|
"GET_ATTRIBUTE_LIST": "ALLOW_ALL",
|
|
"ADD_ATTRIBUTE": "ALLOW_OWNER",
|
|
"MODIFY_ATTRIBUTE": "ALLOW_OWNER",
|
|
"DELETE_ATTRIBUTE": "ALLOW_OWNER",
|
|
"OBTAIN_LEASE": "ALLOW_ALL",
|
|
"ACTIVATE": "ALLOW_OWNER",
|
|
"REVOKE": "ALLOW_OWNER",
|
|
"DESTROY": "ALLOW_OWNER",
|
|
"ARCHIVE": "ALLOW_OWNER",
|
|
"RECOVER": "ALLOW_OWNER"
|
|
},
|
|
"SYMMETRIC_KEY": {
|
|
"REKEY": "ALLOW_OWNER",
|
|
"REKEY_KEY_PAIR": "ALLOW_OWNER",
|
|
"DERIVE_KEY": "ALLOW_OWNER",
|
|
"LOCATE": "ALLOW_OWNER",
|
|
"CHECK": "ALLOW_OWNER",
|
|
"GET": "ALLOW_OWNER",
|
|
"GET_ATTRIBUTES": "ALLOW_OWNER",
|
|
"GET_ATTRIBUTE_LIST": "ALLOW_OWNER",
|
|
"ADD_ATTRIBUTE": "ALLOW_OWNER",
|
|
"MODIFY_ATTRIBUTE": "ALLOW_OWNER",
|
|
"DELETE_ATTRIBUTE": "ALLOW_OWNER",
|
|
"OBTAIN_LEASE": "ALLOW_OWNER",
|
|
"GET_USAGE_ALLOCATION": "ALLOW_OWNER",
|
|
"ACTIVATE": "ALLOW_OWNER",
|
|
"REVOKE": "ALLOW_OWNER",
|
|
"DESTROY": "ALLOW_OWNER",
|
|
"ARCHIVE": "ALLOW_OWNER",
|
|
"RECOVER": "ALLOW_OWNER"
|
|
},
|
|
"PUBLIC_KEY": {
|
|
"LOCATE": "ALLOW_ALL",
|
|
"CHECK": "ALLOW_ALL",
|
|
"GET": "ALLOW_ALL",
|
|
"GET_ATTRIBUTES": "ALLOW_ALL",
|
|
"GET_ATTRIBUTE_LIST": "ALLOW_ALL",
|
|
"ADD_ATTRIBUTE": "ALLOW_OWNER",
|
|
"MODIFY_ATTRIBUTE": "ALLOW_OWNER",
|
|
"DELETE_ATTRIBUTE": "ALLOW_OWNER",
|
|
"OBTAIN_LEASE": "ALLOW_ALL",
|
|
"ACTIVATE": "ALLOW_OWNER",
|
|
"REVOKE": "ALLOW_OWNER",
|
|
"DESTROY": "ALLOW_OWNER",
|
|
"ARCHIVE": "ALLOW_OWNER",
|
|
"RECOVER": "ALLOW_OWNER"
|
|
},
|
|
"PRIVATE_KEY": {
|
|
"REKEY": "ALLOW_OWNER",
|
|
"REKEY_KEY_PAIR": "ALLOW_OWNER",
|
|
"DERIVE_KEY": "ALLOW_OWNER",
|
|
"LOCATE": "ALLOW_OWNER",
|
|
"CHECK": "ALLOW_OWNER",
|
|
"GET": "ALLOW_OWNER",
|
|
"GET_ATTRIBUTES": "ALLOW_OWNER",
|
|
"GET_ATTRIBUTE_LIST": "ALLOW_OWNER",
|
|
"ADD_ATTRIBUTE": "ALLOW_OWNER",
|
|
"MODIFY_ATTRIBUTE": "ALLOW_OWNER",
|
|
"DELETE_ATTRIBUTE": "ALLOW_OWNER",
|
|
"OBTAIN_LEASE": "ALLOW_OWNER",
|
|
"GET_USAGE_ALLOCATION": "ALLOW_OWNER",
|
|
"ACTIVATE": "ALLOW_OWNER",
|
|
"REVOKE": "ALLOW_OWNER",
|
|
"DESTROY": "ALLOW_OWNER",
|
|
"ARCHIVE": "ALLOW_OWNER",
|
|
"RECOVER": "ALLOW_OWNER"
|
|
},
|
|
"SPLIT_KEY": {
|
|
"REKEY": "ALLOW_OWNER",
|
|
"REKEY_KEY_PAIR": "ALLOW_OWNER",
|
|
"DERIVE_KEY": "ALLOW_OWNER",
|
|
"LOCATE": "ALLOW_OWNER",
|
|
"CHECK": "ALLOW_OWNER",
|
|
"GET": "ALLOW_OWNER",
|
|
"GET_ATTRIBUTES": "ALLOW_OWNER",
|
|
"GET_ATTRIBUTE_LIST": "ALLOW_OWNER",
|
|
"ADD_ATTRIBUTE": "ALLOW_OWNER",
|
|
"MODIFY_ATTRIBUTE": "ALLOW_OWNER",
|
|
"DELETE_ATTRIBUTE": "ALLOW_OWNER",
|
|
"OBTAIN_LEASE": "ALLOW_OWNER",
|
|
"GET_USAGE_ALLOCATION": "ALLOW_OWNER",
|
|
"ACTIVATE": "ALLOW_OWNER",
|
|
"REVOKE": "ALLOW_OWNER",
|
|
"DESTROY": "ALLOW_OWNER",
|
|
"ARCHIVE": "ALLOW_OWNER",
|
|
"RECOVER": "ALLOW_OWNER"
|
|
},
|
|
"TEMPLATE": {
|
|
"LOCATE": "ALLOW_OWNER",
|
|
"GET": "ALLOW_OWNER",
|
|
"GET_ATTRIBUTES": "ALLOW_OWNER",
|
|
"GET_ATTRIBUTE_LIST": "ALLOW_OWNER",
|
|
"ADD_ATTRIBUTE": "ALLOW_OWNER",
|
|
"MODIFY_ATTRIBUTE": "ALLOW_OWNER",
|
|
"DELETE_ATTRIBUTE": "ALLOW_OWNER",
|
|
"DESTROY": "ALLOW_OWNER"
|
|
},
|
|
"SECRET_DATA": {
|
|
"REKEY": "ALLOW_OWNER",
|
|
"REKEY_KEY_PAIR": "ALLOW_OWNER",
|
|
"DERIVE_KEY": "ALLOW_OWNER",
|
|
"LOCATE": "ALLOW_OWNER",
|
|
"CHECK": "ALLOW_OWNER",
|
|
"GET": "ALLOW_OWNER",
|
|
"GET_ATTRIBUTES": "ALLOW_OWNER",
|
|
"GET_ATTRIBUTE_LIST": "ALLOW_OWNER",
|
|
"ADD_ATTRIBUTE": "ALLOW_OWNER",
|
|
"MODIFY_ATTRIBUTE": "ALLOW_OWNER",
|
|
"DELETE_ATTRIBUTE": "ALLOW_OWNER",
|
|
"OBTAIN_LEASE": "ALLOW_OWNER",
|
|
"GET_USAGE_ALLOCATION": "ALLOW_OWNER",
|
|
"ACTIVATE": "ALLOW_OWNER",
|
|
"REVOKE": "ALLOW_OWNER",
|
|
"DESTROY": "ALLOW_OWNER",
|
|
"ARCHIVE": "ALLOW_OWNER",
|
|
"RECOVER": "ALLOW_OWNER"
|
|
},
|
|
"OPAQUE_DATA": {
|
|
"REKEY": "ALLOW_OWNER",
|
|
"REKEY_KEY_PAIR": "ALLOW_OWNER",
|
|
"DERIVE_KEY": "ALLOW_OWNER",
|
|
"LOCATE": "ALLOW_OWNER",
|
|
"CHECK": "ALLOW_OWNER",
|
|
"GET": "ALLOW_OWNER",
|
|
"GET_ATTRIBUTES": "ALLOW_OWNER",
|
|
"GET_ATTRIBUTE_LIST": "ALLOW_OWNER",
|
|
"ADD_ATTRIBUTE": "ALLOW_OWNER",
|
|
"MODIFY_ATTRIBUTE": "ALLOW_OWNER",
|
|
"DELETE_ATTRIBUTE": "ALLOW_OWNER",
|
|
"OBTAIN_LEASE": "ALLOW_OWNER",
|
|
"GET_USAGE_ALLOCATION": "ALLOW_OWNER",
|
|
"ACTIVATE": "ALLOW_OWNER",
|
|
"REVOKE": "ALLOW_OWNER",
|
|
"DESTROY": "ALLOW_OWNER",
|
|
"ARCHIVE": "ALLOW_OWNER",
|
|
"RECOVER": "ALLOW_OWNER"
|
|
},
|
|
"PGP_KEY": {
|
|
"REKEY": "ALLOW_OWNER",
|
|
"REKEY_KEY_PAIR": "ALLOW_OWNER",
|
|
"DERIVE_KEY": "ALLOW_OWNER",
|
|
"LOCATE": "ALLOW_OWNER",
|
|
"CHECK": "ALLOW_OWNER",
|
|
"GET": "ALLOW_OWNER",
|
|
"GET_ATTRIBUTES": "ALLOW_OWNER",
|
|
"GET_ATTRIBUTE_LIST": "ALLOW_OWNER",
|
|
"ADD_ATTRIBUTE": "ALLOW_OWNER",
|
|
"MODIFY_ATTRIBUTE": "ALLOW_OWNER",
|
|
"DELETE_ATTRIBUTE": "ALLOW_OWNER",
|
|
"OBTAIN_LEASE": "ALLOW_OWNER",
|
|
"GET_USAGE_ALLOCATION": "ALLOW_OWNER",
|
|
"ACTIVATE": "ALLOW_OWNER",
|
|
"REVOKE": "ALLOW_OWNER",
|
|
"DESTROY": "ALLOW_OWNER",
|
|
"ARCHIVE": "ALLOW_OWNER",
|
|
"RECOVER": "ALLOW_OWNER"
|
|
}
|
|
}
|
|
}
|