openstack
/
deb-python-pykmip
Code Issues Proposed changes

Adding an examples directory with conf and policy example files 

This change adds configuration and policy example files, to make
the setup and usage of the PyKMIP client and server easier for
users.
This commit is contained in:
Peter Hamilton 2016-11-17 14:55:05 -05:00
parent 8aa8803cf8
commit c907826614
3 changed files with 186 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

166
examples/policy.json Normal file
View File

@ -0,0 +1,166 @@
{
"example": {
"CERTIFICATE": {
"LOCATE": "ALLOW_ALL",
"CHECK": "ALLOW_ALL",
"GET": "ALLOW_ALL",
"GET_ATTRIBUTES": "ALLOW_ALL",
"GET_ATTRIBUTE_LIST": "ALLOW_ALL",
"ADD_ATTRIBUTE": "ALLOW_OWNER",
"MODIFY_ATTRIBUTE": "ALLOW_OWNER",
"DELETE_ATTRIBUTE": "ALLOW_OWNER",
"OBTAIN_LEASE": "ALLOW_ALL",
"ACTIVATE": "ALLOW_OWNER",
"REVOKE": "ALLOW_OWNER",
"DESTROY": "ALLOW_OWNER",
"ARCHIVE": "ALLOW_OWNER",
"RECOVER": "ALLOW_OWNER"
},
"SYMMETRIC_KEY": {
"REKEY": "ALLOW_OWNER",
"REKEY_KEY_PAIR": "ALLOW_OWNER",
"DERIVE_KEY": "ALLOW_OWNER",
"LOCATE": "ALLOW_OWNER",
"CHECK": "ALLOW_OWNER",
"GET": "ALLOW_OWNER",
"GET_ATTRIBUTES": "ALLOW_OWNER",
"GET_ATTRIBUTE_LIST": "ALLOW_OWNER",
"ADD_ATTRIBUTE": "ALLOW_OWNER",
"MODIFY_ATTRIBUTE": "ALLOW_OWNER",
"DELETE_ATTRIBUTE": "ALLOW_OWNER",
"OBTAIN_LEASE": "ALLOW_OWNER",
"GET_USAGE_ALLOCATION": "ALLOW_OWNER",
"ACTIVATE": "ALLOW_OWNER",
"REVOKE": "ALLOW_OWNER",
"DESTROY": "ALLOW_OWNER",
"ARCHIVE": "ALLOW_OWNER",
"RECOVER": "ALLOW_OWNER"
},
"PUBLIC_KEY": {
"LOCATE": "ALLOW_ALL",
"CHECK": "ALLOW_ALL",
"GET": "ALLOW_ALL",
"GET_ATTRIBUTES": "ALLOW_ALL",
"GET_ATTRIBUTE_LIST": "ALLOW_ALL",
"ADD_ATTRIBUTE": "ALLOW_OWNER",
"MODIFY_ATTRIBUTE": "ALLOW_OWNER",
"DELETE_ATTRIBUTE": "ALLOW_OWNER",
"OBTAIN_LEASE": "ALLOW_ALL",
"ACTIVATE": "ALLOW_OWNER",
"REVOKE": "ALLOW_OWNER",
"DESTROY": "ALLOW_OWNER",
"ARCHIVE": "ALLOW_OWNER",
"RECOVER": "ALLOW_OWNER"
},
"PRIVATE_KEY": {
"REKEY": "ALLOW_OWNER",
"REKEY_KEY_PAIR": "ALLOW_OWNER",
"DERIVE_KEY": "ALLOW_OWNER",
"LOCATE": "ALLOW_OWNER",
"CHECK": "ALLOW_OWNER",
"GET": "ALLOW_OWNER",
"GET_ATTRIBUTES": "ALLOW_OWNER",
"GET_ATTRIBUTE_LIST": "ALLOW_OWNER",
"ADD_ATTRIBUTE": "ALLOW_OWNER",
"MODIFY_ATTRIBUTE": "ALLOW_OWNER",
"DELETE_ATTRIBUTE": "ALLOW_OWNER",
"OBTAIN_LEASE": "ALLOW_OWNER",
"GET_USAGE_ALLOCATION": "ALLOW_OWNER",
"ACTIVATE": "ALLOW_OWNER",
"REVOKE": "ALLOW_OWNER",
"DESTROY": "ALLOW_OWNER",
"ARCHIVE": "ALLOW_OWNER",
"RECOVER": "ALLOW_OWNER"
},
"SPLIT_KEY": {
"REKEY": "ALLOW_OWNER",
"REKEY_KEY_PAIR": "ALLOW_OWNER",
"DERIVE_KEY": "ALLOW_OWNER",
"LOCATE": "ALLOW_OWNER",
"CHECK": "ALLOW_OWNER",
"GET": "ALLOW_OWNER",
"GET_ATTRIBUTES": "ALLOW_OWNER",
"GET_ATTRIBUTE_LIST": "ALLOW_OWNER",
"ADD_ATTRIBUTE": "ALLOW_OWNER",
"MODIFY_ATTRIBUTE": "ALLOW_OWNER",
"DELETE_ATTRIBUTE": "ALLOW_OWNER",
"OBTAIN_LEASE": "ALLOW_OWNER",
"GET_USAGE_ALLOCATION": "ALLOW_OWNER",
"ACTIVATE": "ALLOW_OWNER",
"REVOKE": "ALLOW_OWNER",
"DESTROY": "ALLOW_OWNER",
"ARCHIVE": "ALLOW_OWNER",
"RECOVER": "ALLOW_OWNER"
},
"TEMPLATE": {
"LOCATE": "ALLOW_OWNER",
"GET": "ALLOW_OWNER",
"GET_ATTRIBUTES": "ALLOW_OWNER",
"GET_ATTRIBUTE_LIST": "ALLOW_OWNER",
"ADD_ATTRIBUTE": "ALLOW_OWNER",
"MODIFY_ATTRIBUTE": "ALLOW_OWNER",
"DELETE_ATTRIBUTE": "ALLOW_OWNER",
"DESTROY": "ALLOW_OWNER"
},
"SECRET_DATA": {
"REKEY": "ALLOW_OWNER",
"REKEY_KEY_PAIR": "ALLOW_OWNER",
"DERIVE_KEY": "ALLOW_OWNER",
"LOCATE": "ALLOW_OWNER",
"CHECK": "ALLOW_OWNER",
"GET": "ALLOW_OWNER",
"GET_ATTRIBUTES": "ALLOW_OWNER",
"GET_ATTRIBUTE_LIST": "ALLOW_OWNER",
"ADD_ATTRIBUTE": "ALLOW_OWNER",
"MODIFY_ATTRIBUTE": "ALLOW_OWNER",
"DELETE_ATTRIBUTE": "ALLOW_OWNER",
"OBTAIN_LEASE": "ALLOW_OWNER",
"GET_USAGE_ALLOCATION": "ALLOW_OWNER",
"ACTIVATE": "ALLOW_OWNER",
"REVOKE": "ALLOW_OWNER",
"DESTROY": "ALLOW_OWNER",
"ARCHIVE": "ALLOW_OWNER",
"RECOVER": "ALLOW_OWNER"
},
"OPAQUE_DATA": {
"REKEY": "ALLOW_OWNER",
"REKEY_KEY_PAIR": "ALLOW_OWNER",
"DERIVE_KEY": "ALLOW_OWNER",
"LOCATE": "ALLOW_OWNER",
"CHECK": "ALLOW_OWNER",
"GET": "ALLOW_OWNER",
"GET_ATTRIBUTES": "ALLOW_OWNER",
"GET_ATTRIBUTE_LIST": "ALLOW_OWNER",
"ADD_ATTRIBUTE": "ALLOW_OWNER",
"MODIFY_ATTRIBUTE": "ALLOW_OWNER",
"DELETE_ATTRIBUTE": "ALLOW_OWNER",
"OBTAIN_LEASE": "ALLOW_OWNER",
"GET_USAGE_ALLOCATION": "ALLOW_OWNER",
"ACTIVATE": "ALLOW_OWNER",
"REVOKE": "ALLOW_OWNER",
"DESTROY": "ALLOW_OWNER",
"ARCHIVE": "ALLOW_OWNER",
"RECOVER": "ALLOW_OWNER"
},
"PGP_KEY": {
"REKEY": "ALLOW_OWNER",
"REKEY_KEY_PAIR": "ALLOW_OWNER",
"DERIVE_KEY": "ALLOW_OWNER",
"LOCATE": "ALLOW_OWNER",
"CHECK": "ALLOW_OWNER",
"GET": "ALLOW_OWNER",
"GET_ATTRIBUTES": "ALLOW_OWNER",
"GET_ATTRIBUTE_LIST": "ALLOW_OWNER",
"ADD_ATTRIBUTE": "ALLOW_OWNER",
"MODIFY_ATTRIBUTE": "ALLOW_OWNER",
"DELETE_ATTRIBUTE": "ALLOW_OWNER",
"OBTAIN_LEASE": "ALLOW_OWNER",
"GET_USAGE_ALLOCATION": "ALLOW_OWNER",
"ACTIVATE": "ALLOW_OWNER",
"REVOKE": "ALLOW_OWNER",
"DESTROY": "ALLOW_OWNER",
"ARCHIVE": "ALLOW_OWNER",
"RECOVER": "ALLOW_OWNER"
}
}
}

12
examples/pykmip.conf Normal file
View File

@ -0,0 +1,12 @@
[client]
host=127.0.0.1
port=5696
keyfile=/etc/pykmip/certs/client_private_key.pem
certfile=/etc/pykmip/certs/client_cert.pem
cert_reqs=CERT_REQUIRED
ssl_version=PROTOCOL_SSLv23
ca_certs=/etc/pykmip/certs/server_ca_cert.pem
do_handshake_on_connect=True
suppress_ragged_eofs=True
username=example_username
password=example_password

8
examples/server.conf Normal file
View File

@ -0,0 +1,8 @@
[server]
hostname=127.0.0.1
port=5696
certificate_path=/etc/pykmip/certs/server_cert.pem
key_path=/etc/pykmip/certs/server_private_key.pem
ca_path=/etc/pykmip/certs/server_ca_cert.pem
auth_suite=Basic
policy_path=/etc/pykmip/policies