openstack
/
designate
Code Issues Proposed changes
designate/doc/source/rest/v2/tsigkeys.rst

6.7 KiB
Raw Blame History

Tsigkey

Transaction signatures (TSIG) is a mechanism used to secure DNS messages and to provide secure server-to-server communication (usually between master and slave server, but can be extended for dynamic updates as well).

Transaction Signatures, or TSIG for short, add cryptographic signatures as a method of authenticating a DNS conversation. It uses a shared secret to establish trust between the communicating parties.

Create Tsigkeys

Create a new Tsigkey.

Example request:

POST /tsigkeys HTTP/1.1
Host: 127.0.0.1:9001
Accept: application/json
Content-Type: application/json

{
   "name": "Example key",
   "algorithm": "hmac-sha256",
   "secret": "SomeSecretKey",
   "scope": "POOL",
   "resource_id": "6ca6baef-3305-4ad0-a52b-a82df5752b62"
}

Example response:

HTTP/1.1 201 Created
Location: http://127.0.0.1:9001/v2/tsigkeys/5fa28ce8-68e3-4fdf-89c1-ed9f151b83d2
Content-Length: 350
Content-Type: application/json; charset=UTF-8

{
  "links": {
      "self": "http://127.0.0.1:9001/v2/tsigkeys/5fa28ce8-68e3-4fdf-89c1-ed9f151b83d2"
  },
  "name": "test-key",
  "algorithm": "hmac-sha256",
  "resource_id": "6ca6baef-3305-4ad0-a52b-a82df5752b62",
  "created_at": "2015-12-21T09:48:15.000000",
  "updated_at": null,
  "secret": "SomeSecretKey",
  "scope": "POOL",
  "id": "5fa28ce8-68e3-4fdf-89c1-ed9f151b83d2"
}

:form name: TSIG Key Name.
:form algorithm: TSIG Algorithm.
:form resource_id: Pool id or Zone id
:form secret: TSIG Secret.
:form scope: TSIG Scope.

:statuscode 201: Created
:statuscode 202: Accepted
:statuscode 401: Access Denied

Get Tsigkeys

Get the list of Tsigkeys.

Example request:

GET /tsigkeys HTTP/1.1
Host: 127.0.0.1:9001
Accept: application/json

Example response:

HTTP/1.1 200 OK
Content-Length: 776
Content-Type: application/json; charset=UTF-8

{
  "tsigkeys": [
     {
       "links": {
          "self": "http://127.0.0.1:9001/v2/tsigkeys/5fa28ce8-68e3-4fdf-89c1-ed9f151b83d2"
       },
     "name": "test-key",
     "algorithm": "hmac-sha256",
     "resource_id": "6ca6baef-3305-4ad0-a52b-a82df5752b62",
     "created_at": "2015-12-21T09:48:15.000000",
     "updated_at": null,
     "secret": "SomeSecretKey",
     "scope": "POOL",
     "id": "5fa28ce8-68e3-4fdf-89c1-ed9f151b83d2"
     },
     {
      "links": {
         "self": "http://127.0.0.1:9001/v2/tsigkeys/319c58fd-a0e0-4d69-a854-98bc49594419"
      },
      "name": "test-key-2",
      "algorithm": "hmac-sha256",
      "resource_id": "6ca6baef-3305-4ad0-a52b-a82df5752b62",
      "created_at": "2015-12-21T09:51:06.000000",
      "updated_at": null,
      "secret": "SomeSecretKey",
      "scope": "POOL",
      "id": "319c58fd-a0e0-4d69-a854-98bc49594419"}
  ],
  "links": {
     "self": "http://127.0.0.1:9001/v2/tsigkeys"}
}

:statuscode 200: Success
:statuscode 401: Access Denied

Get Tsigkey

Retrieves a tsigkey with the specified tsigkey's ID.

Example request:

GET /v2/tsigkeys/5fa28ce8-68e3-4fdf-89c1-ed9f151b83d2 HTTP/1.1
Host: 127.0.0.1:9001
Content-Type: application/json
Accept: application/json

Example response:

Content-Length: 350
Content-Type: application/json; charset=UTF-8
X-Openstack-Request-Id: req-d8cd7f24-a735-400b-9a4b-79e175efc923
Date: Mon, 21 Dec 2015 09:59:26 GMT

{
   "links": {
      "self": "http://127.0.0.1:9001/v2/tsigkeys/5fa28ce8-68e3-4fdf-89c1-ed9f151b83d2"
   },
   "name": "test-key",
   "algorithm": "hmac-sha256",
   "resource_id": "6ca6baef-3305-4ad0-a52b-a82df5752b62",
   "created_at": "2015-12-21T09:48:15.000000",
   "updated_at": null,
   "secret": "SomeSecretKey",
   "scope": "POOL",
   "id": "5fa28ce8-68e3-4fdf-89c1-ed9f151b83d2"
}

Update Tsigkey

Update a Tsigkey with the specified tsigkey's id.

Example request:

PATCH /tsigkeys/5fa28ce8-68e3-4fdf-89c1-ed9f151b83d2 HTTP/1.1
Host: 127.0.0.1:9001
Accept: application/json
Content-Type: application/json

{
  "name": "example_tsigkey",
  "scope": "ZONE"
}

Example response:

HTTP/1.1 200 OK
Content-Length: 381
Content-Type: application/json; charset=UTF-8

{
   "links": {
      "self": "http://127.0.0.1:9001/v2/tsigkeys/5fa28ce8-68e3-4fdf-89c1-ed9f151b83d2"
   },
   "name": "example_tsigkey",
   "algorithm": "hmac-sha256",
   "resource_id": "6ca6baef-3305-4ad0-a52b-a82df5752b62",
   "created_at": "2015-12-21T09:48:15.000000",
   "updated_at": "2015-12-21T10:02:18.000000",
   "secret": "SomeSecretKey",
   "scope": "ZONE",
   "id": "5fa28ce8-68e3-4fdf-89c1-ed9f151b83d2"
}

:form name: TSIG Key Name.
:form algorithm: TSIG Algorithm.
:form resource_id: Pool id or Zone id
:form secret: TSIG Secret.
:form scope: TSIG Scope.

:statuscode 200: Success
:statuscode 202: Accepted
:statuscode 401: Access Denied

Remove Tsigkey

Remove a Tsigkey with the specified tsigkey's id.

Example request:

DELETE /tsigkeys/5fa28ce8-68e3-4fdf-89c1-ed9f151b83d2 HTTP/1.1
Accept: application/json

Example response:

HTTP/1.1 204 No Content
Content-Length: 0
statuscode 400

Bad Request

statuscode 204

Successfully Deleted