OpenStack Orchestration (Heat) Templates
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

77 lines
2.3 KiB

heat_template_version: 2013-05-23
description: >
This template demostrates how to create Barbican secret.
parameters:
name:
description: (optional) Human readable name for the secret.
type: string
default: test_secret
payload:
description: (optional) The unencrypted plain text of the secret.
type: string
default: VGVzdCBzdHJpbmcgZm9yIGJhcmJpY2FuIHNlY3JldCB0ZXN0IHRlbXBsYXRl
secret_type:
description: (optional) The type of the secret.
type: string
default: opaque
payload_content_type:
description: >
(optional) The type/format the secret data is provided in.
payload_content_type must also be supplied if payload is included.
type: string
default: application/octet-stream
payload_content_encoding:
description: >
(optional) (required if payload is encoded)
The encoding format used to provide the payload data.
type: string
default: base64
expiration:
description: >
(optional) The expiration date for the secret in ISO-8601 format.
If set, the secret will not be available after this time.
type: string
default: 2017-12-28T19:14:44.180394
algorithm:
description: (optional) The algorithm type used to generate the secret.
type: string
default: aes
bit_length:
description: (optional) The bit-length of the secret.
type: number
default: 256
mode:
description: >
(optional) The type/mode of the algorithm associated
with the secret information.
type: string
default: cbc
resources:
secret:
type: OS::Barbican::Secret
properties:
name: { get_param: name }
payload: { get_param: payload }
secret_type: { get_param: secret_type }
payload_content_type: { get_param: payload_content_type }
payload_content_encoding: { get_param: payload_content_encoding }
expiration: { get_param: expiration }
algorithm: { get_param: algorithm }
bit_length: { get_param: bit_length }
mode: { get_param: mode }
outputs:
secret_status:
description: The status of the secret.
value: { get_attr: [secret, status] }
secret_payload:
description: The decrypted secret payload.
value: { get_attr: [secret, status] }
secret_ref:
description: Reference for created secret.
value: { get_resource: secret }