78 lines
2.3 KiB
YAML
78 lines
2.3 KiB
YAML
heat_template_version: 2013-05-23
|
|
|
|
description: >
|
|
This template demostrates how to create Barbican secret.
|
|
|
|
parameters:
|
|
name:
|
|
description: (optional) Human readable name for the secret.
|
|
type: string
|
|
default: test_secret
|
|
payload:
|
|
description: (optional) The unencrypted plain text of the secret.
|
|
type: string
|
|
default: VGVzdCBzdHJpbmcgZm9yIGJhcmJpY2FuIHNlY3JldCB0ZXN0IHRlbXBsYXRl
|
|
secret_type:
|
|
description: (optional) The type of the secret.
|
|
type: string
|
|
default: opaque
|
|
payload_content_type:
|
|
description: >
|
|
(optional) The type/format the secret data is provided in.
|
|
payload_content_type must also be supplied if payload is included.
|
|
type: string
|
|
default: application/octet-stream
|
|
payload_content_encoding:
|
|
description: >
|
|
(optional) (required if payload is encoded)
|
|
The encoding format used to provide the payload data.
|
|
type: string
|
|
default: base64
|
|
expiration:
|
|
description: >
|
|
(optional) The expiration date for the secret in ISO-8601 format.
|
|
If set, the secret will not be available after this time.
|
|
type: string
|
|
default: 2017-12-28T19:14:44.180394
|
|
algorithm:
|
|
description: (optional) The algorithm type used to generate the secret.
|
|
type: string
|
|
default: aes
|
|
bit_length:
|
|
description: (optional) The bit-length of the secret.
|
|
type: number
|
|
default: 256
|
|
mode:
|
|
description: >
|
|
(optional) The type/mode of the algorithm associated
|
|
with the secret information.
|
|
type: string
|
|
default: cbc
|
|
|
|
|
|
resources:
|
|
secret:
|
|
type: OS::Barbican::Secret
|
|
properties:
|
|
name: { get_param: name }
|
|
payload: { get_param: payload }
|
|
secret_type: { get_param: secret_type }
|
|
payload_content_type: { get_param: payload_content_type }
|
|
payload_content_encoding: { get_param: payload_content_encoding }
|
|
expiration: { get_param: expiration }
|
|
algorithm: { get_param: algorithm }
|
|
bit_length: { get_param: bit_length }
|
|
mode: { get_param: mode }
|
|
|
|
|
|
outputs:
|
|
secret_status:
|
|
description: The status of the secret.
|
|
value: { get_attr: [secret, status] }
|
|
secret_payload:
|
|
description: The decrypted secret payload.
|
|
value: { get_attr: [secret, status] }
|
|
secret_ref:
|
|
description: Reference for created secret.
|
|
value: { get_resource: secret }
|