diff --git a/README.md b/README.md index 0be31c02..1e4c8a84 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ Key Management API. There is a Python library for accessing the API (`barbicanclient` module), and a command-line script (`keep`). ## barbicanclient - Python API -The full api is documented in the wiki. +The full api is [documented in the wiki](https://github.com/cloudkeep/python-barbicanclient/wiki/Client-Usage). ### Quickstart Store a secret in barbican using keystone for authentication: @@ -13,43 +13,42 @@ Store a secret in barbican using keystone for authentication: >>> from barbicanclient.common import auth >>> from barbicanclient import client # We'll use keystone for authentication ->>> keystone = auth.KeystoneAuth(auth_url='http://keystone-int.cloudkeep.io:5000/v2.0', -... username=USER, password=PASSWORD, tenant_name=TENANT) +>>> keystone = auth.KeystoneAuthV2(auth_url='http://keystone-int.cloudkeep.io:5000/v2.0', +... username='USER', password='PASSWORD', tenant_name='TENANT') >>> barbican = client.Client(auth_plugin=keystone) # Let's store some sensitive data, Barbican encrypts it and stores it securely in the cloud ->>> secret_id = barbican.secrets.store(name='Self destruction sequence', -... payload='the magic words are squeamish ossifrage', -... payload_content_type='text/plain') +>>> secret_uri = barbican.secrets.store(name='Self destruction sequence', +... payload='the magic words are squeamish ossifrage', +... payload_content_type='text/plain') # Let's look at some properties of a barbican Secret ->>> secret = barbican.secrets.get(secret_id) ->>> print(secret.id) -d46883b4-e072-4452-98c9-36d652dfcdd6 +>>> secret = barbican.secrets.get(secret_uri) +>>> print(secret.secret_ref) +u'http://api-01-int.cloudkeep.io:9311/v1/test_tenant/secrets/49496a6d-c674-4384-b208-7cf4988f84ee' >>> print(secret.name) Self destruction sequence # Now let's retrieve the secret payload. Barbican decrypts it and sends it back. ->>> print(barbican.secrets.raw(secret.id, secret.content_types['default'])) +>>> print(barbican.secrets.decrypt(secret.secret_ref)) the magic words are squeamish ossifrage ``` ## keep - Command Line Client - +Command line client configuration and usage is [documented in the wiki](https://github.com/cloudkeep/python-barbicanclient/wiki/Command-Line-Client). ``` -$ keep -h usage: keep [-h] [--no-auth | --os-auth-url ] [--os-username ] [--os-password ] [--os-tenant-name ] [--os-tenant-id ] [--endpoint ] - {order,secret} {create,store,get,list,delete} ... + ... Command-line interface to the Barbican API. positional arguments: - {order,secret} Entity used for command. + Entity used for command, e.g., order, secret. optional arguments: -h, --help show this help message and exit - --no-auth, -N Do not use authentication + --no-auth, -N Do not use authentication. --os-auth-url , -A Defaults to env[OS_AUTH_URL]. --os-username , -U @@ -66,11 +65,10 @@ optional arguments: subcommands: Action to perform - {create,store,get,list,delete} + create Create a new order. store Store a secret in barbican. - get Retrieve a secret or an order by providing its UUID. + get Retrieve a secret or an order by providing its URI. list List secrets or orders - delete Delete a secret or an order by providing its UUID. - + delete Delete a secret or an order by providing its href. ```