NCM::Component::openstack::key-manager - barbican

Types

  • /software/components/openstack/openstack_barbican_secretstore_plugin
  • /software/components/openstack/openstack_barbican_DEFAULTS
    • Description: Barbican default section
    • /software/components/openstack/openstack_barbican_DEFAULTS/sql_connection
      • Description: SQLAlchemy connection string for the reference implementation registry server. Any valid SQLAlchemy connection string is fine. For some weird reason Barbican does not use the [database] section
      • Required
      • Type: string
    • /software/components/openstack/openstack_barbican_DEFAULTS/host_href
      • Description: Host name, for use in HATEOAS-style references. Note: Typically this would be the load balanced endpoint that clients would use to communicate back with this service. If a deployment wants to derive host from wsgi request instead then make this blank. Blank is needed to override default config value which is ‘http://localhost:9311
      • Optional
      • Type: type_absoluteURI
      • Default value: http://localhost:9311
  • /software/components/openstack/openstack_barbican_secretstore
    • Description: Barbican secretstore section
    • /software/components/openstack/openstack_barbican_secretstore/namespace
      • Description: Extension namespace to search for plugins
      • Required
      • Type: string
      • Default value: barbican.secretstore.plugin
    • /software/components/openstack/openstack_barbican_secretstore/enabled_secretstore_plugins
      • Description: List of secret store plugins to load
      • Required
      • Type: openstack_barbican_secretstore_plugin
  • /software/components/openstack/openstack_barbican_crypto
    • Description: Barbican crypto section
    • /software/components/openstack/openstack_barbican_crypto/enabled_crypto_plugins
      • Description: List of crypto plugins to load
      • Required
      • Type: string
  • /software/components/openstack/openstack_barbican_simple_crypto_plugin
    • Description: Barbican simple_crypto_plugin section
    • /software/components/openstack/openstack_barbican_simple_crypto_plugin/namespace
      • Description: Extension namespace to search for plugins
      • Required
      • Type: string
      • Default value: barbican.crypto.plugin
    • /software/components/openstack/openstack_barbican_simple_crypto_plugin/kek
      • Description: Key encryption key to be used by Simple Crypto Plugin. It should be a 32-byte value which is base64 encoded (openssl rand -base64 32)
      • Required
      • Type: string
  • /software/components/openstack/openstack_barbican_certificate
    • Description: Barbican certificate section
    • /software/components/openstack/openstack_barbican_certificate/namespace
      • Description: Extension namespace to search for plugins
      • Required
      • Type: string
      • Default value: barbican.certificate.plugin
    • /software/components/openstack/openstack_barbican_certificate/enabled_certificate_plugins
      • Description: List of certificate plugins to load
      • Required
      • Type: string
  • /software/components/openstack/openstack_barbican_dogtag_plugin
    • Description: Barbican dogtag_plugin section
    • /software/components/openstack/openstack_barbican_dogtag_plugin/pem_path
      • Description: Path to PEM file for authentication
      • Required
      • Type: absolute_file_path
    • /software/components/openstack/openstack_barbican_dogtag_plugin/dogtag_host
      • Description: Hostname for the Dogtag instance
      • Required
      • Type: type_hostname
    • /software/components/openstack/openstack_barbican_dogtag_plugin/dogtag_port
      • Description: Port for the Dogtag instance
      • Required
      • Type: type_port
      • Default value: 8443
    • /software/components/openstack/openstack_barbican_dogtag_plugin/nss_db_path
      • Description: Path to the NSS certificate database
      • Required
      • Type: absolute_file_path
      • Default value: /etc/barbican/alias
    • /software/components/openstack/openstack_barbican_dogtag_plugin/nss_db_path_ca
      • Optional
      • Type: absolute_file_path
    • /software/components/openstack/openstack_barbican_dogtag_plugin/nss_password
      • Description: Password for the NSS certificate databases
      • Required
      • Type: string
    • /software/components/openstack/openstack_barbican_dogtag_plugin/simple_cmc_profile
      • Description: Profile for simple CMC requests
      • Required
      • Type: string
      • Default value: caOtherCert
    • /software/components/openstack/openstack_barbican_dogtag_plugin/ca_expiration_time
      • Description: Time in days for CA entries to expire
      • Optional
      • Type: long
      • Range: 1..
    • /software/components/openstack/openstack_barbican_dogtag_plugin/plugin_working_dir
      • Description: Working directory for Dogtag plugin
      • Optional
      • Type: absolute_file_path
  • /software/components/openstack/openstack_barbican_kmip_plugin
    • Description: Barbican kmip_plugin section
    • /software/components/openstack/openstack_barbican_kmip_plugin/username
      • Description: Username for authenticating with KMIP server
      • Required
      • Type: string
      • Default value: admin
    • /software/components/openstack/openstack_barbican_kmip_plugin/password
      • Description: Password for authenticating with KMIP server
      • Required
      • Type: string
    • /software/components/openstack/openstack_barbican_kmip_plugin/host
      • Description: Address of the KMIP server
      • Required
      • Type: type_hostname
    • /software/components/openstack/openstack_barbican_kmip_plugin/port
      • Description: Port for the KMIP server
      • Required
      • Type: type_port
      • Default value: 5696
    • /software/components/openstack/openstack_barbican_kmip_plugin/keyfile
      • Description: File path to local client certificate keyfile
      • Required
      • Type: absolute_file_path
    • /software/components/openstack/openstack_barbican_kmip_plugin/certfile
      • Description: File path to local client certificate
      • Required
      • Type: absolute_file_path
    • /software/components/openstack/openstack_barbican_kmip_plugin/ca_certs
      • Description: File path to concatenated “certification authority” certificates
      • Required
      • Type: absolute_file_path
  • /software/components/openstack/openstack_quattor_barbican
  • /software/components/openstack/openstack_barbican_config
    • Description: list of Barbican configuration sections
    • /software/components/openstack/openstack_barbican_config/DEFAULT
      • Required
      • Type: openstack_barbican_DEFAULTS
    • /software/components/openstack/openstack_barbican_config/keystone_authtoken
      • Required
      • Type: openstack_keystone_authtoken
    • /software/components/openstack/openstack_barbican_config/secretstore
      • Required
      • Type: openstack_barbican_secretstore
    • /software/components/openstack/openstack_barbican_config/crypto
      • Optional
      • Type: openstack_barbican_crypto
    • /software/components/openstack/openstack_barbican_config/simple_crypto_plugin
      • Optional
      • Type: openstack_barbican_simple_crypto_plugin
    • /software/components/openstack/openstack_barbican_config/certificate
      • Optional
      • Type: openstack_barbican_certificate
    • /software/components/openstack/openstack_barbican_config/dogtag_plugin
      • Optional
      • Type: openstack_barbican_dogtag_plugin
    • /software/components/openstack/openstack_barbican_config/kmip_plugin
      • Optional
      • Type: openstack_barbican_kmip_plugin
    • /software/components/openstack/openstack_barbican_config/quattor
      • Required
      • Type: openstack_quattor_barbican