diff --git a/examples/policy.json b/examples/policy.json new file mode 100644 index 0000000..2f8b04a --- /dev/null +++ b/examples/policy.json @@ -0,0 +1,166 @@ +{ + "example": { + "CERTIFICATE": { + "LOCATE": "ALLOW_ALL", + "CHECK": "ALLOW_ALL", + "GET": "ALLOW_ALL", + "GET_ATTRIBUTES": "ALLOW_ALL", + "GET_ATTRIBUTE_LIST": "ALLOW_ALL", + "ADD_ATTRIBUTE": "ALLOW_OWNER", + "MODIFY_ATTRIBUTE": "ALLOW_OWNER", + "DELETE_ATTRIBUTE": "ALLOW_OWNER", + "OBTAIN_LEASE": "ALLOW_ALL", + "ACTIVATE": "ALLOW_OWNER", + "REVOKE": "ALLOW_OWNER", + "DESTROY": "ALLOW_OWNER", + "ARCHIVE": "ALLOW_OWNER", + "RECOVER": "ALLOW_OWNER" + }, + "SYMMETRIC_KEY": { + "REKEY": "ALLOW_OWNER", + "REKEY_KEY_PAIR": "ALLOW_OWNER", + "DERIVE_KEY": "ALLOW_OWNER", + "LOCATE": "ALLOW_OWNER", + "CHECK": "ALLOW_OWNER", + "GET": "ALLOW_OWNER", + "GET_ATTRIBUTES": "ALLOW_OWNER", + "GET_ATTRIBUTE_LIST": "ALLOW_OWNER", + "ADD_ATTRIBUTE": "ALLOW_OWNER", + "MODIFY_ATTRIBUTE": "ALLOW_OWNER", + "DELETE_ATTRIBUTE": "ALLOW_OWNER", + "OBTAIN_LEASE": "ALLOW_OWNER", + "GET_USAGE_ALLOCATION": "ALLOW_OWNER", + "ACTIVATE": "ALLOW_OWNER", + "REVOKE": "ALLOW_OWNER", + "DESTROY": "ALLOW_OWNER", + "ARCHIVE": "ALLOW_OWNER", + "RECOVER": "ALLOW_OWNER" + }, + "PUBLIC_KEY": { + "LOCATE": "ALLOW_ALL", + "CHECK": "ALLOW_ALL", + "GET": "ALLOW_ALL", + "GET_ATTRIBUTES": "ALLOW_ALL", + "GET_ATTRIBUTE_LIST": "ALLOW_ALL", + "ADD_ATTRIBUTE": "ALLOW_OWNER", + "MODIFY_ATTRIBUTE": "ALLOW_OWNER", + "DELETE_ATTRIBUTE": "ALLOW_OWNER", + "OBTAIN_LEASE": "ALLOW_ALL", + "ACTIVATE": "ALLOW_OWNER", + "REVOKE": "ALLOW_OWNER", + "DESTROY": "ALLOW_OWNER", + "ARCHIVE": "ALLOW_OWNER", + "RECOVER": "ALLOW_OWNER" + }, + "PRIVATE_KEY": { + "REKEY": "ALLOW_OWNER", + "REKEY_KEY_PAIR": "ALLOW_OWNER", + "DERIVE_KEY": "ALLOW_OWNER", + "LOCATE": "ALLOW_OWNER", + "CHECK": "ALLOW_OWNER", + "GET": "ALLOW_OWNER", + "GET_ATTRIBUTES": "ALLOW_OWNER", + "GET_ATTRIBUTE_LIST": "ALLOW_OWNER", + "ADD_ATTRIBUTE": "ALLOW_OWNER", + "MODIFY_ATTRIBUTE": "ALLOW_OWNER", + "DELETE_ATTRIBUTE": "ALLOW_OWNER", + "OBTAIN_LEASE": "ALLOW_OWNER", + "GET_USAGE_ALLOCATION": "ALLOW_OWNER", + "ACTIVATE": "ALLOW_OWNER", + "REVOKE": "ALLOW_OWNER", + "DESTROY": "ALLOW_OWNER", + "ARCHIVE": "ALLOW_OWNER", + "RECOVER": "ALLOW_OWNER" + }, + "SPLIT_KEY": { + "REKEY": "ALLOW_OWNER", + "REKEY_KEY_PAIR": "ALLOW_OWNER", + "DERIVE_KEY": "ALLOW_OWNER", + "LOCATE": "ALLOW_OWNER", + "CHECK": "ALLOW_OWNER", + "GET": "ALLOW_OWNER", + "GET_ATTRIBUTES": "ALLOW_OWNER", + "GET_ATTRIBUTE_LIST": "ALLOW_OWNER", + "ADD_ATTRIBUTE": "ALLOW_OWNER", + "MODIFY_ATTRIBUTE": "ALLOW_OWNER", + "DELETE_ATTRIBUTE": "ALLOW_OWNER", + "OBTAIN_LEASE": "ALLOW_OWNER", + "GET_USAGE_ALLOCATION": "ALLOW_OWNER", + "ACTIVATE": "ALLOW_OWNER", + "REVOKE": "ALLOW_OWNER", + "DESTROY": "ALLOW_OWNER", + "ARCHIVE": "ALLOW_OWNER", + "RECOVER": "ALLOW_OWNER" + }, + "TEMPLATE": { + "LOCATE": "ALLOW_OWNER", + "GET": "ALLOW_OWNER", + "GET_ATTRIBUTES": "ALLOW_OWNER", + "GET_ATTRIBUTE_LIST": "ALLOW_OWNER", + "ADD_ATTRIBUTE": "ALLOW_OWNER", + "MODIFY_ATTRIBUTE": "ALLOW_OWNER", + "DELETE_ATTRIBUTE": "ALLOW_OWNER", + "DESTROY": "ALLOW_OWNER" + }, + "SECRET_DATA": { + "REKEY": "ALLOW_OWNER", + "REKEY_KEY_PAIR": "ALLOW_OWNER", + "DERIVE_KEY": "ALLOW_OWNER", + "LOCATE": "ALLOW_OWNER", + "CHECK": "ALLOW_OWNER", + "GET": "ALLOW_OWNER", + "GET_ATTRIBUTES": "ALLOW_OWNER", + "GET_ATTRIBUTE_LIST": "ALLOW_OWNER", + "ADD_ATTRIBUTE": "ALLOW_OWNER", + "MODIFY_ATTRIBUTE": "ALLOW_OWNER", + "DELETE_ATTRIBUTE": "ALLOW_OWNER", + "OBTAIN_LEASE": "ALLOW_OWNER", + "GET_USAGE_ALLOCATION": "ALLOW_OWNER", + "ACTIVATE": "ALLOW_OWNER", + "REVOKE": "ALLOW_OWNER", + "DESTROY": "ALLOW_OWNER", + "ARCHIVE": "ALLOW_OWNER", + "RECOVER": "ALLOW_OWNER" + }, + "OPAQUE_DATA": { + "REKEY": "ALLOW_OWNER", + "REKEY_KEY_PAIR": "ALLOW_OWNER", + "DERIVE_KEY": "ALLOW_OWNER", + "LOCATE": "ALLOW_OWNER", + "CHECK": "ALLOW_OWNER", + "GET": "ALLOW_OWNER", + "GET_ATTRIBUTES": "ALLOW_OWNER", + "GET_ATTRIBUTE_LIST": "ALLOW_OWNER", + "ADD_ATTRIBUTE": "ALLOW_OWNER", + "MODIFY_ATTRIBUTE": "ALLOW_OWNER", + "DELETE_ATTRIBUTE": "ALLOW_OWNER", + "OBTAIN_LEASE": "ALLOW_OWNER", + "GET_USAGE_ALLOCATION": "ALLOW_OWNER", + "ACTIVATE": "ALLOW_OWNER", + "REVOKE": "ALLOW_OWNER", + "DESTROY": "ALLOW_OWNER", + "ARCHIVE": "ALLOW_OWNER", + "RECOVER": "ALLOW_OWNER" + }, + "PGP_KEY": { + "REKEY": "ALLOW_OWNER", + "REKEY_KEY_PAIR": "ALLOW_OWNER", + "DERIVE_KEY": "ALLOW_OWNER", + "LOCATE": "ALLOW_OWNER", + "CHECK": "ALLOW_OWNER", + "GET": "ALLOW_OWNER", + "GET_ATTRIBUTES": "ALLOW_OWNER", + "GET_ATTRIBUTE_LIST": "ALLOW_OWNER", + "ADD_ATTRIBUTE": "ALLOW_OWNER", + "MODIFY_ATTRIBUTE": "ALLOW_OWNER", + "DELETE_ATTRIBUTE": "ALLOW_OWNER", + "OBTAIN_LEASE": "ALLOW_OWNER", + "GET_USAGE_ALLOCATION": "ALLOW_OWNER", + "ACTIVATE": "ALLOW_OWNER", + "REVOKE": "ALLOW_OWNER", + "DESTROY": "ALLOW_OWNER", + "ARCHIVE": "ALLOW_OWNER", + "RECOVER": "ALLOW_OWNER" + } + } +} diff --git a/examples/pykmip.conf b/examples/pykmip.conf new file mode 100644 index 0000000..9db02e9 --- /dev/null +++ b/examples/pykmip.conf @@ -0,0 +1,12 @@ +[client] +host=127.0.0.1 +port=5696 +keyfile=/etc/pykmip/certs/client_private_key.pem +certfile=/etc/pykmip/certs/client_cert.pem +cert_reqs=CERT_REQUIRED +ssl_version=PROTOCOL_SSLv23 +ca_certs=/etc/pykmip/certs/server_ca_cert.pem +do_handshake_on_connect=True +suppress_ragged_eofs=True +username=example_username +password=example_password diff --git a/examples/server.conf b/examples/server.conf new file mode 100644 index 0000000..25ceb6d --- /dev/null +++ b/examples/server.conf @@ -0,0 +1,8 @@ +[server] +hostname=127.0.0.1 +port=5696 +certificate_path=/etc/pykmip/certs/server_cert.pem +key_path=/etc/pykmip/certs/server_private_key.pem +ca_path=/etc/pykmip/certs/server_ca_cert.pem +auth_suite=Basic +policy_path=/etc/pykmip/policies