Barbican client object used to interact with barbican service.
Parameters: |
|
---|
Entity Manager for Secret entities
Factory method for creating new Secret objects
Secrets returned by this method have not yet been stored in the Barbican service.
Parameters: |
|
---|---|
Returns: | A new Secret object |
Return type: | |
Raises: |
|
Delete a Secret from Barbican
Parameters: | secret_ref – The href for the secret to be deleted |
---|---|
Raises: |
|
Retrieve an existing Secret from Barbican
Parameters: |
|
---|---|
Returns: | Secret object retrieved from Barbican |
Return type: | |
Raises: |
|
List Secrets for the project
This method uses the limit and offset parameters for paging, and also supports filtering.
Parameters: |
|
---|---|
Returns: | list of Secret objects that satisfy the provided filter criteria. |
Return type: | list |
Raises: |
|
Update an existing Secret from Barbican
Parameters: |
|
---|---|
Raises: |
|
Secrets represent keys, credentials, and other sensitive data that is stored by the Barbican service.
Secret objects should not be instantiated directly. You should use the create or get methods of the barbicanclient.secrets.SecretManager instead.
Get ACL settings for this secret.
Deletes the Secret from Barbican
Lazy-loaded property that holds the unencrypted data
Stores the Secret in Barbican. New Secret objects are not persisted in Barbican until this method is called.
Raises: | PayloadException |
---|
Updates the secret in Barbican.
Entity Manager for Order entitites
Factory method for AsymmetricOrder objects
AsymmetricOrder objects returned by this method have not yet been submitted to the Barbican service.
Parameters: |
|
---|---|
Returns: | AsymmetricOrder |
Return type: | |
Raises: |
|
Factory method for CertificateOrder objects
CertificateOrder objects returned by this method have not yet been submitted to the Barbican service.
Parameters: |
|
---|---|
Returns: | CertificateOrder |
Return type: | barbicanclient.orders.CertificateOrder |
Factory method for KeyOrder objects
KeyOrder objects returned by this method have not yet been submitted to the Barbican service.
Parameters: |
|
---|---|
Returns: | KeyOrder |
Return type: | |
Raises: |
|
Delete an Order from Barbican
Parameters: | order_ref – The href for the order |
---|
Retrieve an existing Order from Barbican
Parameters: | order_ref – Full HATEOAS reference to an Order |
---|---|
Returns: | An instance of the appropriate subtype of Order |
Raises: |
|
List Orders for the project
This method uses the limit and offset parameters for paging.
Parameters: |
|
---|---|
Returns: | list of Order objects |
Raises: |
|
Base order object to hold common functionality
This should be considered an abstract class that should not be instantiated directly.
Deletes the Order from Barbican
Submit the Order to Barbican. New Order objects are not persisted in Barbican until this method is called.
KeyOrders can be used to request random key material from Barbican
Encryption mode being used with this key
The mode could be set to “CBC” for example, when requesting a key that will be used for AES encryption in CBC mode.
Passphrase to be used for passphrase protected asymmetric keys
EntityManager for Container entities
You should use the ContainerManager exposed by the Client and should not need to instantiate your own.
Factory method for Container objects
Container objects returned by this method have not yet been stored in Barbican.
Parameters: |
|
---|---|
Returns: | Container |
Return type: | |
Raises: |
|
Factory method for CertificateContainer objects
CertificateContainer objects returned by this method have not yet been stored in Barbican.
Parameters: |
|
---|---|
Returns: | CertificateContainer |
Return type: | |
Raises: |
|
Factory method for RSAContainer objects
RSAContainer objects returned by this method have not yet been stored in Barbican.
Parameters: |
|
---|---|
Returns: | RSAContainer |
Return type: | |
Raises: |
|
Delete a Container from Barbican
Parameters: | container_ref – Full HATEOAS reference to a Container |
---|---|
Raises: |
|
Retrieve an existing Container from Barbican
Parameters: | container_ref (str) – Full HATEOAS reference to a Container |
---|---|
Returns: | Container object or a subclass of the appropriate type |
List containers for the project. This method uses the limit and offset parameters for paging.
Parameters: |
|
---|---|
Returns: | list of Container metadata objects |
Raises: |
|
Add a consumer to the container
Parameters: |
|
---|---|
Returns: | A container object per the get() method |
Raises: |
|
Remove a consumer from the container
Parameters: |
|
---|---|
Raises: |
|
Container is a generic grouping of Secrets
Get ACL settings for this container.
Delete container from Barbican
List of Secrets in Containers
Store Container in Barbican
Secret containing the Private Key
Secret containing the Passphrase
Secret containing the Public Key
Secret containing the certificate
Secret containing intermediate certificates
Secret containing the private key
Secret containing the passphrase
Entity Manager for Secret entities
Retrieve an existing CA from Barbican
Parameters: | ca_ref (str) – Full HATEOAS reference to a CA |
---|---|
Returns: | CA object retrieved from Barbican |
Return type: | |
Raises: |
|
List CAs for the project
This method uses the limit and offset parameters for paging, and also supports filtering.
Parameters: |
|
---|---|
Returns: | list of CA objects that satisfy the provided filter criteria. |
Return type: | list |
Raises: |
|
CAs represent certificate authorities or subCAs with which the Barbican service is configured to interact.
CA objects should not be instantiated directly. You should use the create or get methods of the barbicanclient.cas.CAManager instead.
Entity Manager for Secret or Container ACL entities
Factory method for creating ACL entity.
ACL object returned by this method have not yet been stored in Barbican.
Input entity_ref is used to determine whether ACL object type needs to be barbicanclient.acls.SecretACL or barbicanclient.acls.ContainerACL.
Parameters: |
|
---|---|
Returns: | ACL object instance |
Return type: | barbicanclient.acls.SecretACL or barbicanclient.acls.ContainerACL |
Retrieve existing ACLs for a secret or container defined in Barbican
Parameters: | entity_ref (str) – Full HATEOAS reference to a secret or container. |
---|---|
Returns: | ACL entity object instance |
Return type: | barbicanclient.acls.SecretACL or barbicanclient.acls.ContainerACL |
Raises: |
|
ACL entity for a secret
Base ACL entity instance for secret or container.
Provide ACL data arguments to set ACL setting for given operation_type.
To add ACL setting for other operation types, use add_operation_acl method.
Parameters: |
|
---|
Add ACL settings to entity for specific operation type.
If matching operation_type ACL already exists, then it replaces it with new PerOperationACL object using provided inputs. Otherwise it appends new PerOperationACL object to existing per operation ACL list.
This just adds to local entity and have not yet applied these changes to server.
Parameters: |
|
---|
Entity URI reference.
Get operation specific ACL instance.
Parameters: | operation_type (str) – Type indicating which operation’s ACL |
---|
setting is needed.
Loads ACL entity from Barbican server using its acl_ref
Clears the existing list of per operation ACL settings if there. Populates current ACL entity with ACL settings received from Barbican server.
Raises: |
|
---|
List of operation specific ACL settings.
Remove Barbican ACLs setting defined for a secret or container
Raises: |
|
---|
Submits ACLs for a secret or a container defined in server
In existing ACL case, this overwrites the existing ACL setting with provided inputs. If input users are None or empty list, this will remove existing ACL users if there. If input project_access flag is None, then default project access behavior is enabled.
Returns: | str acl_ref: Full HATEOAS reference to a secret or container ACL. |
---|---|
Raises: |
|
ACL entity for a container
Base ACL entity instance for secret or container.
Provide ACL data arguments to set ACL setting for given operation_type.
To add ACL setting for other operation types, use add_operation_acl method.
Parameters: |
|
---|
Add ACL settings to entity for specific operation type.
If matching operation_type ACL already exists, then it replaces it with new PerOperationACL object using provided inputs. Otherwise it appends new PerOperationACL object to existing per operation ACL list.
This just adds to local entity and have not yet applied these changes to server.
Parameters: |
|
---|
Entity URI reference.
Get operation specific ACL instance.
Parameters: | operation_type (str) – Type indicating which operation’s ACL |
---|
setting is needed.
Loads ACL entity from Barbican server using its acl_ref
Clears the existing list of per operation ACL settings if there. Populates current ACL entity with ACL settings received from Barbican server.
Raises: |
|
---|
List of operation specific ACL settings.
Remove Barbican ACLs setting defined for a secret or container
Raises: |
|
---|
Submits ACLs for a secret or a container defined in server
In existing ACL case, this overwrites the existing ACL setting with provided inputs. If input users are None or empty list, this will remove existing ACL users if there. If input project_access flag is None, then default project access behavior is enabled.
Returns: | str acl_ref: Full HATEOAS reference to a secret or container ACL. |
---|---|
Raises: |
|
Raised for 401 Unauthorized responses from the server.
Raised for 4xx responses from the server.
Base exception for HTTP errors.
Raised for 5xx responses from the server.