openstack/openstack-manuals
Code Issues Proposed changes
9b1e62e9cd
openstack-manuals/doc/cli-reference/generated/ch_cli_barbican_commands.xml
Atsushi SAKAI 23f258862e Add barbican to common and CLI reference 
Add barbican to Chapter1
  (for CLI Ref)
Add barbican to AppendixA
  (common part includes CLI Ref/Config Ref)
Add sample of barbican CLI Ref XML
  Currently CLI fixation working on
  https://review.openstack.org/#/c/224467/

Change-Id: Id09781e94592f59f39b0a36badb59334a3a19240
2015-09-21 10:22:33 +00:00

1055 lines
32 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink"
version="5.0"
xml:id="barbicanclient_commands">
<!-- This file is automatically generated, do not edit -->
<?dbhtml stop-chunking?>
<title>Key management service command-line client</title>
<para>The <command>barbican</command> client is the command-line
interface (CLI) for the Key management service API and its extensions.
This chapter documents <command>barbican</command> version
<literal>3.3.0</literal>.
</para>
<para>For help on a specific <command>barbican</command>
command, enter:
</para>
<screen><prompt>$</prompt> <userinput><command>barbican</command> <option>help</option> <replaceable>COMMAND</replaceable></userinput></screen>
<section xml:id="barbicanclient_command_usage">
<title>barbican usage</title>
<screen><computeroutput>usage: barbican [--version] [-v] [--log-file LOG_FILE] [-q] [-h] [--debug]
[--no-auth] [--os-identity-api-version &lt;identity-api-version&gt;]
[--os-auth-url &lt;auth-url&gt;] [--os-username &lt;auth-user-name&gt;]
[--os-user-id &lt;auth-user-id&gt;] [--os-password &lt;auth-password&gt;]
[--os-user-domain-id &lt;auth-user-domain-id&gt;]
[--os-user-domain-name &lt;auth-user-domain-name&gt;]
[--os-tenant-name &lt;auth-tenant-name&gt;]
[--os-tenant-id &lt;tenant-id&gt;]
[--os-project-id &lt;auth-project-id&gt;]
[--os-project-name &lt;auth-project-name&gt;]
[--os-project-domain-id &lt;auth-project-domain-id&gt;]
[--os-project-domain-name &lt;auth-project-domain-name&gt;]
[--os-auth-token &lt;auth-token&gt;] [--endpoint &lt;barbican-url&gt;]
[--interface &lt;barbican-interface&gt;]
[--service-type &lt;barbican-service-type&gt;]
[--service-name &lt;barbican-service-name&gt;]
[--region-name &lt;barbican-region-name&gt;]
[--barbican-api-version &lt;barbican-api-version&gt;] [--insecure]
[--os-cacert &lt;ca-certificate&gt;] [--os-cert &lt;certificate&gt;]
[--os-key &lt;key&gt;] [--timeout &lt;seconds&gt;]</computeroutput></screen>
</section>
<section xml:id="barbicanclient_command_optional">
<title>barbican optional arguments</title>
<variablelist wordsize="10">
<varlistentry>
<term><command>--version</command></term>
<listitem>
<para>
show program's version number and exit
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>-v, --verbose</command></term>
<listitem>
<para>
Increase verbosity of output. Can be repeated.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--log-file LOG_FILE</command></term>
<listitem>
<para>
Specify a file to log output. Disabled by default.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>-q, --quiet</command></term>
<listitem>
<para>
Suppress output except warnings and errors.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>-h, --help</command></term>
<listitem>
<para>
Show help message and exit.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--debug</command></term>
<listitem>
<para>
Show tracebacks on errors.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--no-auth, -N</command></term>
<listitem>
<para>
Do not use authentication.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--os-identity-api-version &lt;identity-api-version&gt;</command></term>
<listitem>
<para>
Specify Identity API version to use. Defaults to
<code>env[OS_IDENTITY_API_VERSION]</code> or 3.0.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--os-auth-url &lt;auth-url&gt;, -A &lt;auth-url&gt;</command></term>
<listitem>
<para>
Defaults to <code>env[OS_AUTH_URL]</code>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--os-username &lt;auth-user-name&gt;, -U &lt;auth-user-name&gt;</command></term>
<listitem>
<para>
Defaults to <code>env[OS_USERNAME]</code>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--os-user-id &lt;auth-user-id&gt;</command></term>
<listitem>
<para>
Defaults to <code>env[OS_USER_ID]</code>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--os-password &lt;auth-password&gt;, -P &lt;auth-password&gt;</command></term>
<listitem>
<para>
Defaults to <code>env[OS_PASSWORD]</code>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--os-user-domain-id &lt;auth-user-domain-id&gt;</command></term>
<listitem>
<para>
Defaults to <code>env[OS_USER_DOMAIN_ID]</code>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--os-user-domain-name &lt;auth-user-domain-name&gt;</command></term>
<listitem>
<para>
Defaults to <code>env[OS_USER_DOMAIN_NAME]</code>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--os-tenant-name &lt;auth-tenant-name&gt;, -T &lt;auth-tenant-name&gt;</command></term>
<listitem>
<para>
Defaults to <code>env[OS_TENANT_NAME]</code>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--os-tenant-id &lt;tenant-id&gt;, -I &lt;tenant-id&gt;</command></term>
<listitem>
<para>
Defaults to <code>env[OS_TENANT_ID]</code>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--os-project-id &lt;auth-project-id&gt;</command></term>
<listitem>
<para>
Another way to specify tenant ID. This option is
mutually exclusive with --os-tenant-id. Defaults to
<code>env[OS_PROJECT_ID]</code>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--os-project-name &lt;auth-project-name&gt;</command></term>
<listitem>
<para>
Another way to specify tenant name. This option is
mutually exclusive with --os-tenant-name. Defaults to
<code>env[OS_PROJECT_NAME]</code>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--os-project-domain-id &lt;auth-project-domain-id&gt;</command></term>
<listitem>
<para>
Defaults to <code>env[OS_PROJECT_DOMAIN_ID]</code>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--os-project-domain-name &lt;auth-project-domain-name&gt;</command></term>
<listitem>
<para>
Defaults to <code>env[OS_PROJECT_DOMAIN_NAME]</code>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--os-auth-token &lt;auth-token&gt;</command></term>
<listitem>
<para>
Defaults to <code>env[OS_AUTH_TOKEN]</code>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--endpoint &lt;barbican-url&gt;, -E &lt;barbican-url&gt;</command></term>
<listitem>
<para>
Defaults to <code>env[BARBICAN_ENDPOINT]</code>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--interface &lt;barbican-interface&gt;</command></term>
<listitem>
<para>
Defaults to <code>env[BARBICAN_INTERFACE]</code>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--service-type &lt;barbican-service-type&gt;</command></term>
<listitem>
<para>
Defaults to <code>env[BARBICAN_SERVICE_TYPE]</code>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--service-name &lt;barbican-service-name&gt;</command></term>
<listitem>
<para>
Defaults to <code>env[BARBICAN_SERVICE_NAME]</code>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--region-name &lt;barbican-region-name&gt;</command></term>
<listitem>
<para>
Defaults to <code>env[BARBICAN_REGION_NAME]</code>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--barbican-api-version &lt;barbican-api-version&gt;</command></term>
<listitem>
<para>
Defaults to <code>env[BARBICAN_API_VERSION]</code>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--insecure</command></term>
<listitem>
<para>
Explicitly allow client to perform "insecure" TLS
(https) requests. The server's certificate will not be
verified against any certificate authorities. This
option should be used with caution.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--os-cacert &lt;ca-certificate&gt;</command></term>
<listitem>
<para>
Specify a CA bundle file to use in verifying a TLS
(https) server certificate. Defaults to
<code>env[OS_CACERT]</code>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--os-cert &lt;certificate&gt;</command></term>
<listitem>
<para>
Defaults to <code>env[OS_CERT]</code>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--os-key &lt;key&gt;</command></term>
<listitem>
<para>
Defaults to <code>env[OS_KEY]</code>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--timeout &lt;seconds&gt;</command></term>
<listitem>
<para>
Set request timeout (in seconds).
</para>
</listitem>
</varlistentry>
</variablelist>
</section>
<section xml:id="barbicanclient_subcommand_ca_get">
<title>barbican ca get</title>
<screen><computeroutput>usage: barbican ca get [-h] [-f {json,shell,table,value,yaml}] [-c COLUMN]
[--max-width &lt;integer&gt;] [--noindent] [--prefix PREFIX]
URI</computeroutput></screen>
<para>
Retrieve a CA by providing its URI.
</para> <variablelist wordsize="10">
<title>Positional arguments</title>
<varlistentry>
<term><command>URI</command></term>
<listitem>
<para>
The URI reference for the CA.
</para>
</listitem>
</varlistentry>
</variablelist>
<variablelist wordsize="10">
<title>Optional arguments</title>
<varlistentry>
<term><command>-h, --help</command></term>
<listitem>
<para>
show this help message and exit
</para>
</listitem>
</varlistentry>
</variablelist>
</section>
<section xml:id="barbicanclient_subcommand_ca_list">
<title>barbican ca list</title>
<screen><computeroutput>usage: barbican ca list [-h] [-f {csv,json,table,value,yaml}] [-c COLUMN]
[--max-width &lt;integer&gt;] [--noindent]
[--quote {all,minimal,none,nonnumeric}]
[--limit LIMIT] [--offset OFFSET] [--name NAME]</computeroutput></screen>
<para>
List cas.
</para> <variablelist wordsize="10">
<title>Optional arguments</title>
<varlistentry>
<term><command>-h, --help</command></term>
<listitem>
<para>
show this help message and exit
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--limit LIMIT, -l LIMIT</command></term>
<listitem>
<para>
specify the limit to the number of items to list per
page (default: 10; maximum: 100)
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--offset OFFSET, -o OFFSET</command></term>
<listitem>
<para>
specify the page offset (default: 0)
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--name NAME, -n NAME</command></term>
<listitem>
<para>
specify the secret name (default: None)
</para>
</listitem>
</varlistentry>
</variablelist>
</section>
<section xml:id="barbicanclient_subcommand_container_create">
<title>barbican container create</title>
<screen><computeroutput>usage: barbican container create [-h] [-f {json,shell,table,value,yaml}]
[-c COLUMN] [--max-width &lt;integer&gt;]
[--noindent] [--prefix PREFIX] [--name NAME]
[--type TYPE] [--secret SECRET]</computeroutput></screen>
<para>
Store a container in Barbican.
</para> <variablelist wordsize="10">
<title>Optional arguments</title>
<varlistentry>
<term><command>-h, --help</command></term>
<listitem>
<para>
show this help message and exit
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--name NAME, -n NAME</command></term>
<listitem>
<para>
a human-friendly name.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--type TYPE</command></term>
<listitem>
<para>
type of container to create (default: generic).
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--secret SECRET, -s SECRET</command></term>
<listitem>
<para>
one secret to store in a container (can be set
multiple times). Example: --secret
"private_key=https://url.test/v1/secrets/1-2-3-4"
</para>
</listitem>
</varlistentry>
</variablelist>
</section>
<section xml:id="barbicanclient_subcommand_container_delete">
<title>barbican container delete</title>
<screen><computeroutput>usage: barbican container delete [-h] URI</computeroutput></screen>
<para>
Delete a container by providing its href.
</para> <variablelist wordsize="10">
<title>Positional arguments</title>
<varlistentry>
<term><command>URI</command></term>
<listitem>
<para>
The URI reference for the container
</para>
</listitem>
</varlistentry>
</variablelist>
<variablelist wordsize="10">
<title>Optional arguments</title>
<varlistentry>
<term><command>-h, --help</command></term>
<listitem>
<para>
show this help message and exit
</para>
</listitem>
</varlistentry>
</variablelist>
</section>
<section xml:id="barbicanclient_subcommand_container_get">
<title>barbican container get</title>
<screen><computeroutput>usage: barbican container get [-h] [-f {json,shell,table,value,yaml}]
[-c COLUMN] [--max-width &lt;integer&gt;] [--noindent]
[--prefix PREFIX]
URI</computeroutput></screen>
<para>
Retrieve a container by providing its URI.
</para> <variablelist wordsize="10">
<title>Positional arguments</title>
<varlistentry>
<term><command>URI</command></term>
<listitem>
<para>
The URI reference for the container.
</para>
</listitem>
</varlistentry>
</variablelist>
<variablelist wordsize="10">
<title>Optional arguments</title>
<varlistentry>
<term><command>-h, --help</command></term>
<listitem>
<para>
show this help message and exit
</para>
</listitem>
</varlistentry>
</variablelist>
</section>
<section xml:id="barbicanclient_subcommand_container_list">
<title>barbican container list</title>
<screen><computeroutput>usage: barbican container list [-h] [-f {csv,json,table,value,yaml}]
[-c COLUMN] [--max-width &lt;integer&gt;]
[--noindent]
[--quote {all,minimal,none,nonnumeric}]
[--limit LIMIT] [--offset OFFSET] [--name NAME]
[--type TYPE]</computeroutput></screen>
<para>
List containers.
</para> <variablelist wordsize="10">
<title>Optional arguments</title>
<varlistentry>
<term><command>-h, --help</command></term>
<listitem>
<para>
show this help message and exit
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--limit LIMIT, -l LIMIT</command></term>
<listitem>
<para>
specify the limit to the number of items to list per
page (default: 10; maximum: 100)
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--offset OFFSET, -o OFFSET</command></term>
<listitem>
<para>
specify the page offset (default: 0)
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--name NAME, -n NAME</command></term>
<listitem>
<para>
specify the container name (default: None)
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--type TYPE, -t TYPE</command></term>
<listitem>
<para>
specify the type filter for the list (default: None).
</para>
</listitem>
</varlistentry>
</variablelist>
</section>
<section xml:id="barbicanclient_subcommand_order_create">
<title>barbican order create</title>
<screen><computeroutput>usage: barbican order create [-h] [-f {json,shell,table,value,yaml}]
[-c COLUMN] [--max-width &lt;integer&gt;] [--noindent]
[--prefix PREFIX] [--name NAME] [--type TYPE]
[--algorithm ALGORITHM] [--bit-length BIT_LENGTH]
[--mode MODE]
[--payload-content-type PAYLOAD_CONTENT_TYPE]
[--expiration EXPIRATION]
[--request-type REQUEST_TYPE]
[--subject-dn SUBJECT_DN]
[--source-container-ref SOURCE_CONTAINER_REF]
[--ca-id CA_ID] [--profile PROFILE]
[--request-file REQUEST_FILE]</computeroutput></screen>
<para>
Create a new order.
</para> <variablelist wordsize="10">
<title>Optional arguments</title>
<varlistentry>
<term><command>-h, --help</command></term>
<listitem>
<para>
show this help message and exit
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--name NAME, -n NAME</command></term>
<listitem>
<para>
a human-friendly name.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--type TYPE, -p TYPE</command></term>
<listitem>
<para>
the type of the order to create.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--algorithm ALGORITHM, -a ALGORITHM</command></term>
<listitem>
<para>
the algorithm to be used with the requested key
(default: aes).
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--bit-length BIT_LENGTH, -b BIT_LENGTH</command></term>
<listitem>
<para>
the bit length of the requested secret key (default:
256).
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--mode MODE, -m MODE</command></term>
<listitem>
<para>
the algorithm mode to be used with the requested key
(default: cbc).
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--payload-content-type PAYLOAD_CONTENT_TYPE, -t PAYLOAD_CONTENT_TYPE</command></term>
<listitem>
<para>
the type/format of the secret to be generated
(default: application/octet-stream).
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--expiration EXPIRATION, -x EXPIRATION</command></term>
<listitem>
<para>
the expiration time for the secret in ISO 8601 format.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--request-type REQUEST_TYPE</command></term>
<listitem>
<para>
the type of the certificate request.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--subject-dn SUBJECT_DN</command></term>
<listitem>
<para>
the subject of the certificate.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--source-container-ref SOURCE_CONTAINER_REF</command></term>
<listitem>
<para>
the source of the certificate when using stored-key
requests.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--ca-id CA_ID</command></term>
<listitem>
<para>
the identifier of the CA to use for the certificate
request.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--profile PROFILE</command></term>
<listitem>
<para>
the profile of certificate to use.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--request-file REQUEST_FILE</command></term>
<listitem>
<para>
the file containing the CSR.
</para>
</listitem>
</varlistentry>
</variablelist>
</section>
<section xml:id="barbicanclient_subcommand_order_delete">
<title>barbican order delete</title>
<screen><computeroutput>usage: barbican order delete [-h] URI</computeroutput></screen>
<para>
Delete an order by providing its href.
</para> <variablelist wordsize="10">
<title>Positional arguments</title>
<varlistentry>
<term><command>URI</command></term>
<listitem>
<para>
The URI reference for the order
</para>
</listitem>
</varlistentry>
</variablelist>
<variablelist wordsize="10">
<title>Optional arguments</title>
<varlistentry>
<term><command>-h, --help</command></term>
<listitem>
<para>
show this help message and exit
</para>
</listitem>
</varlistentry>
</variablelist>
</section>
<section xml:id="barbicanclient_subcommand_order_get">
<title>barbican order get</title>
<screen><computeroutput>usage: barbican order get [-h] [-f {json,shell,table,value,yaml}] [-c COLUMN]
[--max-width &lt;integer&gt;] [--noindent]
[--prefix PREFIX]
URI</computeroutput></screen>
<para>
Retrieve an order by providing its URI.
</para> <variablelist wordsize="10">
<title>Positional arguments</title>
<varlistentry>
<term><command>URI</command></term>
<listitem>
<para>
The URI reference order.
</para>
</listitem>
</varlistentry>
</variablelist>
<variablelist wordsize="10">
<title>Optional arguments</title>
<varlistentry>
<term><command>-h, --help</command></term>
<listitem>
<para>
show this help message and exit
</para>
</listitem>
</varlistentry>
</variablelist>
</section>
<section xml:id="barbicanclient_subcommand_order_list">
<title>barbican order list</title>
<screen><computeroutput>usage: barbican order list [-h] [-f {csv,json,table,value,yaml}] [-c COLUMN]
[--max-width &lt;integer&gt;] [--noindent]
[--quote {all,minimal,none,nonnumeric}]
[--limit LIMIT] [--offset OFFSET]</computeroutput></screen>
<para>
List orders.
</para> <variablelist wordsize="10">
<title>Optional arguments</title>
<varlistentry>
<term><command>-h, --help</command></term>
<listitem>
<para>
show this help message and exit
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--limit LIMIT, -l LIMIT</command></term>
<listitem>
<para>
specify the limit to the number of items to list per
page (default: 10; maximum: 100)
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--offset OFFSET, -o OFFSET</command></term>
<listitem>
<para>
specify the page offset (default: 0)
</para>
</listitem>
</varlistentry>
</variablelist>
</section>
<section xml:id="barbicanclient_subcommand_secret_delete">
<title>barbican secret delete</title>
<screen><computeroutput>usage: barbican secret delete [-h] URI</computeroutput></screen>
<para>
Delete a secret by providing its URI.
</para> <variablelist wordsize="10">
<title>Positional arguments</title>
<varlistentry>
<term><command>URI</command></term>
<listitem>
<para>
The URI reference for the secret
</para>
</listitem>
</varlistentry>
</variablelist>
<variablelist wordsize="10">
<title>Optional arguments</title>
<varlistentry>
<term><command>-h, --help</command></term>
<listitem>
<para>
show this help message and exit
</para>
</listitem>
</varlistentry>
</variablelist>
</section>
<section xml:id="barbicanclient_subcommand_secret_get">
<title>barbican secret get</title>
<screen><computeroutput>usage: barbican secret get [-h] [-f {json,shell,table,value,yaml}] [-c COLUMN]
[--max-width &lt;integer&gt;] [--noindent]
[--prefix PREFIX] [--decrypt] [--payload]
[--payload_content_type PAYLOAD_CONTENT_TYPE]
URI</computeroutput></screen>
<para>
Retrieve a secret by providing its URI.
</para> <variablelist wordsize="10">
<title>Positional arguments</title>
<varlistentry>
<term><command>URI</command></term>
<listitem>
<para>
The URI reference for the secret.
</para>
</listitem>
</varlistentry>
</variablelist>
<variablelist wordsize="10">
<title>Optional arguments</title>
<varlistentry>
<term><command>-h, --help</command></term>
<listitem>
<para>
show this help message and exit
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--decrypt, -d</command></term>
<listitem>
<para>
if specified, retrieve the unencrypted secret data;
the data type can be specified with --payload-content-
type.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--payload, -p</command></term>
<listitem>
<para>
if specified, retrieve the unencrypted secret data;
the data type can be specified with --payload-content-
type. If the user wishes to only retrieve the value of
the payload they must add "-f value" to format
returning only the value of the payload
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--payload_content_type PAYLOAD_CONTENT_TYPE, -t PAYLOAD_CONTENT_TYPE</command></term>
<listitem>
<para>
the content type of the decrypted secret (default:
text/plain.
</para>
</listitem>
</varlistentry>
</variablelist>
</section>
<section xml:id="barbicanclient_subcommand_secret_list">
<title>barbican secret list</title>
<screen><computeroutput>usage: barbican secret list [-h] [-f {csv,json,table,value,yaml}] [-c COLUMN]
[--max-width &lt;integer&gt;] [--noindent]
[--quote {all,minimal,none,nonnumeric}]
[--limit LIMIT] [--offset OFFSET] [--name NAME]
[--algorithm ALGORITHM] [--bit-length BIT_LENGTH]
[--mode MODE]</computeroutput></screen>
<para>
List secrets.
</para> <variablelist wordsize="10">
<title>Optional arguments</title>
<varlistentry>
<term><command>-h, --help</command></term>
<listitem>
<para>
show this help message and exit
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--limit LIMIT, -l LIMIT</command></term>
<listitem>
<para>
specify the limit to the number of items to list per
page (default: 10; maximum: 100)
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--offset OFFSET, -o OFFSET</command></term>
<listitem>
<para>
specify the page offset (default: 0)
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--name NAME, -n NAME</command></term>
<listitem>
<para>
specify the secret name (default: None)
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--algorithm ALGORITHM, -a ALGORITHM</command></term>
<listitem>
<para>
the algorithm filter for the list(default: None).
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--bit-length BIT_LENGTH, -b BIT_LENGTH</command></term>
<listitem>
<para>
the bit length filter for the list (default: 0).
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--mode MODE, -m MODE</command></term>
<listitem>
<para>
the algorithm mode filter for the list (default:
None).
</para>
</listitem>
</varlistentry>
</variablelist>
</section>
<section xml:id="barbicanclient_subcommand_secret_store">
<title>barbican secret store</title>
<screen><computeroutput>usage: barbican secret store [-h] [-f {json,shell,table,value,yaml}]
[-c COLUMN] [--max-width &lt;integer&gt;] [--noindent]
[--prefix PREFIX] [--name NAME]
[--payload PAYLOAD] [--secret-type SECRET_TYPE]
[--payload-content-type PAYLOAD_CONTENT_TYPE]
[--payload-content-encoding PAYLOAD_CONTENT_ENCODING]
[--algorithm ALGORITHM] [--bit-length BIT_LENGTH]
[--mode MODE] [--expiration EXPIRATION]</computeroutput></screen>
<para>
Store a secret in Barbican.
</para> <variablelist wordsize="10">
<title>Optional arguments</title>
<varlistentry>
<term><command>-h, --help</command></term>
<listitem>
<para>
show this help message and exit
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--name NAME, -n NAME</command></term>
<listitem>
<para>
a human-friendly name.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--payload PAYLOAD, -p PAYLOAD</command></term>
<listitem>
<para>
the unencrypted secret; if provided, you must also
provide a payload_content_type
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--secret-type SECRET_TYPE, -s SECRET_TYPE</command></term>
<listitem>
<para>
the secret type; must be one of symmetric, public,
private, certificate, passphrase, opaque (default)
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--payload-content-type PAYLOAD_CONTENT_TYPE, -t PAYLOAD_CONTENT_TYPE</command></term>
<listitem>
<para>
the type/format of the provided secret data;
"text/plain" is assumed to be UTF-8; required when
--payload is supplied.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--payload-content-encoding PAYLOAD_CONTENT_ENCODING, -e PAYLOAD_CONTENT_ENCODING</command></term>
<listitem>
<para>
required if --payload-content-type is "application
/octet-stream".
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--algorithm ALGORITHM, -a ALGORITHM</command></term>
<listitem>
<para>
the algorithm (default: aes).
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--bit-length BIT_LENGTH, -b BIT_LENGTH</command></term>
<listitem>
<para>
the bit length (default: 256).
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--mode MODE, -m MODE</command></term>
<listitem>
<para>
the algorithm mode; used only for reference (default:
cbc)
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><command>--expiration EXPIRATION, -x EXPIRATION</command></term>
<listitem>
<para>
the expiration time for the secret in ISO 8601 format.
</para>
</listitem>
</varlistentry>
</variablelist>
</section>
</chapter>
View Git Blame Copy Permalink