diff options
Diffstat (limited to 'docs')
-rw-r--r-- | docs/api.rst | 8 | ||||
-rw-r--r-- | docs/api_swagger.json | 317 | ||||
-rw-r--r-- | docs/apiswagger.rst | 745 | ||||
-rw-r--r-- | docs/architecture.rst | 27 | ||||
-rw-r--r-- | docs/index.rst | 38 | ||||
-rw-r--r-- | docs/installation.rst | 32 | ||||
-rw-r--r-- | docs/release_notes.rst | 27 | ||||
-rw-r--r-- | docs/usage.rst | 75 |
8 files changed, 457 insertions, 812 deletions
diff --git a/docs/api.rst b/docs/api.rst new file mode 100644 index 0000000..f2afed7 --- /dev/null +++ b/docs/api.rst @@ -0,0 +1,8 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 International License. +.. http://creativecommons.org/licenses/by/4.0 +.. Copyright 2018 Intel Corporation, Inc + +Secret Management Service API +============================= + +.. swaggerv2doc:: api_swagger.json diff --git a/docs/api_swagger.json b/docs/api_swagger.json new file mode 100644 index 0000000..6d06878 --- /dev/null +++ b/docs/api_swagger.json @@ -0,0 +1,317 @@ +{ + "swagger": "2.0", + "info": { + "description": "This is a service that provides secret management facilities", + "version": "1.0.0", + "title": "Secret Management Service", + "contact": { + "email": "kiran.k.kamineni@intel.com" + }, + "license": { + "name": "Apache 2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0.html" + } + }, + "host": "aaf.onap.org:10443", + "basePath": "/v1/sms/", + "tags": [ + { + "name": "domain", + "description": "Operations related to Secret Domains" + }, + { + "name": "secret", + "description": "Operations related to Secrets" + } + ], + "schemes": [ + "https" + ], + "paths": { + "/domain": { + "post": { + "tags": [ + "domain" + ], + "summary": "Add a new domain", + "description": "", + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/Domain" + } + } + ], + "responses": { + "201": { + "description": "Successful Creation", + "schema": { + "$ref": "#/definitions/Domain" + } + }, + "400": { + "description": "Invalid input" + }, + "500": { + "description": "Internal Server Error" + } + } + } + }, + "/domain/{domainName}": { + "delete": { + "tags": [ + "domain" + ], + "description": "Deletes a domain with provided name", + "summary": "Deletes a domain by name", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "domainName", + "in": "path", + "description": "Name of the domain", + "required": true, + "type": "string" + } + ], + "responses": { + "204": { + "description": "Successful Deletion" + }, + "404": { + "description": "Invalid Path or Path not found" + } + } + } + }, + "/domain/{domainName}/secret": { + "post": { + "tags": [ + "secret" + ], + "summary": "Add a new secret", + "description": "", + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "domainName", + "in": "path", + "description": "Name of the domain", + "required": true, + "type": "string" + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/Secret" + } + } + ], + "responses": { + "201": { + "description": "Successful Creation" + }, + "404": { + "description": "Invalid Path or Path not found" + } + } + }, + "get": { + "tags": [ + "secret" + ], + "description": "Gets all secret names in this domain", + "summary": "List secret Names in this domain", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "domainName", + "in": "path", + "description": "Name of the domain in which to look at", + "required": true, + "type": "string" + } + ], + "responses": { + "200": { + "description": "Successful operation", + "schema": { + "type": "object", + "properties": { + "secretnames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Array of strings referencing the secret names" + } + }, + "example": { + "secretnames": [ + "secretname1", + "secretname2", + "secretname3" + ] + } + } + }, + "404": { + "description": "Invalid Path or Path not found" + } + } + } + }, + "/domain/{domainName}/secret/{secretName}": { + "get": { + "tags": [ + "secret" + ], + "summary": "Find Secret by Name", + "description": "Returns a single secret", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "domainName", + "in": "path", + "description": "Name of the domain in which to look at", + "required": true, + "type": "string" + }, + { + "name": "secretName", + "in": "path", + "description": "Name of the secret which is needed", + "required": true, + "type": "string" + } + ], + "responses": { + "200": { + "description": "successful operation", + "schema": { + "$ref": "#/definitions/Secret" + } + }, + "404": { + "description": "Invalid Path or Path not found" + } + } + }, + "delete": { + "tags": [ + "secret" + ], + "summary": "Deletes a Secret", + "description": "", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "secretName", + "in": "path", + "description": "Name of Secret to Delete", + "required": true, + "type": "string" + }, + { + "name": "domainName", + "in": "path", + "required": true, + "description": "Path to the SecretDomain which contains the Secret", + "type": "string" + } + ], + "responses": { + "204": { + "description": "Successful Deletion" + }, + "404": { + "description": "Invalid Path or Path not found" + } + } + } + } + }, + "securityDefinitions": { + "token": { + "type": "apiKey", + "name": "token", + "in": "header" + } + }, + "definitions": { + "Credential": { + "type": "object", + "properties": { + "username": { + "type": "string" + }, + "password": { + "type": "string" + } + } + }, + "Domain": { + "type": "object", + "properties": { + "uuid": { + "type": "string", + "description": "Optional value provided by user. If user does not provide, server will auto generate" + }, + "name": { + "type": "string", + "description": "Name of the secret domain under which all secrets will be stored" + } + } + }, + "Secret": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of the secret" + }, + "values": { + "description": "Map of key value pairs that constitute the secret", + "type": "object", + "additionalProperties": { + "type": "object" + }, + "example": { + "name": "john", + "Age": 40, + "admin": true + } + } + } + } + }, + "externalDocs": { + "description": "Find out more about Swagger", + "url": "http://swagger.io" + } +}
\ No newline at end of file diff --git a/docs/apiswagger.rst b/docs/apiswagger.rst deleted file mode 100644 index e35c6e8..0000000 --- a/docs/apiswagger.rst +++ /dev/null @@ -1,745 +0,0 @@ -SMS 1.0.0 API -=============================== - -.. toctree:: - :maxdepth: 3 - - -Description -~~~~~~~~~~~ - -This is a service that provides secret management facilities - - - -Contact Information -~~~~~~~~~~~~~~~~~~~ - - - -kiran.k.kamineni@intel.com - - - - - -License -~~~~~~~ - - -`Apache 2.0 <http://www.apache.org/licenses/LICENSE-2.0.html>`_ - - - - -Base URL -~~~~~~~~ - -https://aaf.onap.org:10443/v1/sms/ - -Security -~~~~~~~~ - - -.. _securities_token: - -token (API Key) ---------------- - - - -**Name:** token - -**Located in:** header - - - - -DOMAIN -~~~~~~ - - -Operations related to Secret Domains - - - - - -DELETE ``/domain/{domainName}`` -------------------------------- - - -Summary -+++++++ - -Deletes a domain by name - -Description -+++++++++++ - -.. raw:: html - - Deletes a domain with provided name - -Parameters -++++++++++ - -.. csv-table:: - :delim: | - :header: "Name", "Located in", "Required", "Type", "Format", "Properties", "Description" - :widths: 20, 15, 10, 10, 10, 20, 30 - - domainName | path | Yes | string | | | Name of the domain - - -Request -+++++++ - - -Responses -+++++++++ - -**204** -^^^^^^^ - -Successful Deletion - - -**404** -^^^^^^^ - -Invalid Path or Path not found - - - - - - -POST ``/domain`` ----------------- - - -Summary -+++++++ - -Add a new domain - - - -Request -+++++++ - - - -.. _d_c7bdcff9aff0692da98e588abdbc895b: - -Body -^^^^ - -.. csv-table:: - :delim: | - :header: "Name", "Required", "Type", "Format", "Properties", "Description" - :widths: 20, 10, 15, 15, 30, 25 - - name | No | string | | | Name of the secret domain under which all secrets will be stored - uuid | No | string | | | Optional value provided by user. If user does not provide, server will auto generate - -.. code-block:: javascript - - { - "name": "somestring", - "uuid": "somestring" - } - -Responses -+++++++++ - -**201** -^^^^^^^ - -Successful Creation - - -Type: :ref:`Domain <d_c7bdcff9aff0692da98e588abdbc895b>` - -**Example:** - -.. code-block:: javascript - - { - "name": "somestring", - "uuid": "somestring" - } - -**400** -^^^^^^^ - -Invalid input - - -**500** -^^^^^^^ - -Internal Server Error - - - - - -LOGIN -~~~~~ - - -Operations related to username password based authentication - - - - - -POST ``/login`` ---------------- - - -Summary -+++++++ - -Login with username and password - -Description -+++++++++++ - -.. raw:: html - - Operations related to logging in via username and Password - - -Request -+++++++ - - - -.. _d_8e36d758bad367e4538a291a5dd5355f: - -Body -^^^^ - -.. csv-table:: - :delim: | - :header: "Name", "Required", "Type", "Format", "Properties", "Description" - :widths: 20, 10, 15, 15, 30, 25 - - password | No | string | | | - username | No | string | | | - -.. code-block:: javascript - - { - "password": "somestring", - "username": "somestring" - } - -Responses -+++++++++ - -**200** -^^^^^^^ - -Successful Login returns a token - - -.. _i_bbceffdf8441c1c476ca77c42ad12f85: - -**Response Schema:** - -.. csv-table:: - :delim: | - :header: "Name", "Required", "Type", "Format", "Properties", "Description" - :widths: 20, 10, 15, 15, 30, 25 - - token | No | string | | | - ttl | No | integer | | | ttl of returned token in seconds - - -**Example:** - -.. code-block:: javascript - - { - "token": "somestring", - "ttl": 1 - } - -**404** -^^^^^^^ - -Invalid Username or Password - - - - - -SECRET -~~~~~~ - - -Operations related to Secrets - - - - - -DELETE ``/domain/{domainName}/secret/{secretName}`` ---------------------------------------------------- - - -Summary -+++++++ - -Deletes a Secret - - -Parameters -++++++++++ - -.. csv-table:: - :delim: | - :header: "Name", "Located in", "Required", "Type", "Format", "Properties", "Description" - :widths: 20, 15, 10, 10, 10, 20, 30 - - secretName | path | Yes | string | | | Name of Secret to Delete - domainName | path | Yes | string | | | Path to the SecretDomain which contains the Secret - - -Request -+++++++ - - -Responses -+++++++++ - -**204** -^^^^^^^ - -Successful Deletion - - -**404** -^^^^^^^ - -Invalid Path or Path not found - - - - - - -GET ``/domain/{domainName}/secret`` ------------------------------------ - - -Summary -+++++++ - -List secret Names in this domain - -Description -+++++++++++ - -.. raw:: html - - Gets all secret names in this domain - -Parameters -++++++++++ - -.. csv-table:: - :delim: | - :header: "Name", "Located in", "Required", "Type", "Format", "Properties", "Description" - :widths: 20, 15, 10, 10, 10, 20, 30 - - domainName | path | Yes | string | | | Name of the domain in which to look at - - -Request -+++++++ - - -Responses -+++++++++ - -**200** -^^^^^^^ - -Successful operation - - -.. _i_1dcddfd6f11cba3fb2516d3a61cd1b77: - -**Response Schema:** - -.. csv-table:: - :delim: | - :header: "Name", "Required", "Type", "Format", "Properties", "Description" - :widths: 20, 10, 15, 15, 30, 25 - - secretnames | No | array of string | | | Array of strings referencing the secret names - - -**Example:** - -.. code-block:: javascript - - { - "secretnames": [ - "secretname1", - "secretname2", - "secretname3" - ] - } - -**404** -^^^^^^^ - -Invalid Path or Path not found - - - - - - -GET ``/domain/{domainName}/secret/{secretName}`` ------------------------------------------------- - - -Summary -+++++++ - -Find Secret by Name - -Description -+++++++++++ - -.. raw:: html - - Returns a single secret - -Parameters -++++++++++ - -.. csv-table:: - :delim: | - :header: "Name", "Located in", "Required", "Type", "Format", "Properties", "Description" - :widths: 20, 15, 10, 10, 10, 20, 30 - - domainName | path | Yes | string | | | Name of the domain in which to look at - secretName | path | Yes | string | | | Name of the secret which is needed - - -Request -+++++++ - - -Responses -+++++++++ - -**200** -^^^^^^^ - -successful operation - - -Type: :ref:`Secret <d_5e5fddd9ede6eb091e8496a9c55b84c3>` - -**Example:** - -.. code-block:: javascript - - { - "name": "somestring", - "values": { - "Age": 40, - "admin": true, - "name": "john" - } - } - -**404** -^^^^^^^ - -Invalid Path or Path not found - - - - - - -POST ``/domain/{domainName}/secret`` ------------------------------------- - - -Summary -+++++++ - -Add a new secret - - -Parameters -++++++++++ - -.. csv-table:: - :delim: | - :header: "Name", "Located in", "Required", "Type", "Format", "Properties", "Description" - :widths: 20, 15, 10, 10, 10, 20, 30 - - domainName | path | Yes | string | | | Name of the domain - - -Request -+++++++ - - - -.. _d_5e5fddd9ede6eb091e8496a9c55b84c3: - -Body -^^^^ - -.. csv-table:: - :delim: | - :header: "Name", "Required", "Type", "Format", "Properties", "Description" - :widths: 20, 10, 15, 15, 30, 25 - - name | No | string | | | Name of the secret - values | No | :ref:`values <i_a9213c9639162b77082e257e19cca0d0>` | | | Map of key value pairs that constitute the secret - -.. _i_a9213c9639162b77082e257e19cca0d0: - -**Values schema:** - - -Map of key value pairs that constitute the secret - -Map of {"key":":ref:`values-mapped <m_4d863967ef9a9d9efdadd1b250c76bd6>`"} - -.. csv-table:: - :delim: | - :header: "Name", "Required", "Type", "Format", "Properties", "Description" - :widths: 20, 10, 15, 15, 30, 25 - - - -.. code-block:: javascript - - { - "name": "somestring", - "values": { - "Age": 40, - "admin": true, - "name": "john" - } - } - -Responses -+++++++++ - -**201** -^^^^^^^ - -Successful Creation - - -**404** -^^^^^^^ - -Invalid Path or Path not found - - - - - -SYSTEM -~~~~~~ - - -Operations related to quorum client which are not useful to clients - - - - - -GET ``/status`` ---------------- - - -Summary -+++++++ - -Get backend status - -Description -+++++++++++ - -.. raw:: html - - Gets current backend status. This API is used only by quorum clients - - -Request -+++++++ - - -Responses -+++++++++ - -**200** -^^^^^^^ - -Successful operation - - -.. _i_ac1bc8e82eadbd8c03f852e15be4d03b: - -**Response Schema:** - -.. csv-table:: - :delim: | - :header: "Name", "Required", "Type", "Format", "Properties", "Description" - :widths: 20, 10, 15, 15, 30, 25 - - sealstatus | No | string | | | seal status of backend - - -**Example:** - -.. code-block:: javascript - - { - "sealstatus": "somestring" - } - -**404** -^^^^^^^ - -Invalid Path or Path not found - - - - - - -POST ``/unseal`` ----------------- - - -Summary -+++++++ - -Unseal backend - -Description -+++++++++++ - -.. raw:: html - - Sends unseal shard to unseal if backend is sealed - - -Request -+++++++ - - - -.. _i_9d32e021ba68855cbb6e633520b7cd2d: - -Body -^^^^ - -.. csv-table:: - :delim: | - :header: "Name", "Required", "Type", "Format", "Properties", "Description" - :widths: 20, 10, 15, 15, 30, 25 - - unsealshard | No | string | | | Unseal shard that will be used along with other shards to unseal backend - -.. code-block:: javascript - - { - "unsealshard": "somestring" - } - -Responses -+++++++++ - -**201** -^^^^^^^ - -Submitted unseal key - - -**404** -^^^^^^^ - -Invalid Path or Path not found - - - - - -Data Structures -~~~~~~~~~~~~~~~ - -.. _d_8e36d758bad367e4538a291a5dd5355f: - -Credential Model Structure --------------------------- - -.. csv-table:: - :delim: | - :header: "Name", "Required", "Type", "Format", "Properties", "Description" - :widths: 20, 10, 15, 15, 30, 25 - - password | No | string | | | - username | No | string | | | - -.. _d_c7bdcff9aff0692da98e588abdbc895b: - -Domain Model Structure ----------------------- - -.. csv-table:: - :delim: | - :header: "Name", "Required", "Type", "Format", "Properties", "Description" - :widths: 20, 10, 15, 15, 30, 25 - - name | No | string | | | Name of the secret domain under which all secrets will be stored - uuid | No | string | | | Optional value provided by user. If user does not provide, server will auto generate - -.. _d_5e5fddd9ede6eb091e8496a9c55b84c3: - -Secret Model Structure ----------------------- - -.. csv-table:: - :delim: | - :header: "Name", "Required", "Type", "Format", "Properties", "Description" - :widths: 20, 10, 15, 15, 30, 25 - - name | No | string | | | Name of the secret - values | No | :ref:`values <i_a9213c9639162b77082e257e19cca0d0>` | | | Map of key value pairs that constitute the secret - -.. _i_a9213c9639162b77082e257e19cca0d0: - -**Values schema:** - - -Map of key value pairs that constitute the secret - -Map of {"key":":ref:`values-mapped <m_4d863967ef9a9d9efdadd1b250c76bd6>`"} - -.. csv-table:: - :delim: | - :header: "Name", "Required", "Type", "Format", "Properties", "Description" - :widths: 20, 10, 15, 15, 30, 25 - - - diff --git a/docs/architecture.rst b/docs/architecture.rst new file mode 100644 index 0000000..3055ae3 --- /dev/null +++ b/docs/architecture.rst @@ -0,0 +1,27 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 International License. +.. http://creativecommons.org/licenses/by/4.0 +.. Copyright 2018 Intel Corporation, Inc + +Architecture +============ + +This project aims at the Storage of sensitive information such as passwords, username, and tokens. + +**Current state and gaps** + +Many services in ONAP use password based authentication. Eg: Database servers, publish/subscribe brokers etc. +Passwords are stored in plain text files in many services. +With multiple instances of these services, the attack surface area becomes very big. +Hence there is a need to ensure that attack surface related to password exposure is reduced. + +**Requirement:** + +Need for Secure Secret Management. +Services are expected to get the secret only on needed basis using secret reference and remove the secrets once they are used up. + +**Secret Service High Level Flow Diagram** + +.. image:: sms_high_level.png + :width: 900px + :height: 400px + :alt: SMS Flow Diagram diff --git a/docs/index.rst b/docs/index.rst index 5f17a04..b971e9c 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -2,36 +2,20 @@ .. http://creativecommons.org/licenses/by/4.0 .. Copyright 2018 Intel Corporation, Inc -SMS-Secret Management Service -================================== +Secret Management Service (SMS) +=============================== -.. toctree:: - :maxdepth: 1 - - installation - usage - apiswagger +.. include:: architecture.rst +.. include:: installation.rst +.. include:: usage.rst - -Introduction +Offered APIs ------------ +The full API documentation is here: -This project aims at the Storage of sensitive information such as passwords. - -**Current state and gaps** - -Many services in ONAP use password based authentication. Eg: Database servers, publish/subscribe brokers etc. -Passwords are stored in plain text files in many services. -With multiple instances of these services, the attach surface area becomes very big. -Hence there is a need to ensure that attack surface related to password exposure is reduced. - -**Requirement:** - -Need for secure secret management. Services are expected to get the secret only on needed basis using secret reference and remove the secrets once they are used up. +.. toctree:: + :maxdepth: 1 -**Secret Service High Level Flow Diagram** + api -.. image:: sms_high_level.png - :width: 4555550px - :height: 300px - :alt: SMS Flow Diagram +.. include:: release_notes.rst
\ No newline at end of file diff --git a/docs/installation.rst b/docs/installation.rst index b22d133..87507c0 100644 --- a/docs/installation.rst +++ b/docs/installation.rst @@ -5,29 +5,19 @@ Installation ============ -The Secret Managment Project is a subproject of AAF and will deployed via Helm on Kubernetes -under the OOM Project +**Kubernetes** + +The Secret Managment Service project is a sub-project of AAF and will be deployed via Helm on Kubernetes +under the OOM Project umbrella. It will be automatically installed when the AAF chart is installed. + +**Standalone Install on Bare-Metal or VM** + +A script for doing a standalone install is provided in the repository +Run it as below: .. code-block:: console - # Set Datastore as Consul - DATASTORE="consul" - # Set IP address of where Consul is running - DATASTORE_IP="localhost" - # Set mountpath inside the container where persistent data is stored. - MOUNTPATH="/dkv_mount_path/configs/" - # Place all Config data which needs to be loaded in default directory. - DEFAULT_CONFIGS=$(pwd)/mountpath/default - # Create the directories. - mkdir -p mountpath/default - # Login to Nexus. - docker login -u docker -p docker nexus3.onap.org:10001 - # Pull distributed-kv-store image. - docker pull nexus3.onap.org:10001/onap/music/distributed-kv-store - # Run the distributed-kv-store image. - docker run -e DATASTORE=$DATASTORE -e DATASTORE_IP=$DATASTORE_IP -e MOUNTPATH=$MOUNTPATH -d \ - --name dkv \ - -v $DEFAULT_CONFIGS:/dkv_mount_path/configs/default \ - -p 8200:8200 -p 8080:8080 nexus3.onap.org:10001/onap/music/distributed-kv-store + cd sms-service/bin/deploy + sms.sh start .. end diff --git a/docs/release_notes.rst b/docs/release_notes.rst new file mode 100644 index 0000000..9da9d93 --- /dev/null +++ b/docs/release_notes.rst @@ -0,0 +1,27 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 International License. +.. http://creativecommons.org/licenses/by/4.0 +.. Copyright (c) 2018 Intel Corp, Inc. + +Release Notes +============= + +Version: 2.0.0 +-------------- + +:Release Date: 2018-06-25 + +**New Features** + +The Beijing Release is the first release of the Secret Management Service + +**Bug Fixes** + + - The full list of implemented user stories, epics and bugs is available on `Beijing Release <https://jira.onap.org/projects/AAF/versions/10370>` + +**Upgrade Notes** + + Not applicable as this is a first release + +=========== + +End of Release Notes diff --git a/docs/usage.rst b/docs/usage.rst index b35e9b5..ee46458 100644 --- a/docs/usage.rst +++ b/docs/usage.rst @@ -2,22 +2,34 @@ .. http://creativecommons.org/licenses/by/4.0 .. Copyright 2018 Intel Corporation, Inc -Typical Usage Scenario -====================== +Usage Scenario +============== + +**Create a Domain** + +This is the root where you will store your secrets. .. code-block:: guess - ## Create a Domain - ## This is where all your secrets will be stored - curl -H "Accept: application/json" --cacert ca.pem --cert client.cert --key client.key + curl -H "Accept: application/json" --cacert ca.pem --cert client.cert --key client.key -X POST \ -d '{ "name": "mysecretdomain" }' - https://sms:10443/v1/sms/domain + https://aaf-sms.onap:10443/v1/sms/domain - ## Add a new Secret - curl -H "Accept: application/json" --cacert ca.pem --cert client.cert --key client.key +.. end + +--------------- + +**Add a new Secret** + +Store a new secret in your created Domain. +Secrets have a name and a map containing key value pairs. + +.. code-block:: guess + + curl -H "Accept: application/json" --cacert ca.pem --cert client.cert --key client.key -X POST \ -d '{ "name": "mysecret", @@ -27,28 +39,53 @@ Typical Usage Scenario "password": "mypassword" } }' - https://sms:10443/v1/sms/domain/<domaincurltestdomain/secret + https://aaf-sms.onap:10443/v1/sms/domain/<PREVIOUSLY CREATED DOMAIN NAME>/secret + +.. end + +--------------- +**List all Secret Names in a Domain** + +.. code-block:: guess - ## List all Secrets under a Domain curl -H "Accept: application/json" --cacert ca.pem --cert client.cert --key client.key -X GET \ - https://sms:10443/v1/sms/domain/curltestdomain/secret + https://aaf-sms.onap:10443/v1/sms/domain/<PREVIOUSLY CREATED DOMAIN NAME>/secret + +.. end + +--------------- + +**Get a previously stored Secret from Domain** + +.. code-block:: guess - ## Get a Secret in a Domain curl -H "Accept: application/json" --cacert ca.pem --cert client.cert --key client.key -X GET \ - https://sms:10443/v1/sms/domain/curltestdomain/secret/curltestsecret1 + https://aaf-sms.onap:10443/v1/sms/domain/<PREVIOUSLY CREATED DOMAIN NAME>/secret/<PREVIOUSLY CREATED SECRET NAME> + +.. end + +--------------- + +**Delete a Secret in specified Domain** + +.. code-block:: guess - ## Delete a Secret in specified Domain curl -H "Accept: application/json" --cacert ca.pem --cert client.cert --key client.key -X DELETE \ - https://sms:10443/v1/sms/domain/curltestdomain/secret/curltestsecret1 + https://aaf-sms.onap:10443/v1/sms/domain/<PREVIOUSLY CREATED DOMAIN NAME>/secret/<PREVIOUSLY CREATED SECRET NAME> + +.. end + +--------------- + +**Delete a Domain** + +.. code-block:: guess - ## Delete a Domain - ## This will delete all the secrets in that Domain curl -H "Accept: application/json" --cacert ca.pem --cert client.cert --key client.key -X DELETE \ - https://sms:10443/v1/sms/domain/curltestdomain - + https://aaf-sms.onap:10443/v1/sms/domain/<PREVIOUSLY CREATED DOMAIN NAME> .. end |