Client Library for OpenStack Barbican Key Management API
Project description
# python-barbicanclient
This is a client for the [Barbican](https://github.com/stackforge/barbican)
Key Management API. There is a Python library for accessing the API
(`barbicanclient` module), and a command-line script (`keep`).
## barbicanclient - Python API
The full api is [documented in the wiki](https://github.com/cloudkeep/python-barbicanclient/wiki/Client-Usage).
### Quickstart
Store a secret in barbican using keystone for authentication:
```python
>>> from barbicanclient.common import auth
>>> from barbicanclient import client
# We'll use keystone for authentication
>>> keystone = auth.KeystoneAuthV2(auth_url='http://keystone-int.cloudkeep.io:5000/v2.0',
... username='USER', password='PASSWORD', tenant_name='TENANT')
>>> barbican = client.Client(auth_plugin=keystone)
# Let's store some sensitive data, Barbican encrypts it and stores it securely in the cloud
>>> secret_uri = barbican.secrets.store(name='Self destruction sequence',
... payload='the magic words are squeamish ossifrage',
... payload_content_type='text/plain')
# Let's look at some properties of a barbican Secret
>>> secret = barbican.secrets.get(secret_uri)
>>> print(secret.secret_ref)
u'http://api-01-int.cloudkeep.io:9311/v1/test_tenant/secrets/49496a6d-c674-4384-b208-7cf4988f84ee'
>>> print(secret.name)
Self destruction sequence
# Now let's retrieve the secret payload. Barbican decrypts it and sends it back.
>>> print(barbican.secrets.decrypt(secret.secret_ref))
the magic words are squeamish ossifrage
```
## keep - Command Line Client
Command line client configuration and usage is [documented in the wiki](https://github.com/cloudkeep/python-barbicanclient/wiki/Command-Line-Client).
```
usage: keep [-h] [--no-auth | --os-auth-url <auth-url>]
[--os-username <auth-user-name>] [--os-password <auth-password>]
[--os-tenant-name <auth-tenant-name>] [--os-tenant-id <tenant-id>]
[--endpoint <barbican-url>]
<entity> <action> ...
Command-line interface to the Barbican API.
positional arguments:
<entity> Entity used for command, e.g., order, secret.
optional arguments:
-h, --help show this help message and exit
--no-auth, -N Do not use authentication.
--os-auth-url <auth-url>, -A <auth-url>
Defaults to env[OS_AUTH_URL].
--os-username <auth-user-name>, -U <auth-user-name>
Defaults to env[OS_USERNAME].
--os-password <auth-password>, -P <auth-password>
Defaults to env[OS_PASSWORD].
--os-tenant-name <auth-tenant-name>, -T <auth-tenant-name>
Defaults to env[OS_TENANT_NAME].
--os-tenant-id <tenant-id>, -I <tenant-id>
Defaults to env[OS_TENANT_ID].
--endpoint <barbican-url>, -E <barbican-url>
Defaults to env[BARBICAN_ENDPOINT].
subcommands:
Action to perform
<action>
create Create a new order.
store Store a secret in barbican.
get Retrieve a secret or an order by providing its URI.
list List secrets or orders
delete Delete a secret or an order by providing its href.
```
This is a client for the [Barbican](https://github.com/stackforge/barbican)
Key Management API. There is a Python library for accessing the API
(`barbicanclient` module), and a command-line script (`keep`).
## barbicanclient - Python API
The full api is [documented in the wiki](https://github.com/cloudkeep/python-barbicanclient/wiki/Client-Usage).
### Quickstart
Store a secret in barbican using keystone for authentication:
```python
>>> from barbicanclient.common import auth
>>> from barbicanclient import client
# We'll use keystone for authentication
>>> keystone = auth.KeystoneAuthV2(auth_url='http://keystone-int.cloudkeep.io:5000/v2.0',
... username='USER', password='PASSWORD', tenant_name='TENANT')
>>> barbican = client.Client(auth_plugin=keystone)
# Let's store some sensitive data, Barbican encrypts it and stores it securely in the cloud
>>> secret_uri = barbican.secrets.store(name='Self destruction sequence',
... payload='the magic words are squeamish ossifrage',
... payload_content_type='text/plain')
# Let's look at some properties of a barbican Secret
>>> secret = barbican.secrets.get(secret_uri)
>>> print(secret.secret_ref)
u'http://api-01-int.cloudkeep.io:9311/v1/test_tenant/secrets/49496a6d-c674-4384-b208-7cf4988f84ee'
>>> print(secret.name)
Self destruction sequence
# Now let's retrieve the secret payload. Barbican decrypts it and sends it back.
>>> print(barbican.secrets.decrypt(secret.secret_ref))
the magic words are squeamish ossifrage
```
## keep - Command Line Client
Command line client configuration and usage is [documented in the wiki](https://github.com/cloudkeep/python-barbicanclient/wiki/Command-Line-Client).
```
usage: keep [-h] [--no-auth | --os-auth-url <auth-url>]
[--os-username <auth-user-name>] [--os-password <auth-password>]
[--os-tenant-name <auth-tenant-name>] [--os-tenant-id <tenant-id>]
[--endpoint <barbican-url>]
<entity> <action> ...
Command-line interface to the Barbican API.
positional arguments:
<entity> Entity used for command, e.g., order, secret.
optional arguments:
-h, --help show this help message and exit
--no-auth, -N Do not use authentication.
--os-auth-url <auth-url>, -A <auth-url>
Defaults to env[OS_AUTH_URL].
--os-username <auth-user-name>, -U <auth-user-name>
Defaults to env[OS_USERNAME].
--os-password <auth-password>, -P <auth-password>
Defaults to env[OS_PASSWORD].
--os-tenant-name <auth-tenant-name>, -T <auth-tenant-name>
Defaults to env[OS_TENANT_NAME].
--os-tenant-id <tenant-id>, -I <tenant-id>
Defaults to env[OS_TENANT_ID].
--endpoint <barbican-url>, -E <barbican-url>
Defaults to env[BARBICAN_ENDPOINT].
subcommands:
Action to perform
<action>
create Create a new order.
store Store a secret in barbican.
get Retrieve a secret or an order by providing its URI.
list List secrets or orders
delete Delete a secret or an order by providing its href.
```
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Close
Hashes for python-barbicanclient-0.4.1.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 5282be681ec8a804fc507c9a3de5603bbfe439e821a44ff613bbeba0f1cf25a7 |
|
MD5 | 009e6b7d15dccc508fd2faa326f3eaf6 |
|
BLAKE2b-256 | 674153aae52d25eafce382cdd0a440676638d078c4dd59fd00577cb37985f7e4 |