Blame - models/common/src/main/yang/ietf-snmp-vacm@2014-12-10.yang - onos

blob: c3e659ca86669a84aa184b9032f55d191bf3d31d [file] [log] [blame]

Gaurav Agrawal	28920d8	2017-10-06 17:39:42 +0530	[diff] [blame]	1	submodule ietf-snmp-vacm {
				2
				3	belongs-to ietf-snmp {
				4	prefix snmp;
				5	}
				6
				7	include ietf-snmp-common;
				8
				9	organization
				10	"IETF NETMOD (NETCONF Data Modeling Language) Working Group";
				11
				12	contact
				13	"WG Web: <http://tools.ietf.org/wg/netmod/>
				14	WG List: <mailto:netmod@ietf.org>
				15
				16	WG Chair: Thomas Nadeau
				17	<mailto:tnadeau@lucidvision.com>
				18
				19	WG Chair: Juergen Schoenwaelder
				20	<mailto:j.schoenwaelder@jacobs-university.de>
				21
				22	Editor: Martin Bjorklund
				23	<mailto:mbj@tail-f.com>
				24
				25	Editor: Juergen Schoenwaelder
				26	<mailto:j.schoenwaelder@jacobs-university.de>";
				27
				28	description
				29	"This submodule contains a collection of YANG definitions
				30	for configuring the View-based Access Control Model (VACM)
				31	of SNMP.
				32
				33	Copyright (c) 2014 IETF Trust and the persons identified as
				34	authors of the code. All rights reserved.
				35
				36	Redistribution and use in source and binary forms, with or
				37	without modification, is permitted pursuant to, and subject
				38	to the license terms contained in, the Simplified BSD License
				39	set forth in Section 4.c of the IETF Trust's Legal Provisions
				40	Relating to IETF Documents
				41	(http://trustee.ietf.org/license-info).
				42
				43	This version of this YANG module is part of RFC 7407; see
				44	the RFC itself for full legal notices.";
				45
				46	reference
				47	"RFC 3415: View-based Access Control Model (VACM) for the
				48	Simple Network Management Protocol (SNMP)";
				49
				50	revision 2014-12-10 {
				51	description
				52	"Initial revision.";
				53	reference
				54	"RFC 7407: A YANG Data Model for SNMP Configuration";
				55	}
				56
				57	typedef view-name {
				58	type snmp:identifier;
				59	description
				60	"The view-name type represents an SNMP VACM view name.";
				61	}
				62
				63	typedef group-name {
				64	type snmp:identifier;
				65	description
				66	"The group-name type represents an SNMP VACM group name.";
				67	}
				68
				69	augment /snmp:snmp {
				70
				71	container vacm {
				72	description
				73	"Configuration of the View-based Access Control Model.";
				74
				75	list group {
				76	key name;
				77	description
				78	"VACM groups.
				79
				80	This data model has a different structure than the MIB.
				81	Groups are explicitly defined in this list, and group
				82	members are defined in the 'member' list (mapped to
				83	vacmSecurityToGroupTable), and access for the group is
				84	defined in the 'access' list (mapped to
				85	vacmAccessTable).";
				86	reference
				87	"RFC 3415: View-based Access Control Model (VACM) for the
				88	Simple Network Management Protocol (SNMP).
				89	SNMP-VIEW-BASED-ACM-MIB.vacmSecurityToGroupTable
				90	SNMP-VIEW-BASED-ACM-MIB.vacmAccessTable";
				91
				92	leaf name {
				93	type group-name;
				94	description
				95	"The name of this VACM group.";
				96	reference
				97	"RFC 3415: View-based Access Control Model (VACM) for the
				98	Simple Network Management Protocol (SNMP).
				99	SNMP-VIEW-BASED-ACM-MIB.vacmGroupName";
				100	}
				101
				102	list member {
				103	key "security-name";
				104	description
				105	"A member of this VACM group.
				106
				107	A specific combination of security-name and
				108	security-model MUST NOT be present in more than
				109	one group.";
				110	reference
				111	"RFC 3415: View-based Access Control Model (VACM) for the
				112	Simple Network Management Protocol (SNMP).
				113	SNMP-VIEW-BASED-ACM-MIB.vacmSecurityToGroupTable";
				114
				115	leaf security-name {
				116	type snmp:security-name;
				117	description
				118	"The securityName of a group member.";
				119	reference
				120	"RFC 3415: View-based Access Control Model (VACM) for
				121	the Simple Network Management Protocol (SNMP).
				122	SNMP-VIEW-BASED-ACM-MIB.vacmSecurityName";
				123	}
				124
				125	leaf-list security-model {
				126	type snmp:security-model;
				127	min-elements 1;
				128	description
				129	"The security models under which this security-name
				130	is a member of this group.";
				131	reference
				132	"RFC 3415: View-based Access Control Model (VACM) for
				133	the Simple Network Management Protocol (SNMP).
				134	SNMP-VIEW-BASED-ACM-MIB.vacmSecurityModel";
				135	}
				136	}
				137
				138	list access {
				139	key "context security-model security-level";
				140	description
				141	"Definition of access right for groups.";
				142	reference
				143	"RFC 3415: View-based Access Control Model (VACM) for
				144	the Simple Network Management Protocol (SNMP).
				145	SNMP-VIEW-BASED-ACM-MIB.vacmAccessTable";
				146
				147	leaf context {
				148	type snmp:context-name;
				149	description
				150	"The context (prefix) under which the access rights
				151	apply.";
				152	reference
				153	"RFC 3415: View-based Access Control Model (VACM) for
				154	the Simple Network Management Protocol (SNMP).
				155	SNMP-VIEW-BASED-ACM-MIB.vacmAccessContextPrefix";
				156	}
				157
				158	leaf context-match {
				159	type enumeration {
				160	enum exact { value 1; }
				161	enum prefix { value 2; }
				162	}
				163	default exact;
				164	reference
				165	"RFC 3415: View-based Access Control Model (VACM) for
				166	the Simple Network Management Protocol (SNMP).
				167	SNMP-VIEW-BASED-ACM-MIB.vacmAccessContextMatch";
				168	}
				169
				170	leaf security-model {
				171	type snmp:security-model-or-any;
				172	description
				173	"The security model under which the access rights
				174	apply.";
				175	reference
				176	"RFC 3415: View-based Access Control Model (VACM) for
				177	the Simple Network Management Protocol (SNMP).
				178	SNMP-VIEW-BASED-ACM-MIB.vacmAccessSecurityModel";
				179	}
				180
				181	leaf security-level {
				182	type snmp:security-level;
				183	description
				184	"The minimum security level under which the access
				185	rights apply.";
				186	reference
				187	"RFC 3415: View-based Access Control Model (VACM) for
				188	the Simple Network Management Protocol (SNMP).
				189	SNMP-VIEW-BASED-ACM-MIB.vacmAccessSecurityLevel";
				190	}
				191
				192	leaf read-view {
				193	type view-name;
				194	description
				195	"The name of the MIB view of the SNMP context
				196	authorizing read access. If this leaf does not
				197	exist in a configuration, it maps to a zero-length
				198	vacmAccessReadViewName.
				199
				200	Implementations MAY restrict the values of this
				201	leaf to be one of the available values of
				202	/snmp/vacm/view/name in a valid configuration.";
				203	reference
				204	"RFC 3415: View-based Access Control Model (VACM) for
				205	the Simple Network Management Protocol (SNMP).
				206	SNMP-VIEW-BASED-ACM-MIB.vacmAccessReadViewName";
				207	}
				208
				209	leaf write-view {
				210	type view-name;
				211	description
				212	"The name of the MIB view of the SNMP context
				213	authorizing write access. If this leaf does not
				214	exist in a configuration, it maps to a zero-length
				215	vacmAccessWriteViewName.
				216
				217	Implementations MAY restrict the values of this
				218	leaf to be one of the available values of
				219	/snmp/vacm/view/name in a valid configuration.";
				220	reference
				221	"RFC 3415: View-based Access Control Model (VACM) for
				222	the Simple Network Management Protocol (SNMP).
				223	SNMP-VIEW-BASED-ACM-MIB.vacmAccessWriteViewName";
				224	}
				225
				226	leaf notify-view {
				227	type view-name;
				228	description
				229	"The name of the MIB view of the SNMP context
				230	authorizing notify access. If this leaf does not
				231	exist in a configuration, it maps to a zero-length
				232	vacmAccessNotifyViewName.
				233
				234	Implementations MAY restrict the values of this
				235	leaf to be one of the available values of
				236	/snmp/vacm/view/name in a valid configuration.";
				237	reference
				238	"RFC 3415: View-based Access Control Model (VACM) for
				239	the Simple Network Management Protocol (SNMP).
				240	SNMP-VIEW-BASED-ACM-MIB.vacmAccessNotifyViewName";
				241	}
				242	}
				243	}
				244
				245	list view {
				246	key name;
				247	description
				248	"Definition of MIB views.";
				249	reference
				250	"RFC 3415: View-based Access Control Model (VACM) for
				251	the Simple Network Management Protocol (SNMP).
				252	SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilyTable";
				253
				254	leaf name {
				255	type view-name;
				256	description
				257	"The name of this VACM MIB view.";
				258
				259	reference
				260	"RFC 3415: View-based Access Control Model (VACM) for
				261	the Simple Network Management Protocol (SNMP).
				262	SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilyName";
				263	}
				264
				265	leaf-list include {
				266	type snmp:wildcard-object-identifier;
				267	description
				268	"A family of subtrees included in this MIB view.";
				269	reference
				270	"RFC 3415: View-based Access Control Model (VACM) for
				271	the Simple Network Management Protocol (SNMP).
				272	SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilySubtree
				273	SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilyMask
				274	SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilyType";
				275	}
				276
				277	leaf-list exclude {
				278	type snmp:wildcard-object-identifier;
				279	description
				280	"A family of subtrees excluded from this MIB view.";
				281	reference
				282	"RFC 3415: View-based Access Control Model (VACM) for
				283	the Simple Network Management Protocol (SNMP).
				284	SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilySubtree
				285	SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilyMask
				286	SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilyType";
				287	}
				288	}
				289	}
				290	}
				291	}