Skip to main content
Command reference

security key-manager external barbican create-config

Suggest changes

Create a Barbican KMS configuration

Availability: This command is available to cluster and Vserver administrators at the admin privilege level.

Description

This command creates a Barbican configuration which can be enabled on a Vserver.

Parameters

-vserver <Vserver Name> - Vserver

The name of the Vserver.

-config-name <text> - Configuration Name

Each configuration must have a configuration name which is unique within a Vserver.

-key-id {scheme://(hostname|IPv4 Address|'['IPv6 Address']')…​} - Barbican Key Id

The HTTPS URL of the Barbican secret.

-application-cred-id <text> - Keystone Application Credentials ID

The ID of the Keystone application credentials.

-keystone-url {scheme://(hostname|IPv4 Address|'['IPv6 Address']')…​} - Keystone Authorization URL

The HTTPS URL of the Keystone authorization service.

[-verify {true|false}] - Verify the Barbican Host

Use this parameter to verify the authenticity of the the Barbican Host. The verify value can be either true or false.

[-verify-host {true|false}] - Verify the Barbican Host's Hostname

Use this parameter to verify the hostname of the Barbican configuration. The verify-host value can be either true or false.

[-proxy-type {http|https}] - Proxy Type

Use this parameter to specify the proxy type. The proxy-type value must be HTTP or HTTPS.

[-proxy-host <text>] - Proxy Host

Use this parameter to specify the proxy host.

[-proxy-port <integer>] - Proxy Port

Use this parameter to specify the proxy port.

[-proxy-username <text>] - Proxy Username

Use this parameter to specify the proxy username.

[-proxy-password <text>] - Proxy Password

Use this parameter to specify the proxy password.

[-timeout <integer>] - Barbican Connection Timeout in Seconds

Use this parameter to specify the timeout, in seconds, for attempting to connect to the Barbican service.

Examples

The example below creates a configuration on a node with the following details: For Vserver vsTest, configuration name: config1, Key ID: https://sample.com:5000/v3, Keystone URL: https://sample.keystone.com:5000/v3, Application Credentials ID: app_cred_id.

cluster-1::> security key-manager external barbican create-config -vserver vsTest -config-name config1 -key-id https://sample.com:5000/v3 -keystone-url https://sample.keystone.com:5000/v3 -application-cred-id app_cred_id

Enter the Barbican Key Management Service application credential secret: