Amster

HsmSecretStore

Realm Operations

Resource path:

/realm-config/secrets/stores/HsmSecretStore

Resource version: 2.0

create

Usage

am> create HsmSecretStore --realm Realm --id id --body body

Parameters

--id

The unique identifier for the resource.

--body

The resource in JSON format, described by the following JSON schema:

{
  "type" : "object",
  "properties" : {
    "providerGuiceKey" : {
      "title" : "Provider Guice Key Name",
      "description" : "The name of a Guice key that can be used to obtain an initialised provider from which the HSM keystore can be obtained.",
      "propertyOrder" : 200,
      "required" : false,
      "type" : "string",
      "exampleValue" : ""
    },
    "storePassword" : {
      "title" : "HSM PIN/password secret label",
      "description" : "The secret label using which the HSM's PIN/password can be obtained. This secret label will be resolved using one of the other secret stores configured.<br> It must not start or end with the <code>.</code> character. <br>The <code>.</code> character must not be followed by another <code>.</code> character.<br>Must contain <code>a-z</code>, <code>A-Z</code>, <code>0-9</code> and <code>.</code> characters only.",
      "propertyOrder" : 300,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "leaseExpiryDuration" : {
      "title" : "Key lease expiry",
      "description" : "The amount of minutes a key can be cached from the keystore before it needs to be reloaded.",
      "propertyOrder" : 400,
      "required" : true,
      "type" : "integer",
      "exampleValue" : ""
    },
    "file" : {
      "title" : "Configuration File",
      "description" : "The file containing initialisation configuration for the HSM.",
      "propertyOrder" : 100,
      "required" : false,
      "type" : "string",
      "exampleValue" : ""
    }
  }
}

delete

Usage

am> delete HsmSecretStore --realm Realm --id id

Parameters

--id

The unique identifier for the resource.

getAllTypes

Obtain the collection of all secondary configuration types related to the resource.

Usage

am> action HsmSecretStore --realm Realm --actionName getAllTypes

getCreatableTypes

Obtain the collection of secondary configuration types that have yet to be added to the resource.

Usage

am> action HsmSecretStore --realm Realm --actionName getCreatableTypes

nextdescendents

Obtain the collection of secondary configuration instances that have been added to the resource.

Usage

am> action HsmSecretStore --realm Realm --actionName nextdescendents

query

Get the full list of instances of this collection. This query only supports _queryFilter=true filter.

Usage

am> query HsmSecretStore --realm Realm --filter filter

Parameters

--filter

A CREST formatted query filter, where "true" will query all.

read

Usage

am> read HsmSecretStore --realm Realm --id id

Parameters

--id

The unique identifier for the resource.

update

Usage

am> update HsmSecretStore --realm Realm --id id --body body

Parameters

--id

The unique identifier for the resource.

--body

The resource in JSON format, described by the following JSON schema:

{
  "type" : "object",
  "properties" : {
    "providerGuiceKey" : {
      "title" : "Provider Guice Key Name",
      "description" : "The name of a Guice key that can be used to obtain an initialised provider from which the HSM keystore can be obtained.",
      "propertyOrder" : 200,
      "required" : false,
      "type" : "string",
      "exampleValue" : ""
    },
    "storePassword" : {
      "title" : "HSM PIN/password secret label",
      "description" : "The secret label using which the HSM's PIN/password can be obtained. This secret label will be resolved using one of the other secret stores configured.<br> It must not start or end with the <code>.</code> character. <br>The <code>.</code> character must not be followed by another <code>.</code> character.<br>Must contain <code>a-z</code>, <code>A-Z</code>, <code>0-9</code> and <code>.</code> characters only.",
      "propertyOrder" : 300,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "leaseExpiryDuration" : {
      "title" : "Key lease expiry",
      "description" : "The amount of minutes a key can be cached from the keystore before it needs to be reloaded.",
      "propertyOrder" : 400,
      "required" : true,
      "type" : "integer",
      "exampleValue" : ""
    },
    "file" : {
      "title" : "Configuration File",
      "description" : "The file containing initialisation configuration for the HSM.",
      "propertyOrder" : 100,
      "required" : false,
      "type" : "string",
      "exampleValue" : ""
    }
  }
}

Global Operations

Resource path:

/global-config/secrets/stores/HsmSecretStore

Resource version: 1.0

create

Usage

am> create HsmSecretStore --global --id id --body body

Parameters

--id

The unique identifier for the resource.

--body

The resource in JSON format, described by the following JSON schema:

{
  "type" : "object",
  "properties" : {
    "file" : {
      "title" : "Configuration File",
      "description" : "The file containing initialisation configuration for the HSM.",
      "propertyOrder" : 100,
      "required" : false,
      "type" : "string",
      "exampleValue" : ""
    },
    "providerGuiceKey" : {
      "title" : "Provider Guice Key Name",
      "description" : "The name of a Guice key that can be used to obtain an initialised provider from which the HSM keystore can be obtained.",
      "propertyOrder" : 200,
      "required" : false,
      "type" : "string",
      "exampleValue" : ""
    },
    "storePassword" : {
      "title" : "HSM PIN/password secret label",
      "description" : "The secret label using which the HSM's PIN/password can be obtained. This secret label will be resolved using one of the other secret stores configured.<br> It must not start or end with the <code>.</code> character. <br>The <code>.</code> character must not be followed by another <code>.</code> character.<br>Must contain <code>a-z</code>, <code>A-Z</code>, <code>0-9</code> and <code>.</code> characters only.",
      "propertyOrder" : 300,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "leaseExpiryDuration" : {
      "title" : "Key lease expiry",
      "description" : "The amount of minutes a key can be cached from the keystore before it needs to be reloaded.",
      "propertyOrder" : 400,
      "required" : true,
      "type" : "integer",
      "exampleValue" : ""
    }
  }
}

delete

Usage

am> delete HsmSecretStore --global --id id

Parameters

--id

The unique identifier for the resource.

getAllTypes

Obtain the collection of all secondary configuration types related to the resource.

Usage

am> action HsmSecretStore --global --actionName getAllTypes

getCreatableTypes

Obtain the collection of secondary configuration types that have yet to be added to the resource.

Usage

am> action HsmSecretStore --global --actionName getCreatableTypes

nextdescendents

Obtain the collection of secondary configuration instances that have been added to the resource.

Usage

am> action HsmSecretStore --global --actionName nextdescendents

query

Get the full list of instances of this collection. This query only supports _queryFilter=true filter.

Usage

am> query HsmSecretStore --global --filter filter

Parameters

--filter

A CREST formatted query filter, where "true" will query all.

read

Usage

am> read HsmSecretStore --global --id id

Parameters

--id

The unique identifier for the resource.

update

Usage

am> update HsmSecretStore --global --id id --body body

Parameters

--id

The unique identifier for the resource.

--body

The resource in JSON format, described by the following JSON schema:

{
  "type" : "object",
  "properties" : {
    "file" : {
      "title" : "Configuration File",
      "description" : "The file containing initialisation configuration for the HSM.",
      "propertyOrder" : 100,
      "required" : false,
      "type" : "string",
      "exampleValue" : ""
    },
    "providerGuiceKey" : {
      "title" : "Provider Guice Key Name",
      "description" : "The name of a Guice key that can be used to obtain an initialised provider from which the HSM keystore can be obtained.",
      "propertyOrder" : 200,
      "required" : false,
      "type" : "string",
      "exampleValue" : ""
    },
    "storePassword" : {
      "title" : "HSM PIN/password secret label",
      "description" : "The secret label using which the HSM's PIN/password can be obtained. This secret label will be resolved using one of the other secret stores configured.<br> It must not start or end with the <code>.</code> character. <br>The <code>.</code> character must not be followed by another <code>.</code> character.<br>Must contain <code>a-z</code>, <code>A-Z</code>, <code>0-9</code> and <code>.</code> characters only.",
      "propertyOrder" : 300,
      "required" : true,
      "type" : "string",
      "exampleValue" : ""
    },
    "leaseExpiryDuration" : {
      "title" : "Key lease expiry",
      "description" : "The amount of minutes a key can be cached from the keystore before it needs to be reloaded.",
      "propertyOrder" : 400,
      "required" : true,
      "type" : "integer",
      "exampleValue" : ""
    }
  }
}
Copyright © 2010-2024 ForgeRock, all rights reserved.