This submodule contains a collection of YANG definitions for configuring the View-based Access Control Model (VACM) of SNMP. Co...
Version: 2014-12-10
submodule ietf-snmp-vacm { yang-version 1; belongs-to ietf-snmp { prefix snmp; } include ietf-snmp-common; organization "IETF NETMOD (NETCONF Data Modeling Language) Working Group"; contact "WG Web: <http://tools.ietf.org/wg/netmod/> WG List: <mailto:netmod@ietf.org> WG Chair: Thomas Nadeau <mailto:tnadeau@lucidvision.com> WG Chair: Juergen Schoenwaelder <mailto:j.schoenwaelder@jacobs-university.de> Editor: Martin Bjorklund <mailto:mbj@tail-f.com> Editor: Juergen Schoenwaelder <mailto:j.schoenwaelder@jacobs-university.de>"; description "This submodule contains a collection of YANG definitions for configuring the View-based Access Control Model (VACM) of SNMP. Copyright (c) 2014 IETF Trust and the persons identified as authors of the code. All rights reserved. Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the Simplified BSD License set forth in Section 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info). This version of this YANG module is part of RFC 7407; see the RFC itself for full legal notices."; reference "RFC 3415: View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)"; revision "2014-12-10" { description "Initial revision."; reference "RFC 7407: A YANG Data Model for SNMP Configuration"; } typedef view-name { type identifier; description "The view-name type represents an SNMP VACM view name."; } typedef group-name { type identifier; description "The group-name type represents an SNMP VACM group name."; } augment /snmp:snmp { container vacm { description "Configuration of the View-based Access Control Model."; list group { key "name"; description "VACM groups. This data model has a different structure than the MIB. Groups are explicitly defined in this list, and group members are defined in the 'member' list (mapped to vacmSecurityToGroupTable), and access for the group is defined in the 'access' list (mapped to vacmAccessTable)."; reference "RFC 3415: View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP). SNMP-VIEW-BASED-ACM-MIB.vacmSecurityToGroupTable SNMP-VIEW-BASED-ACM-MIB.vacmAccessTable"; leaf name { type group-name; description "The name of this VACM group."; reference "RFC 3415: View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP). SNMP-VIEW-BASED-ACM-MIB.vacmGroupName"; } list member { key "security-name"; description "A member of this VACM group. A specific combination of security-name and security-model MUST NOT be present in more than one group."; reference "RFC 3415: View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP). SNMP-VIEW-BASED-ACM-MIB.vacmSecurityToGroupTable"; leaf security-name { type security-name; description "The securityName of a group member."; reference "RFC 3415: View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP). SNMP-VIEW-BASED-ACM-MIB.vacmSecurityName"; } leaf-list security-model { type security-model; min-elements 1; description "The security models under which this security-name is a member of this group."; reference "RFC 3415: View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP). SNMP-VIEW-BASED-ACM-MIB.vacmSecurityModel"; } } // list member list access { key "context security-model security-level"; description "Definition of access right for groups."; reference "RFC 3415: View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP). SNMP-VIEW-BASED-ACM-MIB.vacmAccessTable"; leaf context { type context-name; description "The context (prefix) under which the access rights apply."; reference "RFC 3415: View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP). SNMP-VIEW-BASED-ACM-MIB.vacmAccessContextPrefix"; } leaf context-match { type enumeration { enum "exact" { value 1; } enum "prefix" { value 2; } } default 'exact'; reference "RFC 3415: View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP). SNMP-VIEW-BASED-ACM-MIB.vacmAccessContextMatch"; } leaf security-model { type security-model-or-any; description "The security model under which the access rights apply."; reference "RFC 3415: View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP). SNMP-VIEW-BASED-ACM-MIB.vacmAccessSecurityModel"; } leaf security-level { type security-level; description "The minimum security level under which the access rights apply."; reference "RFC 3415: View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP). SNMP-VIEW-BASED-ACM-MIB.vacmAccessSecurityLevel"; } leaf read-view { type view-name; description "The name of the MIB view of the SNMP context authorizing read access. If this leaf does not exist in a configuration, it maps to a zero-length vacmAccessReadViewName. Implementations MAY restrict the values of this leaf to be one of the available values of /snmp/vacm/view/name in a valid configuration."; reference "RFC 3415: View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP). SNMP-VIEW-BASED-ACM-MIB.vacmAccessReadViewName"; } leaf write-view { type view-name; description "The name of the MIB view of the SNMP context authorizing write access. If this leaf does not exist in a configuration, it maps to a zero-length vacmAccessWriteViewName. Implementations MAY restrict the values of this leaf to be one of the available values of /snmp/vacm/view/name in a valid configuration."; reference "RFC 3415: View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP). SNMP-VIEW-BASED-ACM-MIB.vacmAccessWriteViewName"; } leaf notify-view { type view-name; description "The name of the MIB view of the SNMP context authorizing notify access. If this leaf does not exist in a configuration, it maps to a zero-length vacmAccessNotifyViewName. Implementations MAY restrict the values of this leaf to be one of the available values of /snmp/vacm/view/name in a valid configuration."; reference "RFC 3415: View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP). SNMP-VIEW-BASED-ACM-MIB.vacmAccessNotifyViewName"; } } // list access } // list group list view { key "name"; description "Definition of MIB views."; reference "RFC 3415: View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP). SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilyTable"; leaf name { type view-name; description "The name of this VACM MIB view."; reference "RFC 3415: View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP). SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilyName"; } leaf-list include { type wildcard-object-identifier; description "A family of subtrees included in this MIB view."; reference "RFC 3415: View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP). SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilySubtree SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilyMask SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilyType"; } leaf-list exclude { type wildcard-object-identifier; description "A family of subtrees excluded from this MIB view."; reference "RFC 3415: View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP). SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilySubtree SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilyMask SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilyType"; } } // list view } // container vacm } } // submodule ietf-snmp-vacm
© 2023 YumaWorks, Inc. All rights reserved.