This module contains a collection of YANG definitions for Cisco IOS-XR aaa-nacm package configuration. This YANG module augment...
Version: 2021-02-11
module Cisco-IOS-XR-um-aaa-nacm-cfg { yang-version 1; namespace "http://cisco.com/ns/yang/Cisco-IOS-XR-um-aaa-nacm-cfg"; prefix um-aaa-nacm-cfg; import Cisco-IOS-XR-types { prefix xr; } import Cisco-IOS-XR-um-aaa-cfg { prefix a1; } import cisco-semver { prefix semver; } organization "Cisco Systems, Inc."; contact "Cisco Systems, Inc. Customer Service Postal: 170 West Tasman Drive San Jose, CA 95134 Tel: +1 800 553-NETS E-mail: cs-yang@cisco.com"; description "This module contains a collection of YANG definitions for Cisco IOS-XR aaa-nacm package configuration. This YANG module augments the modules with configuration data. Copyright (c) 2021 by Cisco Systems, Inc. All rights reserved."; revision "2021-02-11" { description "Initial release"; } semver:module-version "1.0.0"; augment /a1:aaa { container nacm { description "NACM configuration"; container read-default { description "Read default flag"; container permit { must "not(../deny)"; presence "Indicates a permit node is configured."; description "Permit read operation by default."; } // container permit container deny { must "not(../permit)"; presence "Indicates a deny node is configured."; description "Deny read operation by default."; } // container deny } // container read-default container write-default { description "Write default flag"; container permit { must "not(../deny)"; presence "Indicates a permit node is configured."; description "Permit write operation by default."; } // container permit container deny { must "not(../permit)"; presence "Indicates a deny node is configured."; description "Deny write operation by default."; } // container deny } // container write-default container exec-default { description "Exec default flag"; container permit { must "not(../deny)"; presence "Indicates a permit node is configured."; description "Permit exec operation by default."; } // container permit container deny { must "not(../permit)"; presence "Indicates a deny node is configured."; description "Deny exec operation by default."; } // container deny } // container exec-default container enable-external-groups { description "Enable external groups flag"; container true { must "not(../false)"; presence "Indicates a true node is configured."; description "Enable external groups by default."; } // container true container false { must "not(../true)"; presence "Indicates a false node is configured."; description "Disable external groups by default."; } // container false } // container enable-external-groups container groups { description "Specify groups in nacm"; list group { must "usernames"; key "group-name"; description "Specify groups in nacm"; leaf group-name { type xr:Cisco-ios-xr-string { length "1..800"; } description "Specify groups in nacm"; } container usernames { presence "Indicates a usernames node is configured."; description "Usernames list to add under nacm group"; leaf-list username { type xr:Cisco-ios-xr-string { length "1..800"; } max-elements 16; description "Username to add under nacm group"; } } // container usernames } // list group } // container groups container rule-lists { description "Specify rule-list in nacm"; list rule-list { key "index name"; description "Specify rule-list in nacm"; leaf index { type xr:Cisco-ios-xr-string { length "1..800"; } description "Specify rule-list in nacm"; } leaf name { type xr:Cisco-ios-xr-string { length "1..800"; } description "Name of nacm rule-list"; } container groupnames { description "Specify groups under rule-list"; leaf-list groupname { type xr:Cisco-ios-xr-string { length "1..800"; } max-elements 16; description "Groupname to add under nacm rule-list"; } } // container groupnames container rules { description "Specify rules in nacm rule-list"; list rule { key "index name"; description "Specify rules in nacm rule-list"; leaf index { type xr:Cisco-ios-xr-string { length "1..800"; } description "Specify rules in nacm rule-list"; } leaf name { type xr:Cisco-ios-xr-string { length "1..800"; } description "Name of nacm rule in rule-list"; } container action { description "Action for rule"; container permit { must "not(../deny)"; presence "Indicates a permit node is configured."; description "Action value for rule"; } // container permit container deny { must "not(../permit)"; presence "Indicates a deny node is configured."; description "Action value for rule"; } // container deny } // container action leaf module-name { type string { length "1..800"; } description "Module-name for rule"; } container rule-type { description "Rule-type values for rule"; leaf rpc { type string { length "1..800"; } must "not(../data-node)"; description "Rule-type rpc"; } leaf data-node { type string { length "1..800"; } must "not(../rpc)"; description "rule-type data-node"; } } // container rule-type container access-operations { presence "Indicates a access-operations node is configured."; description "Access-operations for rule"; leaf create { type uint32 { range "0..1"; } mandatory true; description "Create bit for rule"; } leaf read { type uint32 { range "0..1"; } mandatory true; description "Read bit for rule"; } leaf update { type uint32 { range "0..1"; } mandatory true; description "Update bit for rule"; } leaf delete { type uint32 { range "0..1"; } mandatory true; description "Delete bit for rule"; } leaf exec { type uint32 { range "0..1"; } mandatory true; description "Exec bit for rule"; } leaf all { type uint32 { range "0..1"; } mandatory true; description "All bits for rule"; } } // container access-operations leaf comment { type string { length "1..800"; } description "Comment for rule"; } } // list rule } // container rules } // list rule-list } // container rule-lists } // container nacm } } // module Cisco-IOS-XR-um-aaa-nacm-cfg
© 2023 YumaWorks, Inc. All rights reserved.