This module defines the Tail-f AAA data model. Copyright (c) 2012-2020 by Cisco Systems, Inc. All rights reserved.
Version: 2019-05-04
module tailf-aaa { yang-version 1; namespace "http://tail-f.com/ns/aaa/1.1"; prefix aaa; import iana-crypt-hash { prefix ianach; } organization "Tail-f Systems"; contact "Cisco Systems, Inc. Customer Service Postal: 170 West Tasman Drive San Jose, CA 95134 Tel: +1 800 553-NETS E-mail: cs-yang@cisco.com"; description "This module defines the Tail-f AAA data model. Copyright (c) 2012-2020 by Cisco Systems, Inc. All rights reserved."; revision "2019-05-04" { description "Changed passwdStr typedef to use ianach:crypt-hash instead of tailf:md5-digest-string."; } revision "2011-09-22" { description "Released as part of ConfD-3.7."; } revision "2010-06-17" { description "Released as part of ConfD-3.3."; } revision "2010-04-22" { description "Released as part of ConfD-3.2.1."; } revision "2010-03-18" { description "Released as part of ConfD-3.2."; } typedef history { type uint64 { range "0 .. 8192"; } } typedef idle-timeout { type uint64 { range "0 .. 8192"; } } typedef display-level { type uint64 { range "1 .. 64"; } } typedef dataOperationType { type enumeration { enum "r" { value 0; } enum "rx" { value 1; } enum "x" { value 2; } enum "rw" { value 3; } enum "rwx" { value 4; } enum "wx" { value 5; } enum "w" { value 6; } enum "c" { value 7; } enum "cr" { value 8; } enum "cu" { value 9; } enum "cd" { value 10; } enum "cx" { value 11; } enum "cru" { value 12; } enum "crd" { value 13; } enum "crx" { value 14; } enum "cud" { value 15; } enum "cux" { value 16; } enum "cdx" { value 17; } enum "crud" { value 18; } enum "crux" { value 19; } enum "crdx" { value 20; } enum "cudx" { value 21; } enum "crudx" { value 22; } enum "ru" { value 23; } enum "rd" { value 24; } enum "rud" { value 25; } enum "rux" { value 26; } enum "rdx" { value 27; } enum "u" { value 28; } enum "ud" { value 29; } enum "ux" { value 30; } enum "d" { value 31; } enum "dx" { value 32; } } } typedef cmdOperationType { type enumeration { enum "r" { value 0; } enum "rx" { value 1; } enum "x" { value 2; } } } typedef Action { type enumeration { enum "accept" { value 0; } enum "reject" { value 1; } enum "accept_log" { value 2; } } } typedef passwdStr { type ianach:crypt-hash; } typedef levelInt { type int32 { range "0 .. 15"; } } typedef modeStr { type union { type string; type builtinModes; } } typedef builtinModes { type enumeration { enum "exec" { value 0; } enum "configure" { value 1; } } } container aaa { container authentication { container users { list user { key "name"; max-elements 1024; ordered-by user; leaf name { type string; } leaf uid { type uint32; default "9000"; } leaf gid { type uint32; default "100"; } leaf password { type passwdStr; mandatory true; } leaf ssh_keydir { type string; default "/home/sshdir"; } leaf homedir { type string; default "/home/homedir"; } } // list user } // container users container groups { list group { key "name"; max-elements 32; leaf name { type string; } leaf gid { type uint32; default "100"; } leaf users { type string; default "%%__system_user__%%"; } } // list group } // container groups container login { container group { leaf tacacs { type empty; } } // container group } // container login } // container authentication container authorization { container cmdrules { list cmdrule { key "index"; leaf index { type uint32; } leaf context { type string; mandatory true; } leaf command { type string; mandatory true; } leaf group { type string; mandatory true; } leaf ops { type cmdOperationType; mandatory true; } leaf action { type Action; mandatory true; } } // list cmdrule } // container cmdrules container datarules { list datarule { key "index"; leaf index { type uint32; } leaf namespace { type string; mandatory true; } leaf context { type string; default "*"; } leaf keypath { type string; mandatory true; } leaf group { type string; mandatory true; } leaf ops { type dataOperationType; mandatory true; } leaf action { type Action; mandatory true; } } // list datarule } // container datarules container commands { container group { leaf tacacs { type empty; } leaf none { type empty; } } // container group } // container commands } // container authorization container accounting { container commands { container group { leaf tacacs { type empty; } } // container group } // container commands } // container accounting container ios { presence "Indicates specifc IOS settings are configured"; list level { key "nr"; min-elements 2; leaf nr { type levelInt; } leaf secret { type passwdStr; } leaf password { type passwdStr; } leaf prompt { type string; default "\h# "; } } // list level list privilege { key "mode"; leaf mode { type modeStr; } list level { key "nr"; min-elements 1; max-elements 15; leaf nr { type levelInt; } list command { key "name"; leaf name { type string; } } // list command } // list level } // list privilege } // container ios container disaster-recovery { leaf username { type leafref { path "/aaa:aaa/aaa:authentication/aaa:users/aaa:user/aaa:name"; } } leaf password { type tailf:md5-digest-string; } } // container disaster-recovery container privileged-access { config false; leaf shell-access { type string; } leaf first-user { type string; } leaf first-user-change { type string; } leaf current-disaster-recovery-user { type string; } } // container privileged-access container accounting { config false; leaf log-data { type string; } } // container accounting container user-group { config false; leaf grp-data { type string; } } // container user-group container admin-accounting { leaf enable { type boolean; default "false"; } } // container admin-accounting } // container aaa list alias { key "name"; leaf name { type string; } leaf expansion { type string; mandatory true; } } // list alias container session { presence "Indicates Global default CLI session pareameters are configured"; leaf complete-on-space { type boolean; } leaf ignore-leading-space { type boolean; } leaf idle-timeout { type idle-timeout; } leaf paginate { type boolean; } leaf history { type history; } leaf autowizard { type boolean; } leaf show-defaults { type boolean; } leaf display-level { type display-level; } leaf prompt1 { type string; } leaf prompt2 { type string; } } // container session list user { key "name"; leaf name { type string; } leaf description { type string; } list alias { key "name"; leaf name { type string; } leaf expansion { type string; mandatory true; } } // list alias container session { leaf complete-on-space { type boolean; } leaf ignore-leading-space { type boolean; } leaf idle-timeout { type idle-timeout; } leaf paginate { type boolean; } leaf history { type history; } leaf autowizard { type boolean; } leaf show-defaults { type boolean; } leaf display-level { type display-level; } leaf prompt1 { type string; } leaf prompt2 { type string; } } // container session } // list user } // module tailf-aaa
© 2023 YumaWorks, Inc. All rights reserved.