|
Packit |
8fb591 |
|
|
Packit |
8fb591 |
|
|
Packit |
8fb591 |
xmlns="urn:ietf:params:xml:ns:yang:yin:1"
|
|
Packit |
8fb591 |
xmlns:snmp="urn:ietf:params:xml:ns:yang:ietf-snmp">
|
|
Packit |
8fb591 |
<belongs-to module="ietf-snmp">
|
|
Packit |
8fb591 |
<prefix value="snmp"/>
|
|
Packit |
8fb591 |
</belongs-to>
|
|
Packit |
8fb591 |
<include module="ietf-snmp-common"/>
|
|
Packit |
8fb591 |
<organization>
|
|
Packit |
8fb591 |
<text>IETF NETMOD (NETCONF Data Modeling Language) Working Group</text>
|
|
Packit |
8fb591 |
</organization>
|
|
Packit |
8fb591 |
<contact>
|
|
Packit |
8fb591 |
<text>WG Web: <http://tools.ietf.org/wg/netmod/>
|
|
Packit |
8fb591 |
WG List: <mailto:netmod@ietf.org>
|
|
Packit |
8fb591 |
|
|
Packit |
8fb591 |
WG Chair: Thomas Nadeau
|
|
Packit |
8fb591 |
<mailto:tnadeau@lucidvision.com>
|
|
Packit |
8fb591 |
|
|
Packit |
8fb591 |
WG Chair: Juergen Schoenwaelder
|
|
Packit |
8fb591 |
<mailto:j.schoenwaelder@jacobs-university.de>
|
|
Packit |
8fb591 |
|
|
Packit |
8fb591 |
Editor: Martin Bjorklund
|
|
Packit |
8fb591 |
<mailto:mbj@tail-f.com>
|
|
Packit |
8fb591 |
|
|
Packit |
8fb591 |
Editor: Juergen Schoenwaelder
|
|
Packit |
8fb591 |
<mailto:j.schoenwaelder@jacobs-university.de></text>
|
|
Packit |
8fb591 |
</contact>
|
|
Packit |
8fb591 |
<description>
|
|
Packit |
8fb591 |
<text>This submodule contains a collection of YANG definitions
|
|
Packit |
8fb591 |
for configuring the View-based Access Control Model (VACM)
|
|
Packit |
8fb591 |
of SNMP.
|
|
Packit |
8fb591 |
|
|
Packit |
8fb591 |
Copyright (c) 2014 IETF Trust and the persons identified as
|
|
Packit |
8fb591 |
authors of the code. All rights reserved.
|
|
Packit |
8fb591 |
|
|
Packit |
8fb591 |
Redistribution and use in source and binary forms, with or
|
|
Packit |
8fb591 |
without modification, is permitted pursuant to, and subject
|
|
Packit |
8fb591 |
to the license terms contained in, the Simplified BSD License
|
|
Packit |
8fb591 |
set forth in Section 4.c of the IETF Trust's Legal Provisions
|
|
Packit |
8fb591 |
Relating to IETF Documents
|
|
Packit |
8fb591 |
(http://trustee.ietf.org/license-info).
|
|
Packit |
8fb591 |
|
|
Packit |
8fb591 |
This version of this YANG module is part of RFC 7407; see
|
|
Packit |
8fb591 |
the RFC itself for full legal notices.</text>
|
|
Packit |
8fb591 |
</description>
|
|
Packit |
8fb591 |
<reference>
|
|
Packit |
8fb591 |
<text>RFC 3415: View-based Access Control Model (VACM) for the
|
|
Packit |
8fb591 |
Simple Network Management Protocol (SNMP)</text>
|
|
Packit |
8fb591 |
</reference>
|
|
Packit |
8fb591 |
<revision date="2014-12-10">
|
|
Packit |
8fb591 |
<description>
|
|
Packit |
8fb591 |
<text>Initial revision.</text>
|
|
Packit |
8fb591 |
</description>
|
|
Packit |
8fb591 |
<reference>
|
|
Packit |
8fb591 |
<text>RFC 7407: A YANG Data Model for SNMP Configuration</text>
|
|
Packit |
8fb591 |
</reference>
|
|
Packit |
8fb591 |
</revision>
|
|
Packit |
8fb591 |
<typedef name="view-name">
|
|
Packit |
8fb591 |
<type name="snmp:identifier"/>
|
|
Packit |
8fb591 |
<description>
|
|
Packit |
8fb591 |
<text>The view-name type represents an SNMP VACM view name.</text>
|
|
Packit |
8fb591 |
</description>
|
|
Packit |
8fb591 |
</typedef>
|
|
Packit |
8fb591 |
<typedef name="group-name">
|
|
Packit |
8fb591 |
<type name="snmp:identifier"/>
|
|
Packit |
8fb591 |
<description>
|
|
Packit |
8fb591 |
<text>The group-name type represents an SNMP VACM group name.</text>
|
|
Packit |
8fb591 |
</description>
|
|
Packit |
8fb591 |
</typedef>
|
|
Packit |
8fb591 |
<augment target-node="/snmp:snmp">
|
|
Packit |
8fb591 |
<container name="vacm">
|
|
Packit |
8fb591 |
<description>
|
|
Packit |
8fb591 |
<text>Configuration of the View-based Access Control Model.</text>
|
|
Packit |
8fb591 |
</description>
|
|
Packit |
8fb591 |
<list name="group">
|
|
Packit |
8fb591 |
<key value="name"/>
|
|
Packit |
8fb591 |
<description>
|
|
Packit |
8fb591 |
<text>VACM groups.
|
|
Packit |
8fb591 |
|
|
Packit |
8fb591 |
This data model has a different structure than the MIB.
|
|
Packit |
8fb591 |
Groups are explicitly defined in this list, and group
|
|
Packit |
8fb591 |
members are defined in the 'member' list (mapped to
|
|
Packit |
8fb591 |
vacmSecurityToGroupTable), and access for the group is
|
|
Packit |
8fb591 |
defined in the 'access' list (mapped to
|
|
Packit |
8fb591 |
vacmAccessTable).</text>
|
|
Packit |
8fb591 |
</description>
|
|
Packit |
8fb591 |
<reference>
|
|
Packit |
8fb591 |
<text>RFC 3415: View-based Access Control Model (VACM) for the
|
|
Packit |
8fb591 |
Simple Network Management Protocol (SNMP).
|
|
Packit |
8fb591 |
SNMP-VIEW-BASED-ACM-MIB.vacmSecurityToGroupTable
|
|
Packit |
8fb591 |
SNMP-VIEW-BASED-ACM-MIB.vacmAccessTable</text>
|
|
Packit |
8fb591 |
</reference>
|
|
Packit |
8fb591 |
<leaf name="name">
|
|
Packit |
8fb591 |
<type name="group-name"/>
|
|
Packit |
8fb591 |
<description>
|
|
Packit |
8fb591 |
<text>The name of this VACM group.</text>
|
|
Packit |
8fb591 |
</description>
|
|
Packit |
8fb591 |
<reference>
|
|
Packit |
8fb591 |
<text>RFC 3415: View-based Access Control Model (VACM) for the
|
|
Packit |
8fb591 |
Simple Network Management Protocol (SNMP).
|
|
Packit |
8fb591 |
SNMP-VIEW-BASED-ACM-MIB.vacmGroupName</text>
|
|
Packit |
8fb591 |
</reference>
|
|
Packit |
8fb591 |
</leaf>
|
|
Packit |
8fb591 |
<list name="member">
|
|
Packit |
8fb591 |
<key value="security-name"/>
|
|
Packit |
8fb591 |
<description>
|
|
Packit |
8fb591 |
<text>A member of this VACM group.
|
|
Packit |
8fb591 |
|
|
Packit |
8fb591 |
A specific combination of security-name and
|
|
Packit |
8fb591 |
security-model MUST NOT be present in more than
|
|
Packit |
8fb591 |
one group.</text>
|
|
Packit |
8fb591 |
</description>
|
|
Packit |
8fb591 |
<reference>
|
|
Packit |
8fb591 |
<text>RFC 3415: View-based Access Control Model (VACM) for the
|
|
Packit |
8fb591 |
Simple Network Management Protocol (SNMP).
|
|
Packit |
8fb591 |
SNMP-VIEW-BASED-ACM-MIB.vacmSecurityToGroupTable</text>
|
|
Packit |
8fb591 |
</reference>
|
|
Packit |
8fb591 |
<leaf name="security-name">
|
|
Packit |
8fb591 |
<type name="snmp:security-name"/>
|
|
Packit |
8fb591 |
<description>
|
|
Packit |
8fb591 |
<text>The securityName of a group member.</text>
|
|
Packit |
8fb591 |
</description>
|
|
Packit |
8fb591 |
<reference>
|
|
Packit |
8fb591 |
<text>RFC 3415: View-based Access Control Model (VACM) for
|
|
Packit |
8fb591 |
the Simple Network Management Protocol (SNMP).
|
|
Packit |
8fb591 |
SNMP-VIEW-BASED-ACM-MIB.vacmSecurityName</text>
|
|
Packit |
8fb591 |
</reference>
|
|
Packit |
8fb591 |
</leaf>
|
|
Packit |
8fb591 |
<leaf-list name="security-model">
|
|
Packit |
8fb591 |
<type name="snmp:security-model"/>
|
|
Packit |
8fb591 |
<min-elements value="1"/>
|
|
Packit |
8fb591 |
<description>
|
|
Packit |
8fb591 |
<text>The security models under which this security-name
|
|
Packit |
8fb591 |
is a member of this group.</text>
|
|
Packit |
8fb591 |
</description>
|
|
Packit |
8fb591 |
<reference>
|
|
Packit |
8fb591 |
<text>RFC 3415: View-based Access Control Model (VACM) for
|
|
Packit |
8fb591 |
the Simple Network Management Protocol (SNMP).
|
|
Packit |
8fb591 |
SNMP-VIEW-BASED-ACM-MIB.vacmSecurityModel</text>
|
|
Packit |
8fb591 |
</reference>
|
|
Packit |
8fb591 |
</leaf-list>
|
|
Packit |
8fb591 |
</list>
|
|
Packit |
8fb591 |
<list name="access">
|
|
Packit |
8fb591 |
<key value="context security-model security-level"/>
|
|
Packit |
8fb591 |
<description>
|
|
Packit |
8fb591 |
<text>Definition of access right for groups.</text>
|
|
Packit |
8fb591 |
</description>
|
|
Packit |
8fb591 |
<reference>
|
|
Packit |
8fb591 |
<text>RFC 3415: View-based Access Control Model (VACM) for
|
|
Packit |
8fb591 |
the Simple Network Management Protocol (SNMP).
|
|
Packit |
8fb591 |
SNMP-VIEW-BASED-ACM-MIB.vacmAccessTable</text>
|
|
Packit |
8fb591 |
</reference>
|
|
Packit |
8fb591 |
<leaf name="context">
|
|
Packit |
8fb591 |
<type name="snmp:context-name"/>
|
|
Packit |
8fb591 |
<description>
|
|
Packit |
8fb591 |
<text>The context (prefix) under which the access rights
|
|
Packit |
8fb591 |
apply.</text>
|
|
Packit |
8fb591 |
</description>
|
|
Packit |
8fb591 |
<reference>
|
|
Packit |
8fb591 |
<text>RFC 3415: View-based Access Control Model (VACM) for
|
|
Packit |
8fb591 |
the Simple Network Management Protocol (SNMP).
|
|
Packit |
8fb591 |
SNMP-VIEW-BASED-ACM-MIB.vacmAccessContextPrefix</text>
|
|
Packit |
8fb591 |
</reference>
|
|
Packit |
8fb591 |
</leaf>
|
|
Packit |
8fb591 |
<leaf name="context-match">
|
|
Packit |
8fb591 |
<type name="enumeration">
|
|
Packit |
8fb591 |
<enum name="exact">
|
|
Packit |
8fb591 |
<value value="1"/>
|
|
Packit |
8fb591 |
</enum>
|
|
Packit |
8fb591 |
<enum name="prefix">
|
|
Packit |
8fb591 |
<value value="2"/>
|
|
Packit |
8fb591 |
</enum>
|
|
Packit |
8fb591 |
</type>
|
|
Packit |
8fb591 |
<default value="exact"/>
|
|
Packit |
8fb591 |
<reference>
|
|
Packit |
8fb591 |
<text>RFC 3415: View-based Access Control Model (VACM) for
|
|
Packit |
8fb591 |
the Simple Network Management Protocol (SNMP).
|
|
Packit |
8fb591 |
SNMP-VIEW-BASED-ACM-MIB.vacmAccessContextMatch</text>
|
|
Packit |
8fb591 |
</reference>
|
|
Packit |
8fb591 |
</leaf>
|
|
Packit |
8fb591 |
<leaf name="security-model">
|
|
Packit |
8fb591 |
<type name="snmp:security-model-or-any"/>
|
|
Packit |
8fb591 |
<description>
|
|
Packit |
8fb591 |
<text>The security model under which the access rights
|
|
Packit |
8fb591 |
apply.</text>
|
|
Packit |
8fb591 |
</description>
|
|
Packit |
8fb591 |
<reference>
|
|
Packit |
8fb591 |
<text>RFC 3415: View-based Access Control Model (VACM) for
|
|
Packit |
8fb591 |
the Simple Network Management Protocol (SNMP).
|
|
Packit |
8fb591 |
SNMP-VIEW-BASED-ACM-MIB.vacmAccessSecurityModel</text>
|
|
Packit |
8fb591 |
</reference>
|
|
Packit |
8fb591 |
</leaf>
|
|
Packit |
8fb591 |
<leaf name="security-level">
|
|
Packit |
8fb591 |
<type name="snmp:security-level"/>
|
|
Packit |
8fb591 |
<description>
|
|
Packit |
8fb591 |
<text>The minimum security level under which the access
|
|
Packit |
8fb591 |
rights apply.</text>
|
|
Packit |
8fb591 |
</description>
|
|
Packit |
8fb591 |
<reference>
|
|
Packit |
8fb591 |
<text>RFC 3415: View-based Access Control Model (VACM) for
|
|
Packit |
8fb591 |
the Simple Network Management Protocol (SNMP).
|
|
Packit |
8fb591 |
SNMP-VIEW-BASED-ACM-MIB.vacmAccessSecurityLevel</text>
|
|
Packit |
8fb591 |
</reference>
|
|
Packit |
8fb591 |
</leaf>
|
|
Packit |
8fb591 |
<leaf name="read-view">
|
|
Packit |
8fb591 |
<type name="view-name"/>
|
|
Packit |
8fb591 |
<description>
|
|
Packit |
8fb591 |
<text>The name of the MIB view of the SNMP context
|
|
Packit |
8fb591 |
authorizing read access. If this leaf does not
|
|
Packit |
8fb591 |
exist in a configuration, it maps to a zero-length
|
|
Packit |
8fb591 |
vacmAccessReadViewName.
|
|
Packit |
8fb591 |
|
|
Packit |
8fb591 |
Implementations MAY restrict the values of this
|
|
Packit |
8fb591 |
leaf to be one of the available values of
|
|
Packit |
8fb591 |
/snmp/vacm/view/name in a valid configuration.</text>
|
|
Packit |
8fb591 |
</description>
|
|
Packit |
8fb591 |
<reference>
|
|
Packit |
8fb591 |
<text>RFC 3415: View-based Access Control Model (VACM) for
|
|
Packit |
8fb591 |
the Simple Network Management Protocol (SNMP).
|
|
Packit |
8fb591 |
SNMP-VIEW-BASED-ACM-MIB.vacmAccessReadViewName</text>
|
|
Packit |
8fb591 |
</reference>
|
|
Packit |
8fb591 |
</leaf>
|
|
Packit |
8fb591 |
<leaf name="write-view">
|
|
Packit |
8fb591 |
<type name="view-name"/>
|
|
Packit |
8fb591 |
<description>
|
|
Packit |
8fb591 |
<text>The name of the MIB view of the SNMP context
|
|
Packit |
8fb591 |
authorizing write access. If this leaf does not
|
|
Packit |
8fb591 |
exist in a configuration, it maps to a zero-length
|
|
Packit |
8fb591 |
vacmAccessWriteViewName.
|
|
Packit |
8fb591 |
|
|
Packit |
8fb591 |
Implementations MAY restrict the values of this
|
|
Packit |
8fb591 |
leaf to be one of the available values of
|
|
Packit |
8fb591 |
/snmp/vacm/view/name in a valid configuration.</text>
|
|
Packit |
8fb591 |
</description>
|
|
Packit |
8fb591 |
<reference>
|
|
Packit |
8fb591 |
<text>RFC 3415: View-based Access Control Model (VACM) for
|
|
Packit |
8fb591 |
the Simple Network Management Protocol (SNMP).
|
|
Packit |
8fb591 |
SNMP-VIEW-BASED-ACM-MIB.vacmAccessWriteViewName</text>
|
|
Packit |
8fb591 |
</reference>
|
|
Packit |
8fb591 |
</leaf>
|
|
Packit |
8fb591 |
<leaf name="notify-view">
|
|
Packit |
8fb591 |
<type name="view-name"/>
|
|
Packit |
8fb591 |
<description>
|
|
Packit |
8fb591 |
<text>The name of the MIB view of the SNMP context
|
|
Packit |
8fb591 |
authorizing notify access. If this leaf does not
|
|
Packit |
8fb591 |
exist in a configuration, it maps to a zero-length
|
|
Packit |
8fb591 |
vacmAccessNotifyViewName.
|
|
Packit |
8fb591 |
|
|
Packit |
8fb591 |
Implementations MAY restrict the values of this
|
|
Packit |
8fb591 |
leaf to be one of the available values of
|
|
Packit |
8fb591 |
/snmp/vacm/view/name in a valid configuration.</text>
|
|
Packit |
8fb591 |
</description>
|
|
Packit |
8fb591 |
<reference>
|
|
Packit |
8fb591 |
<text>RFC 3415: View-based Access Control Model (VACM) for
|
|
Packit |
8fb591 |
the Simple Network Management Protocol (SNMP).
|
|
Packit |
8fb591 |
SNMP-VIEW-BASED-ACM-MIB.vacmAccessNotifyViewName</text>
|
|
Packit |
8fb591 |
</reference>
|
|
Packit |
8fb591 |
</leaf>
|
|
Packit |
8fb591 |
</list>
|
|
Packit |
8fb591 |
</list>
|
|
Packit |
8fb591 |
<list name="view">
|
|
Packit |
8fb591 |
<key value="name"/>
|
|
Packit |
8fb591 |
<description>
|
|
Packit |
8fb591 |
<text>Definition of MIB views.</text>
|
|
Packit |
8fb591 |
</description>
|
|
Packit |
8fb591 |
<reference>
|
|
Packit |
8fb591 |
<text>RFC 3415: View-based Access Control Model (VACM) for
|
|
Packit |
8fb591 |
the Simple Network Management Protocol (SNMP).
|
|
Packit |
8fb591 |
SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilyTable</text>
|
|
Packit |
8fb591 |
</reference>
|
|
Packit |
8fb591 |
<leaf name="name">
|
|
Packit |
8fb591 |
<type name="view-name"/>
|
|
Packit |
8fb591 |
<description>
|
|
Packit |
8fb591 |
<text>The name of this VACM MIB view.</text>
|
|
Packit |
8fb591 |
</description>
|
|
Packit |
8fb591 |
<reference>
|
|
Packit |
8fb591 |
<text>RFC 3415: View-based Access Control Model (VACM) for
|
|
Packit |
8fb591 |
the Simple Network Management Protocol (SNMP).
|
|
Packit |
8fb591 |
SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilyName</text>
|
|
Packit |
8fb591 |
</reference>
|
|
Packit |
8fb591 |
</leaf>
|
|
Packit |
8fb591 |
<leaf-list name="include">
|
|
Packit |
8fb591 |
<type name="snmp:wildcard-object-identifier"/>
|
|
Packit |
8fb591 |
<description>
|
|
Packit |
8fb591 |
<text>A family of subtrees included in this MIB view.</text>
|
|
Packit |
8fb591 |
</description>
|
|
Packit |
8fb591 |
<reference>
|
|
Packit |
8fb591 |
<text>RFC 3415: View-based Access Control Model (VACM) for
|
|
Packit |
8fb591 |
the Simple Network Management Protocol (SNMP).
|
|
Packit |
8fb591 |
SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilySubtree
|
|
Packit |
8fb591 |
SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilyMask
|
|
Packit |
8fb591 |
SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilyType</text>
|
|
Packit |
8fb591 |
</reference>
|
|
Packit |
8fb591 |
</leaf-list>
|
|
Packit |
8fb591 |
<leaf-list name="exclude">
|
|
Packit |
8fb591 |
<type name="snmp:wildcard-object-identifier"/>
|
|
Packit |
8fb591 |
<description>
|
|
Packit |
8fb591 |
<text>A family of subtrees excluded from this MIB view.</text>
|
|
Packit |
8fb591 |
</description>
|
|
Packit |
8fb591 |
<reference>
|
|
Packit |
8fb591 |
<text>RFC 3415: View-based Access Control Model (VACM) for
|
|
Packit |
8fb591 |
the Simple Network Management Protocol (SNMP).
|
|
Packit |
8fb591 |
SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilySubtree
|
|
Packit |
8fb591 |
SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilyMask
|
|
Packit |
8fb591 |
SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilyType</text>
|
|
Packit |
8fb591 |
</reference>
|
|
Packit |
8fb591 |
</leaf-list>
|
|
Packit |
8fb591 |
</list>
|
|
Packit |
8fb591 |
</container>
|
|
Packit |
8fb591 |
</augment>
|
|
Packit |
8fb591 |
</submodule>
|