<?xml version="1.0" encoding="UTF-8"?>
<submodule name="ietf-snmp-vacm"
xmlns="urn:ietf:params:xml:ns:yang:yin:1"
xmlns:snmp="urn:ietf:params:xml:ns:yang:ietf-snmp">
<belongs-to module="ietf-snmp">
<prefix value="snmp"/>
</belongs-to>
<include module="ietf-snmp-common"/>
<organization>
<text>IETF NETMOD (NETCONF Data Modeling Language) Working Group</text>
</organization>
<contact>
<text>WG Web: <http://tools.ietf.org/wg/netmod/>
WG List: <mailto:netmod@ietf.org>
WG Chair: Thomas Nadeau
<mailto:tnadeau@lucidvision.com>
WG Chair: Juergen Schoenwaelder
<mailto:j.schoenwaelder@jacobs-university.de>
Editor: Martin Bjorklund
<mailto:mbj@tail-f.com>
Editor: Juergen Schoenwaelder
<mailto:j.schoenwaelder@jacobs-university.de></text>
</contact>
<description>
<text>This submodule contains a collection of YANG definitions
for configuring the View-based Access Control Model (VACM)
of SNMP.
Copyright (c) 2014 IETF Trust and the persons identified as
authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject
to the license terms contained in, the Simplified BSD License
set forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents
(http://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC 7407; see
the RFC itself for full legal notices.</text>
</description>
<reference>
<text>RFC 3415: View-based Access Control Model (VACM) for the
Simple Network Management Protocol (SNMP)</text>
</reference>
<revision date="2014-12-10">
<description>
<text>Initial revision.</text>
</description>
<reference>
<text>RFC 7407: A YANG Data Model for SNMP Configuration</text>
</reference>
</revision>
<typedef name="view-name">
<type name="snmp:identifier"/>
<description>
<text>The view-name type represents an SNMP VACM view name.</text>
</description>
</typedef>
<typedef name="group-name">
<type name="snmp:identifier"/>
<description>
<text>The group-name type represents an SNMP VACM group name.</text>
</description>
</typedef>
<augment target-node="/snmp:snmp">
<container name="vacm">
<description>
<text>Configuration of the View-based Access Control Model.</text>
</description>
<list name="group">
<key value="name"/>
<description>
<text>VACM groups.
This data model has a different structure than the MIB.
Groups are explicitly defined in this list, and group
members are defined in the 'member' list (mapped to
vacmSecurityToGroupTable), and access for the group is
defined in the 'access' list (mapped to
vacmAccessTable).</text>
</description>
<reference>
<text>RFC 3415: View-based Access Control Model (VACM) for the
Simple Network Management Protocol (SNMP).
SNMP-VIEW-BASED-ACM-MIB.vacmSecurityToGroupTable
SNMP-VIEW-BASED-ACM-MIB.vacmAccessTable</text>
</reference>
<leaf name="name">
<type name="group-name"/>
<description>
<text>The name of this VACM group.</text>
</description>
<reference>
<text>RFC 3415: View-based Access Control Model (VACM) for the
Simple Network Management Protocol (SNMP).
SNMP-VIEW-BASED-ACM-MIB.vacmGroupName</text>
</reference>
</leaf>
<list name="member">
<key value="security-name"/>
<description>
<text>A member of this VACM group.
A specific combination of security-name and
security-model MUST NOT be present in more than
one group.</text>
</description>
<reference>
<text>RFC 3415: View-based Access Control Model (VACM) for the
Simple Network Management Protocol (SNMP).
SNMP-VIEW-BASED-ACM-MIB.vacmSecurityToGroupTable</text>
</reference>
<leaf name="security-name">
<type name="snmp:security-name"/>
<description>
<text>The securityName of a group member.</text>
</description>
<reference>
<text>RFC 3415: View-based Access Control Model (VACM) for
the Simple Network Management Protocol (SNMP).
SNMP-VIEW-BASED-ACM-MIB.vacmSecurityName</text>
</reference>
</leaf>
<leaf-list name="security-model">
<type name="snmp:security-model"/>
<min-elements value="1"/>
<description>
<text>The security models under which this security-name
is a member of this group.</text>
</description>
<reference>
<text>RFC 3415: View-based Access Control Model (VACM) for
the Simple Network Management Protocol (SNMP).
SNMP-VIEW-BASED-ACM-MIB.vacmSecurityModel</text>
</reference>
</leaf-list>
</list>
<list name="access">
<key value="context security-model security-level"/>
<description>
<text>Definition of access right for groups.</text>
</description>
<reference>
<text>RFC 3415: View-based Access Control Model (VACM) for
the Simple Network Management Protocol (SNMP).
SNMP-VIEW-BASED-ACM-MIB.vacmAccessTable</text>
</reference>
<leaf name="context">
<type name="snmp:context-name"/>
<description>
<text>The context (prefix) under which the access rights
apply.</text>
</description>
<reference>
<text>RFC 3415: View-based Access Control Model (VACM) for
the Simple Network Management Protocol (SNMP).
SNMP-VIEW-BASED-ACM-MIB.vacmAccessContextPrefix</text>
</reference>
</leaf>
<leaf name="context-match">
<type name="enumeration">
<enum name="exact">
<value value="1"/>
</enum>
<enum name="prefix">
<value value="2"/>
</enum>
</type>
<default value="exact"/>
<reference>
<text>RFC 3415: View-based Access Control Model (VACM) for
the Simple Network Management Protocol (SNMP).
SNMP-VIEW-BASED-ACM-MIB.vacmAccessContextMatch</text>
</reference>
</leaf>
<leaf name="security-model">
<type name="snmp:security-model-or-any"/>
<description>
<text>The security model under which the access rights
apply.</text>
</description>
<reference>
<text>RFC 3415: View-based Access Control Model (VACM) for
the Simple Network Management Protocol (SNMP).
SNMP-VIEW-BASED-ACM-MIB.vacmAccessSecurityModel</text>
</reference>
</leaf>
<leaf name="security-level">
<type name="snmp:security-level"/>
<description>
<text>The minimum security level under which the access
rights apply.</text>
</description>
<reference>
<text>RFC 3415: View-based Access Control Model (VACM) for
the Simple Network Management Protocol (SNMP).
SNMP-VIEW-BASED-ACM-MIB.vacmAccessSecurityLevel</text>
</reference>
</leaf>
<leaf name="read-view">
<type name="view-name"/>
<description>
<text>The name of the MIB view of the SNMP context
authorizing read access. If this leaf does not
exist in a configuration, it maps to a zero-length
vacmAccessReadViewName.
Implementations MAY restrict the values of this
leaf to be one of the available values of
/snmp/vacm/view/name in a valid configuration.</text>
</description>
<reference>
<text>RFC 3415: View-based Access Control Model (VACM) for
the Simple Network Management Protocol (SNMP).
SNMP-VIEW-BASED-ACM-MIB.vacmAccessReadViewName</text>
</reference>
</leaf>
<leaf name="write-view">
<type name="view-name"/>
<description>
<text>The name of the MIB view of the SNMP context
authorizing write access. If this leaf does not
exist in a configuration, it maps to a zero-length
vacmAccessWriteViewName.
Implementations MAY restrict the values of this
leaf to be one of the available values of
/snmp/vacm/view/name in a valid configuration.</text>
</description>
<reference>
<text>RFC 3415: View-based Access Control Model (VACM) for
the Simple Network Management Protocol (SNMP).
SNMP-VIEW-BASED-ACM-MIB.vacmAccessWriteViewName</text>
</reference>
</leaf>
<leaf name="notify-view">
<type name="view-name"/>
<description>
<text>The name of the MIB view of the SNMP context
authorizing notify access. If this leaf does not
exist in a configuration, it maps to a zero-length
vacmAccessNotifyViewName.
Implementations MAY restrict the values of this
leaf to be one of the available values of
/snmp/vacm/view/name in a valid configuration.</text>
</description>
<reference>
<text>RFC 3415: View-based Access Control Model (VACM) for
the Simple Network Management Protocol (SNMP).
SNMP-VIEW-BASED-ACM-MIB.vacmAccessNotifyViewName</text>
</reference>
</leaf>
</list>
</list>
<list name="view">
<key value="name"/>
<description>
<text>Definition of MIB views.</text>
</description>
<reference>
<text>RFC 3415: View-based Access Control Model (VACM) for
the Simple Network Management Protocol (SNMP).
SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilyTable</text>
</reference>
<leaf name="name">
<type name="view-name"/>
<description>
<text>The name of this VACM MIB view.</text>
</description>
<reference>
<text>RFC 3415: View-based Access Control Model (VACM) for
the Simple Network Management Protocol (SNMP).
SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilyName</text>
</reference>
</leaf>
<leaf-list name="include">
<type name="snmp:wildcard-object-identifier"/>
<description>
<text>A family of subtrees included in this MIB view.</text>
</description>
<reference>
<text>RFC 3415: View-based Access Control Model (VACM) for
the Simple Network Management Protocol (SNMP).
SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilySubtree
SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilyMask
SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilyType</text>
</reference>
</leaf-list>
<leaf-list name="exclude">
<type name="snmp:wildcard-object-identifier"/>
<description>
<text>A family of subtrees excluded from this MIB view.</text>
</description>
<reference>
<text>RFC 3415: View-based Access Control Model (VACM) for
the Simple Network Management Protocol (SNMP).
SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilySubtree
SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilyMask
SNMP-VIEW-BASED-ACM-MIB.vacmViewTreeFamilyType</text>
</reference>
</leaf-list>
</list>
</container>
</augment>
</submodule>