openconfig-aaa-types

This module defines shared types for data related to AAA (authentication, authorization, accounting).

  • Version: 2018-11-21

    openconfig-aaa-types@2018-11-21


    
      module openconfig-aaa-types {
    
        yang-version 1;
    
        namespace
          "http://openconfig.net/yang/aaa/types";
    
        prefix oc-aaa-types;
    
        import openconfig-extensions {
          prefix oc-ext;
        }
    
        organization "OpenConfig working group";
    
        contact
          "OpenConfig working group
    www.openconfig.net";
    
        description
          "This module defines shared types for data related to AAA
    (authentication, authorization, accounting).";
    
        revision "2018-11-21" {
          description
            "Add OpenConfig module metadata extensions.";
          reference
            "0.4.1";
    
        }
    
        revision "2018-04-12" {
          description
            "Add when conditions, correct identities";
          reference
            "0.4.0";
    
        }
    
        revision "2017-09-18" {
          description
            "Updated to use OpenConfig types modules";
          reference
            "0.3.0";
    
        }
    
        revision "2017-07-06" {
          description
            "Move to oc-inet types, add IETF attribution, add RADIUS
    counters, changed password leaf names to indicate hashed";
          reference
            "0.2.0";
    
        }
    
        revision "2017-01-29" {
          description "Initial public release";
          reference
            "0.1.0";
    
        }
    
        oc-ext:openconfig-version "0.4.1";
        oc-ext:regexp-posix;
        oc-ext:catalog-organization "openconfig";
        oc-ext:origin "openconfig";
    
        identity AAA_SERVER_TYPE {
          description
            "Base identity for types of AAA servers";
        }
    
        identity SYSTEM_DEFINED_ROLES {
          description
            "Base identity for system_defined roles that can be assigned
    to users.";
        }
    
        identity SYSTEM_ROLE_ADMIN {
          base SYSTEM_DEFINED_ROLES;
          description
            "Built-in role that allows the equivalent of superuser
    permission for all configuration and operational commands
    on the device.";
        }
    
        identity AAA_ACCOUNTING_EVENT_TYPE {
          description
            "Base identity for specifying events types that should be
    sent to AAA server for accounting";
        }
    
        identity AAA_ACCOUNTING_EVENT_COMMAND {
          base AAA_ACCOUNTING_EVENT_TYPE;
          description
            "Specifies interactive command events for AAA accounting";
        }
    
        identity AAA_ACCOUNTING_EVENT_LOGIN {
          base AAA_ACCOUNTING_EVENT_TYPE;
          description
            "Specifies login events for AAA accounting";
        }
    
        identity AAA_AUTHORIZATION_EVENT_TYPE {
          description
            "Base identity for specifying activities that should be
    sent to AAA server for authorization";
        }
    
        identity AAA_AUTHORIZATION_EVENT_COMMAND {
          base AAA_AUTHORIZATION_EVENT_TYPE;
          description
            "Specifies interactive command events for AAA authorization";
        }
    
        identity AAA_AUTHORIZATION_EVENT_CONFIG {
          base AAA_AUTHORIZATION_EVENT_TYPE;
          description
            "Specifies configuration (e.g., EXEC) events for AAA
    authorization";
        }
    
        identity AAA_METHOD_TYPE {
          description
            "Base identity to define well-known methods for AAA
    operations";
        }
    
        identity TACACS_ALL {
          base AAA_METHOD_TYPE;
          description
            "The group of all TACACS+ servers.";
        }
    
        identity RADIUS_ALL {
          base AAA_METHOD_TYPE;
          description
            "The group of all RADIUS servers.";
        }
    
        identity LOCAL {
          base AAA_METHOD_TYPE;
          description
            "Locally configured method for AAA operations.";
        }
    
        typedef crypt-password-type {
          type string;
          description
            "A password that is hashed based on the hash algorithm
    indicated by the prefix in the string.  The string
    takes the following form, based on the Unix crypt function:
    
    $<id>[$<param>=<value>(,<param>=<value>)*][$<salt>[$<hash>]]
    
    Common hash functions include:
    
    id  | hash function
    ---+---------------
     1 | MD5
     2a| Blowfish
     2y| Blowfish (correct handling of 8-bit chars)
     5 | SHA-256
     6 | SHA-512
    
    These may not all be supported by a target device.";
        }
      }  // module openconfig-aaa-types
    

© 2023 YumaWorks, Inc. All rights reserved.