Management API Reference for secret-key-credential-store

A simple credential store to manage secret keys store clearly.

Provided Capabilities (1)

Name	Dynamic	Other provider points
org.wildfly.security.credential-store	true	/subsystem=elytron/credential-store=*

Attributes (7)

create - If the credential store does not exist should it be dynamically created?

Type	BOOLEAN
Default Value	true
Is the attribute nillable?	true
Does the attribute allow expression?	true
Where is the attribute stored?	configuration
Access Type	read-write
Is restarted required?	all-services
Stability Level	default
Raw DMR model	`{ "type" : { "TYPE_MODEL_VALUE" : "BOOLEAN" }, "description" : "If the credential store does not exist should it be dynamically created?", "attribute-group" : "implementation", "expressions-allowed" : true, "required" : false, "nillable" : true, "default" : true, "stability" : "default", "access-type" : "read-write", "storage" : "configuration", "restart-required" : "all-services", "capability-reference" : null }`

default-alias - The alias name of any key generated by default.

Type	STRING
Default Value	key
Is the attribute nillable?	true
Does the attribute allow expression?	true
Where is the attribute stored?	configuration
Access Type	read-write
Is restarted required?	all-services
Stability Level	default
Raw DMR model	`{ "type" : { "TYPE_MODEL_VALUE" : "STRING" }, "description" : "The alias name of any key generated by default.", "attribute-group" : "implementation", "expressions-allowed" : true, "required" : false, "nillable" : true, "default" : "key", "min-length" : 1, "max-length" : 2147483647, "stability" : "default", "access-type" : "read-write", "storage" : "configuration", "restart-required" : "all-services", "capability-reference" : null }`

key-size - The default size for any generated keys.

Type	INT
Default Value	256
Is the attribute nillable?	true
Does the attribute allow expression?	true
Where is the attribute stored?	configuration
Access Type	read-write
Is restarted required?	all-services
Allowed Values	256 128 192
Stability Level	default
Raw DMR model	`{ "type" : { "TYPE_MODEL_VALUE" : "INT" }, "description" : "The default size for any generated keys.", "attribute-group" : "implementation", "expressions-allowed" : true, "required" : false, "nillable" : true, "default" : 256, "allowed" : [ 128, 192, 256 ], "stability" : "default", "access-type" : "read-write", "storage" : "configuration", "restart-required" : "all-services", "capability-reference" : null }`

path - The path to the credential store.

Type	STRING
Does the attribute allow expression?	true
Where is the attribute stored?	configuration
Access Type	read-write
Is restarted required?	all-services
Stability Level	default
Raw DMR model	`{ "type" : { "TYPE_MODEL_VALUE" : "STRING" }, "description" : "The path to the credential store.", "attribute-group" : "file", "expressions-allowed" : true, "required" : true, "nillable" : false, "min-length" : 1, "max-length" : 2147483647, "stability" : "default", "access-type" : "read-write", "storage" : "configuration", "restart-required" : "all-services", "capability-reference" : null }`

populate - If the credential store does not contain the default-alias should it be dynamically added?

Type	BOOLEAN
Default Value	true
Is the attribute nillable?	true
Does the attribute allow expression?	true
Where is the attribute stored?	configuration
Access Type	read-write
Is restarted required?	all-services
Stability Level	default
Raw DMR model	`{ "type" : { "TYPE_MODEL_VALUE" : "BOOLEAN" }, "description" : "If the credential store does not contain the default-alias should it be dynamically added?", "attribute-group" : "implementation", "expressions-allowed" : true, "required" : false, "nillable" : true, "default" : true, "stability" : "default", "access-type" : "read-write", "storage" : "configuration", "restart-required" : "all-services", "capability-reference" : null }`

relative-to - A reference to a previously defined path that the path is relative to.

Type	STRING
Is the attribute nillable?	true
Where is the attribute stored?	configuration
Access Type	read-write
Is restarted required?	all-services
Stability Level	default
Raw DMR model	`{ "type" : { "TYPE_MODEL_VALUE" : "STRING" }, "description" : "A reference to a previously defined path that the path is relative to.", "attribute-group" : "file", "expressions-allowed" : false, "required" : false, "nillable" : true, "requires" : ["path"], "min-length" : 1, "max-length" : 2147483647, "stability" : "default", "access-type" : "read-write", "storage" : "configuration", "restart-required" : "all-services", "capability-reference" : null }`

state - The state of the credential store service.

Type	STRING
Where is the attribute stored?	runtime
Access Type	read-only
Allowed Values	DOWN STARTING START_FAILED UP STOPPING REMOVED
Stability Level	default
Raw DMR model	`{ "type" : { "TYPE_MODEL_VALUE" : "STRING" }, "description" : "The state of the credential store service.", "expressions-allowed" : false, "required" : true, "nillable" : false, "min-length" : 1, "max-length" : 2147483647, "allowed" : [ "DOWN", "STARTING", "START_FAILED", "UP", "STOPPING", "REMOVED" ], "stability" : "default", "access-type" : "read-only", "storage" : "runtime", "restart-required" : null, "capability-reference" : null }`

Operations (8)

add - The add operation for the credential store.

Request Parameter	Type	Required	Expressions Allowed	Default value	Description
path	STRING	true	true		The path to the credential store.
relative-to	STRING	false	false		A reference to a previously defined path that the path is relative to.
create	BOOLEAN	false	true	true	If the credential store does not exist should it be dynamically created?
default-alias	STRING	false	true	key	The alias name of any key generated by default.
key-size	INT	false	true	256	The default size for any generated keys.
populate	BOOLEAN	false	true	true	If the credential store does not contain the default-alias should it be dynamically added?

Raw DMR model


{
    "operation-name" : "add",
    "description" : "The add operation for the credential store.",
    "request-properties" : {
        "path" : {
            "type" : {
                "TYPE_MODEL_VALUE" : "STRING"
            },
            "description" : "The path to the credential store.",
            "expressions-allowed" : true,
            "required" : true,
            "nillable" : false,
            "min-length" : 1,
            "max-length" : 2147483647,
            "stability" : "default"
        },
        "relative-to" : {
            "type" : {
                "TYPE_MODEL_VALUE" : "STRING"
            },
            "description" : "A reference to a previously defined path that the path is relative to.",
            "expressions-allowed" : false,
            "required" : false,
            "nillable" : true,
            "requires" : ["path"],
            "min-length" : 1,
            "max-length" : 2147483647,
            "stability" : "default"
        },
        "create" : {
            "type" : {
                "TYPE_MODEL_VALUE" : "BOOLEAN"
            },
            "description" : "If the credential store does not exist should it be dynamically created?",
            "expressions-allowed" : true,
            "required" : false,
            "nillable" : true,
            "default" : true,
            "stability" : "default"
        },
        "default-alias" : {
            "type" : {
                "TYPE_MODEL_VALUE" : "STRING"
            },
            "description" : "The alias name of any key generated by default.",
            "expressions-allowed" : true,
            "required" : false,
            "nillable" : true,
            "default" : "key",
            "min-length" : 1,
            "max-length" : 2147483647,
            "stability" : "default"
        },
        "key-size" : {
            "type" : {
                "TYPE_MODEL_VALUE" : "INT"
            },
            "description" : "The default size for any generated keys.",
            "expressions-allowed" : true,
            "required" : false,
            "nillable" : true,
            "default" : 256,
            "allowed" : [
                128,
                192,
                256
            ],
            "stability" : "default"
        },
        "populate" : {
            "type" : {
                "TYPE_MODEL_VALUE" : "BOOLEAN"
            },
            "description" : "If the credential store does not contain the default-alias should it be dynamically added?",
            "expressions-allowed" : true,
            "required" : false,
            "nillable" : true,
            "default" : true,
            "stability" : "default"
        }
    },
    "reply-properties" : {},
    "stability" : "default",
    "read-only" : false,
    "runtime-only" : false
}

export-secret-key - Export an existing SecretKey.

Request Parameter	Type	Required	Expressions Allowed	Default value	Description
alias	STRING	true	false		The alias of the SecretKey to export.

Raw DMR model


{
    "operation-name" : "export-secret-key",
    "description" : "Export an existing SecretKey.",
    "request-properties" : {"alias" : {
        "type" : {
            "TYPE_MODEL_VALUE" : "STRING"
        },
        "description" : "The alias of the SecretKey to export.",
        "expressions-allowed" : false,
        "required" : true,
        "nillable" : false,
        "min-length" : 1,
        "max-length" : 2147483647,
        "stability" : "default"
    }},
    "reply-properties" : {},
    "stability" : "default",
    "read-only" : false,
    "runtime-only" : true
}

generate-secret-key - Generate a new SecretKey and store it in the credential store.

Request Parameter	Type	Required	Expressions Allowed	Default value	Description
alias	STRING	true	false		The alias to use when storing the new SecretKey.
key-size	INT	false	true		The size of key to generate (bits).

Raw DMR model


{
    "operation-name" : "generate-secret-key",
    "description" : "Generate a new SecretKey and store it in the credential store.",
    "request-properties" : {
        "alias" : {
            "type" : {
                "TYPE_MODEL_VALUE" : "STRING"
            },
            "description" : "The alias to use when storing the new SecretKey.",
            "expressions-allowed" : false,
            "required" : true,
            "nillable" : false,
            "min-length" : 1,
            "max-length" : 2147483647,
            "stability" : "default"
        },
        "key-size" : {
            "type" : {
                "TYPE_MODEL_VALUE" : "INT"
            },
            "description" : "The size of key to generate (bits).",
            "expressions-allowed" : true,
            "required" : false,
            "nillable" : true,
            "allowed" : [
                128,
                192,
                256
            ],
            "stability" : "default"
        }
    },
    "reply-properties" : {},
    "stability" : "default",
    "read-only" : false,
    "runtime-only" : true
}

import-secret-key - Import a previously exported SecretKey and add it to the credential store.

Request Parameter	Type	Required	Expressions Allowed	Default value	Description
alias	STRING	true	false		The alias to use when storing the imported SecretKey.
key	STRING	true	false		The previously exported key to import.

Raw DMR model


{
    "operation-name" : "import-secret-key",
    "description" : "Import a previously exported SecretKey and add it to the credential store.",
    "request-properties" : {
        "alias" : {
            "type" : {
                "TYPE_MODEL_VALUE" : "STRING"
            },
            "description" : "The alias to use when storing the imported SecretKey.",
            "expressions-allowed" : false,
            "required" : true,
            "nillable" : false,
            "min-length" : 1,
            "max-length" : 2147483647,
            "stability" : "default"
        },
        "key" : {
            "type" : {
                "TYPE_MODEL_VALUE" : "STRING"
            },
            "description" : "The previously exported key to import.",
            "expressions-allowed" : false,
            "required" : true,
            "nillable" : false,
            "min-length" : 1,
            "max-length" : 2147483647,
            "stability" : "default"
        }
    },
    "reply-properties" : {},
    "stability" : "default",
    "read-only" : false,
    "runtime-only" : true
}

read-aliases - Read aliases (entries) from a credential store.

Raw DMR model


{
    "operation-name" : "read-aliases",
    "description" : "Read aliases (entries) from a credential store.",
    "request-properties" : {},
    "reply-properties" : {},
    "stability" : "default",
    "read-only" : true,
    "runtime-only" : true
}

reload - Reload credential store (reinitialize and load new data if present).

Raw DMR model


{
    "operation-name" : "reload",
    "description" : "Reload credential store (reinitialize and load new data if present).",
    "request-properties" : {},
    "reply-properties" : {},
    "stability" : "default",
    "read-only" : false,
    "runtime-only" : true
}

remove - The remove operation for the credential store.

Raw DMR model


{
    "operation-name" : "remove",
    "description" : "The remove operation for the credential store.",
    "request-properties" : {},
    "reply-properties" : {},
    "stability" : "default",
    "read-only" : false,
    "runtime-only" : false
}

remove-alias - Remove a credential (entry) stored in the credential store.

Request Parameter	Type	Required	Expressions Allowed	Default value	Description
alias	STRING	true	false		The alias of the credential store item to remove.

Raw DMR model


{
    "operation-name" : "remove-alias",
    "description" : "Remove a credential (entry) stored in the credential store.",
    "request-properties" : {"alias" : {
        "type" : {
            "TYPE_MODEL_VALUE" : "STRING"
        },
        "description" : "The alias of the credential store item to remove.",
        "expressions-allowed" : false,
        "required" : true,
        "nillable" : false,
        "min-length" : 1,
        "max-length" : 2147483647,
        "stability" : "default"
    }},
    "reply-properties" : {},
    "stability" : "default",
    "read-only" : false,
    "runtime-only" : true
}

Galleon Features

Galleon features are to be used when creating Galleon feature-packs.

subsystem.elytron.secret-key-credential-store

        
<feature spec="subsystem.elytron.secret-key-credential-store">
  <param name="secret-key-credential-store" value="{resource name}"/>
  <param name="create" value="{value}"/>
  <param name="default-alias" value="{value}"/>
  <param name="key-size" value="{value}"/>
  <param name="path" value="{value}"/>
  <param name="populate" value="{value}"/>
  <param name="relative-to" value="{value}"/>
<feature/>