submodule openconfig-aaa-tacacs { yang-version "1"; belongs-to "openconfig-aaa" { prefix "oc-aaa"; } // import some basic types import openconfig-inet-types { prefix oc-inet; } import openconfig-extensions { prefix oc-ext; } import openconfig-aaa-types { prefix oc-aaa-types; } import openconfig-types { prefix oc-types; } // meta organization "OpenConfig working group"; contact "OpenConfig working group www.openconfig.net"; description "This module defines configuration and operational state data related to the TACACS+ protocol for authentication, authorization, and accounting."; oc-ext:openconfig-version "1.0.0"; revision "2022-07-29" { description "Update user role to be mandatory."; reference "1.0.0"; } revision "2020-07-30" { description "Add secret-key-hashed."; reference "0.5.0"; } revision "2018-11-21" { description "Add OpenConfig module metadata extensions."; reference "0.4.1"; } revision "2017-09-18" { description "Updated to use OpenConfig types modules"; reference "0.3.0"; } revision "2017-07-06" { description "Move to oc-inet types, add IETF attribution, add RADIUS counters, changed password leaf names to indicate hashed"; reference "0.2.0"; } revision "2017-01-29" { description "Initial public release"; reference "0.1.0"; } // extension statements // feature statements // identity statements identity TACACS { base oc-aaa-types:AAA_SERVER_TYPE; description "Terminal Access Controller Access Control System (TACACS+) AAA server"; reference "The TACACS+ Protocol (draft-ietf-opsawg-tacacs-05) RFC 1492 - An Access Control Protocol, Sometimes Called TACACS"; } // typedef statements // grouping statements grouping aaa-tacacs-server-config { description "Configuration data for a TACACS+ server"; leaf port { type oc-inet:port-number; default 49; description "The port number on which to contact the TACACS server"; } leaf secret-key { type oc-types:routing-password; description "The unencrypted shared key used between the authentication server and the device."; } leaf secret-key-hashed { type oc-aaa-types:crypt-password-type; description "The hashed shared key used between the authentication server and the device."; } leaf source-address { type oc-inet:ip-address; description "Source IP address to use in messages to the TACACS server"; } } grouping aaa-tacacs-server-state { description "Operational state data for a TACACS+ server"; } grouping aaa-tacacs-server-top { description "Top-level grouping for TACACS+ sever data"; container tacacs { description "Top-level container for TACACS+ server data"; container config { description "Configuration data for TACACS+ server"; uses aaa-tacacs-server-config; } container state { config false; description "Operational state data for TACACS+ server"; uses aaa-tacacs-server-config; uses aaa-tacacs-server-state; } } } // data definition statements // augment statements // rpc statements // notification statements }