Role org.onap.aai.resources.all

Permission type	instances	action
org.onap.aai.resources.access	*	get
org.onap.aai.resources.access	*	put
org.onap.aai.resources.access	*	post
org.onap.aai.resources.access	*	delete
org.onap.aai.resources.access	*	patch

Open questions

Who establishes the role - the service provider or the client? see the AAF diagram
If the service provider - do Do we create multiple roles? e.g. a read-only one, read-write, client specific
How fine-grained permissions do we want to create?
How do we enable AAF since it has to have a connection to the windriver lab? Or we enable it only in special deployments?

Space shortcuts