...
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
role create org.onap.aai.resources_all
perm create org.onap.aai.resources * get org.onap.aai.resources_all
perm create org.onap.aai.resources * put org.onap.aai.resources_all
perm create org.onap.aai.resources * post org.onap.aai.resources_all
perm create org.onap.aai.resources * patch org.onap.aai.resources_all
perm create org.onap.aai.resources * delete org.onap.aai.resources_all
user role add demo@people.osaaf.org org.onap.aai.resources_all #just an example, add role to the correct user
role create org.onap.aai.resources_readonly
perm create org.onap.aai.resources * get org.onap.aai.resources_readonly |
Open questions
- How are permissions and roles for traversal modeled? What are the requirements?
- How do we enable AAF since it has to have a connection to the windriver lab? Or we enable it only in special deployments?
- What are the variable configuration parameters of AAF? - the certificate, AAF server IP, permission names? Whaat to externalise to OOM?
- Who creates the roles and permissions during the new release, who and how maintains these scripts?
...