Versions Compared

Old Version 16

changes.mady.by.user Pavel Paroulek

Saved on

compared with

New Version 17

changes.mady.by.user Pavel Paroulek

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

For a seemless transition to AAF, the first roles we use for our clients will be called org.onap.aai.resources_all and org.onap.aai.traversal_all with read and write permissionadvanced and org.onap.aai.resources_readonly and org.onap.aai.traversal_readonly with read only permissionbasic. These roles will be assigned to all users/applications which access A&AI web services.

Role nameMeaning
org.onap.aai.
traversal
resources_
allPermission typeinstances
allread + write access to the resources web service
action
org.onap.aai.
traversal*get
resources_readonlyread-only access to the resources web service
org.onap.aai.traversal
*put
_advancedapplications may issue basic and advanced queries in the traversal web service
org.onap.aai.traversal_basicapplications may issue only basic queries in the traversal web service


Role *post org.onap.aai.traversal_advanced
delete
Permission typeinstancesaction*
org.onap.aai.traversal*patchadvanced
Role org.onap.aai.resources_all
Permission typeinstancesaction
org.onap.aai.resources*get
org.onap.aai.resources*put
org.onap.aai.resources*post
org.onap.aai.resources*delete
org.onap.aai.resources*patch

...

Role org.onap.aai.traversal_readonlybasic
Permission typeinstancesaction
org.onap.aai.traversal???*basic???

Resources webservice AAF role and permission setup

Code Block
languagebash
themeMidnight
titleAAF role permission setup
role create org.onap.aai.resources_all
perm create org.onap.aai.resources * get org.onap.aai.resources_all
perm create org.onap.aai.resources * put org.onap.aai.resources_all
perm create org.onap.aai.resources * post org.onap.aai.resources_all
perm create org.onap.aai.resources * patch org.onap.aai.resources_all
perm create org.onap.aai.resources * delete org.onap.aai.resources_all
user role add demo@people.osaaf.org org.onap.aai.resources_all #just an example, add role to the correct user
role create org.onap.aai.resources_readonly
perm create org.onap.aai.resources * get org.onap.aai.resources_readonly

Open questions

...


role create org.onap.aai.traversal_basic
perm create org.onap.aai.traversal * basic org.onap.aai.traversal_basic
role create org.onap.aai.traversal_advanced
perm create org.onap.aai.traversal * advanced org.onap.aai.traversal_advanced
user role add demo@people.osaaf.org org.onap.aai.traversal_advanced #just an example, add role to the correct user



Open questions

...