diff options
| author |   Ravi Geda <gravik@amdocs.com> | 2018-10-30 10:03:44 +0000 |
|---|---|---|
| committer |   Alexis de Talhouƫt <alexis.de_talhouet@bell.ca> | 2018-12-04 13:00:15 +0000 |
| commit | 9234bdec7f994e8b11953fdbc358768defba8fc7 (patch) | |
| tree | 2ce587d54c1da688ad77f2c51abbbc3aacf24410 /kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/uri-authorization.json | |
| parent | 693bc2491bb1249f3e0313a31c4240f5f65e3ba3 (diff) | |
Add Pluggable Security to Champ
Note that by default this feature is turned off. To enable update the
installSidecarSecurity in aai/values.yaml to true
Change-Id: I19d4755a58041c58070e0cd36d263e4e49b3f743
Issue-ID: AAF-587
Signed-off-by: Ravi Geda <gravik@amdocs.com>
Diffstat (limited to 'kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/uri-authorization.json')
| -rw-r--r-- | kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/uri-authorization.json | 99 |
1 files changed, 99 insertions, 0 deletions
diff --git a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/uri-authorization.json b/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/uri-authorization.json new file mode 100644 index 0000000000..2865e01cd6 --- /dev/null +++ b/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/uri-authorization.json @@ -0,0 +1,99 @@ + [ + { + "uri": "\/not\/allowed\/at\/all$", + "permissions": [ + "test.auth.access.ifYouLikedItYouShouldHavePutAPermissionOnIt" + ] + }, + { + "uri": "\/one\/auth\/required$", + "permissions": [ + "test.auth.access.aSimpleSingleAuth" + ] + }, + { + "uri": "\/multi\/auth\/required$", + "permissions": [ + "test.auth.access.aMultipleAuth1", + "test.auth.access.aMultipleAuth2", + "test.auth.access.aMultipleAuth3" + ] + }, + { + "uri": "\/one\/[^\/]+\/required$", + "permissions": [ + "test.auth.access.aSimpleSingleAuth" + ] + }, + { + "uri": "\/services\/getAAFRequest$", + "permissions": [ + "test.auth.access|services|GET,PUT" + ] + }, + { + "uri": "\/admin\/getAAFRequest$", + "permissions": [ + "test.auth.access|admin|GET,PUT,POST" + ] + }, + { + "uri": "\/service\/aai\/webapp\/index.html$", + "permissions": [ + "test.auth.access|services|GET,PUT" + ] + }, + { + "uri": "\/services\/aai\/webapp\/index.html$", + "permissions": [ + "test.auth.access|services|GET,PUT" + ] + }, + { + "uri": "\/$", + "permissions": [ + "\\|services\\|GET", + "test\\.auth\\.access\\|services\\|GET,PUT" + ] + }, + { + "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions$", + "permissions": [ + "test\\.auth\\.access\\|rest\\|read" + ] + }, + { + "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+$*", + "permissions": [ + "test.auth.access|clouds|read", + "test.auth.access|tenants|read" + ] + }, + { + "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+\/tenants/tenant/[^\/]+/vservers/vserver/[^\/]+$", + "permissions": [ + "test.auth.access|clouds|read", + "test.auth.access|tenants|read", + "test.auth.access|vservers|read" + ] + }, + { + "uri": "\/backend$", + "permissions": [ + "test\\.auth\\.access\\|services\\|GET,PUT", + "\\|services\\|GET" + ] + }, + { + "uri": "\/services\/inventory\/.*", + "permissions": [ + "org\\.access\\|\\*\\|\\*" + ] + }, + { + "uri": "\/services\/champ-service\/.*", + "permissions": [ + "org\\.access\\|\\*\\|\\*" + ] + } + ] |