summaryrefslogtreecommitdiffstats
path: root/kubernetes/aai/components/aai-schema-service/values.yaml
diff options
context:
space:
mode:
authorAndreas Geissler <andreas-geissler@telekom.de>2023-05-30 06:50:08 +0000
committerGerrit Code Review <gerrit@onap.org>2023-05-30 06:50:08 +0000
commite0cd330109c072570de1edf987fa2263f75914c9 (patch)
tree90c12e60fdb4126f5e7a57da3bb6508ad4feea99 /kubernetes/aai/components/aai-schema-service/values.yaml
parentfadd545c3bab51ec1a22749176d30d7cd232278a (diff)
parent0e7c7fe013116e78e9b2bb2725621e528155b26a (diff)
Merge "[AAI] Create Authorization Policies for AAI"
Diffstat (limited to 'kubernetes/aai/components/aai-schema-service/values.yaml')
-rw-r--r--kubernetes/aai/components/aai-schema-service/values.yaml7
1 files changed, 7 insertions, 0 deletions
diff --git a/kubernetes/aai/components/aai-schema-service/values.yaml b/kubernetes/aai/components/aai-schema-service/values.yaml
index 19ee9d491c..88f17861c7 100644
--- a/kubernetes/aai/components/aai-schema-service/values.yaml
+++ b/kubernetes/aai/components/aai-schema-service/values.yaml
@@ -98,6 +98,13 @@ service:
ingress:
enabled: false
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: aai-graphadmin-read
+ - serviceAccount: aai-resources-read
+ - serviceAccount: aai-traversal-read
+
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following