[AAI] Keycloak integration into aai-traversal

In order to support multi-tenancy, keycloak(https://www.keycloak.org/)
as Identity and Access Management has been integrated into aai-traversal
and needs to be configured accordignly based on created instance

Issue-ID: AAI-3300
Signed-off-by: Sam Huang <sam.huang@yoppworks.com>
Change-Id: I393fb98ef6ac9cc6f4bf9d476cd682531d15011e

1 files changed, 15 insertions, 1 deletions

diff --git a/kubernetes/aai/components/aai-traversal/values.yaml b/kubernetes/aai/components/aai-traversal/values.yaml
index 38011a0c98..ad4279a543 100644
--- a/kubernetes/aai/components/aai-traversal/values.yaml
+++ b/kubernetes/aai/components/aai-traversal/values.yaml
@@ -59,7 +59,7 @@ global: # global defaults
 
     # Active spring profiles for the resources microservice
     profiles:
-      active: production,dmaap,aaf-auth
+      active: production,dmaap,aaf-auth #,keycloak
 
     # Notification event specific properties
     notification:
@@ -168,6 +168,20 @@ aai_enpoints:
 # application configuration
 config:
 
+  # configure keycloak according to your environment.
+  # don't forget to add keycloak in active profiles above (global.config.profiles)
+  keycloak:
+    host: keycloak.your.domain
+    port: 8180
+    # Specifies a set of users, credentials, roles, and groups
+    realm: aai-traversal
+    # Used by any client application for enabling fine-grained authorization for their protected resources
+    resource: aai-traversal-app
+    # If set to true, additional criteria will be added into traversal query to returns all the vertices that match
+    # the data-owner property with the given role to the user in keycloak
+    multiTenancy:
+      enabled: true
+
   # Specifies timeout information such as application specific and limits
   timeout:
     # If set to true application will timeout for queries taking longer than limit