summaryrefslogtreecommitdiffstats
path: root/kubernetes/oof
diff options
context:
space:
mode:
authorvrvarma <vv8305@att.com>2019-04-25 23:08:01 -0400
committerAlexis de Talhouƫt <adetalhouet89@gmail.com>2019-05-13 15:30:31 +0000
commit8f5004939a58a7a3d7c2398678a449a1767debe9 (patch)
tree311d40ad717766134c6292dbb49333e44c2cffec /kubernetes/oof
parent4f897651438c1f8a199f471dd16b150585353116 (diff)
Configuration changes to make osdf ssl enabled
Add common_config.yaml file to enable SSL Add the cert and key files Modify the deployment to mount the cert files Increment the docker image version Securing HAS api with https Modifying the health check protocol to https and credentials Updating certs to add has hostnames Change-Id: I860a0c436234b31d675ca0447fa92d511be0b140 Signed-off-by: vrvarma <vv8305@att.com> Issue-ID: OPTFRA-293
Diffstat (limited to 'kubernetes/oof')
-rw-r--r--kubernetes/oof/resources/config/common_config.yaml82
-rw-r--r--kubernetes/oof/resources/config/org.onap.oof.crt86
-rw-r--r--kubernetes/oof/resources/config/org.onap.oof.key29
-rwxr-xr-xkubernetes/oof/resources/config/osdf_config.yaml2
-rw-r--r--kubernetes/oof/templates/deployment.yaml15
-rw-r--r--kubernetes/oof/values.yaml7
6 files changed, 217 insertions, 4 deletions
diff --git a/kubernetes/oof/resources/config/common_config.yaml b/kubernetes/oof/resources/config/common_config.yaml
new file mode 100644
index 0000000000..03972a7e1f
--- /dev/null
+++ b/kubernetes/oof/resources/config/common_config.yaml
@@ -0,0 +1,82 @@
+osdf_system:
+ libpath: /opt/app/osdf/libs
+ osdf_ports:
+ internal: 8699 # inside the Docker container, the app listens to this port
+ external: 8698 # clients use this port on DockerHost
+ osdf_ip_default: 0.0.0.0
+# # Important Note: At deployment time, we need to ensure the port mapping is done
+ ssl_context: ['/opt/app/ssl_cert/org.onap.oof.crt', '/opt/app/ssl_cert/org.onap.oof.key']
+
+osdf_temp: # special configuration required for "workarounds" or testing
+ local_policies:
+ global_disabled: True
+ local_placement_policies_enabled: True
+ placement_policy_dir_vcpe: "./test/policy-local-files/"
+ placement_policy_files_vcpe: # workaroud for policy platform glitches (or "work-arounds" for other components)
+ - Affinity_vCPE_1.json
+ #- Capacity_vGMuxInfra.json
+ #- Capacity_vG_1.json
+ - Distance_vG_1.json
+ - Distance_vGMuxInfra_1.json
+ - hpa_policy_vG_1.json
+ - hpa_policy_vGMuxInfra_1.json
+ - Placement_Optimization_1.json
+ - QueryPolicy_vCPE.json
+ - vnfPolicy_vG.json
+ - vnfPolicy_vGMuxInfra.json
+ placement_policy_dir_vfw: "./test/policy-local-files/"
+ placement_policy_files_vfw: # workaroud for policy platform glitches (or "work-arounds" for other components)
+ #- Capacity_vFW_1.json
+ - Distance_vFW_1.json
+ - hpa_policy_vFW_1.json
+ - Placement_Optimization_1.json
+ - QueryPolicy_vFW.json
+ - vnfPolicy_vFW.json
+ placement_policy_dir_vfw_td: "./test/policy-local-files/"
+ placement_policy_files_vfw_td:
+ - vnfPolicy_vFW_TD.json
+ - vnfPolicy_vPGN_TD.json
+ - affinity_vFW_TD.json
+ - QueryPolicy_vFW_TD.json
+service_info:
+ vCPE:
+ vcpeHostName: requestParameters.vcpeHostName
+ e2eVpnKey: requestParameters.e2eVpnKey
+ vFW:
+ vcpeHostName: requestParameters.vcpeHostName
+ e2eVpnKey: requestParameters.e2eVpnKey
+
+references:
+ service_name:
+ source: request
+ value: serviceInfo.serviceName
+ subscriber_role:
+ source: SubscriberPolicy
+ value: content.properties.subscriberRole
+
+policy_info:
+ prioritization_attributes:
+ policy_type:
+ - content.policyType
+ resources:
+ - content.resources
+ - content.objectiveParameter.parameterAttributes.resources
+ service_name:
+ - content.serviceName
+
+ placement:
+ policy_fetch: by_scope
+ policy_scope:
+ default_scope: OSDF_CASABLANCA
+ vcpe_scope: OSDF_CASABLANCA
+ vfw_scope: OSDF_DUBLIN
+ secondary_scopes:
+ -
+ - get_param: service_name
+ - US
+ # -
+ # - get_param: service_name
+ # - get_param: subscriber_role
+ default: # if no explicit service related information is needed
+ policy_fetch: by_name
+ policy_scope: none
diff --git a/kubernetes/oof/resources/config/org.onap.oof.crt b/kubernetes/oof/resources/config/org.onap.oof.crt
new file mode 100644
index 0000000000..224d39375b
--- /dev/null
+++ b/kubernetes/oof/resources/config/org.onap.oof.crt
@@ -0,0 +1,86 @@
+-----BEGIN CERTIFICATE-----
+MIIEkTCCA3mgAwIBAgIIfDQFJU4qiGIwDQYJKoZIhvcNAQELBQAwRzELMAkGA1UE
+BhMCVVMxDTALBgNVBAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMRkwFwYDVQQDDBBp
+bnRlcm1lZGlhdGVDQV85MB4XDTE5MDUwOTAzMzYxN1oXDTIwMDUwOTAzMzYxN1ow
+fjEkMCIGA1UEAwwbb29mLmFwaS5zaW1wbGVkZW1vLm9uYXAub3JnMQ8wDQYJKoZI
+hvcNAQkBFgAxGTAXBgNVBAsMEG9vZkBvb2Yub25hcC5vcmcxDjAMBgNVBAsMBU9T
+QUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAIVFAR2i+qXd4hYeiXiTgoTyHeZQt0ndSq1aJ/tsiPEz
+cH3/egq2nYGzC9zccDip8Vyd8uP54hw6OD8ulgssuxrRUppR0TcNp7TPzNIYbnOI
+hjxU4XHCUQbhH4lt8+KVZDGCeWuDOTKXMZ2ZDj/WUcHXJA+2XDpUY6Gdg4K8+Mgu
+CIOzqTkLl0Nz1a0FopZkSjf8nF0R1hf7XtbQorywLz7RL++nEh1a+vDkmVcSmLyW
+fhI2uteuRFg3v9Y+Ebkp37QZ4oTpAjSyUKbvKuE0dhRvoTSRmjIxKFxiGrQBrMyJ
+S3eQJR6USuRhxk2fZx9jTTPiVS5QotoTOO0C2xw9sBsCAwEAAaOCAUgwggFEMAkG
+A1UdEwQCMAAwDgYDVR0PAQH/BAQDAgXgMCAGA1UdJQEB/wQWMBQGCCsGAQUFBwMB
+BggrBgEFBQcDAjBUBgNVHSMETTBLgBSB95lbELnIjN7zUl7qTmmgQz6s3aEwpC4w
+LDEOMAwGA1UECwwFT1NBQUYxDTALBgNVBAoMBE9OQVAxCzAJBgNVBAYTAlVTggEH
+MB0GA1UdDgQWBBSaLxp34n5RCgXcMF4JKn+Z+HqMRTCBjwYDVR0RBIGHMIGEghtv
+b2YuYXBpLnNpbXBsZWRlbW8ub25hcC5vcmeCCWNtc28tb25hcIIcY21zby5hcGku
+c2ltcGxlZGVtby5vbmFwLm9yZ4IJY21zby5vbmFwggtvb2YtaGFzLWFwaYIQb29m
+LWhhcy1hcGkub25hcIIIb29mLW9uYXCCCG9vZi5vbmFwMA0GCSqGSIb3DQEBCwUA
+A4IBAQBarLs2rX/Av0CevlVcvGi73CsvBCtS18jz4Bj/cxuIDZzEHXtOoUmJ8FrI
+9sG2cyZlqCBcND67VJfXsd34amhORnAwzzOjZGWgqvNfP9ayT/Ai1IAeBC0q33vu
+h7v7wgV/cbZ+uNeU6ubN47JaW0pw6q7IBIhbTtnmBC+JmM0MLXt/zdU+/mbHEq7N
+X+1AHDfM7VTzGrDTLt9DEX2tpBlj7l46Xp6UXWlbXUk2cHVzhNrhdgGDPHVs1MRT
+ts3PvNAKyo1zHBRRS0asLVSes0Fge1O6x4RD5vbvFQxhawZsrvS2RRrLiCJNoMP3
+BiU0GD9vLvQy2SB+xBER57WuBsas
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEdTCCAl2gAwIBAgIBBzANBgkqhkiG9w0BAQsFADAsMQ4wDAYDVQQLDAVPU0FB
+RjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMwHhcNMTgwODE3MTg1MTM3WhcN
+MjMwODE3MTg1MTM3WjBHMQswCQYDVQQGEwJVUzENMAsGA1UECgwET05BUDEOMAwG
+A1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVkaWF0ZUNBXzkwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv0HHUkba3uNtNI3jPKimUcd6RNwmhSCJL
+neMWpnjqp5/A+HCKyNsEaT4y177hNLmCm/aMm1u2JIfikc+8wEqLCSBBPz+P0h+d
+o+sZ7U+4oeQizdYYpEdzHJ2SieHHa8vtu80rU3nO2NEIkuYC20HcKSEtl8fFKsk3
+nqlhY+tGfYJPTXcDOQAO40BTcgat3C3uIJHkWJJ4RivunE4LEuRv9QyKgAw7rkJV
+v+f7guqpZlXy6dzAkuU7XULWcgo55MkZlssoiErMvEZJad5aWKvRY3g7qUjaQ6wO
+15wOAUoRBW96eeZZbytgn8kybcBy++Ue49gPtgm1MF/KlAsp0MD5AgMBAAGjgYYw
+gYMwHQYDVR0OBBYEFIH3mVsQuciM3vNSXupOaaBDPqzdMB8GA1UdIwQYMBaAFFNV
+M/JL69BRscF4msEoMXvv6u1JMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/
+BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B
+AQsFAAOCAgEADxNymiCNr2e37iLReoaxKmZvwox0cTiNAaj7iafRzmwIoY3VXO8Q
+ix5IYcp4FaQ7fV1jyp/AmaSnyHf6Osl0sx8PxsQkO7ALttxKUrjfbvNSVUA2C/vl
+u5m7UVJLIUtFDZBWanzUSmkTsYLHpiANFQKd2c/cU1qXcyzgJVFEFVyyHNkF7Is+
++pjG9M1hwQHOoTnEuU013P7X1mHek+RXEfhJWwe7UsZnBKZaZKbQZu7hEtqKWYp/
+QsHgnjoLYXsh0WD5rz/mBxdTdDLGpFqWDzDqb8rsYnqBzoowvsasV8X8OSkov0Ht
+8Yka0ckFH9yf8j1Cwmbl6ttuonOhky3N/gwLEozuhy7TPcZGVyzevF70kXy7g1CX
+kpFGJyEHXoprlNi8FR4I+NFzbDe6a2cFow1JN19AJ9Z5Rk5m7M0mQPaQ4RcikjB3
+aoLsASCJTm1OpOFHfxEKiBW4Lsp3Uc5/Rb9ZNbfLrwqWZRM7buW1e3ekLqntgbky
+uKKISHqVJuw/vXHl1jNibEo9+JuQ88VNuAcm7WpGUogeCa2iAlPTckPZei+MwZ8w
+tpvxTyYlZEC8DWzY1VC29+W2N5cvh01e2E3Ql08W1zL63dqrgdEZ3VWjzooYi4ep
+BmMXTvouW+Flyvcw/0oTcfN0biDIt0mCkZ5CQVjfGL9DTOYteR5hw+k=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFPjCCAyagAwIBAgIJAJ6u7cCnzrWdMA0GCSqGSIb3DQEBCwUAMCwxDjAMBgNV
+BAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzAeFw0xODA0MDUx
+NDE1MjhaFw0zODAzMzExNDE1MjhaMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQK
+DARPTkFQMQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
+ggIBAMA5pkgRs7NhGG4ew5JouhyYakgYUyFaG121+/h8qbSdt0hVQv56+EA41Yq7
+XGie7RYDQK9NmAFF3gruE+6X7wvJiChp+Cyd7sFMnb65uWhxEdxWTM2BJFrgfzUn
+H8ZCxgaCo3XH4PzlKRy2LQQJEJECwl/RZmRCXijMt5e9h8XoZY/fKkKcZZUsWNCM
+pTo266wjvA9MXLmdgReRj0+vrCjrNqy+htwJDztoiHWiYPqT6o8EvGcgjNqjlZx7
+NUNf8MfLDByqKF6+wRbHv1GKjn3/Vijd45Fv8riyRYROiFanvbV6jIfBkv8PZbXg
+2VDWsYsgp8NAvMxK+iV8cO+Ck3lBI2GOPZbCEqpPVTYbLUz6sczAlCXwQoPzDIZY
+wYa3eR/gYLY1gP2iEVHORag3bLPap9ZX5E8DZkzTNTjovvLk8KaCmfcaUMJsBtDd
+ApcUitz10cnRyZc1sX3gE1f3DpzQM6t9C5sOVyRhDcSrKqqwb9m0Ss04XAS9FsqM
+P3UWYQyqDXSxlUAYaX892u8mV1hxnt2gjb22RloXMM6TovM3sSrJS0wH+l1nznd6
+aFXftS/G4ZVIVZ/LfT1is4StoyPWZCwwwly1z8qJQ/zhip5NgZTxQw4mi7ww35DY
+PdAQOCoajfSvFjqslQ/cPRi/MRCu079heVb5fQnnzVtnpFQRAgMBAAGjYzBhMB0G
+A1UdDgQWBBRTVTPyS+vQUbHBeJrBKDF77+rtSTAfBgNVHSMEGDAWgBRTVTPyS+vQ
+UbHBeJrBKDF77+rtSTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAN
+BgkqhkiG9w0BAQsFAAOCAgEAPx/IaK94n02wPxpnYTy+LVLIxwdq/kawNd6IbiMz
+L87zmNMDmHcGbfoRCj8OkhuggX9Lx1/CkhpXimuYsZOFQi5blr/u+v4mIbsgbmi9
+7j+cUHDP0zLycvSvxKHty51LwmaX9a4wkJl5zBU4O1sd/H9tWcEmwJ39ltKoBKBx
+c94Zc3iMm5ytRWGj+0rKzLDAXEWpoZ5bE5PLJauA6UDCxDLfs3FwhbS7uDggxYvf
+jySF5FCNET94oJ+m8s7VeHvoa8iPGKvXrIqdd7XDHnqJJlVKr7m9S0fMbyEB8ci2
+RtOXDt93ifY1uhoEtEykn4dqBSp8ezvNMnwoXdYPDvTd9uCAFeWFLVreBAWxd25h
+PsBTkZA5hpa/rA+mKv6Af4VBViYr8cz4dZCsFChuioVebe9ighrfjB//qKepFjPF
+CyjzKN1u0JKm/2x/ORqxkTONG8p3uDwoIOyimUcTtTMv42bfYD88RKakqSFXE9G+
+Z0LlaKABqfjK49o/tsAp+c5LoNlYllKhnetO3QAdraHwdmC36BhoghzR1jpX751A
+cZn2VH3Q4XKyp01cJNCJIrua+A+bx6zh3RyW6zIIkbRCbET+UD+4mr8WIcSE3mtR
+ZVlnhUDO4z9//WKMVzwS9Rh8/kuszrGFI1KQozXCHLrce3YP6RYZfOed79LXaRwX
+dYY=
+-----END CERTIFICATE-----
+
+
diff --git a/kubernetes/oof/resources/config/org.onap.oof.key b/kubernetes/oof/resources/config/org.onap.oof.key
new file mode 100644
index 0000000000..a261fda9ed
--- /dev/null
+++ b/kubernetes/oof/resources/config/org.onap.oof.key
@@ -0,0 +1,29 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCFRQEdovql3eIW
+Hol4k4KE8h3mULdJ3UqtWif7bIjxM3B9/3oKtp2Bswvc3HA4qfFcnfLj+eIcOjg/
+LpYLLLsa0VKaUdE3Dae0z8zSGG5ziIY8VOFxwlEG4R+JbfPilWQxgnlrgzkylzGd
+mQ4/1lHB1yQPtlw6VGOhnYOCvPjILgiDs6k5C5dDc9WtBaKWZEo3/JxdEdYX+17W
+0KK8sC8+0S/vpxIdWvrw5JlXEpi8ln4SNrrXrkRYN7/WPhG5Kd+0GeKE6QI0slCm
+7yrhNHYUb6E0kZoyMShcYhq0AazMiUt3kCUelErkYcZNn2cfY00z4lUuUKLaEzjt
+AtscPbAbAgMBAAECggEAUSSNpFzaXel2Qd9/9kFiQ84jNFtK7hdl45y0IVqZGrsm
+MCFATouX5SN+ApDZZzbZ9XlaLUK1UFiGbLnRs6Ydmht/PuS4DNwsk2O+ouErRv8G
+NG++AIS+zwB9MjEXQIuTQK3fff2c8tep5voM+gNlLi/vDf4Ls5w0OW/tZcnndAHp
+qpepSMd29gIwi9nViCD11k32UdQ7oAb7pB+RXleol1181945reuuvzIqfGamvfhl
+TXdGO3GT7bSiy0q2iFGiAeEBfCNqYs3ptJrDrUSiPD7CZOybUFxGfI8lnrW/yvya
+FrwIZuOkLdnCDssXsFzWz08NJ8sr2/HZZBgl9nbFoQKBgQDHVwq244eyUtNalRvZ
+HPiRewSwp4A1pYBzk5DmcYLgKrXUlukYy7pKr8VoH899iWVPzWKqNkHavV2KvcSr
+4dyNnEytAKiBqcb4piAzajgWG+m27WvITDF2zJhzx+91E1tngtyjKNzAHWG57A/W
+S3H4Cm2eidXe6lKURL0RJ4QLcQKBgQCrJlnyPCf3qfcHkXW/EYlzmJMDSasgLEBl
+/dthVZ8QRshooyzJTCckN2PXO+mbuarwmnjtb8ZS/PzPSZ7cAKfZOHgzWOPM5I45
+n0axJmrSZ+dUz270q8R1sVfqd0/jH4LjwuCQMKZmN+UpTijA2hKVWUCxcML7KtXT
+QP3TQSy2SwKBgDlPgxsVy3uvaGiQmhMPyz84WR7Y6XmC/a087dnzJKeCYAig4p9o
+Y0T5yA2pp6P2DpSk/grl0oUrEGvFJ3grVZe5KipLGCc/Qp9WU8e0cC+bEtSu6eAK
+V+ZJ6ELRZr0INa1K6FhYdS8ew2wKvHrl8fxYMy/zfPO79sX+BUWbUNFhAoGAK5FQ
+tkw/9FjM7J1HtwLU1ZtSWTTongEFx7DOpsFwA2mxXImlPfznvd1nygOTXTPvYt4/
+yFl6x+dkx7O6/9Ae6jnox1Fqc97+oYZ9LV1VNgiDJ+DCIwCSu08QzTvgFzYPUMFr
+/uiTg1PZPyGJWEZrEp+syz6kM+HcmrFhq+RcaG8CgYEAtgHnJWL3v9r1jTP1YLRm
+C7tXJ5a/xs3+KuM6vmSpAwkDvV50RK07ypGZqWsG2ewjUqxpAOeoiMn0dRRGP324
+yNCXUWjTVFbzdtzOQuOZVnEeje3K8xHUS3kv9zm1TgMbCRJgvc1THXhderiBShOK
+ATP2Y7+WNByxs+TXGI//cFQ=
+-----END PRIVATE KEY-----
+
diff --git a/kubernetes/oof/resources/config/osdf_config.yaml b/kubernetes/oof/resources/config/osdf_config.yaml
index fea3d908cf..4dd3097918 100755
--- a/kubernetes/oof/resources/config/osdf_config.yaml
+++ b/kubernetes/oof/resources/config/osdf_config.yaml
@@ -60,7 +60,7 @@ osdfCMSchedulerUsername: {{ .Values.config.osdfCMSchedulerUsername }}
osdfCMSchedulerPassword: {{ .Values.config.osdfCMSchedulerPassword }}
is_aaf_enabled: {{ .Values.config.is_aaf_enabled }}
-aaf_cache_expiry_hrs: {{ .Values.config.aaf_cache_expiry_hrs }}
+aaf_cache_expiry_mins: {{ .Values.config.aaf_cache_expiry_mins }}
aaf_url: {{ .Values.config.aaf_url }}
aaf_user_roles:
{{- range .Values.config.aaf_user_roles }}
diff --git a/kubernetes/oof/templates/deployment.yaml b/kubernetes/oof/templates/deployment.yaml
index d4558b72dd..3c5306e644 100644
--- a/kubernetes/oof/templates/deployment.yaml
+++ b/kubernetes/oof/templates/deployment.yaml
@@ -95,6 +95,15 @@ spec:
- mountPath: /opt/app/ssl_cert/aaf_root_ca.cer
name: {{ include "common.fullname" . }}-config
subPath: aaf_root_ca.cer
+ - mountPath: /opt/app/ssl_cert/org.onap.oof.crt
+ name: {{ include "common.fullname" . }}-config
+ subPath: org.onap.oof.crt
+ - mountPath: /opt/app/ssl_cert/org.onap.oof.key
+ name: {{ include "common.fullname" . }}-config
+ subPath: org.onap.oof.key
+ - mountPath: /opt/osdf/config/common_config.yaml
+ name: {{ include "common.fullname" . }}-config
+ subPath: common_config.yaml
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -118,5 +127,11 @@ spec:
path: osdf_config.yaml
- key: aaf_root_ca.cer
path: aaf_root_ca.cer
+ - key: common_config.yaml
+ path: common_config.yaml
+ - key: org.onap.oof.crt
+ path: org.onap.oof.crt
+ - key: org.onap.oof.key
+ path: org.onap.oof.key
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/oof/values.yaml b/kubernetes/oof/values.yaml
index 06c190cc7a..5099091b4a 100644
--- a/kubernetes/oof/values.yaml
+++ b/kubernetes/oof/values.yaml
@@ -49,7 +49,7 @@ config:
soUsername: "" # SO username for call back.
soPassword: "" # SO password for call back.
# Url and credentials for Conductor.
- conductorUrl: http://oof-has-api:8091/v1/plans/
+ conductorUrl: https://oof-has-api:8091/v1/plans/
conductorUsername: admin1
conductorPassword: plan.15
conductorPingWaitTime: 60
@@ -87,10 +87,11 @@ config:
osdfCMSchedulerPassword: testpwd1
#AAF Authentication
is_aaf_enabled: False
- aaf_cache_expiry_hrs: 3
+ aaf_cache_expiry_mins: 5
aaf_url: https://aaf-service:8100
aaf_user_roles:
- - '/api/oof/v1/placement:org.onap.osdf.access|*|read ALL'
+ - '/placement:org.onap.oof.access|*|read ALL'
+ - '/pci:org.onap.oof.access|*|read ALL'
# Secret Management Service from AAF
aaf_sms_url: https://aaf-sms
aaf_sms_port: 10443