diff options
Diffstat (limited to 'packages/base/src')
27 files changed, 856 insertions, 104 deletions
diff --git a/packages/base/src/files/bin/AddScopesToPolicyScopeEditorTable.class b/packages/base/src/files/bin/AddScopesToPolicyScopeEditorTable.class Binary files differnew file mode 100644 index 000000000..110a0cadc --- /dev/null +++ b/packages/base/src/files/bin/AddScopesToPolicyScopeEditorTable.class diff --git a/packages/base/src/files/bin/ModifyCloseddLoopAttributesFor1604.class b/packages/base/src/files/bin/ModifyCloseddLoopAttributesFor1604.class Binary files differnew file mode 100644 index 000000000..c1464139a --- /dev/null +++ b/packages/base/src/files/bin/ModifyCloseddLoopAttributesFor1604.class diff --git a/packages/base/src/files/install/mysql/data/161000_upgrade_script.sql b/packages/base/src/files/install/mysql/data/161000_upgrade_script.sql index ba887f214..3c3272e0e 100755 --- a/packages/base/src/files/install/mysql/data/161000_upgrade_script.sql +++ b/packages/base/src/files/install/mysql/data/161000_upgrade_script.sql @@ -1675,87 +1675,9 @@ create table `globalrolesettings` ( primary key (`role`) ); --- --- Table structure for table `goceventalarm` --- - -drop table if exists `goceventalarm`; -create table `goceventalarm` ( -`id` int(11) not null auto_increment, -`event` varchar(1024) not null, -`description` varchar(1024) default null, -`alarm` varchar(1024) not null, -`created_date` timestamp not null default current_timestamp, -`created_by` varchar(45) not null, -`modified_date` timestamp not null default '0000-00-00 00:00:00', -`modified_by` varchar(45) not null, -primary key (`id`) -); - --- --- Table structure for table `gocrcalarm` --- - -drop table if exists `gocrcalarm`; -create table `gocrcalarm` ( -`id` int(11) not null auto_increment, -`alarmname` varchar(1024) not null, -`description` varchar(1024) default null, -`created_date` timestamp not null default current_timestamp, -`created_by` varchar(45) not null, -`modified_date` timestamp not null default '0000-00-00 00:00:00', -`modified_by` varchar(45) not null, -primary key (`id`) -); - --- --- Table structure for table `gocserverscope` --- - -drop table if exists `gocserverscope`; -create table `gocserverscope` ( -`id` int(11) not null auto_increment, -`serverscopename` varchar(1024) not null, -`description` varchar(1024) default null, -`serverscopeentry` varchar(1024) not null, -`created_date` timestamp not null default current_timestamp on update current_timestamp, -`created_by` varchar(45) not null, -`modified_date` timestamp not null default '0000-00-00 00:00:00', -`modified_by` varchar(45) not null, -primary key (`id`) -); --- --- Table structure for table `goctraversal` --- - -drop table if exists `goctraversal`; -create table `goctraversal` ( -`id` int(11) not null auto_increment, -`traversal` varchar(1024) not null, -`description` varchar(1024) default null, -`created_date` timestamp not null default current_timestamp, -`created_by` varchar(45) not null, -`modified_date` timestamp not null default '0000-00-00 00:00:00', -`modified_by` varchar(45) not null, -primary key (`id`) -); --- --- Table structure for table `gocvnftype` --- -drop table if exists `gocvnftype`; -create table `gocvnftype` ( -`id` int(11) not null auto_increment, -`vnfname` varchar(1024) not null, -`description` varchar(1024) default null, -`created_date` timestamp not null default current_timestamp, -`created_by` varchar(45) not null, -`modified_date` timestamp not null default '0000-00-00 00:00:00', -`modified_by` varchar(45) not null, -primary key (`id`) -); -- -- Table structure for table `groupentity` @@ -6446,4 +6368,4 @@ INSERT INTO `policyversion` VALUES (3,'com/Config_MS_vFirewall',1,1,'2017-03-03 insert into sequence (seq_name, seq_count) values ('SEQ_GEN', 3050); set foreign_key_checks=1; -commit; +commit;
\ No newline at end of file diff --git a/packages/base/src/files/install/mysql/data/170204_downgrade_script.sql b/packages/base/src/files/install/mysql/data/170204_downgrade_script.sql new file mode 100644 index 000000000..d33fde5c6 --- /dev/null +++ b/packages/base/src/files/install/mysql/data/170204_downgrade_script.sql @@ -0,0 +1,22 @@ +/*- +* ============LICENSE_START======================================================= +* ECOMP Policy Engine +* ================================================================================ +* Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. +* ================================================================================ +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +* ============LICENSE_END========================================================= +*/ +use ecomp_sdk; +drop table if exists brmsgroup_info; +drop table if exists brmsgroup_policy; diff --git a/packages/base/src/files/install/mysql/data/170204_upgrade_script.sql b/packages/base/src/files/install/mysql/data/170204_upgrade_script.sql new file mode 100644 index 000000000..87b24710d --- /dev/null +++ b/packages/base/src/files/install/mysql/data/170204_upgrade_script.sql @@ -0,0 +1,88 @@ +/*- +* ============LICENSE_START======================================================= +* ECOMP Policy Engine +* ================================================================================ +* Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. +* ================================================================================ +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +* ============LICENSE_END========================================================= +*/ +use ecomp_sdk; +set foreign_key_checks=0; +drop table if exists brmsgroup_info; +CREATE TABLE brmsgroup_info +( +controllerName VARCHAR(255) NOT NULL, +groupId VARCHAR(255) NOT NULL, +artifactId VARCHAR(255) NOT NULL, +version VARCHAR(45), +PRIMARY KEY (controllerName) +); +drop table if exists brmsgroup_policy; +CREATE TABLE brmsgroup_policy +( +policyName VARCHAR(255) NOT NULL, +controllerName VARCHAR(255) NOT NULL references brmsgroup_info(controllerName), +PRIMARY KEY(policyname) +); + + +Insert into fn_role (ROLE_ID,ROLE_NAME,ACTIVE_YN,PRIORITY) values (5002,'Policy Super Admin','Y',10); +Insert into fn_role (ROLE_ID,ROLE_NAME,ACTIVE_YN,PRIORITY) values (5003,'Policy Super Editor','Y',10); +Insert into fn_role (ROLE_ID,ROLE_NAME,ACTIVE_YN,PRIORITY) values (5004,'Policy Super Guest','Y',10); +Insert into fn_role (ROLE_ID,ROLE_NAME,ACTIVE_YN,PRIORITY) values (5005,'Policy Admin','Y',10); +Insert into fn_role (ROLE_ID,ROLE_NAME,ACTIVE_YN,PRIORITY) values (5006,'Policy Editor','Y',10); +Insert into fn_role (ROLE_ID,ROLE_NAME,ACTIVE_YN,PRIORITY) values (5007,'Policy Guest','Y',10); + + +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5002,'menu_policy'); +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5002,'policy_admin'); +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5002,'policy_dashboard'); +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5002,'policy_editor'); +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5002,'policy_roles'); +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5002,'policy_pdp'); +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5002,'policy_dictionary'); +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5002,'policy_push'); + +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5003,'menu_policy'); +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5003,'policy_dashboard'); +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5003,'policy_editor'); +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5003,'policy_pdp'); +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5003,'policy_push'); + +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5004,'menu_policy'); +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5004,'policy_dashboard'); +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5004,'policy_editor'); +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5004,'policy_pdp'); + +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5005,'menu_policy'); +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5005,'policy_dashboard'); +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5005,'policy_editor'); +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5005,'policy_pdp'); +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5005,'policy_dictionary'); +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5005,'policy_push'); + +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5006,'menu_policy'); +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5006,'policy_dashboard'); +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5006,'policy_editor'); +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5006,'policy_pdp'); +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5006,'policy_push'); + +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5007,'menu_policy'); +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5007,'policy_dashboard'); +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5007,'policy_editor'); +Insert into fn_role_function (ROLE_ID,FUNCTION_CD) values (5007,'policy_pdp'); + +set foreign_key_checks=0; + +commit;
\ No newline at end of file diff --git a/packages/base/src/files/install/servers/brmsgw/config.properties b/packages/base/src/files/install/servers/brmsgw/config.properties index 96bfa682e..4f92a0ac7 100644 --- a/packages/base/src/files/install/servers/brmsgw/config.properties +++ b/packages/base/src/files/install/servers/brmsgw/config.properties @@ -24,10 +24,18 @@ COMPONENT_X_MS_MB=${{COMPONENT_X_MS_MB}} PDP_URL = ${{REST_PDP_ID}} , ${{PDP_HTTP_USER_ID}} , ${{PDP_HTTP_PASSWORD}} PAP_URL = ${{REST_PAP_URL}} , ${{PDP_PAP_PDP_HTTP_USER_ID}} , ${{PDP_PAP_PDP_HTTP_PASSWORD}} + +#Notification Properties... type can be either websocket, ueb, or dmaap NOTIFICATION_TYPE=websocket -NOTIFICATION_UEB_SERVERS= +NOTIFICATION_SERVERS=${{UEB_URL}} +NOTIFICATION_TOPIC=${{UEB_TOPIC}} +NOTIFICATION_DELAY= CLIENT_ID=${{CLIENT_ID}} CLIENT_KEY=${{CLIENT_KEY}} +UEB_API_KEY=${{UEB_API_KEY}} +UEB_API_SECRET=${{UEB_API_SECRET}} + + # Environment should be Set either DEV, TEST or PROD ENVIRONMENT=${{ENVIRONMENT}} @@ -44,11 +52,7 @@ repositoryUsername = ${{repositoryUsername}} repositoryPassword = ${{repositoryPassword}} ## policyKeyID the value of Policy Key whose value will be the group Name. policyKeyID = controller -# UEB Notification Details. -UEB_URL=${{UEB_URL}} -UEB_TOPIC=${{UEB_TOPIC}} -UEB_API_KEY=${{UEB_API_KEY}} -UEB_API_SECRET=${{UEB_API_SECRET}} + ## GroupNames can be comma separated values. groupNames = default, vFW , vDNS diff --git a/packages/base/src/files/install/servers/brmsgw/dependency.json b/packages/base/src/files/install/servers/brmsgw/dependency.json new file mode 100644 index 000000000..e766f1490 --- /dev/null +++ b/packages/base/src/files/install/servers/brmsgw/dependency.json @@ -0,0 +1,33 @@ +{ + "dependencies": { + "default": [{ + "groupId": "org.openecomp.policy.drools-applications", + "artifactId": "demo", + "version": "1.1.0-SNAPSHOT" + }, { + "groupId": "org.openecomp.policy.drools-applications", + "artifactId": "controlloop", + "version": "1.1.0-SNAPSHOT" + }, { + "groupId": "org.openecomp.policy.drools-applications", + "artifactId": "rest", + "version": "1.1.0-SNAPSHOT" + }, { + "groupId": "org.openecomp.policy.drools-applications", + "artifactId": "appc", + "version": "1.1.0-SNAPSHOT" + }, { + "groupId": "org.openecomp.policy.drools-applications", + "artifactId": "aai", + "version": "1.1.0-SNAPSHOT" + }, { + "groupId": "org.openecomp.policy.drools-applications", + "artifactId": "mso", + "version": "1.1.0-SNAPSHOT" + }, { + "groupId": "org.openecomp.policy.drools-applications", + "artifactId": "trafficgenerator", + "version": "1.1.0-SNAPSHOT" + }] + } +}
\ No newline at end of file diff --git a/packages/base/src/files/install/servers/console/bin/workspace/admin/repository/com/Config_BRMS_Param_BRMSParamvFWDemoPolicy.1.xml b/packages/base/src/files/install/servers/console/bin/workspace/admin/repository/com/Config_BRMS_Param_BRMSParamvFWDemoPolicy.1.xml index 1e8b6cf48..38405d625 100755 --- a/packages/base/src/files/install/servers/console/bin/workspace/admin/repository/com/Config_BRMS_Param_BRMSParamvFWDemoPolicy.1.xml +++ b/packages/base/src/files/install/servers/console/bin/workspace/admin/repository/com/Config_BRMS_Param_BRMSParamvFWDemoPolicy.1.xml @@ -90,4 +90,4 @@ </AdviceExpression> </AdviceExpressions> </Rule> -</Policy> +</Policy>
\ No newline at end of file diff --git a/packages/base/src/files/install/servers/console/bin/workspace/admin/repository/com/Config_BRMS_Param_BRMSParamvLBDemoPolicy.1.xml b/packages/base/src/files/install/servers/console/bin/workspace/admin/repository/com/Config_BRMS_Param_BRMSParamvLBDemoPolicy.1.xml index 86defdf44..25af35a78 100755 --- a/packages/base/src/files/install/servers/console/bin/workspace/admin/repository/com/Config_BRMS_Param_BRMSParamvLBDemoPolicy.1.xml +++ b/packages/base/src/files/install/servers/console/bin/workspace/admin/repository/com/Config_BRMS_Param_BRMSParamvLBDemoPolicy.1.xml @@ -90,4 +90,4 @@ </AdviceExpression> </AdviceExpressions> </Rule> -</Policy> +</Policy>
\ No newline at end of file diff --git a/packages/base/src/files/install/servers/console/bin/workspace/admin/repository/com/Config_MS_vFirewall.1.xml b/packages/base/src/files/install/servers/console/bin/workspace/admin/repository/com/Config_MS_vFirewall.1.xml index 6492b50ee..336504c71 100644 --- a/packages/base/src/files/install/servers/console/bin/workspace/admin/repository/com/Config_MS_vFirewall.1.xml +++ b/packages/base/src/files/install/servers/console/bin/workspace/admin/repository/com/Config_MS_vFirewall.1.xml @@ -111,4 +111,4 @@ </AdviceExpression> </AdviceExpressions> </Rule> -</Policy> +</Policy>
\ No newline at end of file diff --git a/packages/base/src/files/install/servers/console/bin/workspace/admin/repository/com/Config_MS_vLoadBalancer.1.xml b/packages/base/src/files/install/servers/console/bin/workspace/admin/repository/com/Config_MS_vLoadBalancer.1.xml index 0de9067a2..bb183c5a0 100644 --- a/packages/base/src/files/install/servers/console/bin/workspace/admin/repository/com/Config_MS_vLoadBalancer.1.xml +++ b/packages/base/src/files/install/servers/console/bin/workspace/admin/repository/com/Config_MS_vLoadBalancer.1.xml @@ -111,4 +111,4 @@ </AdviceExpression> </AdviceExpressions> </Rule> -</Policy> +</Policy>
\ No newline at end of file diff --git a/packages/base/src/files/install/servers/console/bin/xacml.admin.properties b/packages/base/src/files/install/servers/console/bin/xacml.admin.properties index 8a214a8ab..dbbcc59fb 100644 --- a/packages/base/src/files/install/servers/console/bin/xacml.admin.properties +++ b/packages/base/src/files/install/servers/console/bin/xacml.admin.properties @@ -154,7 +154,6 @@ xacml.rest.pdp.idfile=${{POLICY_HOME}}/servers/pap/bin/test.properties xacml.rest.closedLoopFault=OpenSource.version.1 xacml.rest.closedLoopPM=OpenSource.version.1 xacml.rest.microServices=OpenSource.version.1 -xacml.rest.gocPolicy=OpenSource.version.1 xacml.rest.firewallPolicy=OpenSource.version.1 #***Properties for IntegrityMonitor integration defined in XACMLRestProperties.java*** @@ -201,3 +200,7 @@ ecomp.application.name = ${{ecomp_application_name}} #Dialect for Database ecomp.dialect = org.hibernate.dialect.MySQLDialect + +#Micro Service Model Properties +xacml.policy.msEcompName=${{policy_msEcompName}} +xacml.policy.msPolicyName=${{policy_msPolicyName}}
\ No newline at end of file diff --git a/packages/base/src/files/install/servers/ecomp/WEB-INF/classes/portal.properties b/packages/base/src/files/install/servers/ecomp/WEB-INF/classes/portal.properties index 54c5cb1df..7b12df4c1 100644 --- a/packages/base/src/files/install/servers/ecomp/WEB-INF/classes/portal.properties +++ b/packages/base/src/files/install/servers/ecomp/WEB-INF/classes/portal.properties @@ -41,7 +41,7 @@ use_rest_for_functional_menu=true ########################################################################## # Name of java class that implements the OnBoardingApiService interface. -portal.api.impl.class = org.openecomp.portalapp.service.OnBoardingApiServiceImplPolicy +portal.api.impl.class = org.openecomp.portalapp.service.OnBoardingApiServiceImpl # CSP Global Log On for single sign on ecomp_redirect_url = ${{ECOMP_REDIRECT_URL}} diff --git a/packages/base/src/files/install/servers/ecomp/WEB-INF/conf/system.properties b/packages/base/src/files/install/servers/ecomp/WEB-INF/conf/system.properties index a6f915783..4ae54c1d2 100644 --- a/packages/base/src/files/install/servers/ecomp/WEB-INF/conf/system.properties +++ b/packages/base/src/files/install/servers/ecomp/WEB-INF/conf/system.properties @@ -78,7 +78,7 @@ contact_us_link = instance_uuid=8da691c9-987d-43ed-a358-00ac2f35685d # R Cloud feature -guard_notebook_url= +guard_notebook_url=todo_guard_url #authenticate user server authenticate_user_server=${{AUTHENTICATE_USER_SERVERS}}
\ No newline at end of file diff --git a/packages/base/src/files/install/servers/ecomp/app/policyApp/Properties/config.json b/packages/base/src/files/install/servers/ecomp/app/policyApp/Properties/config.json deleted file mode 100644 index d16c5c269..000000000 --- a/packages/base/src/files/install/servers/ecomp/app/policyApp/Properties/config.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "PAP_URL" : "${{REST_PAPURL_WITH_AUTH_PASSWORD}}" -} diff --git a/packages/base/src/files/install/servers/pap/bin/pdps/default/com.Config_BRMS_Param_BRMSParamvFWDemoPolicy.1.xml b/packages/base/src/files/install/servers/pap/bin/pdps/default/com.Config_BRMS_Param_BRMSParamvFWDemoPolicy.1.xml new file mode 100644 index 000000000..141ac47ff --- /dev/null +++ b/packages/base/src/files/install/servers/pap/bin/pdps/default/com.Config_BRMS_Param_BRMSParamvFWDemoPolicy.1.xml @@ -0,0 +1,93 @@ +<?xml version="1.0" encoding="UTF-8" standalone="yes"?> +<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" PolicyId="urn:com:xacml:policy:id:0f246245-4e4e-4fb4-87f2-c95ebc0b6c30" Version="1" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:permit-overrides"> + <Description>vFW Demo Policy@CreatedBy:@CreatedBy:@ModifiedBy:@ModifiedBy:</Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">com.Config_BRMS_Param_BRMSParamvFWDemoPolicy.1.xml</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="PolicyName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + <AllOf> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">DROOLS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ECOMPName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">BRMS_PARAM_RULE</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ConfigName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">SampleRiskType</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="RiskType" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">1</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="RiskLevel" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">False</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="guard" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">NA</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="TTLDate" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <Rule RuleId="urn:com:xacml:rule:id:d4281b8e-698f-4860-b96f-aa85f70710a6" Effect="Permit"> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">ACCESS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Config</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <AdviceExpressions> + <AdviceExpression AdviceId="BRMSPARAMID" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="type" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Configuration</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="URLID" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">$URL/Config/com.Config_BRMS_Param_BRMSParamvFWDemoPolicy.1.txt</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="PolicyName" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">com.Config_BRMS_Param_BRMSParamvFWDemoPolicy.1.xml</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="VersionNumber" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">1</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="matching:ECOMPName" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">DROOLS</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="matching:ConfigName" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">BRMS_PARAM_RULE</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="key:controller" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">vFW</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="RiskType" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">SampleRiskType</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="RiskLevel" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">1</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="guard" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">False</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="TTLDate" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">NA</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> +</Policy>
\ No newline at end of file diff --git a/packages/base/src/files/install/servers/pap/bin/pdps/default/com.Config_BRMS_Param_BRMSParamvLBDemoPolicy.1.xml b/packages/base/src/files/install/servers/pap/bin/pdps/default/com.Config_BRMS_Param_BRMSParamvLBDemoPolicy.1.xml new file mode 100644 index 000000000..28975e794 --- /dev/null +++ b/packages/base/src/files/install/servers/pap/bin/pdps/default/com.Config_BRMS_Param_BRMSParamvLBDemoPolicy.1.xml @@ -0,0 +1,93 @@ +<?xml version="1.0" encoding="UTF-8" standalone="yes"?> +<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" PolicyId="urn:com:xacml:policy:id:a5230f4f-23c0-47ed-a039-61c47f87d4ed" Version="1" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:permit-overrides"> + <Description>vLB Demo Policy@CreatedBy:@CreatedBy:@ModifiedBy:@ModifiedBy:</Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">com.Config_BRMS_Param_BRMSParamvLBDemoPolicy.1.xml</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="PolicyName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + <AllOf> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">DROOLS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ECOMPName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">BRMS_PARAM_RULE</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ConfigName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">SampleRiskType</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="RiskType" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">1</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="RiskLevel" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">False</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="guard" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">NA</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="TTLDate" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <Rule RuleId="urn:com:xacml:rule:id:7df3cfcd-0e50-4569-b9b8-abf5022e8e1c" Effect="Permit"> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">ACCESS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Config</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <AdviceExpressions> + <AdviceExpression AdviceId="BRMSPARAMID" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="type" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Configuration</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="URLID" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">$URL/Config/com.Config_BRMS_Param_BRMSParamvLBDemoPolicy.1.txt</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="PolicyName" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">com.Config_BRMS_Param_BRMSParamvLBDemoPolicy.1.xml</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="VersionNumber" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">1</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="matching:ECOMPName" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">DROOLS</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="matching:ConfigName" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">BRMS_PARAM_RULE</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="key:controller" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">vDNS</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="RiskType" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">SampleRiskType</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="RiskLevel" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">1</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="guard" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">False</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="TTLDate" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">NA</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> +</Policy>
\ No newline at end of file diff --git a/packages/base/src/files/install/servers/pap/bin/pdps/default/com.Config_MS_vFirewall.1.xml b/packages/base/src/files/install/servers/pap/bin/pdps/default/com.Config_MS_vFirewall.1.xml new file mode 100644 index 000000000..19d8c176d --- /dev/null +++ b/packages/base/src/files/install/servers/pap/bin/pdps/default/com.Config_MS_vFirewall.1.xml @@ -0,0 +1,114 @@ +<?xml version="1.0" encoding="UTF-8" standalone="yes"?> +<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" PolicyId="urn:com:xacml:policy:id:74c4f8d3-293e-475e-bdda-ad0812873733" Version="1" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:permit-overrides"> + <Description>Micro Service vFirewall Demo Policy@CreatedBy:@CreatedBy:@ModifiedBy:@ModifiedBy:</Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">com.Config_MS_vFirewall.1.xml</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="PolicyName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + <AllOf> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">DCAE</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ECOMPName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">SampleConfigName</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ConfigName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">TcaMetrics-v1.0.0.5</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="service" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">/services/cdap-tca-hi-lo/instances/demo/configuration/metricsPerFunctionalRole/vFirewall</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="uuid" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">SampleServiceLocation</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="location" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">SampleRiskType</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="RiskType" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">1</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="RiskLevel" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">False</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="guard" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">NA</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="TTLDate" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <Rule RuleId="urn:com:xacml:rule:id:2f26c8c8-ee97-4e68-a5b0-2af7d72015e1" Effect="Permit"> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">ACCESS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Config</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <AdviceExpressions> + <AdviceExpression AdviceId="MSID" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="type" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Configuration</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="URLID" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">$URL/Config/com.Config_MS_vFirewall.1.json</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="PolicyName" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">com.Config_MS_vFirewall.1.xml</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="VersionNumber" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">1</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="matching:ECOMPName" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">DCAE</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="matching:ConfigName" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">SampleConfigName</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="matching:service" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">TcaMetrics-v1.0.0.5</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="matching:uuid" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">/services/cdap-tca-hi-lo/instances/demo/configuration/metricsPerFunctionalRole/vFirewall</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="matching:Location" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">SampleServiceLocation</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="Priority" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">1</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="RiskType" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">SampleRiskType</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="RiskLevel" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">1</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="guard" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">1</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="TTLDate" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">NA</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> +</Policy>
\ No newline at end of file diff --git a/packages/base/src/files/install/servers/pap/bin/pdps/default/com.Config_MS_vLoadBalancer.1.xml b/packages/base/src/files/install/servers/pap/bin/pdps/default/com.Config_MS_vLoadBalancer.1.xml new file mode 100644 index 000000000..740cd05e5 --- /dev/null +++ b/packages/base/src/files/install/servers/pap/bin/pdps/default/com.Config_MS_vLoadBalancer.1.xml @@ -0,0 +1,114 @@ +<?xml version="1.0" encoding="UTF-8" standalone="yes"?> +<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" PolicyId="urn:com:xacml:policy:id:36f42684-7ba5-40dc-9824-1a3c16b4eb50" Version="1" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:permit-overrides"> + <Description>Micro Service vLoadBalancer Demo Policy@CreatedBy:@CreatedBy:@ModifiedBy:@ModifiedBy:</Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">com.Config_MS_vLoadBalancer.1.xml</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="PolicyName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + <AllOf> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">DCAE</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ECOMPName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">SampleConfigName</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ConfigName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">TcaMetrics-v1.0.0.5</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="service" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">/services/cdap-tca-hi-lo/instances/demo/configuration/metricsPerFunctionalRole/vLoadBalancer</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="uuid" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">SampleServiceLocation</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="location" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">SampleRiskType</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="RiskType" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">1</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="RiskLevel" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">False</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="guard" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="com.att.labs.ecomp.function.regex-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">NA</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="TTLDate" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <Rule RuleId="urn:com:xacml:rule:id:848c1e8b-facd-407b-bda8-dd1863c403a5" Effect="Permit"> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">ACCESS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Config</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <AdviceExpressions> + <AdviceExpression AdviceId="MSID" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="type" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Configuration</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="URLID" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">$URL/Config/com.Config_MS_vLoadBalancer.1.json</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="PolicyName" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">com.Config_MS_vLoadBalancer.1.xml</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="VersionNumber" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">1</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="matching:ECOMPName" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">DCAE</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="matching:ConfigName" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">SampleConfigName</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="matching:service" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">TcaMetrics-v1.0.0.5</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="matching:uuid" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">/services/cdap-tca-hi-lo/instances/demo/configuration/metricsPerFunctionalRole/vLoadBalancer</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="matching:Location" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">SampleServiceLocation</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="Priority" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">1</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="RiskType" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">SampleRiskType</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="RiskLevel" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">1</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="guard" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">1</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="TTLDate" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">NA</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> +</Policy>
\ No newline at end of file diff --git a/packages/base/src/files/install/servers/pap/bin/pdps/default/xacml.pip.properties b/packages/base/src/files/install/servers/pap/bin/pdps/default/xacml.pip.properties new file mode 100644 index 000000000..4dba1f554 --- /dev/null +++ b/packages/base/src/files/install/servers/pap/bin/pdps/default/xacml.pip.properties @@ -0,0 +1,6 @@ +# +#Tue Feb 07 10:35:08 EST 2017 +AAF.description=AAFEngine to communicate with AAF to take decisions +AAF.classname=org.openecomp.policy.xacml.std.pip.engines.aaf.AAFEngine +AAF.name=AAFEngine +xacml.pip.engines=AAF
\ No newline at end of file diff --git a/packages/base/src/files/install/servers/pap/bin/pdps/default/xacml.policy.properties b/packages/base/src/files/install/servers/pap/bin/pdps/default/xacml.policy.properties new file mode 100644 index 000000000..bddd54f5d --- /dev/null +++ b/packages/base/src/files/install/servers/pap/bin/pdps/default/xacml.policy.properties @@ -0,0 +1,8 @@ +# +#Tue Feb 07 10:35:08 EST 2017 +com.Config_BRMS_Param_BRMSParamvFWDemoPolicy.1.xml.name=Config_BRMS_Param_BRMSParamvFWDemoPolicy +com.Config_BRMS_Param_BRMSParamvLBDemoPolicy.1.xml.name=Config_BRMS_Param_BRMSParamvLBDemoPolicy +com.Config_MS_vFirewall.1.xml.name=Config_MS_vFirewall +com.Config_MS_vLoadBalancer.1.xml.name=Config_MS_vLoadBalancer +xacml.referencedPolicies= +xacml.rootPolicies=com.Config_BRMS_Param_BRMSParamvFWDemoPolicy.1.xml,com.Config_BRMS_Param_BRMSParamvLBDemoPolicy.1.xml,com.Config_MS_vLoadBalancer.1.xml,com.Config_MS_vFirewall.1.xml
\ No newline at end of file diff --git a/packages/base/src/files/install/servers/pap/bin/pdps/xacml.properties b/packages/base/src/files/install/servers/pap/bin/pdps/xacml.properties new file mode 100644 index 000000000..aa1ece0a3 --- /dev/null +++ b/packages/base/src/files/install/servers/pap/bin/pdps/xacml.properties @@ -0,0 +1,7 @@ +# +#Tue Feb 07 10:37:51 EST 2017 +default.description=The default group where new PDP's are put. +default.name=default +default.pdps= +xacml.pap.groups=default +xacml.pap.groups.default=default
\ No newline at end of file diff --git a/packages/base/src/files/install/servers/pap/bin/pip.properties b/packages/base/src/files/install/servers/pap/bin/pip.properties new file mode 100644 index 000000000..79839afb0 --- /dev/null +++ b/packages/base/src/files/install/servers/pap/bin/pip.properties @@ -0,0 +1,227 @@ +# +# Default PIP Configuration from Policy. +# +xacml.pip.engines=AAF,sql1 + +### AAF PIP Configuration. +AAF.description=AAFEngine to communicate with AAF to take decisions +AAF.classname=org.openecomp.policy.xacml.std.pip.engines.aaf.AAFEngine +AAF.name=AAFEngine + +### sql1 PIP Configuration. +# Class from XACML resource. +sql1.classname=com.att.research.xacml.std.pip.engines.jdbc.JDBCEngine +sql1.name=OperationsHistory +sql1.description=Database of operations performed via closed loop. +sql1.issuer=org:openecomp:xacml:sql123 +sql1.type=jdbc +# Configurable Values. +sql1.jdbc.driver=${{JDBC_DRIVER}} +sql1.jdbc.url=${{JDBC_URL}} +sql1.jdbc.conn.user=${{JDBC_USER}} +sql1.jdbc.conn.password=${{JDBC_PASSWORD}} + +#Each of the following resolvers corresponds to a specific time window. The only difference between them is the "interval" in the "select" SQL query and the "issuer". +sql1.resolvers=tw5min,tw10min,tw30min,tw1h,tw12h,tw1d,tw5d,tw1w,tw1mon + +############################################## +sql1.resolver.tw5min.select=select count(*) as count from operationshistory10 where outcome<>'Failure_Guard' and actor=? and operation=? and target=? and endtime between date_sub(now(),interval 5 minute) and now() +sql1.resolver.tw5min.field.count.issuer=org:openecomp:xacml:sql:tw5min + +sql1.resolver.tw5min.classname=com.att.research.xacml.std.pip.engines.jdbc.ConfigurableJDBCResolver +sql1.resolver.tw5min.name=OperationsCount +sql1.resolver.tw5min.description=This returns the number of previous operations within the given time window +sql1.resolver.tw5min.fields=count +sql1.resolver.tw5min.field.count.id=count +sql1.resolver.tw5min.field.count.datatype=http://www.w3.org/2001/XMLSchema#integer +sql1.resolver.tw5min.field.count.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource +sql1.resolver.tw5min.parameters=actor,operation,target +sql1.resolver.tw5min.parameter.actor.id=actor +sql1.resolver.tw5min.parameter.actor.datatype=http://www.w3.org/2001/XMLSchema#string +sql1.resolver.tw5min.parameter.actor.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource +sql1.resolver.tw5min.parameter.operation.id=recipe +sql1.resolver.tw5min.parameter.operation.datatype=http://www.w3.org/2001/XMLSchema#string +sql1.resolver.tw5min.parameter.operation.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource +sql1.resolver.tw5min.parameter.target.id=target +sql1.resolver.tw5min.parameter.target.datatype=http://www.w3.org/2001/XMLSchema#string +sql1.resolver.tw5min.parameter.target.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource + +############################################## +sql1.resolver.tw10min.select=select count(*) as count from operationshistory10 where outcome<>'Failure_Guard' and actor=? and operation=? and target=? and endtime between date_sub(now(),interval 10 minute) and now() +sql1.resolver.tw10min.field.count.issuer=org:openecomp:xacml:sql:tw10min + +sql1.resolver.tw10min.classname=com.att.research.xacml.std.pip.engines.jdbc.ConfigurableJDBCResolver +sql1.resolver.tw10min.name=OperationsCount +sql1.resolver.tw10min.description=This returns the number of previous operations within the given time window +sql1.resolver.tw10min.fields=count +sql1.resolver.tw10min.field.count.id=count +sql1.resolver.tw10min.field.count.datatype=http://www.w3.org/2001/XMLSchema#integer +sql1.resolver.tw10min.field.count.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource +sql1.resolver.tw10min.parameters=actor,operation,target +sql1.resolver.tw10min.parameter.actor.id=actor +sql1.resolver.tw10min.parameter.actor.datatype=http://www.w3.org/2001/XMLSchema#string +sql1.resolver.tw10min.parameter.actor.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource +sql1.resolver.tw10min.parameter.operation.id=recipe +sql1.resolver.tw10min.parameter.operation.datatype=http://www.w3.org/2001/XMLSchema#string +sql1.resolver.tw10min.parameter.operation.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource +sql1.resolver.tw10min.parameter.target.id=target +sql1.resolver.tw10min.parameter.target.datatype=http://www.w3.org/2001/XMLSchema#string +sql1.resolver.tw10min.parameter.target.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource + +############################################## +sql1.resolver.tw30min.select=select count(*) as count from operationshistory10 where outcome<>'Failure_Guard' and actor=? and operation=? and target=? and endtime between date_sub(now(),interval 30 minute) and now() +sql1.resolver.tw30min.field.count.issuer=org:openecomp:xacml:sql:tw30min + +sql1.resolver.tw30min.classname=com.att.research.xacml.std.pip.engines.jdbc.ConfigurableJDBCResolver +sql1.resolver.tw30min.name=OperationsCount +sql1.resolver.tw30min.description=This returns the number of previous operations within the given time window +sql1.resolver.tw30min.fields=count +sql1.resolver.tw30min.field.count.id=count +sql1.resolver.tw30min.field.count.datatype=http://www.w3.org/2001/XMLSchema#integer +sql1.resolver.tw30min.field.count.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource +sql1.resolver.tw30min.parameters=actor,operation,target +sql1.resolver.tw30min.parameter.actor.id=actor +sql1.resolver.tw30min.parameter.actor.datatype=http://www.w3.org/2001/XMLSchema#string +sql1.resolver.tw30min.parameter.actor.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource +sql1.resolver.tw30min.parameter.operation.id=recipe +sql1.resolver.tw30min.parameter.operation.datatype=http://www.w3.org/2001/XMLSchema#string +sql1.resolver.tw30min.parameter.operation.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource +sql1.resolver.tw30min.parameter.target.id=target +sql1.resolver.tw30min.parameter.target.datatype=http://www.w3.org/2001/XMLSchema#string +sql1.resolver.tw30min.parameter.target.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource + +############################################## +sql1.resolver.tw1h.select=select count(*) as count from operationshistory10 where outcome<>'Failure_Guard' and actor=? and operation=? and target=? and endtime between date_sub(now(),interval 1 hour) and now() +sql1.resolver.tw1h.field.count.issuer=org:openecomp:xacml:sql:tw1h + +sql1.resolver.tw1h.classname=com.att.research.xacml.std.pip.engines.jdbc.ConfigurableJDBCResolver +sql1.resolver.tw1h.name=OperationsCount +sql1.resolver.tw1h.description=This returns the number of previous operations within the given time window +sql1.resolver.tw1h.fields=count +sql1.resolver.tw1h.field.count.id=count +sql1.resolver.tw1h.field.count.datatype=http://www.w3.org/2001/XMLSchema#integer +sql1.resolver.tw1h.field.count.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource +sql1.resolver.tw1h.parameters=actor,operation,target +sql1.resolver.tw1h.parameter.actor.id=actor +sql1.resolver.tw1h.parameter.actor.datatype=http://www.w3.org/2001/XMLSchema#string +sql1.resolver.tw1h.parameter.actor.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource +sql1.resolver.tw1h.parameter.operation.id=recipe +sql1.resolver.tw1h.parameter.operation.datatype=http://www.w3.org/2001/XMLSchema#string +sql1.resolver.tw1h.parameter.operation.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource +sql1.resolver.tw1h.parameter.target.id=target +sql1.resolver.tw1h.parameter.target.datatype=http://www.w3.org/2001/XMLSchema#string +sql1.resolver.tw1h.parameter.target.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource + + +############################################## +sql1.resolver.tw12h.select=select count(*) as count from operationshistory10 where outcome<>'Failure_Guard' and actor=? and operation=? and target=? and endtime between date_sub(now(),interval 12 hour) and now() +sql1.resolver.tw12h.field.count.issuer=org:openecomp:xacml:sql:tw12h + +sql1.resolver.tw12h.classname=com.att.research.xacml.std.pip.engines.jdbc.ConfigurableJDBCResolver +sql1.resolver.tw12h.name=OperationsCount +sql1.resolver.tw12h.description=This returns the number of previous operations within the given time window +sql1.resolver.tw12h.fields=count +sql1.resolver.tw12h.field.count.id=count +sql1.resolver.tw12h.field.count.datatype=http://www.w3.org/2001/XMLSchema#integer +sql1.resolver.tw12h.field.count.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource +sql1.resolver.tw12h.parameters=actor,operation,target +sql1.resolver.tw12h.parameter.actor.id=actor +sql1.resolver.tw12h.parameter.actor.datatype=http://www.w3.org/2001/XMLSchema#string +sql1.resolver.tw12h.parameter.actor.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource +sql1.resolver.tw12h.parameter.operation.id=recipe +sql1.resolver.tw12h.parameter.operation.datatype=http://www.w3.org/2001/XMLSchema#string +sql1.resolver.tw12h.parameter.operation.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource +sql1.resolver.tw12h.parameter.target.id=target +sql1.resolver.tw12h.parameter.target.datatype=http://www.w3.org/2001/XMLSchema#string +sql1.resolver.tw12h.parameter.target.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource + + +############################# +sql1.resolver.tw1d.select=select count(*) as count from operationshistory10 where outcome<>'Failure_Guard' and actor=? and operation=? and target=? and endtime between date_sub(now(),interval 1 day) and now() +sql1.resolver.tw1d.field.count.issuer=org:openecomp:xacml:sql:tw1d + +sql1.resolver.tw1d.classname=com.att.research.xacml.std.pip.engines.jdbc.ConfigurableJDBCResolver +sql1.resolver.tw1d.name=OperationsCount +sql1.resolver.tw1d.description=This returns the number of previous operations within the given time window +sql1.resolver.tw1d.fields=count +sql1.resolver.tw1d.field.count.id=count +sql1.resolver.tw1d.field.count.datatype=http://www.w3.org/2001/XMLSchema#integer +sql1.resolver.tw1d.field.count.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource +sql1.resolver.tw1d.parameters=actor,operation,target +sql1.resolver.tw1d.parameter.actor.id=actor +sql1.resolver.tw1d.parameter.actor.datatype=http://www.w3.org/2001/XMLSchema#string +sql1.resolver.tw1d.parameter.actor.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource +sql1.resolver.tw1d.parameter.operation.id=recipe +sql1.resolver.tw1d.parameter.operation.datatype=http://www.w3.org/2001/XMLSchema#string +sql1.resolver.tw1d.parameter.operation.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource +sql1.resolver.tw1d.parameter.target.id=target +sql1.resolver.tw1d.parameter.target.datatype=http://www.w3.org/2001/XMLSchema#string +sql1.resolver.tw1d.parameter.target.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource + + +############################# +sql1.resolver.tw5d.select=select count(*) as count from operationshistory10 where outcome<>'Failure_Guard' and actor=? and operation=? and target=? and endtime between date_sub(now(),interval 5 day) and now() +sql1.resolver.tw5d.field.count.issuer=org:openecomp:xacml:sql:tw5d + +sql1.resolver.tw5d.classname=com.att.research.xacml.std.pip.engines.jdbc.ConfigurableJDBCResolver +sql1.resolver.tw5d.name=OperationsCount +sql1.resolver.tw5d.description=This returns the number of previous operations within the given time window +sql1.resolver.tw5d.fields=count +sql1.resolver.tw5d.field.count.id=count +sql1.resolver.tw5d.field.count.datatype=http://www.w3.org/2001/XMLSchema#integer +sql1.resolver.tw5d.field.count.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource +sql1.resolver.tw5d.parameters=actor,operation,target +sql1.resolver.tw5d.parameter.actor.id=actor +sql1.resolver.tw5d.parameter.actor.datatype=http://www.w3.org/2001/XMLSchema#string +sql1.resolver.tw5d.parameter.actor.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource +sql1.resolver.tw5d.parameter.operation.id=recipe +sql1.resolver.tw5d.parameter.operation.datatype=http://www.w3.org/2001/XMLSchema#string +sql1.resolver.tw5d.parameter.operation.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource +sql1.resolver.tw5d.parameter.target.id=target +sql1.resolver.tw5d.parameter.target.datatype=http://www.w3.org/2001/XMLSchema#string +sql1.resolver.tw5d.parameter.target.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource + + +############################# +sql1.resolver.tw1w.select=select count(*) as count from operationshistory10 where outcome<>'Failure_Guard' and actor=? and operation=? and target=? and endtime between date_sub(now(),interval 1 week) and now() +sql1.resolver.tw1w.field.count.issuer=org:openecomp:xacml:sql:tw1w + +sql1.resolver.tw1w.classname=com.att.research.xacml.std.pip.engines.jdbc.ConfigurableJDBCResolver +sql1.resolver.tw1w.name=OperationsCount +sql1.resolver.tw1w.description=This returns the number of previous operations within the given time window +sql1.resolver.tw1w.fields=count +sql1.resolver.tw1w.field.count.id=count +sql1.resolver.tw1w.field.count.datatype=http://www.w3.org/2001/XMLSchema#integer +sql1.resolver.tw1w.field.count.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource +sql1.resolver.tw1w.parameters=actor,operation,target +sql1.resolver.tw1w.parameter.actor.id=actor +sql1.resolver.tw1w.parameter.actor.datatype=http://www.w3.org/2001/XMLSchema#string +sql1.resolver.tw1w.parameter.actor.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource +sql1.resolver.tw1w.parameter.operation.id=recipe +sql1.resolver.tw1w.parameter.operation.datatype=http://www.w3.org/2001/XMLSchema#string +sql1.resolver.tw1w.parameter.operation.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource +sql1.resolver.tw1w.parameter.target.id=target +sql1.resolver.tw1w.parameter.target.datatype=http://www.w3.org/2001/XMLSchema#string +sql1.resolver.tw1w.parameter.target.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource + +############################# +sql1.resolver.tw1mon.select=select count(*) as count from operationshistory10 where outcome<>'Failure_Guard' and actor=? and operation=? and target=? and endtime between date_sub(now(),interval 1 month) and now() +sql1.resolver.tw1mon.field.count.issuer=org:openecomp:xacml:sql:tw1mon + +sql1.resolver.tw1mon.classname=com.att.research.xacml.std.pip.engines.jdbc.ConfigurableJDBCResolver +sql1.resolver.tw1mon.name=OperationsCount +sql1.resolver.tw1mon.description=This returns the number of previous operations within the given time window +sql1.resolver.tw1mon.fields=count +sql1.resolver.tw1mon.field.count.id=count +sql1.resolver.tw1mon.field.count.datatype=http://www.w3.org/2001/XMLSchema#integer +sql1.resolver.tw1mon.field.count.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource +sql1.resolver.tw1mon.parameters=actor,operation,target +sql1.resolver.tw1mon.parameter.actor.id=actor +sql1.resolver.tw1mon.parameter.actor.datatype=http://www.w3.org/2001/XMLSchema#string +sql1.resolver.tw1mon.parameter.actor.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource +sql1.resolver.tw1mon.parameter.operation.id=recipe +sql1.resolver.tw1mon.parameter.operation.datatype=http://www.w3.org/2001/XMLSchema#string +sql1.resolver.tw1mon.parameter.operation.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource +sql1.resolver.tw1mon.parameter.target.id=target +sql1.resolver.tw1mon.parameter.target.datatype=http://www.w3.org/2001/XMLSchema#string +sql1.resolver.tw1mon.parameter.target.category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource diff --git a/packages/base/src/files/install/servers/pap/bin/xacml.pap.properties b/packages/base/src/files/install/servers/pap/bin/xacml.pap.properties index 0393bdefa..2a45ad32a 100644 --- a/packages/base/src/files/install/servers/pap/bin/xacml.pap.properties +++ b/packages/base/src/files/install/servers/pap/bin/xacml.pap.properties @@ -22,7 +22,10 @@ # This is our factory that will create our engine # xacml.PAP.papEngineFactory=org.openecomp.policy.xacml.std.pap.StdEngineFactory - +dictionary.impl.className=org.openecomp.policy.pap.xacml.rest.handler.DictionaryHandlerImpl +savePolicy.impl.className=org.openecomp.policy.pap.xacml.rest.handler.SavePolicyHandler +pushPolicy.impl.className=org.openecomp.policy.pap.xacml.rest.handler.PushPolicyHander +deletePolicy.impl.className=org.openecomp.policy.pap.xacml.rest.handler.DeleteHandler # # Where we store our PAP PDP Group/Node information # @@ -129,4 +132,8 @@ test_via_jmx=${{test_via_jmx}} # Value > 0 : The period of time in seconds between execution of the audit on a particular node integrity_audit_period_seconds=${{integrity_audit_period_seconds}} # Environment should be Set either DEV, TEST or PROD -ENVIRONMENT=${{ENVIRONMENT}}
\ No newline at end of file +ENVIRONMENT=${{ENVIRONMENT}} + +#Micro Service Model Properties +xacml.policy.msEcompName=${{policy_msEcompName}} +xacml.policy.msPolicyName=${{policy_msPolicyName}}
\ No newline at end of file diff --git a/packages/base/src/files/install/servers/pap/webapps/Config/com.Config_MS_vFirewall.1.json b/packages/base/src/files/install/servers/pap/webapps/Config/com.Config_MS_vFirewall.1.json index 800c87a93..6b128f1a1 100644 --- a/packages/base/src/files/install/servers/pap/webapps/Config/com.Config_MS_vFirewall.1.json +++ b/packages/base/src/files/install/servers/pap/webapps/Config/com.Config_MS_vFirewall.1.json @@ -1 +1 @@ -{"service":"TcaMetrics","location":"SampleServiceLocation","uuid":"/services/cdap-tca-hi-lo/instances/demo/configuration/metricsPerFunctionalRole/vFirewall","policyName":"vFirewall","description":"Micro Service vFirewall Demo Policy@CreatedBy:demo@CreatedBy:@ModifiedBy:demo@ModifiedBy:","configName":"SampleConfigName","templateVersion":"OpenSource.version.1","version":"1.0.0.5","priority":"1","policyScope":"resource=SampleResource,service=SampleService,type=SampleType,closedLoopControlName=SampleClosedLoop","content":{"thresholds":[{"severity":"MAJOR","fieldPath":"$.event.measurementsForVfScalingFields.vNicUsageArray[*].packetsIn","thresholdValue":"300","closedLoopControlName":"CL-FRWL-LOW-TRAFFIC-SIG-d925ed73-8231-4d02-9545-db4e101f88f8","version":"1.0.2","direction":"LESS_OR_EQUAL"},{"severity":"CRITICAL","fieldPath":"$.event.measurementsForVfScalingFields.vNicUsageArray[*].packetsIn","thresholdValue":"700","closedLoopControlName":"CL-FRWL-LOW-TRAFFIC-SIG-d925ed73-8231-4d02-9545-db4e101f88f8","version":"1.0.2","direction":"GREATER_OR_EQUAL"}],"functionalRole":"vFirewall","name":"0"}} +{"service":"TcaMetrics","location":"SampleServiceLocation","uuid":"/services/cdap-tca-hi-lo/instances/demo/configuration/metricsPerFunctionalRole/vFirewall","policyName":"vFirewall","description":"Micro Service vFirewall Demo Policy@CreatedBy:@CreatedBy:@ModifiedBy:@ModifiedBy:","configName":"SampleConfigName","templateVersion":"OpenSource.version.1","version":"1.0.0.5","priority":"1","policyScope":"resource=SampleResource,service=SampleService,type=SampleType,closedLoopControlName=SampleClosedLoop","content":{"thresholds":[{"severity":"MAJOR","fieldPath":"$.event.measurementsForVfScalingFields.vNicUsageArray[*].packetsIn","thresholdValue":"300","closedLoopControlName":"CL-FRWL-LOW-TRAFFIC-SIG-d925ed73-8231-4d02-9545-db4e101f88f8","version":"1.0.2","direction":"LESS_OR_EQUAL"},{"severity":"CRITICAL","fieldPath":"$.event.measurementsForVfScalingFields.vNicUsageArray[*].packetsIn","thresholdValue":"700","closedLoopControlName":"CL-FRWL-LOW-TRAFFIC-SIG-d925ed73-8231-4d02-9545-db4e101f88f8","version":"1.0.2","direction":"GREATER_OR_EQUAL"}],"functionalRole":"vFirewall","name":"0"}}
\ No newline at end of file diff --git a/packages/base/src/files/install/servers/pap/webapps/Config/com.Config_MS_vLoadBalancer.1.json b/packages/base/src/files/install/servers/pap/webapps/Config/com.Config_MS_vLoadBalancer.1.json index d03206fc1..e4fe39ed2 100644 --- a/packages/base/src/files/install/servers/pap/webapps/Config/com.Config_MS_vLoadBalancer.1.json +++ b/packages/base/src/files/install/servers/pap/webapps/Config/com.Config_MS_vLoadBalancer.1.json @@ -1 +1 @@ -{"service":"TcaMetrics","location":"SampleServiceLocation","uuid":"/services/cdap-tca-hi-lo/instances/demo/configuration/metricsPerFunctionalRole/vLoadBalancer","policyName":"vLoadBalancer","description":"Micro Service vLoadBalancer Demo Policy@CreatedBy:demo@CreatedBy:@ModifiedBy:demo@ModifiedBy:","configName":"SampleConfigName","templateVersion":"OpenSource.version.1","version":"1.0.0.5","priority":"1","policyScope":"resource=SampleResource,service=SampleService,type=SampleType,closedLoopControlName=SampleClosedLoop","content":{"thresholds":[{"severity":"MAJOR","fieldPath":"$.event.measurementsForVfScalingFields.vNicUsageArray[*].packetsIn","thresholdValue":"200","closedLoopControlName":"CL-DNS-LOW-TRAFFIC-SIG-d925ed73-8231-4d02-9545-db4e101f88f8","version":"1.0.2","direction":"GREATER_OR_EQUAL"}],"functionalRole":"vLoadBalancer","name":"0"}} +{"service":"TcaMetrics","location":"SampleServiceLocation","uuid":"/services/cdap-tca-hi-lo/instances/demo/configuration/metricsPerFunctionalRole/vLoadBalancer","policyName":"vLoadBalancer","description":"Micro Service vLoadBalancer Demo Policy@CreatedBy:@CreatedBy:@ModifiedBy:@ModifiedBy:","configName":"SampleConfigName","templateVersion":"OpenSource.version.1","version":"1.0.0.5","priority":"1","policyScope":"resource=SampleResource,service=SampleService,type=SampleType,closedLoopControlName=SampleClosedLoop","content":{"thresholds":[{"severity":"MAJOR","fieldPath":"$.event.measurementsForVfScalingFields.vNicUsageArray[*].packetsIn","thresholdValue":"200","closedLoopControlName":"CL-DNS-LOW-TRAFFIC-SIG-d925ed73-8231-4d02-9545-db4e101f88f8","version":"1.0.2","direction":"GREATER_OR_EQUAL"}],"functionalRole":"vLoadBalancer","name":"0"}}
\ No newline at end of file diff --git a/packages/base/src/files/install/servers/pdp/bin/xacml.pdp.properties b/packages/base/src/files/install/servers/pdp/bin/xacml.pdp.properties index 860107ff9..676eeef31 100644 --- a/packages/base/src/files/install/servers/pdp/bin/xacml.pdp.properties +++ b/packages/base/src/files/install/servers/pdp/bin/xacml.pdp.properties @@ -34,7 +34,10 @@ xacml.att.evaluationContextFactory=com.att.research.xacmlatt.pdp.std.StdEvaluati xacml.att.combiningAlgorithmFactory=com.att.research.xacmlatt.pdp.std.StdCombiningAlgorithmFactory xacml.att.functionDefinitionFactory=org.openecomp.policy.xacml.custom.EcompFunctionDefinitionFactory # NOT USED SEE BELOW xacml.att.policyFinderFactory=com.att.research.xacmlatt.pdp.std.StdPolicyFinderFactory - +# creteUpdate Policy Implementation Class details. +createUpdatePolicy.impl.className=org.openecomp.policy.pdp.rest.api.services.CreateUpdatePolicyServiceImpl +# AAF Implementation class details +aafClient.impl.className=org.openecomp.policy.utils.AAFPolicyClientImpl # # AT&T RESTful PDP Implementation Factories # @@ -62,10 +65,16 @@ xacml.rest.pdp.id=${{REST_PDP_ID}} # Give the JMX port number used for the PDP xacml.jmx.port=${{TOMCAT_JMX_PORT}} # -# Notifcation type: websocket or ueb -# -xacml.notification.type=websocket,UEB -xacml.ueb.cluster=${{UEB_CLUSTER}} +# Notification Properties +# Notifcation type: websocket, ueb or dmaap... if left blank websocket is the default +NOTIFICATION_TYPE=websocket,UEB +NOTIFICATION_SERVERS=${{UEB_CLUSTER}} +NOTIFICATION_TOPIC= +NOTIFICATION_DELAY= +UEB_API_KEY=${{UEB_API_KEY}} +UEB_API_SECRET=${{UEB_API_SECRET}} +DMAAP_AAF_LOGIN=${{DMAAP_AAF_LOGIN}} +DMAAP_AAF_PASSWORD=${{DMAAP_AAF_PASSWORD}} # # Set the directory where the PDP holds its Policy Cache and PIP Configuration # @@ -123,3 +132,8 @@ javax.persistence.jdbc.user=${{JDBC_USER}} javax.persistence.jdbc.password=${{JDBC_PASSWORD}} # Environment should be Set either DEV, TEST or PROD ENVIRONMENT=${{ENVIRONMENT}} + +#AAF Policy Name space +#Not Mandatory for Open Ecomp +policy.aaf.namespace = ${{POLICY_AAF_NAMESPACE}} +policy.aaf.resource = ${{POLICY_AAF_RESOURCE}} |