<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" PolicyId="urn:com:xacml:policy:id:34928b05-b0f6-4974-8458-f4d34a2a1764" Version="1" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:permit-overrides"> <Description>Micro Service vFirewall Demo Policy@CreatedBy:demo@CreatedBy:@ModifiedBy:demo@ModifiedBy:</Description> <Target> <AnyOf> <AllOf> <Match MatchId="org.onap.function.regex-match"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">com.Config_MS_vFirewall.1.xml</AttributeValue> <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="PolicyName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> </Match> </AllOf> <AllOf> <Match MatchId="org.onap.function.regex-match"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">DCAE</AttributeValue> <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ONAPName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> </Match> <Match MatchId="org.onap.function.regex-match"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">SampleConfigName</AttributeValue> <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ConfigName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> </Match> <Match MatchId="org.onap.function.regex-match"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">TcaMetrics-v1.0.0.5</AttributeValue> <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="service" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> </Match> <Match MatchId="org.onap.function.regex-match"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">/services/cdap-tca-hi-lo/instances/demo/configuration/metricsPerFunctionalRole/vFirewall</AttributeValue> <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="uuid" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> </Match> <Match MatchId="org.onap.function.regex-match"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">SampleServiceLocation</AttributeValue> <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="location" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> </Match> <Match MatchId="org.onap.function.regex-match"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">SampleRiskType</AttributeValue> <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="RiskType" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> </Match> <Match MatchId="org.onap.function.regex-match"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">1</AttributeValue> <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="RiskLevel" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> </Match> <Match MatchId="org.onap.function.regex-match"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">False</AttributeValue> <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="guard" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> </Match> <Match MatchId="org.onap.function.regex-match"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">07-06-2017</AttributeValue> <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="TTLDate" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> </Match> </AllOf> </AnyOf> </Target> <Rule RuleId="urn:com:xacml:rule:id:063161de-0534-4989-bd01-42f784daf21e" Effect="Permit"> <Target> <AnyOf> <AllOf> <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">ACCESS</AttributeValue> <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> </Match> <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Config</AttributeValue> <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> </Match> </AllOf> </AnyOf> </Target> <AdviceExpressions> <AdviceExpression AdviceId="MSID" AppliesTo="Permit"> <AttributeAssignmentExpression AttributeId="type" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Configuration</AttributeValue> </AttributeAssignmentExpression> <AttributeAssignmentExpression AttributeId="URLID" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">$URL/Config/com.Config_MS_vFirewall.1.json</AttributeValue> </AttributeAssignmentExpression> <AttributeAssignmentExpression AttributeId="PolicyName" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">com.Config_MS_vFirewall.1.xml</AttributeValue> </AttributeAssignmentExpression> <AttributeAssignmentExpression AttributeId="VersionNumber" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">1</AttributeValue> </AttributeAssignmentExpression> <AttributeAssignmentExpression AttributeId="matching:ONAPName" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">DCAE</AttributeValue> </AttributeAssignmentExpression> <AttributeAssignmentExpression AttributeId="matching:ConfigName" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">SampleConfigName</AttributeValue> </AttributeAssignmentExpression> <AttributeAssignmentExpression AttributeId="matching:service" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">TcaMetrics-v1.0.0.5</AttributeValue> </AttributeAssignmentExpression> <AttributeAssignmentExpression AttributeId="matching:uuid" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">/services/cdap-tca-hi-lo/instances/demo/configuration/metricsPerFunctionalRole/vFirewall</AttributeValue> </AttributeAssignmentExpression> <AttributeAssignmentExpression AttributeId="matching:Location" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">SampleServiceLocation</AttributeValue> </AttributeAssignmentExpression> <AttributeAssignmentExpression AttributeId="Priority" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">1</AttributeValue> </AttributeAssignmentExpression> <AttributeAssignmentExpression AttributeId="RiskType" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">SampleRiskType</AttributeValue> </AttributeAssignmentExpression> <AttributeAssignmentExpression AttributeId="RiskLevel" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">1</AttributeValue> </AttributeAssignmentExpression> <AttributeAssignmentExpression AttributeId="guard" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">1</AttributeValue> </AttributeAssignmentExpression> <AttributeAssignmentExpression AttributeId="TTLDate" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" Issuer=""> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">07-06-2017</AttributeValue> </AttributeAssignmentExpression> </AdviceExpression> </AdviceExpressions> </Rule> </Policy>