X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fpolicy%2Fcomponents%2Fpolicy-xacml-pdp%2Fvalues.yaml;h=15ef5e3de11a5f729f5c53bb1589cd980b397da2;hb=refs%2Fheads%2Fmaster;hp=e589c4b315f0be0267ee5d3749271d23bfbd7507;hpb=ef208b0677fca2b5982c5a822c0aec188ffe72d8;p=oom.git

diff --git a/kubernetes/policy/components/policy-xacml-pdp/values.yaml b/kubernetes/policy/components/policy-xacml-pdp/values.yaml
index e589c4b315..ae216a27a0 100755
--- a/kubernetes/policy/components/policy-xacml-pdp/values.yaml
+++ b/kubernetes/policy/components/policy-xacml-pdp/values.yaml
@@ -49,16 +49,18 @@ secrets:
 # Application configuration defaults.
 #################################################################
 # application image
-image: onap/policy-xacml-pdp:2.8.2
+image: onap/policy-xacml-pdp:3.1.3
 pullPolicy: Always
 
+componentName: &componentName policy-xacml-pdp
+
 # flag to enable debugging - application support required
 debugEnabled: false
 
 # application configuration
 
 db:
-  user: policy_user
+  user: policy-user
   password: policy_user
   service:
     name: policy-mariadb
@@ -93,7 +95,7 @@ readiness:
 
 service:
   type: ClusterIP
-  name: policy-xacml-pdp
+  name: *componentName
   internalPort: 6969
   ports:
     - name: http
@@ -102,27 +104,52 @@ service:
 ingress:
   enabled: false
 
+serviceMesh:
+  authorizationPolicy:
+    authorizedPrincipals:
+      - serviceAccount: dcae-datafile-collector-read
+      - serviceAccount: dcae-datalake-admin-ui-read
+      - serviceAccount: dcae-datalake-des-read
+      - serviceAccount: dcae-datalake-feeder-read
+      - serviceAccount: dcae-heartbeat-read
+      - serviceAccount: dcae-hv-ves-collector-read
+      - serviceAccount: dcae-kpi-ms-read
+      - serviceAccount: dcae-pm-mapper-read
+      - serviceAccount: dcae-pmsh-read
+      - serviceAccount: dcae-prh-read
+      - serviceAccount: dcae-restconf-collector-read
+      - serviceAccount: dcae-slice-analysis-ms-read
+      - serviceAccount: dcae-snmptrap-collector-read
+      - serviceAccount: dcae-son-handler-read
+      - serviceAccount: dcae-tcagen2-read
+      - serviceAccount: dcae-ves-collector-read
+      - serviceAccount: dcae-ves-mapper-read
+      - serviceAccount: dcae-ves-openapi-manager-read
+      - serviceAccount: strimzi-kafka-read
+      - serviceAccount: oof-read
+      - serviceAccount: sdnc-read
+
 flavor: small
 resources:
   small:
     limits:
-      cpu: 2
-      memory: 6Gi
+      cpu: "1"
+      memory: "1Gi"
     requests:
-      cpu: 200m
-      memory: 2Gi
+      cpu: "0.5"
+      memory: "1Gi"
   large:
     limits:
-      cpu: 2
-      memory: 8Gi
+      cpu: "2"
+      memory: "2Gi"
     requests:
-      cpu: 200m
-      memory: 4Gi
+      cpu: "1"
+      memory: "2Gi"
   unlimited: {}
 
 #Pods Service Account
 serviceAccount:
-  nameOverride: policy-xacml-pdp
+  nameOverride: *componentName
   roles:
     - read
 
@@ -146,3 +173,26 @@ metrics:
       chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}'
       release: '{{ include "common.release" . }}'
       heritage: '{{ .Release.Service }}'
+
+config:
+  # Event consumption (kafka) properties
+  kafka:
+    consumer:
+      groupId: policy-xacml-pdp
+  app:
+    listener:
+      policyPdpPapTopic: policy-pdp-pap
+
+# Strimzi Kafka config
+kafkaUser:
+  authenticationType: scram-sha-512
+  acls:
+    - name: policy-xacml-pdp
+      type: group
+      operations: [ Create, Describe, Read, Write ]
+    - name: policy-pdp-pap
+      type: topic
+      patternType: prefix
+      operations: [ Create, Describe, Read, Write ]
+
+