[DCAEGEN2] Create Authorization Policies for DCAE

[oom.git] / kubernetes / dcaegen2-services / components / dcae-slice-analysis-ms / values.yaml

diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml
index 3fdd251..6eda483 100644 (file)
--- a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml
@@ -1,8 +1,9 @@
 # ============= LICENSE_START ================================================
 # ============================================================================
 # Copyright (C) 2021-2022 Wipro Limited.
-# Copyright (c) 2022 J. F. Lucas. All rights reserved.
+# Copyright (c) 2022-2023 J. F. Lucas. All rights reserved.
 # Copyright (C) 2022 Huawei Canada Limited.
+# Copyright (c) 2023 Deutsche Telekom AG. All rights reserved.
 # ============================================================================
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -36,11 +37,6 @@ filebeatConfig:
 # Secrets Configuration.
 #################################################################
 secrets:
-  - uid: &aafCredsUID aafcreds
-    type: basicAuth
-    login: '{{ .Values.aafCreds.identity }}'
-    password: '{{ .Values.aafCreds.password }}'
-    passwordPolicy: required
   - uid: &pgUserCredsSecretUid pg-user-creds
     name: &pgUserCredsSecretName '{{ include "common.release" . }}-sliceanalysisms-pg-user-creds'
     type: basicAuth
@@ -49,17 +45,12 @@ secrets:
     password: '{{ .Values.postgres.config.pgUserPassword }}'
     passwordPolicy: generate
 
-################################aafcreds#################################
-# InitContainer Image
-#################################################################
-tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
-
 #################################################################
 # Application Configuration Defaults.
 #################################################################
 # Application Image
 repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.services.components.slice-analysis-ms:1.1.5
+image: onap/org.onap.dcaegen2.services.components.slice-analysis-ms:1.2.1
 pullPolicy: IfNotPresent
 
 #################################################################
@@ -85,15 +76,6 @@ log:
   path: /var/log/ONAP/dcaegen2/services/sliceanalysisms
 logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
 
-# Directory where TLS certs should be stored
-# if absent, no certs will be retrieved and stored
-certDirectory: /opt/app/sliceanalysisms/etc/cert/
-
-# TLS role -- set to true if microservice acts as server
-# If true, an init container will retrieve a server cert
-# and key from AAF and mount them in certDirectory.
-tlsServer: false
-
 # Dependencies
 readinessCheck:
   wait_for:
@@ -118,18 +100,14 @@ service:
       port: 8080
       port_protocol: http
 
-# AAF Credentials
-aafCreds:
-  identity: dcae@dcae.onap.org
-  password: demo123456!
+serviceMesh:
+  authorizationPolicy:
+    authorizedPrincipals:
+      - serviceAccount: message-router-read
+    authorizedPrincipalsPostgres:
+      - serviceAccount: dcae-slice-analysis-ms-read
 
 credentials:
-- name: AAF_IDENTITY
-  uid: *aafCredsUID
-  key: login
-- name: AAF_PASSWORD
-  uid: *aafCredsUID
-  key: password
 - name: PG_USERNAME
   uid:  *pgUserCredsSecretUid
   key: login