[SDC] Create Authorization Policies for SDC

[oom.git] / kubernetes / sdc / components / sdc-be / values.yaml

diff --git a/kubernetes/sdc/components/sdc-be/values.yaml b/kubernetes/sdc/components/sdc-be/values.yaml
index a0a0488..adf4b3e 100644 (file)
--- a/kubernetes/sdc/components/sdc-be/values.yaml
+++ b/kubernetes/sdc/components/sdc-be/values.yaml
@@ -134,6 +134,20 @@ ingress:
   config:
     ssl: "redirect"
 
+serviceMesh:
+  authorizationPolicy:
+    authorizedPrincipals:
+      - serviceAccount: consul-read
+      - serviceAccount: consul-server-read
+      - serviceAccount: modeling-etsicatalog-read
+      - serviceAccount: nbi-read
+      - serviceAccount: oof-has-read
+      - serviceAccount: portal-db-read
+      - serviceAccount: so-cnfm-lcm-read
+      - serviceAccount: so-etsi-sol003-adapter-read
+      - serviceAccount: so-read
+      - serviceAccount: istio-ingress
+        namespace: istio-ingress
 
 # Resource Limit flavor -By Default using small
 flavor: small