-
Epic
-
Resolution: Unresolved
-
Medium
-
None
-
None
-
None
-
Auth-External-Access
-
To Do
This Eqic intent is to use Oauth2-proxy and Keycloak to use JWT authN and authZ.
Details see: https://wiki.onap.org/pages/viewpage.action?pageId=103417456&src=contextnavpagetreemode
This contains:
- Create ONAP Ingress
- Add resources for Istio IngressGateway for components "Ingress" configuration:
- Gateway
- VirtualService
- Add SSL certificate to allow HTTPS connections:
- Use CertService to create selfsigned certificate(s)
- Use the certificate in the Gateway configuration
- Add resources for Istio IngressGateway for components "Ingress" configuration:
- Service Authentication/Authorisation
- Add Keycloak and configuration
- Add Oauth2 Proxy
- Configure Policies for ONAP component access