ARC AAF Component Description - Dublin
PAGE STATUS: UNDER CONSTRUCTION
STATUS: Draft (seeking PTL approval)
AAF (Application Authorization Framework):
1 High Level Component Definition and Architectural Relationships
AAF (Application Authentication Framework) provides the services for authentication, authorization and certificate management for the ONAP components. It provides the services to the ONAP components to manage the lifecycle of authentication and authorization elements such as Permissions, Roles and Credentials. It supports:
Manage authentication and authorization elements such as: Perminssions, Roles, Credentials
Access to organizational entities
Manage the lifecycle of passwords and certificates
Access to external credential authoriites (e.g. CA)
Autogenerate ONAP certificates
2. API definitions
AAF provides the following interfaces:
Interface Name | Interface Definition | Interface Capabilities | Version | Status | Consumed Models |
---|---|---|---|---|---|
AAFE-1 | Application Authorization Framework Management Interface | A user interface for:
| |||
AAFE-2 | Application Authorization Framework Authentication and Authorization Interface | An interface for the ONAP components to:
|
Note: xxxI interface is a Component internal interface. xxxxE interface is a component external interface
AAF Consumes no Interfaces:
Interface Name | Purpose Reason For Use |
---|---|
AAFE-3: AAF External Credential Interface | An interface to retrieve and authenticate using credentials from a credential supplier external to ONAP. |
The current API documents can be found at:
AAFE-1 (to be added)
AAFE2 (to be added)
AAFE3 (to be added)
3. Component Description:
Link to read the docs
4. known system limitations: (IN PROGRESS)
Runtime: None
5. Used Models: (N/A)
6. System Deployment Architecture:
FFS
7. New Capabilities in this Release
8. References
AAF Overview & User Guide: https://onap.readthedocs.io/en/latest/submodules/aaf/authz.git/docs/index.html