Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 21 Next »

Page Status:
Component Status:

Last Reviewed on:

Certified by:

1. High Level Component Definition and Architectural Relationships (template)






2. Component API definitions

Template Component provides the following interfaces:

Offered Interface NameOffered Interface Description


ModelAPI Specs (Swagger)
xxxE-1External Interface Definition. 

capabilities

x.y.z (according to strategy)

model-a

model-b


xxxI-2Internal interfaces if we want to raise them

 Display and update:

xxxxx





Note:   xxxI interface is a internal interface.  xxxxE interface is a external interface

Template Component consumes the following Interfaces:


Consumed Interface NameConsumed Interface Description



















3. Component Description:

A more detailed figure and description of the component.

<< link to project-specific description elsewhere >>

4. Component Deployment Architecture

Should reference the deployment section in the component description template

5. New Release Capabilities

<< list the new capabilities that were introduced in this release, or a hot-link to the key features. New sub-chapter per release, as per a release notes document >> 

6. Security Conformance 

  • ONAP API and data security conformance 
    • Describe the component Service Mesh conformance / plan for secure communications, routing, authentication and authorization configurations
      • Does the component have AAF dependencies? If so, describe the current dependencies and a migration plan to remove the dependancies
      • How does the component support authentication and authorization of its clients (Humans, other applications)?
    • Describe the component data protection
      • Data storage location/mechanism
      • Data protection plan, such as data at rest, data-level access control, data in transit, others
      • User sensitive data handling
  • Describe the component / container hardening
    • The component must run as non-root-based users. Does the component use non-root-access only? Otherwise, describe the reasons and non-root-access support plans
    • Does the component container require privilege access/right? If so, describe the reasons and migration plans
    • Is the component image signed digitally for integrity? (TBD)
    • Does the component use the basic image to conform to the global requirement REQ-1073 - Getting issue details... STATUS
    • Does the component follow the K8s hardening guide? e.g., from NSA, https://media.defense.gov/2022/Aug/29/2003066362/-1/-1/0/CTR_KUBERNETES_HARDENING_GUIDANCE_1.2_20220829.PDF 
  • Describe the component logging conformance
    • Does the component conform to the Log field standards best practice, REQ-1072 - Getting issue details... STATUS ? If not, please describe the reasons and support plans.
    • Does the component exclude user sensitive data (e.g., password, private key, other credentials) from logging? If not, please describe the reasons and support plans.
    • Does the component support the Logging destination STDOUT / STDERR conformance? If not, please describe the reasons and support plans.
  • Documentation for the component security
    • Describe the component security architecture and conformance in the document.

7. Document Changes

8. References

to any supporting docs that are not referenced in other templates

  • No labels