Page Status:
Component Status:
Last Reviewed on:
Certified by:
1. High Level Component Definition and Architectural Relationships (template)
2. Component API definitions
Template Component provides the following interfaces:
| Offered Interface Name | Offered Interface Description | Model | API Specs (Swagger) | |||
| xxxE-1 | External Interface Definition. | capabilities | x.y.z (according to strategy) | |||
| xxxI-2 | Internal interfaces if we want to raise them | Display and update: xxxxx |
Note: xxxI interface is a internal interface. xxxxE interface is a external interface
Template Component consumes the following Interfaces:
| Consumed Interface Name | Consumed Interface Description | ||
3. Component Description:
A more detailed figure and description of the component.
<< link to project-specific description elsewhere >>
4. Component Deployment Architecture
Should reference the deployment section in the component description template
5. New Release Capabilities
<< list the new capabilities that were introduced in this release, or a hot-link to the key features. New sub-chapter per release, as per a release notes document >>
6. Security Conformance
ONAP API and data security conformanceDescribe the component Service Mesh conformance / plan for secure communications, routing, authentication and authorization configurationsDoes the component have AAF dependencies? If so, describe the current dependencies and a migration plan to remove the dependanciesHow does the component support authentication and authorization of its clients (Humans, other applications)?
Describe the component data protectionData storage location/mechanismData protection plan, such as data at rest, data-level access control, data in transit, othersUser sensitive data handling
Describe the component / container hardeningThe component must run as non-root-based users. Does the component use non-root-access only? Otherwise, describe the reasons and non-root-access support plansDoes the component container require privilege access/right? If so, describe the reasons and migration plansIs the component image signed digitally for integrity? (TBD)Does the component use the basic image to conform to the global requirement REQ-1073 - Getting issue details... STATUSDoes the component follow the K8s hardening guide? e.g., from NSA, https://media.defense.gov/2022/Aug/29/2003066362/-1/-1/0/CTR_KUBERNETES_HARDENING_GUIDANCE_1.2_20220829.PDF
Describe the component logging conformanceDoes the component conform to the Log field standards best practice, REQ-1072 - Getting issue details... STATUS ? If not, please describe the reasons and support plans.Does the component exclude user sensitive data (e.g., password, private key, other credentials) from logging? If not, please describe the reasons and support plans.Does the component support the Logging destination STDOUT / STDERR conformance? If not, please describe the reasons and support plans.
Documentation for the component securityDescribe the component security architecture and conformance in the document.
- The project should fill out a ONAP Security Review Questionnaire Template and review it with SECCOM.
7. Document Changes
8. References
to any supporting docs that are not referenced in other templates