Loading Readme.md +1 −1 Original line number Diff line number Diff line # NFV SOL002 and SOL003 APIs This repository hosts the [OpenAPI](https://www.openapis.org/) specificatons and other documentation for the APIs defined in ETSI NFV GSs SOL002 and SOL003 v4.4.1. for the APIs defined in ETSI NFV GSs SOL002 and SOL003 v4.5.1. The APIs described in this repository are defined for the following reference points: Loading src/SOL002/APIVersion/APIVersion.yaml +2 −2 Original line number Diff line number Diff line Loading @@ -19,8 +19,8 @@ info: version: 1.3.0-impl:etsi.org:ETSI_NFV_OpenAPI:1 externalDocs: description: ETSI GS NFV-SOL 002 V4.4.1 url: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/002/04.04.01_60/gs_NFV-SOL002v040401p.pdf description: ETSI GS NFV-SOL 002 V4.5.1 url: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/002/04.05.01_60/gs_NFV-SOL002v040501p.pdf paths: /vnfconfig/api_versions: Loading src/SOL002/General_Definitions/SOL002_def.yaml +411 −25 Original line number Diff line number Diff line Loading @@ -40,6 +40,140 @@ definitions: different type. type: object CertificateConfigurationData: description: > This type provides input information related to certificate management. type: object required: - securityPolicy properties: overridingCertificateProfile: description: > Overriding certificate profile. This overrides the certificateBaseProfile provided in the VNFD, and the CA and CMF can additionally override aspects of this certificateBaseProfile at later point in the VNF lifecycle if necessary to meet operator security policy. type: array items: $ref: '#/definitions/CertificateBaseProfile' securityPolicy: description: > Security policy to be satisfied for certificate. type: array items: $ref: '#/definitions/SecurityPolicy' cmfData: description: > Information for CMF. $ref: '#/definitions/CmfData' CmfData: description: > This type provides input information related to CMF for certificate management. type: object required: - endPoint - supportedProtocol properties: endPoint: description: End point of CMF instance. type: object required: - ipAddress - link properties: ipAddress: description: An IP address of this end point. $ref: '#/definitions/IpAddress' link: description: A link to this end point. $ref: '#/definitions/Link' supportedProtocol: description: Supported protocols by CMF instance. type: array items: type: string enum: - CMP - CMPv2 - EST - SCEP PaasServiceHandle: description: > This type provides information enabling the access and use of the PaaS Service by the VNF instance. The type and format of the handle depends on the form that the PaaS Service is formed. type: object required: - id properties: id: type: string description: > Identifier of this PaaS Service handle. $ref: "#/definitions/Identifier" interfaceInfo: description: > Information of the interface or interfaces to the PaaS Service instance, if applicable, such as the URI of an interface endpoint to communicate with the PaaS Service instance. $ref: "#/definitions/KeyValuePairs" accessInfo: description: > Authentication credentials for accessing the PaaS Service instance. If the PaasServiceHandle structure is part of an HTTP GET response payload body, sensitive attributes that are children of this attribute (such as passwords) shall not be included. $ref: "#/definitions/KeyValuePairs" extra: description: > PaaS Service instance specific additional information. The applicable structure, and whether or not this attribute is available, is dependent on the type of the PaaS Service. $ref: "#/definitions/KeyValuePairs" CmfInfo: description: > This type provides input information related to CMF for certificate management. type: object required: - id - endPoint - supportedProtocol properties: id: description: Identifier of this CMF information. type: string $ref: "#/definitions/Identifier" endPoint: description: End point of CMF instance. type: object required: - ipAddress - link properties: ipAddress: description: An IP address of this end point. $ref: '#/definitions/IpAddress' link: description: A link to this end point. $ref: '#/definitions/Link' supportedProtocols: description: Supported protocol by CMF instance. type: array items: type: string enum: - CMP - CMPv2 - EST - SCEP certificateChain: description: Certificate chain that this CMF provides. type: array items: $ref: '#/definitions/KeyValuePairs' ApiVersionInformation: description: > This type represents API version information. Loading Loading @@ -275,7 +409,15 @@ definitions: map entry may be used by an external CP instance different than the one that has used it before the operation, or by no external CP instance at all. Renaming a CPD identifier during the "changeCurrentVnfPkg" operation does not count as moving the related "cpConfig" map entries to a new "extCpData" structure. * NOTE 5: Subports need not be used for containerized VNFCs. The application container can send and receive IP packets with any VLAN tag as long as the network interface to connect to the secondary container cluster network has been configured appropriately. Thus, no individual cpConfig, except the one representing the trunk, need be modelled to allow traffic tagged with a particular VLAN through the connection point. * NOTE 6: In the case that the cloud native template included in the MCIOP describes the set of VNFC instances, for containerized VNFCs individual connection points need not be configured for each VNFC instance. It is only required to configure one "cpConfig" per "cpdId", not per VNFC instance. The case of using, for a scalable VDU, a cloud native template in the MCIOP that describes one single VNFC instance is not specified in the present document version. type: object required: - cpdId Loading @@ -291,7 +433,7 @@ definitions: The key of the map which identifies the individual VnfExtCpConfig entries is of type "IdentifierInVnf" and is managed by the NFVO. The entries shall be applied by the VNFM according to the rules of JSON Merge Patch (see IETF RFC 7396). See notes 2, 3 and 4. See notes 2, 3, 4, 5 and 6. type: object additionalProperties: $ref: "#/definitions/VnfExtCpConfig" Loading Loading @@ -580,14 +722,14 @@ definitions: * NOTE 1: The information about the VIM connection referenced by the VIM connection id is known to the VNFM. Moreover, the identifier of the VIM connection provides scope to the resourceId. * NOTE 2: A link port is not needed for an external CP instance that exposes a VIP CP in the following cases: 1) For a VIP CP directly exposed as an external CP: 1.1) No dedicated IP address is allocated as VIP address, as indicated in the VNFD. 1.2) A dedicated IP address is allocated as VIP address, but the NFVO indicates that no port is needed (createExtLinkPort in VnfExtCpConfig set to false). 2) For a VIP CP exposed as an external CP via a floating IP address: 2.1) No dedicated IP address is allocated as VIP address, as indicated in the VNFD, and the VNFC CP associated to the VIP CP is also exposed via a floating IP address. * NOTE 2: A link port is not needed for an external CP instance that exposes a CP in the following cases: 1) For a virtual IP CP directly exposed as an external CP: 1.1) No dedicated IP address is allocated as virtual IP address, as indicated in the VNFD. 1.2) A dedicated IP address is allocated as virtual IP address, but the NFVO indicates that no port is needed (createExtLinkPort in VnfExtCpconfig set to false). 2) For a virtual IP CP exposed as an external CP via a floating IP address: 2.1) No dedicated IP address is allocated as virtual IP address, as indicated in the VNFD, and the VNFC CP associated to the virtual IP CP is also exposed via a floating IP address. 3) For a VIRTUAL CP exposed as an external CP. 4) For a VNFC CP exposed as an external CP in a secondary container cluster external network. Loading Loading @@ -672,13 +814,13 @@ definitions: attribute of the VnfInstance (e.g. during a "Change current VNF package" operation or due to its final failure). $ref: "#/definitions/IdentifierInVnfd" scaleToLevel: $ref: "#/definitions/Identifier" scaleLevel: description: > Indicates the scale level. The minimum value shall be 0 and the maximum value shall be ≤ maxScaleLevel as and the maximum value shall be <= maxScaleLevel as described in the VNFD. $ref: "#/definitions/Identifier" type: integer AdditionalResourceInfo: description: > Loading Loading @@ -730,11 +872,261 @@ definitions: specification of the interface to attach the connection points to a secondary container cluster network. $ref: "#/definitions/ResourceHandle" Identifier: description: > An identifier with the intention of being globally unique. type: string AffectedCertificate: description: > This type provides input information about added, deleted and modified certificate contents. type: object required: - certificateInfoId - changeType properties: certificateInfoId: description: > Identifier of certificate information. type: string $ref: "#/definitions/Identifier" certificateBaseProfileId: description: > Identifier of certificate base profile. type: string $ref: "#/definitions/Identifier" securityPolicyId: description: > Identifier of security policy. type: string $ref: "#/definitions/Identifier" cmfInfoId: description: > Identifier of CMF information. type: string $ref: "#/definitions/Identifier" certificateContentId: description: > Identifier of certificate content. type: string $ref: "#/definitions/Identifier" changeType: description: > Signals the type of change. type: string enum: - ADD - REMOVE - MODIFY CertificateInfo: description: > Represents information about certificates, including configuration details and contents. type: object required: - id properties: id: description: > Identifier of this certificate information. type: string $ref: "#/definitions/Identifier" certificateConfigurationInfo: description: > Configuration for certificate management such as certificate profile, information of CMF, and security policy. $ref: '#/definitions/CertificateConfigurationInfo' certificateContents: description: > Information for contents of issued certificates. The information contained in this attribute may be updated over time during the VNF LCM, e.g., certificate(s) renewal. type: array items: $ref: '#/definitions/CertificateContent' CertificateContent: description: > This type provides input information related to certificate content. type: object required: - id - certificateDescId - certificateType properties: id: description: Identifier of this certificate. type: string $ref: "#/definitions/Identifier" certficateDescId: description: Identifier of certificate description in VNFD to be used to issue this certificate. type: string $ref: "#/definitions/IdentifierInVnfd" certificateType: description: Type of this certificate. type: string enum: - VNFCI_CERT - VNFOAM_CERT supportedCertificateManagements: description: Describes supported certificate management information. $ref: "#/definitions/KeyValuePairs" version: description: Version of this certificate. type: string $ref: "#/definitions/Version" serialNumber: description: Serial number of this certificate. type: integer signatureAlgorithm: description: Algorithm of this certificate's signature. type: string issuer: description: Issuer of this certificate. type: string notBefore: description: Start date of valid period for this certificate. $ref: "#/definitions/DateTime" notAfter: description: End date of valid period for this certificate. $ref: "#/definitions/DateTime" subject: description: Subject of this certificate. type: string publicKeyAlgorithm: description: Algorithm of this certificate's public key. type: string publicKey: description: Public key of this certificate. type: string certificateExtensions: $ref: "#/definitions/KeyValuePairs" description: Extension of this certificate. CertificateConfigurationInfo: description: > This type provides input information related to certificate management. type: object required: - securityPolicy properties: certificateBaseProfile: description: > Information for certificate profile. type: array $ref: "#/definitions/CertificateBaseProfile" securityPolicy: description: > Information for security policy to be satisfied for certificate. type: array items: $ref: "#/definitions/SecurityPolicy" delegationSupportedCertificateManagements: description: > Describes supported certificate management information. $ref: "#/definitions/KeyValuePairs" cmfInfo: description: > Information of CMF. type: object $ref: "#/definitions/CmfInfo" SecurityPolicy: description: > This type provides input information related to security policy for certificate management. type: object required: - id properties: id: description: Identifier of this security policy. type: string $ref: "#/definitions/Identifier" maxValidityPeriod: description: Allowed max validity period for certificates. type: integer allowedAlgorithm: description: Allowed signature algorithm. type: string minimumKeyLength: description: Minimum key length for certificates. type: integer CertificateBaseProfile: description: > This type provides input information to override certificate base profile for certificate management NOTE : At least one overriding attributes shall be present, otherwise shall be absent. required: - id properties: id: description: The identifier of this certificate profile. type: string $ref: "#/definitions/Identifier" issuer: type: string description: Issuer of certificates. See note. issuerUniqueIdentifier: type: string description: Identifier of this issuer of certificates. See note. $ref: "#/definitions/Identifier" subject: description: Subject of certificates. See note. $ref: '#/definitions/CertSubjectData' subjectUniqueIdentifier: description: Identifier of this subject of certificates. See note. type: string $ref: "#/definitions/Identifier" basicConstraints: type: string description: > Basic constraints of certificates. See note. issuerAltName: description: Alternative name of issuer of certificates in this NS. See note. type: array items: type: string subjectAltName: description: Alternative name of subject of certificates. Shall be present when this certificate is used for encrypted communication using IP address and subjectAltName attribute of CertificateBaseProfile in CertificateDesc of VNFD is empty (see ETSI GS NFV-IFA 011 [7],clause 7.1.19.4). See note type: array items: type: string nameConstraints: description: Name constraints of certificates. See note. type: array items: type: string CertSubjectData: description: > This type provides input information related to subject of certificate. * NOTE: At least one overriding attributes shall be present, otherwise shall be absent. type: object properties: commonName: description: Information of certification target subject FQDN. See note. type: string organization: description: Information of certification target subject Organization. See note. type: string country: description: Information of certification target subject Country. See note. type: string state: description: Information of certification target subject State. See note. type: string locality: description: Information of certification target subject Locality. See note. type: string emailAddress: description: Information of certification contact email address. See note. type: string DateTime: description: > Date-time stamp. Loading Loading @@ -917,6 +1309,7 @@ definitions: CREATE_SNAPSHOT | Represents the "Create VNF Snapshot" LCM operation. REVERT_TO_SNAPSHOT | Represents the “Revert-To VNF Snapshot" LCM operation. CHANGE_VNFPKG | Represents the "Change current VNF package" LCM operation. SELECT_DEPL_MODS | Represents the "Select VNF deployable modules" LCM operation type: string enum: - INSTANTIATE Loading @@ -931,6 +1324,7 @@ definitions: - CREATE_SNAPSHOT - REVERT_TO_SNAPSHOT - CHANGE_VNFPKG - SELECT_DEPL_MODS ProblemDetails: #SOL003 location: 4.3.5.3 Loading Loading @@ -1005,22 +1399,14 @@ definitions: Defines the types of Authentication / Authorization which the API consumer is willing to accept when receiving a notification. Permitted values: * BASIC: In every HTTP request to the notification endpoint, use HTTP Basic authentication with the client credentials. * OAUTH2_CLIENT_CREDENTIALS: In every HTTP request to the notification endpoint, use an OAuth 2.0 Bearer token, obtained using the client credentials grant type. * TLS_CERT: Every HTTP request to the notification endpoint is sent over a mutually authenticated TLS session, i.e. not only the server is authenticated, but also the client is authenticated during the TLS tunnel setup. type: array items: type: string enum: - BASIC - OAUTH2_CLIENT_CREDENTIALS - TLS_CERT paramsBasic: description: > Parameters for authentication/authorization using BASIC. Loading src/SOL002/VNFConfiguration/VNFConfiguration.yaml +3 −3 Original line number Diff line number Diff line Loading @@ -16,11 +16,11 @@ info: license: name: ETSI Forge copyright notice url: https://forge.etsi.org/etsi-forge-copyright-notice.txt version: 1.11.0-impl:etsi.org:ETSI_NFV_OpenAPI:1 version: 1.12.0-impl:etsi.org:ETSI_NFV_OpenAPI:1 externalDocs: description: ETSI GS NFV-SOL 002 V4.4.1 url: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/002/04.04.01_60/gs_NFV-SOL002v040401p.pdf description: ETSI GS NFV-SOL 002 V4.5.1 url: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/002/04.05.01_60/gs_NFV-SOL002v040501p.pdf servers: - url: http://127.0.0.1/vnfconfig/v1 Loading src/SOL002/VNFConfiguration/definitions/SOL002VNFConfiguration_def.yaml +39 −2 Original line number Diff line number Diff line Loading @@ -95,8 +95,8 @@ definitions: VnfcConfigurationData: description: > This type represents configuration parameters of a VNFC instance. * NOTE: ETSI GS NFV-SOL 001 specifies the structure and format of the VNFD based on TOSCA specifications. NOTE: ETSI GS NFV-SOL 001 specifies the structure and format of the VNFD based on TOSCA specifications. type: object required: - vnfcInstanceId Loading @@ -112,12 +112,49 @@ definitions: type: array items: $ref: '#/definitions/CpConfiguration' certificateData: description: > Certificates data to be configured or modified into VNFC instance. Shall be present if delegation-mode is used. Otherwise it shall be absent. type: array items: $ref: '#/definitions/CertificateData' vnfcSpecificData: description: > Additional configurable properties of the VNFC instance declared in the VNFD as "VnfcConfigurableProperties". See note. $ref: '../../General_Definitions/SOL002_def.yaml#/definitions/KeyValuePairs' CertificateData: description: > This type provides input information related to subject of certificate. NOTE : Either set of “privatekey” and “certificateFile” or “keystoreFile” but not both shall be present. type: object properties: privateKey: type: string description: > Private key paired with the signed public key. VNFM shall generate both the private key and public key and set this attribute. See note. certificateFile: type: string description: > Signed certificate including the public key and certificate chain. See note. keystoreFile: type: string description: > Keystore which includes the private key, signed certificate, and certificate chain (e.g., pkcs#12, pfx). Credentials to read this file shall be provided to the VNF instance by outbound. See note. certSubjectData: description: > Subject to be signed. $ref: '../../General_Definitions/SOL002_def.yaml#/definitions/CertSubjectData' certifiateProfileName: type: string description: > Name of the certificate profile to be signed. CpConfiguration: description: > This type represents configuration parameters of a CP instance. Loading Loading
Readme.md +1 −1 Original line number Diff line number Diff line # NFV SOL002 and SOL003 APIs This repository hosts the [OpenAPI](https://www.openapis.org/) specificatons and other documentation for the APIs defined in ETSI NFV GSs SOL002 and SOL003 v4.4.1. for the APIs defined in ETSI NFV GSs SOL002 and SOL003 v4.5.1. The APIs described in this repository are defined for the following reference points: Loading
src/SOL002/APIVersion/APIVersion.yaml +2 −2 Original line number Diff line number Diff line Loading @@ -19,8 +19,8 @@ info: version: 1.3.0-impl:etsi.org:ETSI_NFV_OpenAPI:1 externalDocs: description: ETSI GS NFV-SOL 002 V4.4.1 url: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/002/04.04.01_60/gs_NFV-SOL002v040401p.pdf description: ETSI GS NFV-SOL 002 V4.5.1 url: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/002/04.05.01_60/gs_NFV-SOL002v040501p.pdf paths: /vnfconfig/api_versions: Loading
src/SOL002/General_Definitions/SOL002_def.yaml +411 −25 Original line number Diff line number Diff line Loading @@ -40,6 +40,140 @@ definitions: different type. type: object CertificateConfigurationData: description: > This type provides input information related to certificate management. type: object required: - securityPolicy properties: overridingCertificateProfile: description: > Overriding certificate profile. This overrides the certificateBaseProfile provided in the VNFD, and the CA and CMF can additionally override aspects of this certificateBaseProfile at later point in the VNF lifecycle if necessary to meet operator security policy. type: array items: $ref: '#/definitions/CertificateBaseProfile' securityPolicy: description: > Security policy to be satisfied for certificate. type: array items: $ref: '#/definitions/SecurityPolicy' cmfData: description: > Information for CMF. $ref: '#/definitions/CmfData' CmfData: description: > This type provides input information related to CMF for certificate management. type: object required: - endPoint - supportedProtocol properties: endPoint: description: End point of CMF instance. type: object required: - ipAddress - link properties: ipAddress: description: An IP address of this end point. $ref: '#/definitions/IpAddress' link: description: A link to this end point. $ref: '#/definitions/Link' supportedProtocol: description: Supported protocols by CMF instance. type: array items: type: string enum: - CMP - CMPv2 - EST - SCEP PaasServiceHandle: description: > This type provides information enabling the access and use of the PaaS Service by the VNF instance. The type and format of the handle depends on the form that the PaaS Service is formed. type: object required: - id properties: id: type: string description: > Identifier of this PaaS Service handle. $ref: "#/definitions/Identifier" interfaceInfo: description: > Information of the interface or interfaces to the PaaS Service instance, if applicable, such as the URI of an interface endpoint to communicate with the PaaS Service instance. $ref: "#/definitions/KeyValuePairs" accessInfo: description: > Authentication credentials for accessing the PaaS Service instance. If the PaasServiceHandle structure is part of an HTTP GET response payload body, sensitive attributes that are children of this attribute (such as passwords) shall not be included. $ref: "#/definitions/KeyValuePairs" extra: description: > PaaS Service instance specific additional information. The applicable structure, and whether or not this attribute is available, is dependent on the type of the PaaS Service. $ref: "#/definitions/KeyValuePairs" CmfInfo: description: > This type provides input information related to CMF for certificate management. type: object required: - id - endPoint - supportedProtocol properties: id: description: Identifier of this CMF information. type: string $ref: "#/definitions/Identifier" endPoint: description: End point of CMF instance. type: object required: - ipAddress - link properties: ipAddress: description: An IP address of this end point. $ref: '#/definitions/IpAddress' link: description: A link to this end point. $ref: '#/definitions/Link' supportedProtocols: description: Supported protocol by CMF instance. type: array items: type: string enum: - CMP - CMPv2 - EST - SCEP certificateChain: description: Certificate chain that this CMF provides. type: array items: $ref: '#/definitions/KeyValuePairs' ApiVersionInformation: description: > This type represents API version information. Loading Loading @@ -275,7 +409,15 @@ definitions: map entry may be used by an external CP instance different than the one that has used it before the operation, or by no external CP instance at all. Renaming a CPD identifier during the "changeCurrentVnfPkg" operation does not count as moving the related "cpConfig" map entries to a new "extCpData" structure. * NOTE 5: Subports need not be used for containerized VNFCs. The application container can send and receive IP packets with any VLAN tag as long as the network interface to connect to the secondary container cluster network has been configured appropriately. Thus, no individual cpConfig, except the one representing the trunk, need be modelled to allow traffic tagged with a particular VLAN through the connection point. * NOTE 6: In the case that the cloud native template included in the MCIOP describes the set of VNFC instances, for containerized VNFCs individual connection points need not be configured for each VNFC instance. It is only required to configure one "cpConfig" per "cpdId", not per VNFC instance. The case of using, for a scalable VDU, a cloud native template in the MCIOP that describes one single VNFC instance is not specified in the present document version. type: object required: - cpdId Loading @@ -291,7 +433,7 @@ definitions: The key of the map which identifies the individual VnfExtCpConfig entries is of type "IdentifierInVnf" and is managed by the NFVO. The entries shall be applied by the VNFM according to the rules of JSON Merge Patch (see IETF RFC 7396). See notes 2, 3 and 4. See notes 2, 3, 4, 5 and 6. type: object additionalProperties: $ref: "#/definitions/VnfExtCpConfig" Loading Loading @@ -580,14 +722,14 @@ definitions: * NOTE 1: The information about the VIM connection referenced by the VIM connection id is known to the VNFM. Moreover, the identifier of the VIM connection provides scope to the resourceId. * NOTE 2: A link port is not needed for an external CP instance that exposes a VIP CP in the following cases: 1) For a VIP CP directly exposed as an external CP: 1.1) No dedicated IP address is allocated as VIP address, as indicated in the VNFD. 1.2) A dedicated IP address is allocated as VIP address, but the NFVO indicates that no port is needed (createExtLinkPort in VnfExtCpConfig set to false). 2) For a VIP CP exposed as an external CP via a floating IP address: 2.1) No dedicated IP address is allocated as VIP address, as indicated in the VNFD, and the VNFC CP associated to the VIP CP is also exposed via a floating IP address. * NOTE 2: A link port is not needed for an external CP instance that exposes a CP in the following cases: 1) For a virtual IP CP directly exposed as an external CP: 1.1) No dedicated IP address is allocated as virtual IP address, as indicated in the VNFD. 1.2) A dedicated IP address is allocated as virtual IP address, but the NFVO indicates that no port is needed (createExtLinkPort in VnfExtCpconfig set to false). 2) For a virtual IP CP exposed as an external CP via a floating IP address: 2.1) No dedicated IP address is allocated as virtual IP address, as indicated in the VNFD, and the VNFC CP associated to the virtual IP CP is also exposed via a floating IP address. 3) For a VIRTUAL CP exposed as an external CP. 4) For a VNFC CP exposed as an external CP in a secondary container cluster external network. Loading Loading @@ -672,13 +814,13 @@ definitions: attribute of the VnfInstance (e.g. during a "Change current VNF package" operation or due to its final failure). $ref: "#/definitions/IdentifierInVnfd" scaleToLevel: $ref: "#/definitions/Identifier" scaleLevel: description: > Indicates the scale level. The minimum value shall be 0 and the maximum value shall be ≤ maxScaleLevel as and the maximum value shall be <= maxScaleLevel as described in the VNFD. $ref: "#/definitions/Identifier" type: integer AdditionalResourceInfo: description: > Loading Loading @@ -730,11 +872,261 @@ definitions: specification of the interface to attach the connection points to a secondary container cluster network. $ref: "#/definitions/ResourceHandle" Identifier: description: > An identifier with the intention of being globally unique. type: string AffectedCertificate: description: > This type provides input information about added, deleted and modified certificate contents. type: object required: - certificateInfoId - changeType properties: certificateInfoId: description: > Identifier of certificate information. type: string $ref: "#/definitions/Identifier" certificateBaseProfileId: description: > Identifier of certificate base profile. type: string $ref: "#/definitions/Identifier" securityPolicyId: description: > Identifier of security policy. type: string $ref: "#/definitions/Identifier" cmfInfoId: description: > Identifier of CMF information. type: string $ref: "#/definitions/Identifier" certificateContentId: description: > Identifier of certificate content. type: string $ref: "#/definitions/Identifier" changeType: description: > Signals the type of change. type: string enum: - ADD - REMOVE - MODIFY CertificateInfo: description: > Represents information about certificates, including configuration details and contents. type: object required: - id properties: id: description: > Identifier of this certificate information. type: string $ref: "#/definitions/Identifier" certificateConfigurationInfo: description: > Configuration for certificate management such as certificate profile, information of CMF, and security policy. $ref: '#/definitions/CertificateConfigurationInfo' certificateContents: description: > Information for contents of issued certificates. The information contained in this attribute may be updated over time during the VNF LCM, e.g., certificate(s) renewal. type: array items: $ref: '#/definitions/CertificateContent' CertificateContent: description: > This type provides input information related to certificate content. type: object required: - id - certificateDescId - certificateType properties: id: description: Identifier of this certificate. type: string $ref: "#/definitions/Identifier" certficateDescId: description: Identifier of certificate description in VNFD to be used to issue this certificate. type: string $ref: "#/definitions/IdentifierInVnfd" certificateType: description: Type of this certificate. type: string enum: - VNFCI_CERT - VNFOAM_CERT supportedCertificateManagements: description: Describes supported certificate management information. $ref: "#/definitions/KeyValuePairs" version: description: Version of this certificate. type: string $ref: "#/definitions/Version" serialNumber: description: Serial number of this certificate. type: integer signatureAlgorithm: description: Algorithm of this certificate's signature. type: string issuer: description: Issuer of this certificate. type: string notBefore: description: Start date of valid period for this certificate. $ref: "#/definitions/DateTime" notAfter: description: End date of valid period for this certificate. $ref: "#/definitions/DateTime" subject: description: Subject of this certificate. type: string publicKeyAlgorithm: description: Algorithm of this certificate's public key. type: string publicKey: description: Public key of this certificate. type: string certificateExtensions: $ref: "#/definitions/KeyValuePairs" description: Extension of this certificate. CertificateConfigurationInfo: description: > This type provides input information related to certificate management. type: object required: - securityPolicy properties: certificateBaseProfile: description: > Information for certificate profile. type: array $ref: "#/definitions/CertificateBaseProfile" securityPolicy: description: > Information for security policy to be satisfied for certificate. type: array items: $ref: "#/definitions/SecurityPolicy" delegationSupportedCertificateManagements: description: > Describes supported certificate management information. $ref: "#/definitions/KeyValuePairs" cmfInfo: description: > Information of CMF. type: object $ref: "#/definitions/CmfInfo" SecurityPolicy: description: > This type provides input information related to security policy for certificate management. type: object required: - id properties: id: description: Identifier of this security policy. type: string $ref: "#/definitions/Identifier" maxValidityPeriod: description: Allowed max validity period for certificates. type: integer allowedAlgorithm: description: Allowed signature algorithm. type: string minimumKeyLength: description: Minimum key length for certificates. type: integer CertificateBaseProfile: description: > This type provides input information to override certificate base profile for certificate management NOTE : At least one overriding attributes shall be present, otherwise shall be absent. required: - id properties: id: description: The identifier of this certificate profile. type: string $ref: "#/definitions/Identifier" issuer: type: string description: Issuer of certificates. See note. issuerUniqueIdentifier: type: string description: Identifier of this issuer of certificates. See note. $ref: "#/definitions/Identifier" subject: description: Subject of certificates. See note. $ref: '#/definitions/CertSubjectData' subjectUniqueIdentifier: description: Identifier of this subject of certificates. See note. type: string $ref: "#/definitions/Identifier" basicConstraints: type: string description: > Basic constraints of certificates. See note. issuerAltName: description: Alternative name of issuer of certificates in this NS. See note. type: array items: type: string subjectAltName: description: Alternative name of subject of certificates. Shall be present when this certificate is used for encrypted communication using IP address and subjectAltName attribute of CertificateBaseProfile in CertificateDesc of VNFD is empty (see ETSI GS NFV-IFA 011 [7],clause 7.1.19.4). See note type: array items: type: string nameConstraints: description: Name constraints of certificates. See note. type: array items: type: string CertSubjectData: description: > This type provides input information related to subject of certificate. * NOTE: At least one overriding attributes shall be present, otherwise shall be absent. type: object properties: commonName: description: Information of certification target subject FQDN. See note. type: string organization: description: Information of certification target subject Organization. See note. type: string country: description: Information of certification target subject Country. See note. type: string state: description: Information of certification target subject State. See note. type: string locality: description: Information of certification target subject Locality. See note. type: string emailAddress: description: Information of certification contact email address. See note. type: string DateTime: description: > Date-time stamp. Loading Loading @@ -917,6 +1309,7 @@ definitions: CREATE_SNAPSHOT | Represents the "Create VNF Snapshot" LCM operation. REVERT_TO_SNAPSHOT | Represents the “Revert-To VNF Snapshot" LCM operation. CHANGE_VNFPKG | Represents the "Change current VNF package" LCM operation. SELECT_DEPL_MODS | Represents the "Select VNF deployable modules" LCM operation type: string enum: - INSTANTIATE Loading @@ -931,6 +1324,7 @@ definitions: - CREATE_SNAPSHOT - REVERT_TO_SNAPSHOT - CHANGE_VNFPKG - SELECT_DEPL_MODS ProblemDetails: #SOL003 location: 4.3.5.3 Loading Loading @@ -1005,22 +1399,14 @@ definitions: Defines the types of Authentication / Authorization which the API consumer is willing to accept when receiving a notification. Permitted values: * BASIC: In every HTTP request to the notification endpoint, use HTTP Basic authentication with the client credentials. * OAUTH2_CLIENT_CREDENTIALS: In every HTTP request to the notification endpoint, use an OAuth 2.0 Bearer token, obtained using the client credentials grant type. * TLS_CERT: Every HTTP request to the notification endpoint is sent over a mutually authenticated TLS session, i.e. not only the server is authenticated, but also the client is authenticated during the TLS tunnel setup. type: array items: type: string enum: - BASIC - OAUTH2_CLIENT_CREDENTIALS - TLS_CERT paramsBasic: description: > Parameters for authentication/authorization using BASIC. Loading
src/SOL002/VNFConfiguration/VNFConfiguration.yaml +3 −3 Original line number Diff line number Diff line Loading @@ -16,11 +16,11 @@ info: license: name: ETSI Forge copyright notice url: https://forge.etsi.org/etsi-forge-copyright-notice.txt version: 1.11.0-impl:etsi.org:ETSI_NFV_OpenAPI:1 version: 1.12.0-impl:etsi.org:ETSI_NFV_OpenAPI:1 externalDocs: description: ETSI GS NFV-SOL 002 V4.4.1 url: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/002/04.04.01_60/gs_NFV-SOL002v040401p.pdf description: ETSI GS NFV-SOL 002 V4.5.1 url: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/002/04.05.01_60/gs_NFV-SOL002v040501p.pdf servers: - url: http://127.0.0.1/vnfconfig/v1 Loading
src/SOL002/VNFConfiguration/definitions/SOL002VNFConfiguration_def.yaml +39 −2 Original line number Diff line number Diff line Loading @@ -95,8 +95,8 @@ definitions: VnfcConfigurationData: description: > This type represents configuration parameters of a VNFC instance. * NOTE: ETSI GS NFV-SOL 001 specifies the structure and format of the VNFD based on TOSCA specifications. NOTE: ETSI GS NFV-SOL 001 specifies the structure and format of the VNFD based on TOSCA specifications. type: object required: - vnfcInstanceId Loading @@ -112,12 +112,49 @@ definitions: type: array items: $ref: '#/definitions/CpConfiguration' certificateData: description: > Certificates data to be configured or modified into VNFC instance. Shall be present if delegation-mode is used. Otherwise it shall be absent. type: array items: $ref: '#/definitions/CertificateData' vnfcSpecificData: description: > Additional configurable properties of the VNFC instance declared in the VNFD as "VnfcConfigurableProperties". See note. $ref: '../../General_Definitions/SOL002_def.yaml#/definitions/KeyValuePairs' CertificateData: description: > This type provides input information related to subject of certificate. NOTE : Either set of “privatekey” and “certificateFile” or “keystoreFile” but not both shall be present. type: object properties: privateKey: type: string description: > Private key paired with the signed public key. VNFM shall generate both the private key and public key and set this attribute. See note. certificateFile: type: string description: > Signed certificate including the public key and certificate chain. See note. keystoreFile: type: string description: > Keystore which includes the private key, signed certificate, and certificate chain (e.g., pkcs#12, pfx). Credentials to read this file shall be provided to the VNF instance by outbound. See note. certSubjectData: description: > Subject to be signed. $ref: '../../General_Definitions/SOL002_def.yaml#/definitions/CertSubjectData' certifiateProfileName: type: string description: > Name of the certificate profile to be signed. CpConfiguration: description: > This type represents configuration parameters of a CP instance. Loading
