diff --git a/README.md b/README.md
index 8ac0f338818bf763449bab1608a7b311efbd105b..06c443870f329218856706bdb639b5c23cf245ff 100644
--- a/README.md
+++ b/README.md
@@ -1,14 +1,14 @@
 # NFV API Conformance Test Specification (NFV-TST 010)
 
 This repository hosts the NFV API Conformance test specification for 
-the APIs defined in ETSI NFV GS [SOL002](https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/002/04.04.01_60/gs_NFV-SOL002v040401p.pdf), 
-[SOL003](https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/003/04.04.01_60/gs_NFV-SOL003v040401p.pdf), 
-[SOL005](https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/005/04.04.01_60/gs_NFV-SOL005v040401p.pdf),
-[SOL009](https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/009/04.04.01_60/gs_NFV-SOL009v040401p.pdf) in their versions 
-4.4.1, [SOL011](https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/011/04.04.01_60/gs_NFV-SOL011v040401p.pdf) in its version 4.4.1, 
-and [SOL012](https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/012/04.04.01_60/gs_NFV-SOL012v040401p.pdf) in its version 4.4.1.
+the APIs defined in ETSI NFV GS [SOL002](https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/002/04.05.01_60/gs_NFV-SOL002v040501p.pdf), 
+[SOL003](https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/003/04.05.01_60/gs_NFV-SOL003v040501p.pdf), 
+[SOL005](https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/005/04.05.01_60/gs_NFV-SOL005v040501p.pdf),
+[SOL009](https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/009/04.05.01_60/gs_NFV-SOL009v040501p.pdf),
+[SOL011](https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/011/04.05.01_60/gs_NFV-SOL011v040501p.pdf), 
+[SOL012](https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/012/04.05.01_60/gs_NFV-SOL012v040501p.pdf) in their versions 4.5.1.
 
-More information and download is available at [DGS/NFV-TST010ed441]().
+More information and download is available at [DGS/NFV-TST010ed451]().
 
 ## Available versions
 
@@ -33,6 +33,7 @@ The NFV API Conformance test specification is available in the following version
 | v4.3.1         | SOL002 SOL003 SOL005 v4.3.1<br>SOL009               v4.3.1<br>SOL011               v3.3.1<br>SOL012               v3.4.1 | [v4.3.1](https://forge.etsi.org/rep/nfv/api-tests/tree/4.3.1/) |
 | v4.3.1-maintenance | SOL002 SOL003 SOL005 v4.3.1<br>SOL009               v4.3.1<br>SOL011               v3.3.1<br>SOL012               v3.4.1 | [v4.3.1-fix-plu](https://forge.etsi.org/rep/nfv/api-tests/tree/4.3.1-fix-plu/) |
 | v4.4.1         | SOL002 SOL003 SOL005 v4.4.1<br>SOL009               v4.4.1<br>SOL011               v4.4.1<br>SOL012               v4.4.1 | [v4.4.1](https://forge.etsi.org/rep/nfv/api-tests/tree/4.4.1/)|
+| v4.5.1         | SOL002 SOL003 SOL005 v4.5.1<br>SOL009               v4.5.1<br>SOL011               v4.5.1<br>SOL012               v4.5.1 | WIP|
 
 ## Test Specification Overview
 
diff --git a/SOL002/README.md b/SOL002/README.md
index ee46293ea8c00de5aa2cd08a367331f1529a3ca3..c24b4f49d3223470d40cbe49ee9dd9a92b9d3d1a 100644
--- a/SOL002/README.md
+++ b/SOL002/README.md
@@ -2,4 +2,4 @@
 
 This folder includes the NFV API conformance test descriptions for NFV SOL002 APIs.
 
-The reference spec version is v4.4.1: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/002/04.04.01_60/gs_NFV-SOL002v040401p.pdf
+The reference spec version is v4.5.1: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/002/04.05.01_60/gs_NFV-SOL002v040501p.pdf
diff --git a/SOL002/VNFConfiguration-API/ApiVersion.robot b/SOL002/VNFConfiguration-API/ApiVersion.robot
index a392e48ceca165769811add868e486e2f820a4ed..7e0d66f44423ac9116214e995d9bae00d3f791f9 100644
--- a/SOL002/VNFConfiguration-API/ApiVersion.robot
+++ b/SOL002/VNFConfiguration-API/ApiVersion.robot
@@ -130,70 +130,80 @@ DELETE API Version with apiMajorVerion - Method not implemented
 
 *** Keywords ***
 POST API Version
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Post    ${apiRoot}/${apiName}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 GET API Version
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 PUT API Version
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Put    ${apiRoot}/${apiName}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 PATCH API Version
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Patch    ${apiRoot}/${apiName}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 DELETE API Version
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 POST API Version with apiMajorVersion
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 GET API Version with apiMajorVersion
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 PUT API Version with apiMajorVersion
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Put    ${apiRoot}/${apiName}/${apiMajorVersion}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 PATCH API Version with apiMajorVersion
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 DELETE API Version with apiMajorVersion
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/api_versions
     ${outputResponse}=    Output    response
diff --git a/SOL002/VNFConfiguration-API/Configuration.robot b/SOL002/VNFConfiguration-API/Configuration.robot
index 5ab2c41484b273c74318ba534d361baebea8b2d5..93a73a9305f0b033766ad25329c2fa87666c8ef9 100644
--- a/SOL002/VNFConfiguration-API/Configuration.robot
+++ b/SOL002/VNFConfiguration-API/Configuration.robot
@@ -6,6 +6,7 @@ Library    JSONSchemaLibrary    schemas/
 Library    OperatingSystem
 Library    String
 Library    DependencyLibrary
+Library    jwt
 
 *** Test Cases ***
 Set new VNF Configuration
@@ -13,7 +14,7 @@ Set new VNF Configuration
     ...    Test title: Set a new VNF Configuration
     ...    Test objective: The objective is to test the creation of a new VNF configuration and perform a JSON schema validation of the returned configuration data structure
     ...    Pre-conditions: A VNF instance is instantiated
-    ...    Reference: Clause 9.4.2.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 9.4.2.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation of HTTP Etag opaque identifiers
     ...    Post-Conditions: The configuration is successfully set in the VNF and it matches the issued configuration
@@ -29,7 +30,7 @@ Get information about a VNF configuration
     ...    Test title: Get information about a VNF configuration
     ...    Test objective: The objective is to test the retrieval of an existing VNF instance configuration and perform a JSON schema validation of the collected configuration data structure
     ...    Pre-conditions: A VNF instance is instantiated. The VNF instance is already configured.
-    ...    Reference: Clause 9.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 9.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -43,7 +44,7 @@ Get information about a VNF configuration with HTTP Etag
     ...    Test title: Get information about a VNF configuration with HTTP Etag
     ...    Test objective: The objective is to test the retrieval of an existing VNF instance configuration, check the generation by the VNF of an HTTP Etag opaque identifier, and perform a JSON schema validation of the collected configuration data structure
     ...    Pre-conditions:  A VNF instance is instantiated. The VNF instance is already configured
-    ...    Reference: Clause 9.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 9.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation of HTTP Etag opaque identifiers
     ...    Post-Conditions: none
@@ -58,7 +59,7 @@ Set new VNF Configuration - HTTP Etag precondition unsuccessful
     ...    Test title: Set a new VNF Configuration - HTTP Etag precondition unsuccessful
     ...    Test objective: The objective is to test the unsuccess in setting a duplication of VNF configuration identified by an already used HTTP Etag identifier. The test also checks the JSON schema of the unsuccessful operation HTTP response.
     ...    Pre-conditions:  A VNF instance is instantiated. The VNF instance is already configured (Test ID 6.3.1.1.1) with a given HTTP Etag identifier.
-    ...    Reference: Clause 9.4.2.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 9.4.2.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation of HTTP Etag opaque identifiers
     ...    Post-Conditions:  The VNF configuration is not modified by the unsuccessful operation and it matches the configuration issued in Test ID 6.3.1.1.1
@@ -72,7 +73,7 @@ POST VNF Configuration - Method not implemented
     ...    Test title: POST VNF Configuration - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new VNF configuration
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 9.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -84,7 +85,7 @@ PUT VNF Configuration - Method not implemented
     ...    Test title: PUT VNF Configuration - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify an existing VNF configuration
     ...    Pre-conditions:  none
-    ...    Reference: Clause 9.4.2.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 9.4.2.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -96,7 +97,7 @@ DELETE VNF Configuration - Method not implemented
     ...    Test title: Delete VNF Configuration - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete an existing VNF configuration
     ...    Pre-conditions:  none
-    ...    Reference: Clause 9.4.2.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 9.4.2.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -108,7 +109,7 @@ Set new VNF Configuration With Attribute vnfConfigurationData
     ...    Test title: Set a new VNF Configuration with Attribute vnfConfigurationData
     ...    Test objective: The objective is to test the creation of a new VNF configuration and perform a JSON schema validation of the returned configuration data structure
     ...    Pre-conditions: A VNF instance is instantiated
-    ...    Reference: Clause 9.4.2.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 9.4.2.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation of HTTP Etag opaque identifiers
     ...    Post-Conditions: The configuration is successfully set in the VNF and it matches the issued configuration
@@ -123,7 +124,7 @@ Set new VNF Configuration With Attribute vnfcConfigurationData
     ...    Test title: Set a new VNF Configuration with Attribute vnfcConfigurationData
     ...    Test objective: The objective is to test the creation of a new VNF configuration and perform a JSON schema validation of the returned configuration data structure
     ...    Pre-conditions: A VNF instance is instantiated
-    ...    Reference: Clause 9.4.2.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 9.4.2.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation of HTTP Etag opaque identifiers
     ...    Post-Conditions: The configuration is successfully set in the VNF and it matches the issued configuration
@@ -132,12 +133,37 @@ Set new VNF Configuration With Attribute vnfcConfigurationData
     Check HTTP Response Header Contains ETag and Last-Modified
     Check HTTP Response Body Json Schema Is   vnfConfigModifications
     Check Postcondition VNF Is Configured
-
-
+Get information about a VNF configuration with permitted authorization scope
+    [Tags]    no-etag
+    [Documentation]    Test ID: 6.3.1.1.10
+    ...    Test title: Get information about a VNF configuration with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of an existing VNF instance configuration and perform a JSON schema validation of the collected configuration data structure with permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated. The VNF instance is already configured.
+    ...    Reference: Clause 9.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get VNF configuration with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   vnfConfiguration
+Get information about a VNF configuration with NOT permitted authorization scope
+    [Tags]    no-etag
+    [Documentation]    Test ID: 6.3.1.1.11
+    ...    Test title: Get information about a VNF configuration with not permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of an existing VNF instance configuration and perform a JSON schema validation of the collected configuration data structure with not permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated. The VNF instance is already configured.
+    ...    Reference: Clause 9.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get VNF configuration with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is   ProblemDetails
 *** Keywords ***    
 Get VNF configuration
     Log    Query VNF The GET method queries information about a configuration.
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Log    Execute Query and validate response
@@ -147,7 +173,8 @@ Get VNF configuration
 
 Send VNF configuration
     log    Trying to perform a PATCH. This method modifies the configuration    
-    Set Headers  {"Accept":"${ACCEPT}"} 
+    Set Headers  {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${body}=    Get File    jsons/vnfConfigModifications.json
@@ -190,6 +217,7 @@ Send Duplicated VNF configuration
     Depends On Test    Send VNF configuration    # If the previous test scceeded, it means that Etag has been modified
     log    Trying to perform a PATCH. This method modifies an individual alarm resource
     Set Headers  {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Set Headers    {"If-Match": "${etag}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
@@ -200,7 +228,8 @@ Send Duplicated VNF configuration
 
 Send POST Request for VNF Configuration
     log    Trying to perform a POST. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/configuration
     ${output}=    Output    response
@@ -208,7 +237,8 @@ Send POST Request for VNF Configuration
     
 Send PUT Request for VNF Configuration
     log    Trying to perform a POST. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Put    ${apiRoot}/${apiName}/${apiMajorVersion}/configuration
     ${output}=    Output    response
@@ -216,7 +246,8 @@ Send PUT Request for VNF Configuration
     
 Send DELETE Request for VNF Configuration
     log    Trying to perform a POST. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/configuration
     ${output}=    Output    response
@@ -224,7 +255,8 @@ Send DELETE Request for VNF Configuration
 
 Send VNF configuration with vnfConfigurationData
     log    Trying to perform a PATCH. This method modifies the configuration when attribute is vnfConfigurationData   
-    Set Headers  {"Accept":"${ACCEPT}"} 
+    Set Headers  {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File   jsons/vnfConfigModificationsWithVnfConfigurationData.json
@@ -235,7 +267,8 @@ Send VNF configuration with vnfConfigurationData
   
 Send VNF configuration with vnfcConfigurationData
     log    Trying to perform a PATCH. This method modifies the configuration when attribute is vnfcConfigurationData  
-    Set Headers  {"Accept":"${ACCEPT}"} 
+    Set Headers  {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File   jsons/vnfConfigModificationsWithvnfcConfigurationData.json
@@ -247,4 +280,32 @@ Check HTTP Response Header Contains
     [Arguments]    ${CONTENT_TYPE}
     Log    ${response['headers']}
     Should Contain    ${response['headers']}    ${CONTENT_TYPE}
-    Log    Header is present
\ No newline at end of file
+    Log    Header is present
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded}
+Get VNF configuration with permitted authorization scope
+    Log    Query VNF The GET method queries information about a configuration with permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${CONFIGURATION_SCOPE}
+    ${Authorization_Key}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${Authorization_Key}"}
+    Log    Execute Query and validate response
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/configuration
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+Get VNF configuration with not permitted authorization scope
+    Log    Query VNF The GET method queries information about a configuration with not permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${Authorization_Key}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${Authorization_Key}"}
+    Log    Execute Query and validate response
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/configuration
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
\ No newline at end of file
diff --git a/SOL002/VNFConfiguration-API/environment/variables.txt b/SOL002/VNFConfiguration-API/environment/variables.txt
index 2e7355081c23089053107fbe10736eac284cbe2a..bebd011d7f792dd6862b43b2a5cac83b07b5fbd8 100644
--- a/SOL002/VNFConfiguration-API/environment/variables.txt
+++ b/SOL002/VNFConfiguration-API/environment/variables.txt
@@ -10,6 +10,10 @@ ${ACCEPT}         application/json
 ${AUTH_USAGE}     1
 ${AUTHORIZATION_HEADER}    Authorization
 ${AUTHORIZATION_TOKEN}    Bearer 0b79bab50daca910b000d4f1a2b675d604257e42
+${NEG_SCOPE}    configuration:v1:invalid
+${CONFIGURATION_SCOPE}    configuration:v1:invalid
+${OAUTH_Encryption_ALGORITHM}   HS256
+${API_VERSION}      1.12.0
 
 ${CONTENT_TYPE}    application/json
 
diff --git a/SOL002/VNFConfiguration-API/schemas/vnfConfigModifications.schema.json b/SOL002/VNFConfiguration-API/schemas/vnfConfigModifications.schema.json
index d6d51413ecd46dc2328a566d7c183aa2100f3a4c..cf781befc661b18495c1796de51324899393b82f 100644
--- a/SOL002/VNFConfiguration-API/schemas/vnfConfigModifications.schema.json
+++ b/SOL002/VNFConfiguration-API/schemas/vnfConfigModifications.schema.json
@@ -200,6 +200,62 @@
               }
             }
           },
+          "certificateData": {
+            "description": "Certificates data to be configured or modified into VNFC instance. Shall be present if delegation-mode is used. Otherwise it shall be absent.\n",
+            "type": "array",
+            "items": {
+              "description": "This type provides input information related to subject of certificate.\nNOTE : Either set of ΓÇ£privatekeyΓÇ¥ and ΓÇ£certificateFileΓÇ¥ or ΓÇ£keystoreFileΓÇ¥ but not both shall be present.\n",
+              "type": "object",
+              "properties": {
+                "privateKey": {
+                  "type": "string",
+                  "description": "Private key paired with the signed public key. VNFM shall generate both the private key and public key and set this attribute. See note.\n"
+                },
+                "certificateFile": {
+                  "type": "string",
+                  "description": "Signed certificate including the public key and certificate chain. See note.\n"
+                },
+                "keystoreFile": {
+                  "type": "string",
+                  "description": "Keystore which includes the private key, signed certificate, and certificate chain (e.g., pkcs#12, pfx). Credentials to read this file shall be provided to the VNF instance by outbound. See note.\n"
+                },
+                "certSubjectData": {
+                  "description": "This type provides input information related to subject of certificate.\n* NOTE: At least one overriding attributes shall be present, otherwise shall be absent.\n",
+                  "type": "object",
+                  "properties": {
+                    "commonName": {
+                      "description": "Information of certification target subject FQDN. See note.",
+                      "type": "string"
+                    },
+                    "organization": {
+                      "description": "Information of certification target subject Organization. See note.",
+                      "type": "string"
+                    },
+                    "country": {
+                      "description": "Information of certification target subject Country. See note.",
+                      "type": "string"
+                    },
+                    "state": {
+                      "description": "Information of certification target subject State. See note.",
+                      "type": "string"
+                    },
+                    "locality": {
+                      "description": "Information of certification target subject Locality. See note.",
+                      "type": "string"
+                    },
+                    "emailAddress": {
+                      "description": "Information of certification contact email address. See note.",
+                      "type": "string"
+                    }
+                  }
+                },
+                "certifiateProfileName": {
+                  "type": "string",
+                  "description": "Name of the certificate profile to be signed.\n"
+                }
+              }
+            }
+          },
           "vnfcSpecificData": {
             "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
             "type": "object"
diff --git a/SOL002/VNFConfiguration-API/schemas/vnfConfiguration.schema.json b/SOL002/VNFConfiguration-API/schemas/vnfConfiguration.schema.json
index d99f14882e434195fdb467b627048b7aef38834b..2b95e2321491442a6a87007de120a773493bd62d 100644
--- a/SOL002/VNFConfiguration-API/schemas/vnfConfiguration.schema.json
+++ b/SOL002/VNFConfiguration-API/schemas/vnfConfiguration.schema.json
@@ -191,6 +191,62 @@
               }
             }
           },
+          "certificateData": {
+            "description": "Certificates data to be configured or modified into VNFC instance. Shall be present if delegation-mode is used. Otherwise it shall be absent.\n",
+            "type": "array",
+            "items": {
+              "description": "This type provides input information related to subject of certificate.\nNOTE : Either set of ΓÇ£privatekeyΓÇ¥ and ΓÇ£certificateFileΓÇ¥ or ΓÇ£keystoreFileΓÇ¥ but not both shall be present.\n",
+              "type": "object",
+              "properties": {
+                "privateKey": {
+                  "type": "string",
+                  "description": "Private key paired with the signed public key. VNFM shall generate both the private key and public key and set this attribute. See note.\n"
+                },
+                "certificateFile": {
+                  "type": "string",
+                  "description": "Signed certificate including the public key and certificate chain. See note.\n"
+                },
+                "keystoreFile": {
+                  "type": "string",
+                  "description": "Keystore which includes the private key, signed certificate, and certificate chain (e.g., pkcs#12, pfx). Credentials to read this file shall be provided to the VNF instance by outbound. See note.\n"
+                },
+                "certSubjectData": {
+                  "description": "This type provides input information related to subject of certificate.\n* NOTE: At least one overriding attributes shall be present, otherwise shall be absent.\n",
+                  "type": "object",
+                  "properties": {
+                    "commonName": {
+                      "description": "Information of certification target subject FQDN. See note.",
+                      "type": "string"
+                    },
+                    "organization": {
+                      "description": "Information of certification target subject Organization. See note.",
+                      "type": "string"
+                    },
+                    "country": {
+                      "description": "Information of certification target subject Country. See note.",
+                      "type": "string"
+                    },
+                    "state": {
+                      "description": "Information of certification target subject State. See note.",
+                      "type": "string"
+                    },
+                    "locality": {
+                      "description": "Information of certification target subject Locality. See note.",
+                      "type": "string"
+                    },
+                    "emailAddress": {
+                      "description": "Information of certification contact email address. See note.",
+                      "type": "string"
+                    }
+                  }
+                },
+                "certifiateProfileName": {
+                  "type": "string",
+                  "description": "Name of the certificate profile to be signed.\n"
+                }
+              }
+            }
+          },
           "vnfcSpecificData": {
             "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
             "type": "object"
diff --git a/SOL002/VNFFaultManagement-API/Alarms.robot b/SOL002/VNFFaultManagement-API/Alarms.robot
index 85e66e5ede230c3bda250beab7c7e0ae2fc1e11f..06c9fc6997c654ff22f2b8927a445ac1204ba889 100644
--- a/SOL002/VNFFaultManagement-API/Alarms.robot
+++ b/SOL002/VNFFaultManagement-API/Alarms.robot
@@ -6,6 +6,7 @@ Library    JSONLibrary
 Library    JSONSchemaLibrary    schemas/
 Library    OperatingSystem
 Library     Collections
+Library    jwt
 
 *** Test Cases ***
 POST Alarms - Method not implemented
@@ -13,7 +14,7 @@ POST Alarms - Method not implemented
     ...    Test title: POST Alarms - Method not implemented
     ...    Test objective: The objective is to test that the method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -25,7 +26,7 @@ GET information about multiple alarms
     ...    Test title: GET information about multiple alarms
     ...    Test objective: The objective is to retrieve information about the alarm list
     ...    Pre-conditions: none 
-    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -38,7 +39,7 @@ GET information about multiple alarms with attribute-based filter
     ...    Test title: GET information about multiple alarms with attribute-based filter
     ...    Test objective: The objective is to retrieve information about the alarm list with attribute-based filter
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -51,7 +52,7 @@ GET information about multiple alarms with invalid attribute-based filter
     ...    Test title: GET information about multiple alarms with invalid attribute-based filter
     ...    Test objective: The objective is to retrieve information about the alarm list
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -64,7 +65,7 @@ GET information about multiple alarms with "all_fields" attribute selector
     ...    Test title: GET information about multiple alarms with "all_fields" attribute selector
     ...    Test objective: The objective is to retrieve information about the alarm list
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.2.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.2.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -77,7 +78,7 @@ GET information about multiple alarms with exclude_default attribute selector
     ...    Test title: GET information about multiple alarms with "exclude_default" attribute selector
     ...    Test objective: The objective is to retrieve information about the alarm list
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.2.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.2.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -90,7 +91,7 @@ GET information about multiple alarms with fields attribute selector
     ...    Test title: GET information about multiple alarms with fields attribute selector
     ...    Test objective: The objective is to retrieve information about the alarm list
     ...    Pre-conditions: none 
-    ...    Reference: Clause 7.4.2.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.2.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -103,7 +104,7 @@ GET information about multiple alarms with "exclude_fields" attribute selector
     ...    Test title: GET information about multiple alarms with "exclude_fields" attribute selector
     ...    Test objective: The objective is to retrieve information about the alarm list
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.2.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.2.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -116,7 +117,7 @@ PUT Alarms - Method not implemented
     ...    Test title: PUT Alarms - Method not implemented
     ...    Test objective: The objective is to test that the method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.2.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.2.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -128,7 +129,7 @@ PATCH Alarms - Method not implemented
     ...    Test title: PATCH Alarms - Method not implemented
     ...    Test objective: The objective is to test that the method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.2.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.2.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -140,7 +141,7 @@ DELETE Alarms - Method not implemented
     ...    Test title: DELETE Alarms - Method not implemented
     ...    Test objective: The objective is to test that the method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.2.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.2.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -152,7 +153,7 @@ GET information about multiple alarms to get Paged Response
     ...    Test title: GET information about multiple alarms to get Paged Response
     ...    Test objective: The objective is to retrieve information about the alarms to get paged response
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions:  none
@@ -165,7 +166,7 @@ GET information about multiple alarms for Bad Request Response too big
     ...    Test title: GET information about multiple alarms for Bad Request Response too big
     ...    Test objective: The objective is to test that GET method fail retrieving status information about Alarms when Response is too big, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -178,7 +179,7 @@ GET information about alarms with attribute-based filter "id"
     ...    Test title: GET information about alarms with attribute-based filter "id"
     ...    Test objective: The objective is to retrieve information about the alarm list with alarm filter "id"
     ...    Pre-conditions: none 
-    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -192,7 +193,7 @@ GET information about multiple alarms with attribute-based filter "vnfcInstanceI
     ...    Test title: GET information about multiple alarms with attribute-based filter "vnfcInstanceIds"
     ...    Test objective: The objective is to retrieve information about the alarm list with attribute filter "vnfcInstanceIds"
     ...    Pre-conditions: none 
-    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -206,7 +207,7 @@ GET information about multiple alarms with attribute-based filter "rootCauseFaul
     ...    Test title: GET information about multiple alarms with attribute-based filter "rootCauseFaultyResource.faultyResourceType"
     ...    Test objective: The objective is to retrieve information about the alarm list with attribute filter "rootCauseFaultyResource.faultyResourceType"
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -220,7 +221,7 @@ GET information about multiple alarms with attribute-based filter "eventType"
     ...    Test title: GET information about multiple alarms with attribute-based filter "eventType"
     ...    Test objective: The objective is to retrieve information about the alarm list with attribute filter "eventType"
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -234,7 +235,7 @@ GET information about multiple alarms with attribute-based filter "perceivedSeve
     ...    Test title: GET information about multiple alarms with attribute-based filter "perceivedSeverity"
     ...    Test objective: The objective is to retrieve information about the alarm list with attribute filter "perceivedSeverity"
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -248,7 +249,7 @@ GET information about multiple alarms with attribute-based filter "probableCause
     ...    Test title: GET information about multiple alarms with attribute-based filter "probableCause"
     ...    Test objective: The objective is to retrieve information about the alarm list with attribute filter "probableCause"
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -256,39 +257,68 @@ GET information about multiple alarms with attribute-based filter "probableCause
     Check HTTP Response Status Code Is    200
     Check HTTP Response Body Json Schema Is    alarms 
     Check PostCondition HTTP Response Body alarms Matches the requested attribute-based filter "probableCause"
+GET information about multiple alarms with permitted authorization scope
+    [Documentation]    Test ID: 6.3.4.1.20
+    ...    Test title: GET information about multiple alarms with permitted authorization scope 
+    ...    Test objective: The objective is to retrieve information about the alarm list with permitted authorization scope
+    ...    Pre-conditions: none 
+    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Alarms Task with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    alarms    
+GET information about multiple alarms with not permitted authorization scope
+    [Documentation]    Test ID: 6.3.4.1.21
+    ...    Test title: GET information about multiple alarms with not permitted authorization scope
+    ...    Test objective: The objective is to retrieve information about the alarm list with not permitted authorization scope
+    ...    Pre-conditions: none 
+    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Alarms Task with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
 
 *** Keywords ***
 POST Alarms Task
     log    Trying to perform a POST. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
 PUT Alarms Task
     log    Trying to perform a PUT. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Put    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
 PATCH Alarms Task
     log    Trying to perform a PATCH. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
 DELETE Alarms Task
     log    Trying to perform a DELETE. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}			
 GET Alarms Task	
 	Log    Query VNF The GET method queries information about multiple alarms.
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Log    Execute Query and validate response
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms
@@ -296,7 +326,8 @@ GET Alarms Task
 	Set Global Variable    ${response}    ${outputResponse}
 GET Alarms Task with filter
 	Log    Query VNF The GET method queries information about multiple alarms with filters.
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Log    Execute Query and validate response
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms?${alarm_filter}=${managedObjectId} 
@@ -304,7 +335,8 @@ GET Alarms Task with filter
 	Set Global Variable    ${response}    ${outputResponse}	   	
 GET Alarms Task with invalid filter
 	Log    Query VNF The GET method queries information about multiple alarms with filters.
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Log    Execute Query and validate response
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms?${invalid_alarm_filter}=${managedObjectId} 
@@ -313,6 +345,7 @@ GET Alarms Task with invalid filter
 GET Alarms Task with all_fields attribute selector
     Log    Query VNF The GET method queries information about multiple alarms, using fields
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms?exclude_default
     ${output}=    Output    response
@@ -320,6 +353,7 @@ GET Alarms Task with all_fields attribute selector
 GET Alarms Task with exclude_default attribute selector
     Log    Query VNF The GET method queries information about multiple alarms, using fields
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms?exclude_default
     ${output}=    Output    response
@@ -327,6 +361,7 @@ GET Alarms Task with exclude_default attribute selector
 GET Alarms Task with fields attribute selector
     Log    Query VNF The GET method queries information about multiple alarms, using fields
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms?fields=${fields}
     ${output}=    Output    response
@@ -334,6 +369,7 @@ GET Alarms Task with fields attribute selector
 GET Alarms Task with exclude_fields attribute selector
     Log    Query VNF The GET method queries information about multiple alarms, using fields
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms?exclude_fields=${fields}
     ${output}=    Output    response
@@ -364,7 +400,8 @@ Check HTTP Response Header Contain Link
     
 GET Alarms Task with filter "id"
 	Log    Query VNF The GET method queries information about multiple alarms with filters "id".
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Log    Execute Query and validate response
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms?id=${alarmId}
@@ -376,7 +413,8 @@ Check PostCondition HTTP Response Body alarms Matches the requested attribute-ba
 
 GET Alarms Task with filter "vnfcInstanceIds"
 	Log    Query VNF The GET method queries information about multiple alarms with filters "vnfcInstanceIds".
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Log    Execute Query and validate response
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms?vnfcInstanceIds=${vnfcInstanceIds}
@@ -390,7 +428,8 @@ Check PostCondition HTTP Response Body alarms Matches the requested attribute-ba
 	
 GET Alarms Task with filter "rootCauseFaultyResource_faultyResourceType"
 	Log    Query VNF The GET method queries information about multiple alarms with filters "rootCauseFaultyResource.faultyResourceType".
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Log    Execute Query and validate response
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms?rootCauseFaultyResource.faultyResourceType=${faultyResourceType}
@@ -404,7 +443,8 @@ Check PostCondition HTTP Response Body alarms Matches the requested attribute-ba
 	
 GET Alarms Task with filter "eventType"
 	Log    Query VNF The GET method queries information about multiple alarms with filters "eventType".
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Log    Execute Query and validate response
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms?eventType=${eventType}
@@ -418,7 +458,8 @@ Check PostCondition HTTP Response Body alarms Matches the requested attribute-ba
 	
 GET Alarms Task with filter "perceivedSeverity"
 	Log    Query VNF The GET method queries information about multiple alarms with filters "perceivedSeverity".
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Log    Execute Query and validate response
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms?perceivedSeverity=${perceivedSeverity}
@@ -432,7 +473,8 @@ Check PostCondition HTTP Response Body alarms Matches the requested attribute-ba
 	
 GET Alarms Task with filter "probableCause"
 	Log    Query VNF The GET method queries information about multiple alarms with filters "probableCause".
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Log    Execute Query and validate response
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms?probableCause=${probableCause}
@@ -442,4 +484,31 @@ GET Alarms Task with filter "probableCause"
 Check PostCondition HTTP Response Body alarms Matches the requested attribute-based filter "probableCause"
     FOR   ${item}   IN  @{response['body']}
     Should Be Equal As Strings    ${item['probableCause']}   ${probableCause}
-    END
\ No newline at end of file
+    END
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded}
+GET Alarms Task with permitted authorization scope
+	Log    Query VNF The GET method queries information about multiple alarms with permitted authorization scope.
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
+    ${scope_value}=    Create Dictionary    scopeValue=${ALARMS_READONLY_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Execute Query and validate response
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+GET Alarms Task with not permitted authorization scope
+	Log    Query VNF The GET method queries information about multiple alarms with not permitted authorization scope.
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Execute Query and validate response
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
\ No newline at end of file
diff --git a/SOL002/VNFFaultManagement-API/ApiVersion.robot b/SOL002/VNFFaultManagement-API/ApiVersion.robot
index e86481de002f4c1a8ae4f6f744d0e0565b0117a9..5a64fe97e088c1db303c279681b84fbcc192aa30 100644
--- a/SOL002/VNFFaultManagement-API/ApiVersion.robot
+++ b/SOL002/VNFFaultManagement-API/ApiVersion.robot
@@ -132,70 +132,80 @@ DELETE API Version with apiMajorVerion - Method not implemented
 
 *** Keywords ***
 POST API Version
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Post    ${apiRoot}/${apiName}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 GET API Version
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 PUT API Version
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Put    ${apiRoot}/${apiName}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 PATCH API Version
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Patch    ${apiRoot}/${apiName}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 DELETE API Version
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 POST API Version with apiMajorVersion
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 GET API Version with apiMajorVersion
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 PUT API Version with apiMajorVersion
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Put    ${apiRoot}/${apiName}/${apiMajorVersion}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 PATCH API Version with apiMajorVersion
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 DELETE API Version with apiMajorVersion
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/api_versions
     ${outputResponse}=    Output    response
diff --git a/SOL002/VNFFaultManagement-API/EscalatePerceivedSeverityTask.robot b/SOL002/VNFFaultManagement-API/EscalatePerceivedSeverityTask.robot
index 9f5720799b896943d11dcf9ad33b6e3a3b5942c5..b9f1023c667504c3fc941a248520a452f8e15fd6 100644
--- a/SOL002/VNFFaultManagement-API/EscalatePerceivedSeverityTask.robot
+++ b/SOL002/VNFFaultManagement-API/EscalatePerceivedSeverityTask.robot
@@ -3,6 +3,7 @@ Resource    environment/variables.txt
 Library    REST    ${VNFM_SCHEMA}://${VNFM_HOST}:${VNFM_PORT}    ssl_verify=false
 Library    JSONSchemaLibrary
 Library    OperatingSystem
+Library    jwt
 Library    String
 Suite Setup    Check resource existence
 
@@ -12,7 +13,7 @@ Escalate the perceived severity
     ...    Test title: Escalate the perceived severity
     ...    Test objective: To enable the consumer to escalate the perceived severity of an alarm that is represented by an individual alarm resource.
     ...    Pre-conditions: The resource representing the individual alarm has been created
-    ...    Reference: Clause 7.4.4.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.4.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -24,7 +25,7 @@ GET Escalate the perceived severity - Method not implemented
     ...    Test title: GET Escalate the perceived severity - Method not implemented
     ...    Test objective: The objective is to test that the GET HTTP method not implemented for escalate perceived severity
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.4.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.4.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions:   none
@@ -36,7 +37,7 @@ PUT Escalate the perceived severity - Method not implemented
     ...    Test title: PUT Escalate the perceived severity - Method not implemented
     ...    Test objective: The objective is to test that the PUT HTTP method not implemented for escalate perceived severity
     ...    Pre-conditions: none 
-    ...    Reference: Clause 7.4.4.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.4.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -48,7 +49,7 @@ PATCH Escalate the perceived severity - Method not implemented
     ...    Test title: PATCH Escalate the perceived severity - Method not implemented
     ...    Test objective: The objective is to test that the PATCH HTTP method not implemented for escalate perceived severity
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.4.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.4.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -60,23 +61,47 @@ DELETE Escalate the perceived severity - Method not implemented
     ...    Test title: DELETE Escalate the perceived severity - Method not implemented
     ...    Test objective: The objective is to test that the DELETE HTTP method not implemented for escalate perceived severity
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.4.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.4.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
     Delete escalate severity
     Check HTTP Response Status Code Is    405
+Escalate the perceived severity with permitted authorization scope
+    [Documentation]    Test ID: 6.3.4.3.6
+    ...    Test title: Escalate the perceived severity with permitted authorization scope
+    ...    Test objective: To enable the consumer to escalate the perceived severity of an alarm that is represented by an individual alarm resource with permitted authorization scope.
+    ...    Pre-conditions: The resource representing the individual alarm has been created
+    ...    Reference: Clause 7.4.4.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST escalate severity with permitted authorization scope
+    Check HTTP Response Status Code Is    204
+Escalate the perceived severity with NOT permitted authorization scope
+    [Documentation]    Test ID: 6.3.4.3.7
+    ...    Test title: Escalate the perceived severity with NOT permitted authorization scope
+    ...    Test objective: To enable the consumer to escalate the perceived severity of an alarm that is represented by an individual alarm resource with NOT permitted authorization scope.
+    ...    Pre-conditions: The resource representing the individual alarm has been created
+    ...    Reference: Clause 7.4.4.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST escalate severity with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
 
 *** Keywords ***
 Check resource existence
-    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms/${alarmId}
     Integer    response status    200
 POST escalate severity
     Log    escalate the perceived severity of an alarm with the VNFM
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File    jsons/EscalatePerceivedSeverity.json
@@ -120,4 +145,34 @@ Check HTTP Response Body Json Schema Is
     Should Contain    ${response['headers']['Content-Type']}    application/json
     ${schema} =    Catenate    SEPARATOR=    ${input}	.schema.json
     Validate Json    ${schema}    ${response['body']}
-    Log    Json Schema Validation OK
\ No newline at end of file
+    Log    Json Schema Validation OK
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded}
+POST escalate severity with permitted authorization scope
+    Log    escalate the perceived severity of an alarm with the VNFM with permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${ESCALATE_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/EscalatePerceivedSeverity.json
+    ${body}=    Format String    ${template}    perceivedSeverity=${PerceivedSeverity}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms/${alarmId}/escalate    ${body}  
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+POST escalate severity with not permitted authorization scope
+    Log    escalate the perceived severity of an alarm with the VNFM with not permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/EscalatePerceivedSeverity.json
+    ${body}=    Format String    ${template}    perceivedSeverity=${PerceivedSeverity}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms/${alarmId}/escalate    ${body}  
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
\ No newline at end of file
diff --git a/SOL002/VNFFaultManagement-API/IndividualAlarm.robot b/SOL002/VNFFaultManagement-API/IndividualAlarm.robot
index 2bc4beff66b675052fbda2c328db5b6e09818c15..4ba0b4b5130479d933a28cf367929e48fc1652ba 100644
--- a/SOL002/VNFFaultManagement-API/IndividualAlarm.robot
+++ b/SOL002/VNFFaultManagement-API/IndividualAlarm.robot
@@ -5,6 +5,7 @@ Library    OperatingSystem
 Library    JSONLibrary
 Library    JSONSchemaLibrary    schemas/
 Library    DependencyLibrary
+Library    jwt
 
 *** Variables **
 ${original_etag}    1234
@@ -15,7 +16,7 @@ POST Alarm - Method not implemented
     ...    Test title: POST Alarm - Method not implemented
     ...    Test objective: The objective is to test that the method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.3.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.3.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -27,7 +28,7 @@ GET information about an individual alarm
     ...    Test title: GET information about an individual alarm
     ...    Test objective: The objective is to read an individual alarm.
     ...    Pre-conditions: The related alarm exists
-    ...    Reference: Clause 7.4.3.3.2  - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.3.3.2  - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none 
     ...    Post-Conditions: none
@@ -41,7 +42,7 @@ PUT Individual Alarm - Method not implemented
     ...    Test title: PUT Individual Alarm - Method not implemented
     ...    Test objective: The objective is to test that the method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.3.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.3.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -53,7 +54,7 @@ PATCH Individual Alarm
     ...    Test title: PATCH Individual Alarm
     ...    Test objective: The objective is to Modify an individual alarm resource
     ...    Pre-conditions: The related alarm exists
-    ...    Reference: Clause 7.4.3.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.3.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -67,7 +68,7 @@ PATCH Individual Alarm - Precondition failed
     ...    Test title: PATCH Individual Alarm - Precondition failed
     ...    Test objective: The objective is to attempt to Modify an individual alarm resource, where the precondition was not met
     ...    Pre-conditions: The related alarm exists
-    ...    Reference: Clause 7.4.3.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.3.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: The alarm resource is not modified
@@ -81,7 +82,7 @@ PATCH Individual Alarm - Conflict
     ...    Test title: PATCH Individual Alarm - Conflict
     ...    Test objective: The objective is to Modify an individual alarm resource
     ...    Pre-conditions: The related alarm exists
-    ...    Reference: Clause 7.4.3.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.3.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: The alarm resource is not modified
@@ -95,7 +96,7 @@ DELETE Individual Alarm - Method not implemented
     ...    Test title: DELETE Individual Alarm - Method not implemented
     ...    Test objective: The objective is to test that the method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.3.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.3.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -107,25 +108,52 @@ GET information about an individual alarm - Not Found
     ...    Test title: GET information about an individual alarm - Not Found
     ...    Test objective: The objective is to test that GET method fail retrieving status information about individaual Alarms when alarm is not present.
     ...    Pre-conditions: The related alarm doesnot exists
-    ...    Reference: Clause 7.4.3.3.2  - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.3.3.2  - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none   
     GET Alarm Task
     Check HTTP Response Status Code Is    404
     Check HTTP Response Body Json Schema Is     ProblemDetails
+PATCH Individual Alarm with permitted authorization scope
+    [Documentation]    Test ID: 6.3.4.2.9
+    ...    Test title: PATCH Individual Alarm with permitted authorization scope
+    ...    Test objective: The objective is to Modify an individual alarm resource with permitted authorization scope
+    ...    Pre-conditions: The related alarm exists
+    ...    Reference: Clause 7.4.3.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    PATCH Alarm Task with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Header Contains ETag and Last-Modified
+    Check HTTP Response Body Json Schema Is     alarmModifications
+PATCH Individual Alarm with NOT permitted authorization scope
+    [Documentation]    Test ID: 6.3.4.2.10
+    ...    Test title: PATCH Individual Alarm with NOT permitted authorization scope
+    ...    Test objective: The objective is to Modify an individual alarm resource with NOT permitted authorization scope
+    ...    Pre-conditions: The related alarm exists
+    ...    Reference: Clause 7.4.3.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    PATCH Alarm Task with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is     ProblemDetails
 
 *** Keywords ***
 POST Alarm Task
     log    Trying to perform a POST. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms/${alarmId}
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
 PUT Alarm Task
     log    Trying to perform a PUT. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${body}=    Get File    jsons/alarmModifications.json
     Put    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms/${alarmId}     ${body}
@@ -133,7 +161,8 @@ PUT Alarm Task
 	Set Global Variable    ${response}    ${outputResponse}
 PATCH Alarm Task
     log    Trying to perform a PATCH. This method modifies an individual alarm resource
-    Set Headers  {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Set Headers  {"Content-Type": "${CONTENT_TYPE_PATCH}"}
     Set Headers  {"If-Match": "${original_etag[0]}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
@@ -143,7 +172,8 @@ PATCH Alarm Task
 	Set Global Variable    ${response}    ${outputResponse}
 PATCH Alarm Task with wrong precondition
     log    Trying to perform a PATCH. This method modifies an individual alarm resource
-    Set Headers  {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Set Headers  {"Content-Type": "${CONTENT_TYPE_PATCH}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${body}=    Get File    jsons/alarmModifications.json
@@ -155,14 +185,16 @@ PATCH Alarm Task with wrong precondition
 	Set Global Variable    ${response}    ${outputResponse}	
 DELETE Alarm Task
     log    Trying to perform a DELETE. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms/${alarmId}
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}			
 GET Alarm Task	
 	Log    Query VNF The GET method queries information about individual alarm.
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Log    Execute Query and validate response
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms/${alarmId}
@@ -179,7 +211,8 @@ Check HTTP Response Header Contains ETag and Last-Modified
     Log    Etag and Last-Modified Headers are present
 GET Alarm Task with filter
 	Log    Query VNF The GET method queries information about individual alarm with filters.
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Log    Execute Query and validate response
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms?${alarm_filter}=${managedObjectId} 
@@ -187,7 +220,8 @@ GET Alarm Task with filter
 	Set Global Variable    ${response}    ${outputResponse}	
 GET Alarm Task with invalid filter
 	Log    Query VNF The GET method queries information about individual alarm with filters.
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Log    Execute Query and validate response
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms?${invalid_alarm_filter}=${managedObjectId} 
@@ -215,4 +249,34 @@ Check HTTP Response Header Contains
     [Arguments]    ${CONTENT_TYPE}
     Should Contain    ${response['headers']}    ${CONTENT_TYPE}
     Log    Header is present
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded}
+PATCH Alarm Task with permitted authorization scope
+    log    Trying to perform a PATCH. This method modifies an individual alarm resource with permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
+    Set Headers  {"Content-Type": "${CONTENT_TYPE_PATCH}"}
+    Set Headers  {"If-Match": "${original_etag[0]}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${ALARMS_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${body}=    Get File    jsons/alarmModifications.json
+    Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms/${alarmId}    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+PATCH Alarm Task with not permitted authorization scope
+    log    Trying to perform a PATCH. This method modifies an individual alarm resource with not permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
+    Set Headers  {"Content-Type": "${CONTENT_TYPE_PATCH}"}
+    Set Headers  {"If-Match": "${original_etag[0]}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${body}=    Get File    jsons/alarmModifications.json
+    Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms/${alarmId}    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
 
diff --git a/SOL002/VNFFaultManagement-API/IndividualSubscription.robot b/SOL002/VNFFaultManagement-API/IndividualSubscription.robot
index 829a9b580a712331170f665823735fe4d30af9e8..9778058ae0eb2ddec3ac7746e5ee5df63a85485a 100644
--- a/SOL002/VNFFaultManagement-API/IndividualSubscription.robot
+++ b/SOL002/VNFFaultManagement-API/IndividualSubscription.robot
@@ -1,6 +1,7 @@
 *** Settings ***
 Resource    environment/variables.txt 
 Library    JSONLibrary
+Library    jwt
 Library    JSONSchemaLibrary    schemas/
 Library    REST    ${VNFM_SCHEMA}://${VNFM_HOST}:${VNFM_PORT}       ssl_verify=false 
 Documentation    This resource represents an individual subscription for VNF alarms. 
@@ -13,7 +14,7 @@ POST Individual Subscription - Method not implemented
     ...    Test title: POST Individual Subscription - Method not implemented
     ...    Test objective: The objective is to test that the method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.6.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.6.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -25,7 +26,7 @@ GET Information about an individual subscription
     ...    Test title: GET Information about an individual subscription
     ...    Test objective: The objective is to read an individual subscription for VNF alarms subscribed by the client
     ...    Pre-conditions: The subscription with the given id exists
-    ...    Reference: Clause 7.4.6.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.6.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -38,7 +39,7 @@ PUT an individual subscription - Method not implemented
     ...    Test title: PUT an individual subscription - Method not implemented
     ...    Test objective: The objective is to test that the method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.6.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.6.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -50,7 +51,7 @@ PATCH an individual subscription - Method not implemented
     ...    Test title: PATCH an individual subscription - Method not implemented
     ...    Test objective: The objective is to test that the method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.6.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.6.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -62,7 +63,7 @@ DELETE an individual subscription
     ...    Test title: DELETE an individual subscription
     ...    Test objective: The objective is to test that the deletion of a individual subscription resource.
     ...    Pre-conditions: one or more subscription already exsist
-    ...    Reference: Clause 7.4.6.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.6.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: the subscription is deleted
@@ -75,30 +76,55 @@ GET Information about an individual subscription - Not Found
     ...    Test title: GET Information about an individual subscription - Not Found
     ...    Test objective: The objective is to test that GET method fail retrieving individual subscription for VNF alarms subscribed by the client because it is not present.
     ...    Pre-conditions: The subscription with the given id donot exists
-    ...    Reference: Clause 7.4.6.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.6.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions: none
     Get individual subscription
     Check HTTP Response Status Code Is    404
     Check HTTP Response Body Json Schema Is   ProblemDetails
-    
+GET Information about an individual subscription with permitted authorization scope
+    [Documentation]    Test ID: 6.3.4.5.7
+    ...    Test title: GET Information about an individual subscription with permitted authorization scope
+    ...    Test objective: The objective is to read an individual subscription for VNF alarms subscribed by the client with the permitted authorization scope
+    ...    Pre-conditions: The subscription with the given id exists
+    ...    Reference: Clause 7.4.6.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability:  none
+    ...    Post-Conditions: none
+    Get individual subscription with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   FmSubscription
+GET Information about an individual subscription with NOT permitted authorization scope
+    [Documentation]    Test ID: 6.3.4.5.8
+    ...    Test title: GET Information about an individual subscription with NOT permitted authorization scope
+    ...    Test objective: The objective is to read an individual subscription for VNF alarms subscribed by the client with not permitted authorization scope
+    ...    Pre-conditions: The subscription with the given id exists
+    ...    Reference: Clause 7.4.6.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability:  none
+    ...    Post-Conditions: none
+    Get individual subscription with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
 *** Keywords ***
 Check resource existence
     Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId} 
     Integer    response status    200
 Post Create individual subscription
     log    Trying to perform a POST. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT}"}
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}  
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}				
 Get individual subscription
     log    Trying to get information about an individual subscription
-    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
     ${outputResponse}=    Output    response
@@ -119,14 +145,16 @@ Get individual subscription - invalid filter
 	Set Global Variable    ${response}    ${outputResponse}		
 PUT individual subscription
     log    Trying to perform a PUT. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT}"}
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Put    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}        
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}	
 PATCH individual subscription
     log    Trying to perform a PATCH. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId} 
@@ -134,7 +162,8 @@ PATCH individual subscription
 	Set Global Variable    ${response}    ${outputResponse}		
 DELETE individual subscription
     log    Try to delete an individual subscription
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}    	   
     ${outputResponse}=    Output    response
@@ -156,4 +185,27 @@ Check HTTP Response Body Json Schema Is
 Check Postcondition resource is deleted
     Get individual subscription
     Check HTTP Response Status Code Is    404
-    
\ No newline at end of file
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded}
+Get individual subscription with permitted authorization scope
+    log    Trying to get information about an individual subscription with permitted authorization scope
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
+    ${scope_value}=    Create Dictionary    scopeValue=${SUBSCRIPTIONS_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+Get individual subscription with not permitted authorization scope
+    log    Trying to get information about an individual subscription with not permitted authorization scope
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
\ No newline at end of file
diff --git a/SOL002/VNFFaultManagement-API/NotificationEndpoint.robot b/SOL002/VNFFaultManagement-API/NotificationEndpoint.robot
index 9c4284213752802b68953105d2f0b9f6bec1974e..5991559417d61bb78d420f5d5d7d00552665eff1 100644
--- a/SOL002/VNFFaultManagement-API/NotificationEndpoint.robot
+++ b/SOL002/VNFFaultManagement-API/NotificationEndpoint.robot
@@ -13,7 +13,7 @@ VNF Fault Alarm Notification
     ...    Test title: VNF Fault Alarm Notification
     ...    Test objective: The objective is to test that VNF Fault Alarm Notification is delivered with success to the notification consumer
     ...    Pre-conditions: A VNF instance is instantiated, and a subscription for fault alarm notifications is available in the VNFM.
-    ...    Reference: Clause 7.4.7.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.7.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -25,7 +25,7 @@ VNF Fault Alarm Cleared Notification
     ...    Test title: VNF Fault Alarm Cleared Notification
     ...    Test objective: The objective is to test that VNF Fault Alarm Cleared Notification is delivered with success to the notification consumer
     ...    Pre-conditions: A VNF instance is instantiated, and a subscription for fault alarm cleared notifications is available in the VNFM.
-    ...    Reference: Clause 7.4.7.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.7.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -37,7 +37,7 @@ VNF Fault Alarm List Rebuilt Notification
     ...    Test title: VNF Fault List Rebuilt Alarm List Rebuilt Notification
     ...    Test objective: The objective is to test that VNF Fault Alarm List Rebuilt Notification is delivered with success to the notification consumer
     ...    Pre-conditions: A VNF instance is instantiated, and a subscription for fault alarm list rebuilt notifications is available in the VNFM.
-    ...    Reference: Clause 7.4.7.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.7.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -46,7 +46,8 @@ VNF Fault Alarm List Rebuilt Notification
 
 *** Keywords ***
 Check resource existence and get CallbackUri
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}	
@@ -61,7 +62,8 @@ Check HTTP Response Status Code Is
 
 Post Alarm Notification
     log    Trying to perform a POST to get notification
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template} =    Get File    jsons/AlarmNotification.json
@@ -72,7 +74,8 @@ Post Alarm Notification
 
 Post Alarm Cleared Notification
     log    Trying to perform a POST to get notification
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template} =    Get File    jsons/AlarmClearedNotification.json
@@ -83,7 +86,8 @@ Post Alarm Cleared Notification
 	
 Post Alarm List Rebuilt Notification
     log    Trying to perform a POST to get notification
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template} =    Get File    jsons/AlarmListRebuiltNotification.json
diff --git a/SOL002/VNFFaultManagement-API/Notifications.robot b/SOL002/VNFFaultManagement-API/Notifications.robot
index e42ad091d386fc421b1e24ab33ccf6948e11ec18..662466ee77d351d984273e3011d88c44f83dfc51 100644
--- a/SOL002/VNFFaultManagement-API/Notifications.robot
+++ b/SOL002/VNFFaultManagement-API/Notifications.robot
@@ -15,7 +15,7 @@ VNF Fault Alarm Notification
     ...    Test title: VNF Fault Alarm Notification
     ...    Test objective: The objective is to test the dispatch of VNF Fault Alarm Notification when a virtualised resource within an VNF instance fails, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A VNF instance is instantiated, and a subscription for fault alarm notifications is available in the VNFM.
-    ...    Reference: Clause 7.4.7.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.7.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -28,7 +28,7 @@ VNF Fault Alarm Cleared Notification
     ...    Test title: VNF Fault Alarm Cleared Notification
     ...    Test objective: The objective is to test the dispatch of VNF Fault Alarm Cleared Notification when a faulty virtualised resource within an VNF instance is cleared, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A VNF instance is instantiated, a virtualised resource is in faulty state, and a subscription for fault alarm cleared notifications is available in the VNFM.
-    ...    Reference: Clause 7.4.7.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.7.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -41,7 +41,7 @@ VNF Fault Alarm List Rebuilt Notification
     ...    Test title: VNF Fault Alarm List Rebuilt Notification 
     ...    Test objective: The objective is to test the dispatch of VNF Fault Alarm List Rebuilt Notification when the VNFM decides to rebuild the list of its VNF alarms, e.g. due to a corruption in the alarm storage, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A VNF instance is instantiated, one or more virtualised resource are in faulty state, and a subscription for fault alarm list rebuilt notifications is available in the VNFM.
-    ...    Reference: Clause 7.4.7.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.7.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL002/VNFFaultManagement-API/Subscriptions.robot b/SOL002/VNFFaultManagement-API/Subscriptions.robot
index 2e3b5b7db3c316a75d39e9db4613109ea586e478..ee078294540063ae541ca2f0c691b049a5556e79 100644
--- a/SOL002/VNFFaultManagement-API/Subscriptions.robot
+++ b/SOL002/VNFFaultManagement-API/Subscriptions.robot
@@ -7,6 +7,7 @@ Library    JSONSchemaLibrary    schemas/
 Library    String
 Library    Process
 Library    MockServerLibrary
+Library    jwt
 Suite Setup       Create Sessions
 Suite Teardown    Terminate All Processes    kill=true
 
@@ -16,7 +17,7 @@ Create a new subscription
     ...    Test title: Create a new subscription
     ...    Test objective: The objective is to create a new subscription.
     ...    Pre-conditions: no subscription with the same filter and callbackUri exists
-    ...    Reference: Clause 7.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: Resource created successfully
@@ -31,7 +32,7 @@ Create a duplicated Subscription
     ...    Test title: Create a duplicated Subscription
     ...    Test objective: The objective is to create a duplicate subscription.
     ...    Pre-conditions: subscription with the same filter and callbackUri exists
-    ...    Reference: Clause 7.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: 
     ...    Post-Conditions: duplicated subscription is created if the IUT allows duplications, otherwise the duplicated subscription is not created
@@ -54,7 +55,7 @@ GET Subscriptions
     ...    Test title: GET Subscriptions
     ...    Test objective: The objective is to retrieve the list of active subscriptions
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -67,7 +68,7 @@ GET Subscription - Filter
     ...    Test title: GET Subscription - Filter
     ...    Test objective: The objective is to retrieve the list of active subscriptions with filter
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -80,7 +81,7 @@ GET subscriptions - Bad Request Invalid attribute-based filtering parameters
     ...    Test title: GET subscriptions - Bad Request Invalid attribute-based filtering parameters
     ...    Test objective: The objective is to retrieve the list of active subscriptions with Invalid attribute-based filtering parameters
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -93,7 +94,7 @@ GET subscriptions with "all_fields" attribute selector
     ...    Test title: GET subscriptions with "all_fields" attribute selector
     ...    Test objective: The objective is to retrieve the list of active subscriptions with attribute selector
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -106,7 +107,7 @@ GET subscriptions with "exclude_default" attribute selector
     ...    Test title: GET subscriptions with "exclude_default" attribute selector
     ...    Test objective: The objective is to retrieve the list of active subscriptions with attribute selector
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -119,7 +120,7 @@ GET subscriptions with "fields" attribute selector
     ...    Test title: GET subscriptions with "fields" attribute selector
     ...    Test objective: The objective is to retrieve the list of active subscriptions with attribute selector
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -132,7 +133,7 @@ GET subscriptions with "exclude_fields" attribute selector
     ...    Test title: GET subscriptions with "exclude_fields" attribute selector
     ...    Test objective: The objective is to retrieve the list of active subscriptions with attribute selector
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -145,7 +146,7 @@ PUT subscriptions - Method not implemented
     ...    Test title: PUT subscriptions - Method not implemented
     ...    Test objective: The objective is to test that the method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.5.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.5.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -157,7 +158,7 @@ PATCH subscriptions - Method not implemented
     ...    Test title: PUT subscriptions - Method not implemented
     ...    Test objective: The objective is to test that the method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.5.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.5.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -169,7 +170,7 @@ DELETE subscriptions - Method not implemented
     ...    Test title: DELETE subscriptions - Method not implemented
     ...    Test objective: The objective is to test that the method is not implemented
     ...    Pre-conditions: none 
-    ...    Reference: Clause 7.4.5.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.5.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -181,7 +182,7 @@ GET Subscriptions to get Paged Response
     ...    Test title: GET Subscriptions to get Paged Response
     ...    Test objective: The objective is to retrieve the list of active subscriptions to get paged response
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -194,7 +195,7 @@ GET subscriptions - Bad Request Response too Big
     ...    Test title: GET subscriptions - Bad Request Response too Big
     ...    Test objective: The objective is to test that GET method fail retrieving list of active subscription because Response is too big, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: none 
-    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -207,7 +208,7 @@ GET Subscription with attribute-based filter "id"
     ...    Test title: GET Subscription with attribute-based filter "id"
     ...    Test objective: The objective is to retrieve the list of active subscriptions with filter "id"
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -221,7 +222,7 @@ Get subscriptions with filter "filter.notificationTypes"
     ...    Test title: GET Subscription with attribute-based filter "filter.notificationTypes"
     ...    Test objective: The objective is to retrieve the list of active subscriptions with filter "filter.notificationTypes"
     ...    Pre-conditions: none 
-    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -235,7 +236,7 @@ Get subscriptions with filter "filter.faultyResourceTypes"
     ...    Test title: GET Subscription with attribute-based filter "filter.faultyResourceTypes"
     ...    Test objective: The objective is to retrieve the list of active subscriptions with filter "filter.faultyResourceTypes"
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -249,7 +250,7 @@ Get subscriptions with filter "filter.perceivedSeverities"
     ...    Test title: GET Subscription with attribute-based filter "filter.perceivedSeverities"
     ...    Test objective: The objective is to retrieve the list of active subscriptions with filter "filter.perceivedSeverities"
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -263,7 +264,7 @@ Get subscriptions with filter "filter.eventTypes"
     ...    Test title: GET Subscription with attribute-based filter "filter.eventTypes"
     ...    Test objective: The objective is to retrieve the list of active subscriptions with filter "filter.eventTypes"
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -277,7 +278,7 @@ Get subscriptions with filter "filter.probableCauses"
     ...    Test title: GET Subscription with attribute-based filter "filter.probableCauses"
     ...    Test objective: The objective is to retrieve the list of active subscriptions with filter "filter.probableCauses"
     ...    Pre-conditions: none 
-    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -291,13 +292,38 @@ POST Create a new Subscription - Unprocessable Content
     ...    Test title: POST Create a new Subscription - Unprocessable Content
     ...    Test objective: The objective is to test that content type of the message content is supported and the message content of a request contains syntactically correct data but the data cannot be processed.
     ...    re-conditions: none
-    ...    Reference: Clause 7.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 7.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
     Post Create subscription
     Check HTTP Response Status Code Is    422
     Check HTTP Response Body Json Schema Is  ProblemDetails
+Create a new subscription with permitted authorization scope
+    [Documentation]    Test ID: 6.3.4.4.23
+    ...    Test title: Create a new subscription with permitted authorization scope
+    ...    Test objective: The objective is to create a new subscription with permitted authorization scope.
+    ...    Pre-conditions: no subscription with the same filter and callbackUri exists
+    ...    Reference: Clause 7.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: Resource created successfully
+    Post Create subscription with permitted authorization scope
+    Check HTTP Response Status Code Is    201
+    Check HTTP Response Body Json Schema Is    FmSubscription
+    Check HTTP Response Header Contain Link
+    Check Postcondition resource exists
+Create a new subscription with not permitted authorization scope
+    [Documentation]    Test ID: 6.3.4.4.24
+    ...    Test title: Create a new subscription with not permitted authorization scope
+    ...    Test objective: The objective is to create a new subscription with not permitted authorization scope.
+    ...    Pre-conditions: no subscription with the same filter and callbackUri exists
+    ...    Reference: Clause 7.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: Resource created successfully
+    Post Create subscription with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
 
 *** Keywords ***
 Void
@@ -310,7 +336,8 @@ Create Sessions
 
 Post Create subscription
     Log    Create subscription instance by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File    jsons/fmSubscriptionRequest.json
@@ -349,7 +376,8 @@ Post Create subscription
 	# Set Global Variable    ${response}    ${outputResponse}		
 Get subscriptions
     Log    Get the list of active subscriptions
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Log    Execute Query and validate response
@@ -359,6 +387,7 @@ Get subscriptions
 Get subscriptions - filter
     Log    Get the list of active subscriptions using a filter
     Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions?${sub_filter}
     ${outputResponse}=    Output    response
@@ -366,6 +395,7 @@ Get subscriptions - filter
 Get subscriptions - invalid filter  
     Log    Get the list of active subscriptions using an invalid filter
     Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions?${sub_filter_invalid}
     ${outputResponse}=    Output    response
@@ -373,6 +403,7 @@ Get subscriptions - invalid filter
 Get subscriptions with all_fields attribute selector
     Log    Get the list of active subscriptions, using fields
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions?exclude_default
     ${output}=    Output    response
@@ -380,6 +411,7 @@ Get subscriptions with all_fields attribute selector
 Get subscriptions with exclude_default attribute selector
     Log    Get the list of active subscriptions, using fields
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions?exclude_default
     ${output}=    Output    response
@@ -387,6 +419,7 @@ Get subscriptions with exclude_default attribute selector
 Get subscriptions with fields attribute selector
     Log    Get the list of active subscriptions, using fields
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions?fields=${fields}
     ${output}=    Output    response
@@ -394,27 +427,31 @@ Get subscriptions with fields attribute selector
 Get subscriptions with exclude_fields attribute selector
     Log    Get the list of active subscriptions, using fields
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions?exclude_fields=${fields}
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output} 	
 PUT subscriptions
     log    Trying to perform a PUT. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Put    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions       
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}	
 PATCH subscriptions
     log    Trying to perform a PATCH. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions     
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}		
 DELETE subscriptions
     log    Trying to perform a DELETE. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions 	   
     ${outputResponse}=    Output    response
@@ -440,6 +477,7 @@ Check HTTP Response Header Contain Link
 Get subscriptions with filter "id"
     Log    Get the list of active subscriptions using a filter "id"
     Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions?id=${subscription_id}
     ${outputResponse}=    Output    response
@@ -451,6 +489,7 @@ Check PostCondition HTTP Response Body Subscription Matches the requested attrib
 Get subscriptions with filter "filter_notificationTypes"
     Log    Get the list of active subscriptions using a filter "filter.notificationTypes"
     Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions?filter.notificationTypes=${notification_type}
     ${outputResponse}=    Output    response
@@ -464,6 +503,7 @@ Check PostCondition HTTP Response Body Subscriptions Matches the requested attri
 Get subscriptions with filter "filter_faultyResourceTypes"
     Log    Get the list of active subscriptions using a filter "filter.faultyResourceTypes"
     Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions?filter.faultyResourceTypes=${faultyResourceType}
     ${outputResponse}=    Output    response
@@ -477,6 +517,7 @@ Check PostCondition HTTP Response Body Subscriptions Matches the requested attri
 Get subscriptions with filter "filter_perceivedSeverities"
     Log    Get the list of active subscriptions using a filter "filter.perceivedSeverities"
     Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions?filter.perceivedSeverities=${perceivedSeverity}
     ${outputResponse}=    Output    response
@@ -490,6 +531,7 @@ Check PostCondition HTTP Response Body Subscriptions Matches the requested attri
 Get subscriptions with filter "filter_eventTypes"
     Log    Get the list of active subscriptions using a filter "filter.eventTypes"
     Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions?filter.eventTypes=${eventType}
     ${outputResponse}=    Output    response
@@ -503,6 +545,7 @@ Check PostCondition HTTP Response Body Subscriptions Matches the requested attri
 Get subscriptions with filter "filter_probableCauses"
     Log    Get the list of active subscriptions using a filter "filter.probableCauses"
     Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions?filter.probableCauses=${probableCause}
     ${outputResponse}=    Output    response
@@ -515,6 +558,7 @@ Check PostCondition HTTP Response Body Subscriptions Matches the requested attri
     
 Check Postcondition resource exists
     Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId} 
     Integer    response status    200
@@ -525,4 +569,46 @@ Check Postcondition Duplicate Subscription exsist
 Check Response for duplicated subscription
     Run Keyword If    ${VNFM_ALLOWS_DUPLICATE_SUBS} == 1    Check HTTP Response Status Code Is    201
     Run Keyword If    ${VNFM_ALLOWS_DUPLICATE_SUBS} == 1    Check HTTP Response Body Json Schema Is    FmSubscription
-    Run Keyword If    ${VNFM_ALLOWS_DUPLICATE_SUBS} == 0    Check HTTP Response Status Code Is    303
\ No newline at end of file
+    Run Keyword If    ${VNFM_ALLOWS_DUPLICATE_SUBS} == 0    Check HTTP Response Status Code Is    303
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded}
+Post Create subscription with permitted authorization scope
+    Log    Create subscription instance by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions with permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${SUBSCRIPTIONS_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/fmSubscriptionRequest.json
+    ${body}=        Format String   ${template}     callback_uri=${callback_uri}:${callback_port}    callback_endpoint=${callback_endpoint}
+    Log  Creating mock request and response to handle GET operation on notification endpoint
+    &{notification_request}=  Create Mock Request Matcher	GET  ${callback_endpoint}
+    &{notification_response}=  Create Mock Response	status_code=204
+    Log    Issue the subscription request
+    Create Mock Expectation  ${notification_request}  ${notification_response}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions    ${body}    allow_redirects=false
+	${output}=    Output    response
+	Set Global Variable    ${response}    ${output}
+	Clear Requests    ${callback_endpoint}
+Post Create subscription with not permitted authorization scope
+    Log    Create subscription instance by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions with not permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/fmSubscriptionRequest.json
+    ${body}=        Format String   ${template}     callback_uri=${callback_uri}:${callback_port}    callback_endpoint=${callback_endpoint}
+    Log  Creating mock request and response to handle GET operation on notification endpoint
+    &{notification_request}=  Create Mock Request Matcher	GET  ${callback_endpoint}
+    &{notification_response}=  Create Mock Response	status_code=204
+    Log    Issue the subscription request
+    Create Mock Expectation  ${notification_request}  ${notification_response}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions    ${body}    allow_redirects=false
+	${output}=    Output    response
+	Set Global Variable    ${response}    ${output}
+	Clear Requests    ${callback_endpoint}
\ No newline at end of file
diff --git a/SOL002/VNFFaultManagement-API/environment/variables.txt b/SOL002/VNFFaultManagement-API/environment/variables.txt
index 7641e281857ab2a1a011c535db87530d3cc3f9b6..27051abd172ec79beabfa4518f9baed4ab89eed6 100644
--- a/SOL002/VNFFaultManagement-API/environment/variables.txt
+++ b/SOL002/VNFFaultManagement-API/environment/variables.txt
@@ -15,6 +15,14 @@ ${apiName}        vnffm
 ${apiMajorVersion}     v1
 ${CONTENT_TYPE}    application/json
 
+${ALARMS_SCOPE}    vnffm:v1:alarms:with_vnfc
+${ALARMS_READONLY_SCOPE}    vnffm:v1:alarms:with_vnfc:readonly
+${ESCALATE_SCOPE}   vnffm:v1:escalate
+${SUBSCRIPTIONS_SCOPE}  vnffm:v1:subscriptions
+${NEG_SCOPE}    vnffm:v1:invalid
+${OAUTH_Encryption_ALGORITHM}    HS256
+${API_VERSION}      1.12.0
+
 ${HEADER_TEST_SUPPORTED}    0
 
 ${origResponse}=    httpresponse
diff --git a/SOL002/VNFIndicator-API/IndividualSubscription.robot b/SOL002/VNFIndicator-API/IndividualSubscription.robot
index 73e01f6ce37d30c77343cd1e0ad0282cdca3fd54..2f82d44ef1f2eeb0b5b6159e0ee6ba836daff10c 100644
--- a/SOL002/VNFIndicator-API/IndividualSubscription.robot
+++ b/SOL002/VNFIndicator-API/IndividualSubscription.robot
@@ -1,6 +1,7 @@
 *** Settings ***
 Library           JSONSchemaLibrary    schemas/
 Resource          environment/variables.txt    # Generic Parameters
+Library           jwt
 Library           OperatingSystem
 Library           REST    ${EM-VNF_SCHEMA}://${EM-VNF_HOST}:${EM-VNF_PORT}    ssl_verify=false
 
@@ -10,7 +11,7 @@ GET Individual VNF Indicator Subscription
     ...    Test title: Get individual subscription to VNF performance indicators
     ...    Test objective: The objective is to test the retrieval of individual VNF performance indicator subscription and perform a JSON schema validation of the returned subscription data structure
     ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNF.
-    ...    Reference: Clause 8.4.6.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.6.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators
     ...    Post-Conditions: none
@@ -23,7 +24,7 @@ GET Individual VNF Indicator Subscription with invalid resource identifier
     ...    Test title: Get individual subscription to VNF performance indicators
     ...    Test objective: The objective is to test that the retrieval of individual VNF performance indicator subscription fails when using an invalid resource identifier. The test also checks the JSON schema of the unsuccessful operation HTTP response.
     ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNF.
-    ...    Reference: Clause 8.4.6.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.6.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators
     ...    Post-Conditions: none
@@ -36,7 +37,7 @@ DELETE Individual VNF Indicator Subscription
     ...    Test title: Delete individual subscription to VNF performance indicators
     ...    Test objective: The objective is to test the deletion of an individual VNF performance indicator subscription.
     ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNF.
-    ...    Reference: clause 8.4.6.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: clause 8.4.6.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators
     ...    Post-Conditions: The subscription to VNF performance indicators is deleted
@@ -49,7 +50,7 @@ DELETE Individual VNF Indicator Subscription with invalid resource identifier
     ...    Test title: Delete individual subscription to VNF performance indicators
     ...    Test objective: The objective is to test that the deletion of an individual VNF performance indicator subscription fails when using an invalid resource identifier. The test also checks the JSON schema of the unsuccessful operation HTTP response.
     ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNF.
-    ...    Reference: clause 8.4.6.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: clause 8.4.6.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators
     ...    Post-Conditions: none   
@@ -62,7 +63,7 @@ PUT Individual VNF Indicator Subscription - Method not implemented
     ...    Test title: PUT individual VNF indicator subscription - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify an individual VNF performance indicator subscription
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.6.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.6.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
     ...    Post-Conditions: none
@@ -74,7 +75,7 @@ PATCH Individual VNF Indicator Subscription - Method not implemented
     ...    Test title: PUT individual VNF indicator subscription - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update an individual VNF performance indicator subscription
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.6.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.6.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
     ...    Post-Conditions: none
@@ -86,17 +87,42 @@ POST Individual VNF Indicator Subscription - Method not implemented
     ...    Test title: PUT individual VNF indicator subscription - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify an individual VNF performance indicator subscription
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.6.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.6.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
     ...    Post-Conditions: none
     Send Post Request for Individual VNF Indicator Subscription
     Check HTTP Response Status Code Is    405
+GET Individual VNF Indicator Subscription with permitted authorization scope
+    [Documentation]    Test ID: 6.3.2.5.8
+    ...    Test title: Get individual subscription to VNF performance indicators with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of individual VNF performance indicator subscription and perform a JSON schema validation of the returned subscription data structure with permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNF.
+    ...    Reference: Clause 8.4.6.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: The VNF supports the generation and maintenance of performance indicators
+    ...    Post-Conditions: none
+    Get Individual VNF Indicator Subscription with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   VnfIndicatorSubscription
+GET Individual VNF Indicator Subscription with NOT permitted authorization scope
+    [Documentation]    Test ID: 6.3.2.5.9
+    ...    Test title: Get individual subscription to VNF performance indicators with NOT permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of individual VNF performance indicator subscription and perform a JSON schema validation of the returned subscription data structure with NOT permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNF.
+    ...    Reference: Clause 8.4.6.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: The VNF supports the generation and maintenance of performance indicators
+    ...    Post-Conditions: none
+    Get Individual VNF Indicator Subscription with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is   ProblemDetails
 
 *** Keywords ***
 Get Individual VNF Indicator Subscription
     Log    Trying to get a given subscription identified by subscriptionId
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
     ${output}=    Output    response
@@ -105,6 +131,7 @@ Get Individual VNF Indicator Subscription
 GET Individual VNF Indicator Subscription with invalid resource identifier
     Log    Trying to perform a request on a subscriptionID which doesn't exist
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${erroneousSubscriptionId}
     ${output}=    Output    response
@@ -113,6 +140,7 @@ GET Individual VNF Indicator Subscription with invalid resource identifier
 Send Delete Request for Individual VNF Indicator Subscription
     Log    Trying to perform a DELETE on a subscriptionId
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     DELETE    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
     ${output}=    Output    response
@@ -121,6 +149,7 @@ Send Delete Request for Individual VNF Indicator Subscription
 Send Delete Request for Individual VNF Indicator Subscription with invalid resource identifier
     Log    Trying to perform a DELETE on a subscriptionId which doesn't exist
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     DELETE    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${erroneousSubscriptionId}
     ${output}=    Output    response
@@ -136,6 +165,7 @@ Send Post Request for Individual VNF Indicator Subscription
 Send Put Request for Individual VNF Indicator Subscription
     Log    Trying to perform a PUT. This method should not be implemented
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
     ${origOutput}=    Output    response
@@ -178,3 +208,29 @@ Check Postcondition Individual VNF Indicator Subscription is Deleted
     Log    Check Postcondition subscription is deleted
     GET Individual VNF Indicator Subscription
     Check HTTP Response Status Code Is    404
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded}
+Get Individual VNF Indicator Subscription with permitted authorization scope
+    Log    Trying to get a given subscription identified by subscriptionId with permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${SUBSCRIPTIONS_VNF_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+Get Individual VNF Indicator Subscription with not permitted authorization scope
+    Log    Trying to get a given subscription identified by subscriptionId with not permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
diff --git a/SOL002/VNFIndicator-API/IndividualVNFindicator.robot b/SOL002/VNFIndicator-API/IndividualVNFindicator.robot
index 106f4deb1d4493aeecdb8c24273fce33c54af5a7..7bebc51ff5882f538c023b922fef2c3bd666bf6c 100644
--- a/SOL002/VNFIndicator-API/IndividualVNFindicator.robot
+++ b/SOL002/VNFIndicator-API/IndividualVNFindicator.robot
@@ -1,5 +1,6 @@
 *** Settings ***
 Library           JSONSchemaLibrary    schemas/
+Library           jwt
 Resource          environment/variables.txt    # Generic Parameters
 Library           REST    ${EM-VNF_SCHEMA}://${EM-VNF_HOST}:${EM-VNF_PORT}    ssl_verify=false
 
@@ -9,7 +10,7 @@ Get Individual Indicator for VNF Instance
     ...    Test title: Get individual performance indicator for a VNF instance
     ...    Test objective: The objective is to test the retrieval of a performance indicator for a given VNF instance and perform a JSON schema validation of the returned indicator data structure
     ...    Pre-conditions: A VNF instance is instantiated. At least one measure of performance indicator is available for the given VNF instance.
-    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators
     ...    Post-Conditions: none
@@ -24,7 +25,7 @@ Get Individual Indicator for VNF Instance with invalid indicator identifier
     ...    Test title: Get individual performance indicator for a VNF instance with invalid indicator identifier
     ...    Test objective: The objective is to test that the retrieval of a performance indicator for a given VNF instance fails when using an invalid resource identifier. The test also checks the JSON schema of the unsuccessful operation HTTP response.
     ...    Pre-conditions: A VNF instance is instantiated. At least one measure of performance indicator is available for the given VNF instance.
-    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
     ...    Post-Conditions: none
@@ -37,7 +38,7 @@ POST Individual VNF Indicator - Method not implemented
     ...    Test title: POST individual performance indicator for VNF instance - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new performance indicator for a VNF instance
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.4.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.4.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
     ...    Post-Conditions: none
@@ -49,7 +50,7 @@ PUT Individual VNF Indicator - Method not implemented
     ...    Test title: PUT individual performance indicator for VNF instance - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify an existing performance indicator for a VNF instance
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.4.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.4.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
     ...    Post-Conditions: none
@@ -61,7 +62,7 @@ PATCH Individual VNF Indicator - Method not implemented
     ...    Test title: PATCH individual performance indicator for VNF instance - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update an existing performance indicator for a VNF instance
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.4.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.4.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
     ...    Post-Conditions: none
@@ -73,7 +74,7 @@ DELETE Individual VNF Indicator - Method not implemented
     ...    Test title: DELETE individual performance indicator indicators for VNF instance - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete an existing performance indicator for a VNF instance
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.3.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.3.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
     ...    Post-Conditions: none
@@ -85,7 +86,7 @@ Get Individual Performance Indicator
     ...    Test title: Get Individual Performance Indicator 
     ...    Test objective: The objective is to test the retrieval of a performance indicator and perform a JSON schema validation of the returned indicator data structure
     ...    Pre-conditions: At least one measure of performance indicator is available..
-    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators
     ...    Post-Conditions: none
@@ -99,7 +100,7 @@ Get Individual Performance Indicator with invalid indicator identifier
     ...    Test title: Get Individual Performance Indicator with invalid indicator identifier
     ...    Test objective: The objective is to test that the retrieval of a performance indicator fails when using an invalid resource identifier. The test also checks the JSON schema of the unsuccessful operation HTTP response.
     ...    Pre-conditions: At least one measure of performance indicator is available.
-    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
     ...    Post-Conditions: none
@@ -112,7 +113,7 @@ POST Individual Performance Indicator - Method not implemented
     ...    Test title: POST Individual Performance Indicator - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new performance indicator.
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.4.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.4.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
     ...    Post-Conditions: none
@@ -124,7 +125,7 @@ PUT Individual Performance Indicator - Method not implemented
     ...    Test title: PUT Individual Performance Indicator - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify an existing performance indicator.
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.4.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.4.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
     ...    Post-Conditions: none
@@ -136,7 +137,7 @@ PATCH Individual Performance Indicator - Method not implemented
     ...    Test title: PATCH Individual Performance Indicator - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update an existing performance indicator.
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.4.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.4.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
     ...    Post-Conditions: none
@@ -148,17 +149,44 @@ DELETE Individual Performance Indicator - Method not implemented
     ...    Test title: DELETE Individual Performance Indicator - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete an existing performance indicator.
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.3.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.3.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
     ...    Post-Conditions: none
     Send DELETE Request for individual indicator
     Check HTTP Response Status Code Is    405
+Get Individual Indicator for VNF Instance with permitted authorization scope
+    [Documentation]    Test ID: 6.3.2.3.13
+    ...    Test title: Get individual performance indicator for a VNF instance with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of a performance indicator for a given VNF instance and perform a JSON schema validation of the returned indicator data structure with permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated. At least one measure of performance indicator is available for the given VNF instance.
+    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: The VNF supports the generation and maintenance of performance indicators
+    ...    Post-Conditions: none
+    Get Individual Indicator for a VNF instance with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   vnfIndicator
+    Check HTTP Response Body Includes Requested VNF Instance ID
+    Check HTTP Response Body Includes Requested Indicator ID
+Get Individual Indicator for VNF Instance with NOT permitted authorization scope
+    [Documentation]    Test ID: 6.3.2.3.14
+    ...    Test title: Get individual performance indicator for a VNF instance with NOT permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of a performance indicator for a given VNF instance and perform a JSON schema validation of the returned indicator data structure with NOT permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated. At least one measure of performance indicator is available for the given VNF instance.
+    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: The VNF supports the generation and maintenance of performance indicators
+    ...    Post-Conditions: none
+    Get Individual Indicator for a VNF instance with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is   ProblemDetails
     
 *** Keywords ***
 Get Individual Indicator for a VNF instance
     Log    This resource represents a VNF indicator related to a VNF instance.
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators/${vnfInstanceId}/${indicatorId}
     ${output}=    Output    response
@@ -167,6 +195,7 @@ Get Individual Indicator for a VNF instance
 Get Individual Indicator for a VNF instance with invalid indicator identifier
     Log    Trying to perform a negative get, using wrong identifier
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators/${vnfInstanceId}/${erroneousIndicatorId}
     ${output}=    Output    response
@@ -175,6 +204,7 @@ Get Individual Indicator for a VNF instance with invalid indicator identifier
 Send POST Request for individual indicator in VNF instance
     Log    Trying to perform a POST (method should not be implemented)
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     POST    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators/${vnfInstanceId}/${notAllowedIndicatorId}
     ${output}=    Output    response
@@ -183,6 +213,7 @@ Send POST Request for individual indicator in VNF instance
 Send PUT Request for individual indicator in VNF instance
     Log    Trying to perform a PUT. This method should not be implemented
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     PUT    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators/${vnfInstanceId}/${indicatorId}
     ${output}=    Output    response
@@ -191,6 +222,7 @@ Send PUT Request for individual indicator in VNF instance
 Send PATCH Request for individual indicator in VNF instance
     Log    Trying to perform a PATCH. This method should not be implemented
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     PATCH    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators/${vnfInstanceId}/${indicatorId}
     ${output}=    Output    response
@@ -199,6 +231,7 @@ Send PATCH Request for individual indicator in VNF instance
 Send DELETE Request for individual indicator in VNF instance
     Log    Trying to perform a DELETE. This method should not be implemented
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     DELETE    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators/${vnfInstanceId}/${indicatorId}
     ${output}=    Output    response
@@ -235,6 +268,7 @@ Check HTTP Response Body Includes Requested VNF Instance ID
 Get Individual Indicator
     Log    This resource represents a VNF indicator related to a VNF instance.
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators/${indicatorId}
     ${output}=    Output    response
@@ -243,6 +277,7 @@ Get Individual Indicator
 Get Individual Indicator with invalid indicator identifier
     Log    Trying to perform a negative get, using wrong identifier
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators/${erroneousIndicatorId}
     ${output}=    Output    response
@@ -251,6 +286,7 @@ Get Individual Indicator with invalid indicator identifier
 Send POST Request for individual indicator
     Log    Trying to perform a POST (method should not be implemented)
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     POST    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators/${vnfInstanceId}/${notAllowedIndicatorId}
     ${output}=    Output    response
@@ -259,6 +295,7 @@ Send POST Request for individual indicator
 Send PUT Request for individual indicator
     Log    Trying to perform a PUT. This method should not be implemented
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     PUT    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators/${indicatorId}
     ${output}=    Output    response
@@ -267,6 +304,7 @@ Send PUT Request for individual indicator
 Send PATCH Request for individual indicator
     Log    Trying to perform a PATCH. This method should not be implemented
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     PATCH    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators/${indicatorId}
     ${output}=    Output    response
@@ -275,7 +313,34 @@ Send PATCH Request for individual indicator
 Send DELETE Request for individual indicator
     Log    Trying to perform a DELETE. This method should not be implemented
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     DELETE    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators/${indicatorId}
     ${output}=    Output    response
-    Set Suite Variable    ${response}    ${output} 
\ No newline at end of file
+    Set Suite Variable    ${response}    ${output} 
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded}
+Get Individual Indicator for a VNF instance with permitted authorization scope
+    Log    This resource represents a VNF indicator related to a VNF instance with permitted authorization scope.
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${INDICATORS_EM_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators/${vnfInstanceId}/${indicatorId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+Get Individual Indicator for a VNF instance with not permitted authorization scope
+    Log    This resource represents a VNF indicator related to a VNF instance with not permitted authorization scope.
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators/${vnfInstanceId}/${indicatorId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
\ No newline at end of file
diff --git a/SOL002/VNFIndicator-API/NotificationEndpoint.robot b/SOL002/VNFIndicator-API/NotificationEndpoint.robot
index a537c7f44067c2ac12457cf873f2f244bc3ee038..6eb13de5833beed3996e9056ce049c281f41ff3c 100644
--- a/SOL002/VNFIndicator-API/NotificationEndpoint.robot
+++ b/SOL002/VNFIndicator-API/NotificationEndpoint.robot
@@ -12,7 +12,7 @@ VNF Indicator Value Change Notification
     ...    Test title: VNF Indicator Value Change Notification
     ...    Test objective: The objective is to test that the POST request triggers VNF Indicator Value Change Notification .
     ...    Pre-conditions: A VNF is instantiated, and a subscription for indicator value change notifications is available in the VNF.
-    ...    Reference: Clause 8.4.7.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.7.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -24,7 +24,7 @@ Supported Indicators Change Notification
     ...    Test title: Supported Indicators Change Notification
     ...    Test objective: The objective is to test that the POST request triggers Supported Indicators Change Notification .
     ...    Pre-conditions: A VNF is instantiated, and a subscription for supported indicators change notifications is available in the VNF.
-    ...    Reference: Clause 8.4.7.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.7.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -36,7 +36,7 @@ Test the Notification Endpoint - Successful
     ...    Test title: Test the Notification Endpoint - Successful
     ...    Test objective: The objective is to test the Notification Endpoint provided by the notification consumer.
     ...    Pre-conditions: A notification endpoint is provided by the API consumer upon subscription.
-    ...    Reference: Clause 8.4.7.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.7.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -48,7 +48,7 @@ Test the Notification Endpoint - NOT FOUND
     ...    Test title: Test the Notification Endpoint - UNREACHABLE
     ...    Test objective: The objective is to test the Notification Endpoint provided by the notification consumer.
     ...    Pre-conditions: A notification endpoint is provided by the API consumer upon subscription.
-    ...    Reference: Clause 8.4.7.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.7.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: The notification endpoint is unreachable by the API producer.
     ...    Post-Conditions: none 
@@ -61,7 +61,7 @@ PUT Notification endpoint - Method Not Implemented
     ...    Test title: PUT Notification endpoint - Method Not Implemented
     ...    Test objective: The objective is to test the PUT method for Notification Endpoint provided by the consumer is not implemented.
     ...    Pre-conditions: A notification endpoint is provided by the API consumer upon subscription.
-    ...    Reference: Clause 8.4.7.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.7.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -73,7 +73,7 @@ PATCH Notification endpoint - Method Not Implemented
     ...    Test title: PATCH Notification endpoint - Method Not Implemented
     ...    Test objective: The objective is to test the PATCH method for Notification Endpoint provided by the consumer is not implemented.
     ...    Pre-conditions: A notification endpoint is provided by the API consumer upon subscription.
-    ...    Reference: Clause 8.4.7.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.7.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -85,7 +85,7 @@ DELETE Notification endpoint - Method Not Implemented
     ...    Test title: DELETE Notification endpoint - Method Not Implemented
     ...    Test objective: The objective is to test the DELETE method for Notification Endpoint provided by the consumer is not implemented.
     ...    Pre-conditions: A notification endpoint is provided by the API consumer upon subscription.
-    ...    Reference: Clause 8.4.7.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.7.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -94,7 +94,8 @@ DELETE Notification endpoint - Method Not Implemented
     
 *** Keywords ***
 Check resource existence and get CallbackUri
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}	
@@ -109,7 +110,8 @@ Check HTTP Response Status Code Is
        
 Post Value Change Notification
     log    Trying to perform a POST to get notification
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template} =    Get File    jsons/ValueChangeNotification.json
@@ -120,7 +122,8 @@ Post Value Change Notification
 	
 Post Supported Indicators Change Notification
     log    Trying to perform a POST to get notification
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template} =    Get File    jsons/SupportedIndicatorsChangeNotification.json
@@ -132,6 +135,7 @@ Post Supported Indicators Change Notification
 GET reach the notification endpoint  
     Log    Trying to reach the notification endpoint using GET method.
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${callbackResp}
     ${outputResponse}=    Output    response
@@ -140,6 +144,7 @@ GET reach the notification endpoint
 GET reach an unreachable notification endpoint  
     Log    Trying to reach the notification endpoint using GET method.
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${unreachable_callback_uri}
     ${outputResponse}=    Output    response
@@ -155,6 +160,7 @@ Check HTTP Response Body Json Schema Is
 PUT notification endpoint  
     Log    Trying to perform a PUT. This method should not be implemented.
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Put    ${callbackResp}
     ${outputResponse}=    Output    response
@@ -163,6 +169,7 @@ PUT notification endpoint
 PATCH notification endpoint  
     Log    Trying to perform a PATCH. This method should not be implemented.
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Patch    ${callbackResp}
     ${outputResponse}=    Output    response
@@ -171,6 +178,7 @@ PATCH notification endpoint
 DELETE notification endpoint  
     Log    Trying to perform a DELETE. This method should not be implemented.
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${callbackResp}
     ${outputResponse}=    Output    response
diff --git a/SOL002/VNFIndicator-API/Notifications.robot b/SOL002/VNFIndicator-API/Notifications.robot
index 140771bb7aece012602b5521bfd0c08baf4f3af8..337f4009dd737a31080d2b46b4a3f30d70a12e9c 100644
--- a/SOL002/VNFIndicator-API/Notifications.robot
+++ b/SOL002/VNFIndicator-API/Notifications.robot
@@ -16,7 +16,7 @@ VNF Indicator Value Change Notification
     ...    Test title: VNF Indicator Value Change Notification
     ...    Test objective: The objective is to test the dispatch of VNF Indicator Value Change Notification when new indicator values are available in the VNF, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A VNF is instantiated, and a subscription for indicator value change notifications is available in the VNF.
-    ...    Reference: Clause 8.4.7.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.7.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNF
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -29,7 +29,7 @@ Supported Indicators Change Notification
     ...    Test title: Supported Indicators Change Notification
     ...    Test objective: The objective is to test the dispatch of Supported Indicators Change Notification when new indicator values are available in the VNF, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A VNF is instantiated, and a subscription for supported indicators change notifications is available in the VNF.
-    ...    Reference: Clause 8.4.7.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.7.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNF
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL002/VNFIndicator-API/Subscriptions.robot b/SOL002/VNFIndicator-API/Subscriptions.robot
index f837e00e2dd25f70e7c276efb5da81fc0a4413ef..5ae4c24a3960eae3a5d3797cd1db8ad09f240bb1 100644
--- a/SOL002/VNFIndicator-API/Subscriptions.robot
+++ b/SOL002/VNFIndicator-API/Subscriptions.robot
@@ -4,6 +4,7 @@ Resource          environment/variables.txt    # Generic Parameters
 Library           OperatingSystem
 Library           JSONLibrary
 Library           Process
+Library           jwt
 Library           MockServerLibrary
 Library           String 
 Library           REST    ${EM-VNF_SCHEMA}://${EM-VNF_HOST}:${EM-VNF_PORT}    ssl_verify=false
@@ -16,7 +17,7 @@ GET VNF Indicators Subscriptions
     ...    Test title: GET VNF Indicators Subscriptions
     ...    Test objective: The objective is to test the retrieval of all VNF indicators subscriptions and perform a JSON schema validation of the returned subscriptions data structure
     ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNF.
-    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of indicators
     ...    Post-Conditions: none
@@ -29,7 +30,7 @@ GET VNF Indicators Subscriptions with attribute-based filter
     ...    Test title: GET VNF Indicators Subscriptions with attribute-based filter
     ...    Test objective: The objective is to test the retrieval of all VNF indicators subscriptions using attribute-based filter and perform a JSON schema and content validation of the returned subscriptions data structure
     ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNF.
-    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of indicators
     ...    Post-Conditions: none
@@ -43,7 +44,7 @@ GET VNF Indicators Subscriptions with invalid attribute-based filter
     ...    Test title: GET VNF Indicators Subscriptions with invalid attribute-based filter
     ...    Test objective: The objective is to test that the retrieval of all VNF indicators subscriptions fails when using invalid attribute-based filter. The test also checks the JSON schema of the unsuccessful operation HTTP response.
     ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNF.
-    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of indicators
     ...    Post-Conditions: none
@@ -56,7 +57,7 @@ GET VNF Indicators Subscriptions with invalid resource endpoint
     ...    Test title: GET VNF Indicators Subscriptions with invalid resource endpoint
     ...    Test objective: The objective is to test that the retrieval of all VNF indicators subscriptions fails when using invalid resource endpoint.
     ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNF.
-    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of indicators.
     ...    Post-Conditions: none
@@ -69,7 +70,7 @@ Create new VNF indicator subscription
     ...    Test title: Create new VNF indicator subscription
     ...    Test objective: The objective is to test the creation of a new VNF indicator subscription perform a JSON schema and content validation of the returned subscriptions data structure
     ...    Pre-conditions: A VNF instance is instantiated.
-    ...    Reference: Clause 8.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of indicators.
     ...    Post-Conditions: The VNF indicator subscription is successfully set and it matches the issued subscription
@@ -84,7 +85,7 @@ PUT VNF Indicator Subscriptions - Method not implemented
     ...    Test title: PUT VNF Indicator Subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify VNF indicator subscriptions
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.5.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.5.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of indicators.
     ...    Post-Conditions: none
@@ -96,7 +97,7 @@ PATCH VNF Indicator Subscriptions - Method not implemented
     ...    Test title: PATCH VNF Indicator Subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update VNF indicator subscriptions
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.5.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.5.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of indicators.
     ...    Post-Conditions: none
@@ -108,7 +109,7 @@ DELETE VNF Indicator Subscriptions - Method not implemented
     ...    Test title: DELETE VNF Indicator Subscriptions - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete VNF indicator subscriptions
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.5.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.5.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of indicators.
     ...    Post-Conditions: none
@@ -120,7 +121,7 @@ GET VNF Indicators Subscriptions to get Paged Response
     ...    Test title: GET VNF Indicators Subscriptions to get Paged Response
     ...    Test objective: The objective is to test the retrieval of all VNF indicators subscriptions to get Paged Response.
     ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNF.
-    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of indicators
     ...    Post-Conditions: none
@@ -133,7 +134,7 @@ GET VNF Indicators Subscriptions - Bad Request Response too Big
     ...    Test title: GET VNF Indicators Subscriptions - Bad Request Response too Big
     ...    Test objective: The objective is to test that the retrieval of all VNF indicators subscriptions fails because response is too big. The test also checks the JSON schema of the unsuccessful operation HTTP response.
     ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNF.
-    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of indicators
     ...    Post-Conditions: none
@@ -146,7 +147,7 @@ POST Create a new Subscription - Unprocessable Content
     ...    Test title: POST Create a new Subscription - Unprocessable Content
     ...    Test objective: The objective is to test that content type of the message content is supported and the message content of a request contains syntactically correct data but the data cannot be processed.
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -159,7 +160,7 @@ Create new VNF indicator Subscription - DUPLICATION
     ...    Test title: POST Create a new subscription - DUPLICATION
     ...    Test objective: The POST method creates a new subscription even if an existing subscription to same content exist
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: SUT should support duplication of subscription creation
     ...    Post-Conditions: In response header Location shall not be null
@@ -173,18 +174,43 @@ Create new VNF indicator Subscription - NO-DUPLICATION
     ...    Test title: POST Create a new subscription - NO-DUPLICATION
     ...    Test objective: The POST method creates a new subscription even if an existing subscription to same content exist
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: SUT should not support duplication of subscription creation
     ...    Post-Conditions: In response header Location shall not be null
     Post Create subscription - NO-DUPLICATION
     Check HTTP Response Status Code Is    303
     Check Operation Occurrence Id
+GET VNF Indicators Subscriptions with permitted authorization scope
+    [Documentation]    Test ID: 6.3.2.4.14
+    ...    Test title: GET VNF Indicators Subscriptions with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of all VNF indicators subscriptions and perform a JSON schema validation of the returned subscriptions data structure with permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNF.
+    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: The VNF supports the generation and maintenance of indicators
+    ...    Post-Conditions: none
+    Get VNF Indicators Subscriptions with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   VnfIndicatorSubscriptions
+GET VNF Indicators Subscriptions with NOT permitted authorization scope
+    [Documentation]    Test ID: 6.3.2.4.15
+    ...    Test title: GET VNF Indicators Subscriptions with not permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of all VNF indicators subscriptions and perform a JSON schema validation of the returned subscriptions data structure with not permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNF.
+    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: The VNF supports the generation and maintenance of indicators
+    ...    Post-Conditions: none
+    Get VNF Indicators Subscriptions with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is   ProblemDetails
  
 *** Keywords ***
 Get VNF Indicators Subscriptions
     Log    Trying to get the list of subscriptions
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions
     ${output}=    Output    response
@@ -193,6 +219,7 @@ Get VNF Indicators Subscriptions
 Get VNF Indicators Subscriptions with filter
     Log    Trying to get the list of subscriptions using filters
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions?${POS_FILTER}
     ${output}=    Output    response
@@ -201,6 +228,7 @@ Get VNF Indicators Subscriptions with filter
 Get VNF Indicators Subscriptions with invalid filter   
     Log    Trying to get the list of subscriptions using filters with wrong attribute name
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions?${NEG_FILTER}
     ${output}=    Output    response
@@ -209,6 +237,7 @@ Get VNF Indicators Subscriptions with invalid filter
 Get VNF Indicators Subscriptions with invalid resource endpoint
     Log    Trying to perform a request on a Uri which doesn't exist
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscription
     ${output}=    Output    response
@@ -217,6 +246,7 @@ Get VNF Indicators Subscriptions with invalid resource endpoint
 Send Post Request for VNF Indicator Subscription
     Log    Trying to create a new subscription
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
     ${template}=    Get File    jsons/subscriptions.json
     ${body}=        Format String    ${template}     callback_uri=${callback_uri}:${callback_port}    callback_endpoint=${callback_endpoint}
@@ -236,6 +266,7 @@ Send Post Request for VNF Indicator Subscription
 Send Post Request for VNF Indicator Subscription with unprocessable content
     Log    Trying to create a new subscription
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
     ${template}=    Get File    jsons/subscriptions.json
     ${body}=        Format String    ${template}     callback_uri=localhost    #not reachable endpoint
@@ -298,6 +329,7 @@ Check Postcondition VNF Indicator Subscription Is Set
     Log    Check Postcondition subscription exist
     Log    Trying to get the subscription
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${response['body']['id']}
     ${output}=    Output    response
@@ -329,6 +361,7 @@ Post Create subscription - DUPLICATION
     Log    Trying to create a subscription with an already created content
     Pass Execution If    ${VNFM_CHECKS_NOTIF_ENDPOINT} == 0    VNFM is not permitting duplication. Skipping the test
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File    jsons/subscriptions.json
@@ -349,6 +382,7 @@ Post Create subscription - NO-DUPLICATION
     Log    Trying to create a subscription with an already created content
     Pass Execution If    ${VNFM_CHECKS_NOTIF_ENDPOINT} == 1    VNFM permits duplication. Skipping the test
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File    jsons/subscriptions.json
@@ -368,3 +402,29 @@ Post Create subscription - NO-DUPLICATION
 Check Operation Occurrence Id
     ${vnfLcmOpOccId}=    Get Value From Json    ${response['headers']}    $..Location
     Should Not Be Empty    ${vnfLcmOpOccId}
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded}
+Get VNF Indicators Subscriptions with permitted authorization scope
+    Log    Trying to get the list of subscriptions with permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${SUBSCRIPTIONS_VNF_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+Get VNF Indicators Subscriptions with not permitted authorization scope
+    Log    Trying to get the list of subscriptions with not permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
diff --git a/SOL002/VNFIndicator-API/VNFIndicators.robot b/SOL002/VNFIndicator-API/VNFIndicators.robot
index 6d5d5d98d2b1354a69205682431adb5183b8f919..a3e6e5ca4ed615fdd85ea78e0106f94bac459f28 100644
--- a/SOL002/VNFIndicator-API/VNFIndicators.robot
+++ b/SOL002/VNFIndicator-API/VNFIndicators.robot
@@ -3,6 +3,7 @@ Documentation     This Clause defines all the resources and methods provided by
 Library           JSONSchemaLibrary    schemas/
 Resource          environment/variables.txt    # Generic Parameters
 Library           JSONLibrary
+Library           jwt
 Library           String
 Library           REST    ${EM-VNF_SCHEMA}://${EM-VNF_HOST}:${EM-VNF_PORT}    ssl_verify=false
 
@@ -12,7 +13,7 @@ Get all VNF Indicators
     ...    Test title: Get all VNF Indicators
     ...    Test objective: The objective is to test the retrieval of all the available VNF indicators and perform a JSON schema validation of the collected indicators data structure
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF performance indicators are available in the VNF.
-    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
     ...    Post-Conditions: none
@@ -25,7 +26,7 @@ Get VNF Indicators with attribute-based filter
     ...    Test title: Get VNF Indicators with attribute-based filter
     ...    Test objective: The objective is to test the retrieval of VNF indicators using attribute-based filter, perform a JSON schema validation of the collected indicators data structure, and verify that the retrieved information matches the issued attribute-based filters 
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF performance indicators are available in the VNF.
-    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
     ...    Post-Conditions: none
@@ -39,7 +40,7 @@ Get VNF Indicators with invalid attribute-based filter
     ...    Test title: Get VNF Indicators with invalid attribute-based filter
     ...    Test objective: The objective is to test that the retrieval of VNF indicators fails when using invalid attribute-based filters, and perform the JSON schema validation of the failed operation HTTP response. 
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF performance indicators are available in the VNF.
-    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
     ...    Post-Conditions: none
@@ -52,7 +53,7 @@ Get all VNF Indicators with malformed authorization token
     ...    Test title: GET all VNF Indicators with malformed authrization token.
     ...    Test objective: The objective is to test that the retrieval of VNF indicators fails when using malformed authorization token
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF performance indicators are available in the VNF.
-    ...    Reference: Clause 4.5.3.3, 8.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 4.5.3.3, 8.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators. The VNF requires the usage of access tokens for authorizing the API requests.
     ...    Post-Conditions: none
@@ -65,7 +66,7 @@ Get all VNF Indicators without authorization token
     ...    Test title: GET all VNF Indicators without authorization token
     ...    Test objective: The objective is to test that the retrieval of VNF indicators fails when omitting the authorization token
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF performance indicators are available in the VNF.
-    ...    Reference: Clause 4.5.3.3, 8.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 4.5.3.3, 8.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators. The VNF requires the usage of access tokens for authorizing the API requests.
     ...    Post-Conditions: none
@@ -78,7 +79,7 @@ GET all VNF Indicators with expired or revoked authorization token
     ...    Test title: GET all VNF Indicators with expired or revoked authorization token
     ...    Test objective: The objective is to test that the retrieval of VNF indicators fails when using expired or revoked authorization token
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF performance indicators are available in the VNF.
-    ...    Reference: Clause 4.5.3.3, 8.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 4.5.3.3, 8.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators. The VNF requires the usage of access tokens for authorizing the API requests.
     ...    Post-Conditions: none
@@ -91,7 +92,7 @@ Get all VNF Indicators with invalid resource endpoint
     ...    Test title: GET all VNF Indicators with invalid resource endpoint
     ...    Test objective: The objective is to test that the retrieval of VNF indicators fails when using invalid resource endpoint
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF performance indicators are available in the VNF.
-    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators. 
     ...    Post-Conditions: none
@@ -104,7 +105,7 @@ POST all VNF Indicators - Method not implemented
     ...    Test title: POST all VNF Indicators - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create new VNF indicators
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
     ...    Post-Conditions: none
@@ -116,7 +117,7 @@ PUT all VNF Indicators - Method not implemented
     ...    Test title: PUT all VNF Indicators - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify VNF indicators
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.2.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.2.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
     ...    Post-Conditions: none
@@ -128,7 +129,7 @@ PATCH all VNF Indicators - Method not implemented
     ...    Test title: PATCH all VNF Indicators - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update VNF indicators
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.2.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.2.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
     ...    Post-Conditions: none
@@ -140,7 +141,7 @@ DELETE all VNF Indicators - Method not implemented
     ...    Test title: DELETE all VNF Indicators - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete VNF indicators
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.2.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.2.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
     ...    Post-Conditions: none
@@ -152,7 +153,7 @@ Get VNF Indicators to get Paged Response
     ...    Test title: Get VNF Indicators to get Paged Response
     ...    Test objective: The objective is to test the retrieval of all the available VNF indicators with Paged Response.
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF performance indicators are available in the VNF.
-    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
     ...    Post-Conditions: none
@@ -165,18 +166,42 @@ Get VNF Indicators - Bad Request Response too Big
     ...    Test title: Get VNF Indicators - Bad Request Response too Big
     ...    Test objective: The objective is to test that the retrieval of VNF indicators fails when response is too big, and perform the JSON schema validation of the failed operation HTTP response. 
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF performance indicators are available in the VNF.
-    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
     ...    Post-Conditions: none
     Get all VNF indicators
     Check HTTP Response Status Code Is    400
     Check HTTP Response Body Json Schema Is   ProblemDetails
-    
+Get all VNF Indicators with permitted authorization scope
+    [Documentation]    Test ID: 6.3.2.1.14
+    ...    Test title: Get all VNF Indicators with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of all the available VNF indicators and perform a JSON schema validation of the collected indicators data structure with permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF performance indicators are available in the VNF.
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
+    ...    Post-Conditions: none
+    Get all VNF indicators with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   vnfIndicators
+Get all VNF Indicators with not permitted authorization scope
+    [Documentation]    Test ID: 6.3.2.1.15
+    ...    Test title: Get all VNF Indicators with not permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of all the available VNF indicators and perform a JSON schema validation of the collected indicators data structure with not permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF performance indicators are available in the VNF.
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
+    ...    Post-Conditions: none
+    Get all VNF indicators with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is   ProblemDetails
 *** Keywords ***
 Get all VNF indicators
     Log    The GET method queries multiple VNF indicators
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Log    Execute Query and validate response
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators
@@ -186,6 +211,7 @@ Get all VNF indicators
 Get VNF indicators with filter
     Log    The GET method queries multiple VNF indicators using Attribute-based filtering parameters
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Log    Execute Query and validate response
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators?${POS_FIELDS}
@@ -195,6 +221,7 @@ Get VNF indicators with filter
 Get VNF indicators with invalid filter
     Log    The GET method queries multiple VNF indicators using invalid Attribute-based filtering parameters
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Log    Execute Query and validate response
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators?${NEG_FIELDS}
@@ -205,6 +232,7 @@ Get all VNF indicators with malformed authorization token
     Pass Execution If    ${AUTH_USAGE} == 0    Skipping test as EM/VNF is not supporting authentication
     Log    The GET method queries multiple VNF indicators using invalid token
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Set Headers    {"${AUTHORIZATION_HEADER}": "${BAD_AUTHORIZATION_TOKEN}"}
     Log    Execute Query and validate response
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators
@@ -215,6 +243,7 @@ Get all VNF indicators with expired or revoked authorization token
     Pass Execution If    ${AUTH_USAGE} == 0    Skipping test as EM/VNF is not supporting authentication
     Log    The GET method queries multiple VNF indicators using invalid token
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Set Headers    {"${AUTHORIZATION_HEADER}": "${NEG_AUTHORIZATION_TOKEN}"}
     Log    Execute Query and validate response
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators
@@ -225,6 +254,7 @@ Get all VNF indicators without authorization token
     Pass Execution If    ${AUTH_USAGE} == 0    Skipping test as EM/VNF is not supporting authentication
     Log    The GET method queries multiple VNF indicators omitting token
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Log    Execute Query and validate response
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators
     ${output}=    Output    response
@@ -233,6 +263,7 @@ Get all VNF indicators without authorization token
 Get all VNF indicators with invalid resource endpoint
     Log    The GET method queries multiple VNF indicators omitting token
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Log    Execute Query and validate response
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/indicator
@@ -241,7 +272,8 @@ Get all VNF indicators with invalid resource endpoint
 
 Send POST Request for all VNF indicators
     log    Trying to perform a POST. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators
     ${output}=    Output    response
@@ -249,7 +281,8 @@ Send POST Request for all VNF indicators
     
 Send PUT Request for all VNF indicators
     log    Trying to perform a PUT. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators
     ${output}=    Output    response
@@ -257,7 +290,8 @@ Send PUT Request for all VNF indicators
     
 Send PATCH Request for all VNF indicators
     log    Trying to perform a PATCH. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators
     ${output}=    Output    response
@@ -265,7 +299,8 @@ Send PATCH Request for all VNF indicators
     
 Send DELETE Request for all VNF indicators
     log    Trying to perform a DELETE. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators
     ${output}=    Output    response
@@ -302,3 +337,31 @@ Check HTTP Response Body vnfIndicators Matches the requested attribute-based fil
 Check HTTP Response Header Contain Link
     ${linkURL}=    Get Value From Json    ${response['headers']}    $..Link
     Should Not Be Empty    ${linkURL}
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded}
+Get all VNF indicators with permitted authorization scope
+    Log    The GET method queries multiple VNF indicators with permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${INDICATORS_VNF_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Execute Query and validate response
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+Get all VNF indicators with not permitted authorization scope
+    Log    The GET method queries multiple VNF indicators with not permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Execute Query and validate response
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
diff --git a/SOL002/VNFIndicator-API/VnfIndicatorsInVnfInstanceId.robot b/SOL002/VNFIndicator-API/VnfIndicatorsInVnfInstanceId.robot
index 719a3fb0f8373cdbbc9237929832befcf7eb711a..4dd13a9d457791ed24e18cc6875e022f76f21a9e 100644
--- a/SOL002/VNFIndicator-API/VnfIndicatorsInVnfInstanceId.robot
+++ b/SOL002/VNFIndicator-API/VnfIndicatorsInVnfInstanceId.robot
@@ -3,6 +3,7 @@ Documentation     This resource represents VNF indicators related to a VNF insta
 Library           JSONSchemaLibrary    schemas/
 Resource          environment/variables.txt    # Generic Parameters
 Library           JSONLibrary
+Library           jwt
 Library           String 
 Library           REST    ${EM-VNF_SCHEMA}://${EM-VNF_HOST}:${EM-VNF_PORT}    ssl_verify=false
 
@@ -12,7 +13,7 @@ Get Indicators for VNF Instance
     ...    Test title: Get all performance indicators for a VNF instance
     ...    Test objective: The objective is to test the retrieval of all performance indicators for a given VNF instance and perform a JSON schema validation of the returned indicators data structure
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of performance indicators are available for the given VNF instance.
-    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators
     ...    Post-Conditions: none
@@ -26,7 +27,7 @@ GET Indicators for VNF Instance with attribute-based filter
     ...    Test title: Get all performance indicators for a VNF instance with attribute-based filter
     ...    Test objective: The objective is to test the retrieval of all performance indicators for a given VNF instance using attribute-based filter and perform a JSON schema validation of the returned indicators data structure
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of performance indicators are available for the given VNF instance.
-    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators
     ...    Post-Conditions: none
@@ -40,7 +41,7 @@ Get Indicators for VNF Instance with invalid attribute-based filter
     ...    Test title: Get all performance indicators for a VNF instance with invalid attribute-based filter
     ...    Test objective: The objective is to test that the retrieval of all performance indicators for a given VNF instance fails using invalid attribute-based filter. The test also checks the JSON schema of the unsuccessful operation HTTP response.
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of performance indicators are available for the given VNF instance.
-    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
     ...    Post-Conditions: none
@@ -53,7 +54,7 @@ Get Indicators for VNF Instance with invalid resource identifier
     ...    Test title: Get all performance indicators for a VNF instance with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of all performance indicators for a given VNF instance fails when using invalid resource identifier. The test also checks the JSON schema of the unsuccessful operation HTTP response.
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of performance indicators are available for the given VNF instance.
-    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
     ...    Post-Conditions: none
@@ -66,7 +67,7 @@ POST Indicators for VNF instance - Method not implemented
     ...    Test title: POST performance indicators for VNF instance - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create new performance indicators for a VNF instance
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.3.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.3.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
     ...    Post-Conditions: none
@@ -78,7 +79,7 @@ PUT Indicators for VNF instance - Method not implemented
     ...    Test title: PUT performance indicators for VNF instance - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify existing performance indicators for a VNF instance
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.3.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.3.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
     ...    Post-Conditions: none
@@ -90,7 +91,7 @@ PATCH Indicators for VNF instance - Method not implemented
     ...    Test title: PATCH performance indicators for VNF instance - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update existing performance indicators for a VNF instance
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.3.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.3.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
     ...    Post-Conditions: none
@@ -102,7 +103,7 @@ DELETE Indicators for VNF instance - Method not implemented
     ...    Test title: DELETE performance indicators for VNF instance - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete performance indicators for a VNF instance
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.3.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.3.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
     ...    Post-Conditions: none
@@ -114,7 +115,7 @@ Get Indicators for VNF Instance to get Paged Response
     ...    Test title: Get Indicators for VNF Instance to get Paged Response
     ...    Test objective: The objective is to test the retrieval of all performance indicators for a given VNF instance to get paged response.
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of performance indicators are available for the given VNF instance.
-    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators
     ...    Post-Conditions: none
@@ -127,18 +128,44 @@ Get Indicators for VNF Instance - Bad Request Response too Big
     ...    Test title: Get Indicators for VNF Instance - Bad Request Response too Big
     ...    Test objective: The objective is to test that the retrieval of all performance indicators for a given VNF instance fails when response is too big. The test also checks the JSON schema of the unsuccessful operation HTTP response.
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of performance indicators are available for the given VNF instance.
-    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The VNF supports the generation and maintenance of performance indicators.
     ...    Post-Conditions: none
     Get all indicators for a VNF instance
     Check HTTP Response Status Code Is    400
     Check HTTP Response Body Json Schema Is   ProblemDetails
+Get Indicators for VNF Instance with permitted authorization scope
+    [Documentation]    Test ID: 6.3.2.2.11
+    ...    Test title: Get all performance indicators for a VNF instance with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of all performance indicators for a given VNF instance and perform a JSON schema validation of the returned indicators data structure with permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated. One or more measures of performance indicators are available for the given VNF instance.
+    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: The VNF supports the generation and maintenance of performance indicators
+    ...    Post-Conditions: none
+    Get all indicators for a VNF instance with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   vnfIndicators
+    Check HTTP Response Body Includes Requested VNF Instance ID
+Get Indicators for VNF Instance with NOT permitted authorization scope
+    [Documentation]    Test ID: 6.3.2.2.12
+    ...    Test title: Get all performance indicators for a VNF instance with not permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of all performance indicators for a given VNF instance and perform a JSON schema validation of the returned indicators data structure with not permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated. One or more measures of performance indicators are available for the given VNF instance.
+    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: The VNF supports the generation and maintenance of performance indicators
+    ...    Post-Conditions: none
+    Get all indicators for a VNF instance with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is   ProblemDetails
 
 *** Keywords ***
 Get all indicators for a VNF instance
     Log    This resource represents VNF indicators related to a VNF instance.
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators/${vnfInstanceId}
     ${output}=    Output    response
@@ -147,6 +174,7 @@ Get all indicators for a VNF instance
 Get all indicators for a VNF instance with filter  
     Log    This resource represents VNF indicators related to a VNF instance.
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators/${vnfInstanceId}?${POS_FIELDS}
     ${output}=    Output    response
@@ -155,6 +183,7 @@ Get all indicators for a VNF instance with filter
 Get all indicators for a VNF instance with invalid filter
     Log    This resource represents VNF indicators related to a VNF instance.
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators/${vnfInstanceId}?${NEG_FIELDS}
     ${output}=    Output    response
@@ -163,6 +192,7 @@ Get all indicators for a VNF instance with invalid filter
 Get all indicators for a VNF instance with invalid resource identifier
     Log    Trying to perform a negative get, using wrong identifier
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators/${erroneousVnfInstanceId}
     ${output}=    Output    response
@@ -171,6 +201,7 @@ Get all indicators for a VNF instance with invalid resource identifier
 Send POST Request for indicators in VNF instance
     Log    Trying to perform a POST (method should not be implemented)
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     POST    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators/${vnfInstanceId}
     ${output}=    Output    response
@@ -179,6 +210,7 @@ Send POST Request for indicators in VNF instance
 Send PUT Request for indicators in VNF instance
     Log    Trying to perform a PUT. This method should not be implemented
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     PUT    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators/${vnfInstanceId}
     ${output}=    Output    response
@@ -187,6 +219,7 @@ Send PUT Request for indicators in VNF instance
 Send PATCH Request for indicators in VNF instance
     Log    Trying to perform a PATCH. This method should not be implemented
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     PATCH    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators/${vnfInstanceId}
     ${output}=    Output    response
@@ -195,6 +228,7 @@ Send PATCH Request for indicators in VNF instance
 Send DELETE Request for indicators in VNF instance
     Log    Trying to perform a DELETE. This method should not be implemented
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     DELETE    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators/${vnfInstanceId}
     ${output}=    Output    response
@@ -231,4 +265,32 @@ Check HTTP Response Body Matches Attribute-Based Filter
     
 Check HTTP Response Header Contain Link
     ${linkURL}=    Get Value From Json    ${response['headers']}    $..Link
-    Should Not Be Empty    ${linkURL}
\ No newline at end of file
+    Should Not Be Empty    ${linkURL}
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded}
+Get all indicators for a VNF instance with permitted authorization scope
+    Log    This resource represents VNF indicators related to a VNF instance with permitted authorization scope.
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${INDICATORS_EM_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators/${vnfInstanceId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+Get all indicators for a VNF instance with not permitted authorization scope
+    Log    This resource represents VNF indicators related to a VNF instance with not permitted authorization scope.
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators/${vnfInstanceId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
\ No newline at end of file
diff --git a/SOL002/VNFIndicator-API/environment/variables.txt b/SOL002/VNFIndicator-API/environment/variables.txt
index 69e6b434993a3e4fd70ef161f55b2397886b34a8..7692af75fe4803ef72bd6ecf76625d0e4e90ccd8 100644
--- a/SOL002/VNFIndicator-API/environment/variables.txt
+++ b/SOL002/VNFIndicator-API/environment/variables.txt
@@ -44,6 +44,13 @@ ${NEG_FILTER}     callback=http://127.0.0.1/subscribe
 ${total_polling_time}   2 min
 ${polling_interval}     10 sec
 ${SEPERATOR}      =
+${INDICATORS_VNF_SCOPE}=    vnfind_by_vnf:v1:indicators
+${SUBSCRIPTIONS_VNF_SCOPE}=     vnfind_by_vnf:v1:subscriptions
+${INDICATORS_EM_SCOPE}=    vnfind_by_em:v1:indicators
+${SUBSCRIPTIONS_EM_SCOPE}=     vnfind_by_em:v1:subscriptions
+${OAUTH_Encryption_ALGORITHM}=      HS256
+${NEG_SCOPE}=   vnfind_by_vnf:v2:invalid
+${API_VERSION}=     1.12.0
 
 ${erroneousVnfInstanceId}    erroneousVnfInstanceId
 ${POS_FIELDS}     name=vnfIndicator
diff --git a/SOL002/VNFLCMCoordination-API/CancelCoordinationActionTask.robot b/SOL002/VNFLCMCoordination-API/CancelCoordinationActionTask.robot
index 7ec37111c8f1aa05499de69b5926372cf1ca7af8..1c316493bd9b8980dbf0053d71d2ee521a049f37 100644
--- a/SOL002/VNFLCMCoordination-API/CancelCoordinationActionTask.robot
+++ b/SOL002/VNFLCMCoordination-API/CancelCoordinationActionTask.robot
@@ -15,7 +15,7 @@ POST Cancellation of an Ongoing Individual Coordination Action
     ...    Test title: POST Cancellation of an Ongoing Individual Coordination Action
     ...    Test Objective: The objective is to test that POST request for cancellation of an ongoing individual coordination Action has accepted for processing.
     ...    pre-condition: The status of the related LCM operation occurance is "PROCESSING"
-    ...    Reference: Clause 10.4.4.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 10.4.4.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: When there is an Ongoing individual LCM operation coordination action.
     ...    Post-Condition: none
@@ -28,7 +28,7 @@ POST Cancellation of an Ongoing Individual Coordination Action - Conflict
     ...    Test title: POST Cancellation of an Ongoing Individual Coordination Action - Conflict
     ...    Test Objective: The objective is to test that POST request for cancellation of an ongoing individual coordination Action is not successfull due to a conflict with the state of the "Individual coordination action" resource. 
     ...    pre-condition: none
-    ...    Reference: Clause 10.4.4.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 10.4.4.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: Processing of Individual Coordination Action has 'Finished'.
     ...    Post-Condition: none
@@ -41,7 +41,7 @@ Request a cancellation of an ongoing coordination action without authentication
     ...    Test title: Request a cancellation of an ongoing coordination action without authentication
     ...    Test objective: The objective is to test the failure of the request for a cancellation of a coordination task when no authentication is used
     ...    Pre-conditions: none
-    ...    Reference: Clause Clause 10.4.4.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause Clause 10.4.4.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -53,7 +53,7 @@ GET Cancellation of an Ongoing Individual Coordination Action - Method not Imple
     ...    Test title: GET Cancellation of an Ongoing Individual Coordination Action
     ...    Test Objective: The objective is to test that GET method for cancellation of an ongoing individual coordination Action is not implemented.
     ...    pre-condition: none
-    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: ongoing individual coordination
     ...    Post-Condition: none
@@ -65,7 +65,7 @@ PUT Cancellation of an Ongoing Individual Coordination Action - Method not Imple
     ...    Test title: PUT Cancellation of an Ongoing Individual Coordination Action
     ...    Test Objective: The objective is to test that PUT method for cancellation of an ongoing individual coordination Action is not implemented.
     ...    pre-condition: none
-    ...    Reference: Clause 10.4.4.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 10.4.4.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none  
     ...    Post-Condition: none
@@ -77,7 +77,7 @@ PATCH Cancellation of an Ongoing Individual Coordination Action - Method not Imp
     ...    Test title: PATCH Cancellation of an Ongoing Individual Coordination Action
     ...    Test Objective: The objective is to test that PATCH method for cancellation of an ongoing individual coordination Action is not implemented.
     ...    pre-condition: none
-    ...    Reference: Clause 10.4.4.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 10.4.4.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none  
     ...    Post-Condition: none
@@ -89,9 +89,33 @@ DELETE Cancellation of an Ongoing Individual Coordination Action - Method not Im
     ...    Test title: DELETE Cancellation of an Ongoing Individual Coordination Action
     ...    Test Objective: The objective is to test that DELETE method for cancellation of an ongoing individual coordination Action is not implemented.
     ...    pre-condition: none
-    ...    Reference: Clause 10.4.4.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 10.4.4.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none  
     ...    Post-Condition: none
     DELETE Cancellation of an Ongoing Individual Coordination Action
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+POST Cancellation of an Ongoing Individual Coordination Action with permitted authorization scope
+    [Documentation]    Test ID: 6.3.6.4.8
+    ...    Test title: POST Cancellation of an Ongoing Individual Coordination Action with permitted authorization scope
+    ...    Test Objective: The objective is to test that POST request for cancellation of an ongoing individual coordination Action has accepted for processing with permitted authorization scope.
+    ...    pre-condition: The status of the related LCM operation occurance is "PROCESSING"
+    ...    Reference: Clause 10.4.4.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: When there is an Ongoing individual LCM operation coordination action.
+    ...    Post-Condition: none
+    POST Cancellation of an Ongoing Individual Coordination Action with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Body Should be Empty
+POST Cancellation of an Ongoing Individual Coordination Action with not permitted authorization scope
+    [Documentation]    Test ID: 6.3.6.4.9
+    ...    Test title: POST Cancellation of an Ongoing Individual Coordination Action with not permitted authorization scope
+    ...    Test Objective: The objective is to test that POST request for cancellation of an ongoing individual coordination Action has accepted for processing with not permitted authorization scope.
+    ...    pre-condition: The status of the related LCM operation occurance is "PROCESSING"
+    ...    Reference: Clause 10.4.4.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: When there is an Ongoing individual LCM operation coordination action.
+    ...    Post-Condition: none
+    POST Cancellation of an Ongoing Individual Coordination Action with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
\ No newline at end of file
diff --git a/SOL002/VNFLCMCoordination-API/Coordinations.robot b/SOL002/VNFLCMCoordination-API/Coordinations.robot
index 3913b947f404e5fd81ac4696339cad2dde22d8db..b0e266aa5959f07abff1f46b8c156dae854a2f7d 100644
--- a/SOL002/VNFLCMCoordination-API/Coordinations.robot
+++ b/SOL002/VNFLCMCoordination-API/Coordinations.robot
@@ -15,7 +15,7 @@ POST Coordination of LCM Operation Occurance and API Producer has Chosen the Syn
     ...    Test title: Post Coordination of an LCM operation occurrence
     ...    Test Objective: The objective is to test the creation of new Individual Coordination Action, and perform a JSON schema validation of the returned LCM coordination data structure.
     ...    pre-condition: LCM operation occurrence resource is in Processing state
-    ...    Reference: Clause 10.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 10.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: API producer has chosen the synchronous mode   
     ...    Post-Condition: none
@@ -30,7 +30,7 @@ POST Coordination of LCM Operation Occurance and API Producer has Chosen the Asy
     ...    Test title: Post Coordination of an LCM operation occurrence
     ...    Test Objective: The objective is to test that the coordination of a LCM operation occurance request has been accepted for processing, and perform a JSON schema validation of the returned LCM coordination data structure.
     ...    pre-condition: LCM operation occurrence resource is in Processing state
-    ...    Reference: Clause 10.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 10.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: API producer has chosen the asynchronous mode   
     ...    Post-Condition: none
@@ -44,7 +44,7 @@ POST Coordination of a LCM Operation Occurance Forbidden
     ...    Test title: Post Coordination of an LCM operation occurrence Forbidden
     ...    Test Objective: The objective is to test the failure of a request for the coordination of an LCM operation occurrence
     ...    pre-condition: The status of the related LCM opeation occurrence is "PROCESSING". The request is performed by a user that has not the grant to run this operation
-    ...    Reference: Clause 10.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 10.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none  
     ...    Post-Condition: none
@@ -57,7 +57,7 @@ POST Coordination of LCM Operation Occurance Conflict
     ...    Test title: Post Coordination of an LCM operation occurrence Conflict
     ...    Test Objective: The objective is to verify that no coordination actions can be executed currently, due to a conflict with the state of the "Coordinations" resource.
     ...    pre-condition: The status of the related LCM opeation occurrence is not "PROCESSING"
-    ...    Reference: Clause 10.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 10.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: When there are many coordination actions exist, or conflicting ones, are in progress.
     ...    Post-Condition: none
@@ -70,7 +70,7 @@ POST Coordination of LCM Operation Occurance Service Unavailable
     ...    Test title: Post Coordination of an LCM operation occurrence Service Unavailable 
     ...    Test Objective: The objective is to test the request for the coordination of an LCM operation occurrence and the verify that the NFVO cannot perform immediately the request, but can perform it sometime in the future. 
     ...    pre-condition: The status of the related LCM opeation occurrence is "PROCESSING" but API producer cannot perform immediately the request
-    ...    Reference: Clause 10.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 10.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: API producer has chosen the synchronous mode
     ...    Post-Condition: none
@@ -84,7 +84,7 @@ POST Coordination of an LCM operation occurrence without authentication
     ...    Test title:  Request a Coordination of an LCM operation occurrence without authentication
     ...    Test objective: The objective is to test the failure of the request for the coordination of an LCM operation occurrence without providing an authentication token
     ...    Pre-conditions: The status of the related LCM opeation occurrence is "PROCESSING"
-    ...    Reference: Clause 10.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 10.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -96,7 +96,7 @@ GET Coordination of a LCM Operation Occurance - Method not implemented
     ...    Test title: GET Coordination of a LCM Operation Occurance - Method not implemented
     ...    Test Objective: The objective is to test that GET method for Resource Coordinations is not implemented.
     ...    pre-condition: none
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none  
     ...    Post-Condition: none
@@ -108,7 +108,7 @@ PUT Coordination of a LCM Operation Occurance - Method not implemented
     ...    Test title: PUT Coordination of a LCM Operation Occurance - Method not implemented
     ...    Test Objective: The objective is to test that PUT method for Resource Coordinations is not implemented.
     ...    pre-condition: none
-    ...    Reference: Clause 10.4.2.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 10.4.2.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none  
     ...    Post-Condition: none
@@ -120,7 +120,7 @@ PACTH Coordination of a LCM Operation Occurance - Method not implemented
     ...    Test title: PATCH Coordination of a LCM Operation Occurance - Method not implemented
     ...    Test Objective: The objective is to test that PATCH method for Resource Coordinations is not implemented.
     ...    pre-condition: none
-    ...    Reference: Clause 10.4.2.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 10.4.2.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none  
     ...    Post-Condition: none
@@ -132,9 +132,35 @@ DELETE Coordination of a LCM Operation Occurance - Method not implemented
     ...    Test title: DELETE Coordination of a LCM Operation Occurance - Method not implemented
     ...    Test Objective: The objective is to test that DELETE method for Resource Coordinations is not implemented.
     ...    pre-condition: none
-    ...    Reference: Clause 10.4.2.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 10.4.2.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none  
     ...    Post-Condition: none
     DELETE coordination of LCM operation Occurance
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+POST Coordination of LCM Operation Occurance and API Producer has Chosen the Synchronous Mode with permitted authorization scope
+    [Documentation]    Test ID: 6.3.6.2.11
+    ...    Test title: Post Coordination of an LCM operation occurrence with permitted authorization scope
+    ...    Test Objective: The objective is to test the creation of new Individual Coordination Action, and perform a JSON schema validation of the returned LCM coordination data structure with permitted authorization scope.
+    ...    pre-condition: LCM operation occurrence resource is in Processing state
+    ...    Reference: Clause 10.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: API producer has chosen the synchronous mode   
+    ...    Post-Condition: none
+    Post coordination of LCM operation Occurance and API Producer has Chosen Synchronous Mode with permitted authorization scope
+    Check HTTP Response Status Code Is    201
+    Check HTTP Response Body Json Schema Is    LcmCoord
+    Check HTTP Response Header Contains    Location
+    Check Postcondition LcmCoord Exists
+POST Coordination of LCM Operation Occurance and API Producer has Chosen the Synchronous Mode with not permitted authorization scope
+    [Documentation]    Test ID: 6.3.6.2.12
+    ...    Test title: Post Coordination of an LCM operation occurrence with not permitted authorization scope
+    ...    Test Objective: The objective is to test the creation of new Individual Coordination Action, and perform a JSON schema validation of the returned LCM coordination data structure with not permitted authorization scope.
+    ...    pre-condition: LCM operation occurrence resource is in Processing state
+    ...    Reference: Clause 10.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: API producer has chosen the synchronous mode   
+    ...    Post-Condition: none
+    Post coordination of LCM operation Occurance and API Producer has Chosen Synchronous Mode with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
\ No newline at end of file
diff --git a/SOL002/VNFLCMCoordination-API/IndividualCoordinationAction.robot b/SOL002/VNFLCMCoordination-API/IndividualCoordinationAction.robot
index 21d27d13af00f02878ea6b66bbd4f552d243f9e1..72fe924d59790cfdcf7e54a108730e305add5ecb 100644
--- a/SOL002/VNFLCMCoordination-API/IndividualCoordinationAction.robot
+++ b/SOL002/VNFLCMCoordination-API/IndividualCoordinationAction.robot
@@ -14,7 +14,7 @@ POST Individual LCM Operation Coordination Results - Method not implemented
     ...    Test title: POST Individual LCM Operation Coordination Results - Method not implemented
     ...    Test Objective: The objective is to test that POST method for individual LCM operation coordination results is not implemented.
     ...    pre-condition: none
-    ...    Reference: Clause 10.4.3.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 10.4.3.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none  
     ...    Post-Condition: none
@@ -26,7 +26,7 @@ GET Individual LCM Operation Coordination Results - Coordination is Finished
     ...    Test title: GET Individual LCM Operation Coordination Results
     ...    Test Objective: The objective is to test that coordination is finished and GET method reads individual LCM operation coordination results successfully, and perform a JSON schema validation of the returned LCM coordination data structure.
     ...    pre-condition: LCM operation occurrence resource is in Processing state
-    ...    Reference: Clause 10.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 10.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: When the Individual LCM Operation Coordination is finished
     ...    Post-Condition: none
@@ -39,7 +39,7 @@ GET Individual LCM Operation Coordination Results - Coordination is Not Finished
     ...    Test title: GET Individual LCM Operation Coordination Results
     ...    Test Objective: The objective is to test that GET method checks that whether Individual LCM Operation Coordination is still ongoing or in the process of being cancelled.
     ...    pre-condition: LCM operation occurrence resource is in Processing state
-    ...    Reference: Clause 10.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 10.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: When the Individual LCM Operation Coordination is still ongoing or in the process of being cancelled.
     ...    Post-Condition: none
@@ -52,7 +52,7 @@ Get Individual LCM Operation Coordination Results without authentication
     ...    Test title:  Get information about a finished coordination task without authentication
     ...    Test objective: The objective is to try to read an individual coordination task without using authentication
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 10.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -64,7 +64,7 @@ PUT Individual LCM Operation Coordination Results - Method not implemented
     ...    Test title: PUT Individual LCM Operation Coordination Results - Method not implemented
     ...    Test Objective: The objective is to test that PUT method for individual LCM operation coordination results is not implemented.
     ...    pre-condition: none
-    ...    Reference: Clause 10.4.3.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 10.4.3.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none  
     ...    Post-Condition: none
@@ -76,7 +76,7 @@ PATCH Individual LCM Operation Coordination Results - Method not implemented
     ...    Test title: PATCH Individual LCM Operation Coordination Results - Method not implemented
     ...    Test Objective: The objective is to test that PATCH method for individual LCM operation coordination results is not implemented.
     ...    pre-condition: none
-    ...    Reference: Clause 10.4.3.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 10.4.3.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none  
     ...    Post-Condition: none
@@ -88,9 +88,33 @@ DELETE Individual LCM Operation Coordination Results - Method not implemented
     ...    Test title: PUT Individual LCM Operation Coordination Results - Method not implemented
     ...    Test Objective: The objective is to test that DELETE method for individual LCM operation coordination results is not implemented.
     ...    pre-condition: none
-    ...    Reference: Clause 10.4.3.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 10.4.3.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none  
     ...    Post-Condition: none
     DELETE Individual LCM Operation Coordination Results
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+GET Individual LCM Operation Coordination Results - Coordination is Finished with permitted authorization scope
+    [Documentation]    Test ID: 6.3.6.3.8
+    ...    Test title: GET Individual LCM Operation Coordination Results - Coordination is Finished with permitted authorization scope
+    ...    Test Objective: The objective is to test that coordination is finished and GET method reads individual LCM operation coordination results successfully, and perform a JSON schema validation of the returned LCM coordination data structure with permitted authorization scope.
+    ...    pre-condition: LCM operation occurrence resource is in Processing state
+    ...    Reference: Clause 10.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: When the Individual LCM Operation Coordination is finished
+    ...    Post-Condition: none
+    GET Individual LCM Operation Coordination Results with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    LcmCoord
+GET Individual LCM Operation Coordination Results - Coordination is Finished with not permitted authorization scope
+    [Documentation]    Test ID: 6.3.6.3.9
+    ...    Test title: GET Individual LCM Operation Coordination Results - Coordination is Finished with not permitted authorization scope
+    ...    Test Objective: The objective is to test that coordination is finished and GET method reads individual LCM operation coordination results successfully, and perform a JSON schema validation of the returned LCM coordination data structure with not permitted authorization scope.
+    ...    pre-condition: LCM operation occurrence resource is in Processing state
+    ...    Reference: Clause 10.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: When the Individual LCM Operation Coordination is finished
+    ...    Post-Condition: none
+    GET Individual LCM Operation Coordination Results with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
\ No newline at end of file
diff --git a/SOL002/VNFLCMCoordination-API/VNFLCMCoordinationKeywords.robot b/SOL002/VNFLCMCoordination-API/VNFLCMCoordinationKeywords.robot
index db418d425f755386fd1102fe7b2182115c94485b..8d6b787dec8afc464fb86e78b5c91fd027ebca32 100644
--- a/SOL002/VNFLCMCoordination-API/VNFLCMCoordinationKeywords.robot
+++ b/SOL002/VNFLCMCoordination-API/VNFLCMCoordinationKeywords.robot
@@ -6,6 +6,7 @@ Library    JSONLibrary
 Library    JSONSchemaLibrary    schemas/
 Library    OperatingSystem
 Library    DependencyLibrary
+Library    jwt
 
 *** Keywords *** 
 
@@ -25,6 +26,7 @@ Check HTTP Response Body Json Schema Is
 Check Postcondition LcmCoord Exists
     Log    Checking that individual lcm coordination exists
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/coordiations/${response['body']['id']}
     ${output}=    Output    response
@@ -37,7 +39,8 @@ Check HTTP Response Body Should be Empty
 
 POST Individual LCM Operation Coordination Results
     Log    Trying to perform a POST. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     POST    ${apiRoot}/lcmcoord/${apiMajorVersion}/coordinations/${coordinationId}
@@ -46,7 +49,8 @@ POST Individual LCM Operation Coordination Results
 
 GET Individual LCM Operation Coordination Results
     Log    Requesting the retrieve of a finished coordination task 
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/lcmcoord/${apiMajorVersion}/coordinations/${Id_of_Finished_Coordination_Action}
@@ -55,7 +59,8 @@ GET Individual LCM Operation Coordination Results
 
 GET Individual LCM Operation Coordination Results of Ongoing Coordination Action
     Log    Requesting the retrieve of an ongoing coordination task
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/lcmcoord/${apiMajorVersion}/coordinations/${Id_of_Ongoing_Coordination_Action}
@@ -64,7 +69,8 @@ GET Individual LCM Operation Coordination Results of Ongoing Coordination Action
 
 GET Individual LCM Operation Coordination Results - without authentication
     Log    Requesting to retrieve a finished coordination task without authentication
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
     GET    ${apiRoot}/lcmcoord/${apiMajorVersion}/coordinations/${coordinationId}
     ${outputResponse}=    Output    response
@@ -72,7 +78,8 @@ GET Individual LCM Operation Coordination Results - without authentication
 
 PUT Individual LCM Operation Coordination Results
     Log    Trying to perform a PUT. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     PUT    ${apiRoot}/lcmcoord/${apiMajorVersion}/coordinations/${coordinationId}
@@ -81,7 +88,8 @@ PUT Individual LCM Operation Coordination Results
 
 PATCH Individual LCM Operation Coordination Results
     Log    Trying to perform a PATCH. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     PATCH    ${apiRoot}/lcmcoord/${apiMajorVersion}/coordinations/${coordinationId}
@@ -90,7 +98,8 @@ PATCH Individual LCM Operation Coordination Results
 
 DELETE Individual LCM Operation Coordination Results
     Log    Trying to perform a DELETE. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     DELETE    ${apiRoot}/lcmcoord/${apiMajorVersion}/coordinations/${coordinationId}
@@ -99,7 +108,8 @@ DELETE Individual LCM Operation Coordination Results
 
 POST Cancellation of an Ongoing Individual Coordination Action
     Log    Trying to initiates the cancellation of an ongoing coordination action.
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     POST    ${apiRoot}/lcmcoord/${apiMajorVersion}/coordinations/${Id_of_Ongoing_Coordination_Action}/cancel
@@ -108,7 +118,8 @@ POST Cancellation of an Ongoing Individual Coordination Action
 
 POST Cancellation of an Ongoing Individual Coordination Action - Conflict
     Log    Trying to initiates the cancellation of an ongoing coordination action.
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     POST    ${apiRoot}/lcmcoord/${apiMajorVersion}/coordinations/${Id_of_Finished_Coordination_Action}/cancel
@@ -118,6 +129,7 @@ POST Cancellation of an Ongoing Individual Coordination Action - Conflict
 POST Cancellation of an Ongoing Individual Coordination Action without authorization token
     Log    Requesting the cancellation of an ongoing coordination task without authorization
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
     POST    ${apiRoot}/${apiName}/${apiMajorVersion}/coordinations/${Id_of_Ongoing_Coordination_Action}/cancel
     ${output}=    Output    response
@@ -125,7 +137,8 @@ POST Cancellation of an Ongoing Individual Coordination Action without authoriza
 
 GET Cancellation of an Ongoing Individual Coordination Action
     Log    Trying to perform a GET. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/lcmcoord/${apiMajorVersion}/coordinations/${coordinationId}/cancel
@@ -134,7 +147,8 @@ GET Cancellation of an Ongoing Individual Coordination Action
 
 PUT Cancellation of an Ongoing Individual Coordination Action
     Log    Trying to perform a PUT. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     PUT    ${apiRoot}/lcmcoord/${apiMajorVersion}/coordinations/${coordinationId}/cancel
@@ -143,7 +157,8 @@ PUT Cancellation of an Ongoing Individual Coordination Action
 
 PATCH Cancellation of an Ongoing Individual Coordination Action
     Log    Trying to perform a PATCH. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     PATCH    ${apiRoot}/lcmcoord/${apiMajorVersion}/coordinations/${coordinationId}/cancel
@@ -152,7 +167,8 @@ PATCH Cancellation of an Ongoing Individual Coordination Action
 
 DELETE Cancellation of an Ongoing Individual Coordination Action
     Log    Trying to perform a DELETE. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     DELETE    ${apiRoot}/lcmcoord/${apiMajorVersion}/coordinations/${coordinationId}/cancel
@@ -171,7 +187,8 @@ Check HTTP Location Header Contains URI of Resource That Will be Created
 Post coordination of LCM operation Occurance and API Producer has Chosen Synchronous Mode
     Pass Execution If    ${SYNCHRONOUS_MODE_SUPPORT} == 0    The API producer is in Asynchronous Mode. Skipping the test.
     Log    Create coordination action by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/coordinations
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template} =    Get File    jsons/LcmCoordRequest.json
@@ -183,7 +200,8 @@ Post coordination of LCM operation Occurance and API Producer has Chosen Synchro
 Post coordination of LCM operation Occurance and API Producer has Chosen Asynchronous Mode
     Pass Execution If    ${SYNCHRONOUS_MODE_SUPPORT} == 1    The API producer is in Synchronous Mode. Skipping the test.
     Log    Create coordination action by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/coordinations
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template} =    Get File    jsons/LcmCoordRequest.json
@@ -195,7 +213,8 @@ Post coordination of LCM operation Occurance and API Producer has Chosen Asynchr
 Post coordination of LCM operation Occurance and API Producer has Chosen Synchronous Mode - Service Unavailable
     Pass Execution If    ${SYNCHRONOUS_MODE_SUPPORT} == 0    The API producer is in Asynchronous Mode. Skipping the test.
     Log    Create coordination action by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/coordinations
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template} =    Get File    jsons/LcmCoordRequest.json
@@ -207,7 +226,8 @@ Post coordination of LCM operation Occurance and API Producer has Chosen Synchro
 Post coordination of LCM operation Occurance - conflict
     Log    Create coordination action by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/coordinations
     Log    Requesting a new coordination task for an LCM Operation occurrence not in PROCESSING state
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template} =    Get File    jsons/LcmCoordRequest.json
@@ -219,6 +239,7 @@ Post coordination of LCM operation Occurance - conflict
 Post Request for coordination of an LCM operation occurrence without authorization token
     Log    Requesting a new coordination task for an LCM Operation occurrence without authorization token
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
     ${body}=    Get File    jsons/LcmCoordRequest.json
     POST    ${apiRoot}/${apiName}/${apiMajorVersion}/coordinations    ${body}
@@ -228,7 +249,8 @@ Post Request for coordination of an LCM operation occurrence without authorizati
 Post coordination of LCM operation Occurance is Forbidden
     Log    Create coordination action by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/coordinations
     Log    The coordination action request should be rejected	
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${INSUFFICIENT_AUTHORIZATION_TOKEN}"}
     ${template} =    Get File    jsons/LcmCoordRequest.json
@@ -239,7 +261,8 @@ Post coordination of LCM operation Occurance is Forbidden
 
 GET coordination of LCM operation Occurance	
     Log    Trying to perform a GET. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/coordinations
@@ -248,7 +271,8 @@ GET coordination of LCM operation Occurance
 
 PUT coordination of LCM operation Occurance	
     Log    Trying to perform a PUT. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     PUT    ${apiRoot}/${apiName}/${apiMajorVersion}/coordinations
@@ -257,7 +281,8 @@ PUT coordination of LCM operation Occurance
 
 PATCH coordination of LCM operation Occurance	
     Log    Trying to perform a PATCH. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     PATCH    ${apiRoot}/${apiName}/${apiMajorVersion}/coordinations
@@ -266,7 +291,8 @@ PATCH coordination of LCM operation Occurance
 
 DELETE coordination of LCM operation Occurance	
     Log    Trying to perform a DELETE. This method should not be implemented
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     DELETE    ${apiRoot}/${apiName}/${apiMajorVersion}/coordinations
@@ -274,71 +300,157 @@ DELETE coordination of LCM operation Occurance
 	Set Suite Variable    ${response}    ${outputResponse} 
 
 POST API Version
-    Set Headers    {"Accept":"${ACCEPT_JSON}"} 
+    Set Headers    {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Post    ${apiRoot}/${apiName}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 GET API Version
-    Set Headers    {"Accept":"${ACCEPT_JSON}"} 
+    Set Headers    {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 PUT API Version
-    Set Headers    {"Accept":"${ACCEPT_JSON}"} 
+    Set Headers    {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Put    ${apiRoot}/${apiName}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 PATCH API Version
-    Set Headers    {"Accept":"${ACCEPT_JSON}"} 
+    Set Headers    {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Patch    ${apiRoot}/${apiName}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 DELETE API Version
-    Set Headers    {"Accept":"${ACCEPT_JSON}"} 
+    Set Headers    {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 POST API Version with apiMajorVersion
-    Set Headers    {"Accept":"${ACCEPT_JSON}"} 
+    Set Headers    {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 GET API Version with apiMajorVersion
-    Set Headers    {"Accept":"${ACCEPT_JSON}"} 
+    Set Headers    {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 PUT API Version with apiMajorVersion
-    Set Headers    {"Accept":"${ACCEPT_JSON}"} 
+    Set Headers    {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Put    ${apiRoot}/${apiName}/${apiMajorVersion}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 PATCH API Version with apiMajorVersion
-    Set Headers    {"Accept":"${ACCEPT_JSON}"} 
+    Set Headers    {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 DELETE API Version with apiMajorVersion
-    Set Headers    {"Accept":"${ACCEPT_JSON}"} 
+    Set Headers    {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/api_versions
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse} 
\ No newline at end of file
+	Set Global Variable    ${response}    ${outputResponse} 
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded}
+Post coordination of LCM operation Occurance and API Producer has Chosen Synchronous Mode with permitted authorization scope
+    Pass Execution If    ${SYNCHRONOUS_MODE_SUPPORT} == 0    The API producer is in Asynchronous Mode. Skipping the test.
+    Log    Create coordination action by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/coordinations with permitted authorization scope
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${LCMCOORDINATION_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template} =    Get File    jsons/LcmCoordRequest.json
+    ${body}=    Format String    ${template}    vnfInstanceId=${vnfInstanceId}    vnfLcmOpOccId=${vnfLcmOpOccId}    lcmOperationType=${lcmOperationType}    coordinationActionName=${coordinationActionName}    vnfLcmOpOccHref=${vnfLcmOpOccHref}    vnfInstanceHref=${vnfInstanceHref}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/coordinations    ${body}
+    ${outputResponse}=    Output    response
+	Set Suite Variable    ${response}    ${outputResponse}
+Post coordination of LCM operation Occurance and API Producer has Chosen Synchronous Mode with not permitted authorization scope
+    Pass Execution If    ${SYNCHRONOUS_MODE_SUPPORT} == 0    The API producer is in Asynchronous Mode. Skipping the test.
+    Log    Create coordination action by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/coordinations with not permitted authorization scope
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template} =    Get File    jsons/LcmCoordRequest.json
+    ${body}=    Format String    ${template}    vnfInstanceId=${vnfInstanceId}    vnfLcmOpOccId=${vnfLcmOpOccId}    lcmOperationType=${lcmOperationType}    coordinationActionName=${coordinationActionName}    vnfLcmOpOccHref=${vnfLcmOpOccHref}    vnfInstanceHref=${vnfInstanceHref}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/coordinations    ${body}
+    ${outputResponse}=    Output    response
+	Set Suite Variable    ${response}    ${outputResponse}
+GET Individual LCM Operation Coordination Results with permitted authorization scope
+    Log    Requesting the retrieve of a finished coordination task with permitted authorization scope
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${LCMCOORDINATION_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/lcmcoord/${apiMajorVersion}/coordinations/${Id_of_Finished_Coordination_Action}
+    ${outputResponse}=    Output    response
+	Set Suite Variable    ${response}    ${outputResponse} 
+GET Individual LCM Operation Coordination Results with not permitted authorization scope
+    Log    Requesting the retrieve of a finished coordination task with not permitted authorization scope
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/lcmcoord/${apiMajorVersion}/coordinations/${Id_of_Finished_Coordination_Action}
+    ${outputResponse}=    Output    response
+	Set Suite Variable    ${response}    ${outputResponse} 
+POST Cancellation of an Ongoing Individual Coordination Action with permitted authorization scope
+    Log    Trying to initiates the cancellation of an ongoing coordination action with permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${LCMCOORDINATION_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    POST    ${apiRoot}/lcmcoord/${apiMajorVersion}/coordinations/${Id_of_Ongoing_Coordination_Action}/cancel
+    ${outputResponse}=    Output    response
+	Set Suite Variable    ${response}    ${outputResponse}
+POST Cancellation of an Ongoing Individual Coordination Action with not permitted authorization scope
+    Log    Trying to initiates the cancellation of an ongoing coordination action with not permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    POST    ${apiRoot}/lcmcoord/${apiMajorVersion}/coordinations/${Id_of_Ongoing_Coordination_Action}/cancel
+    ${outputResponse}=    Output    response
+	Set Suite Variable    ${response}    ${outputResponse}
\ No newline at end of file
diff --git a/SOL002/VNFLCMCoordination-API/environment/variables.txt b/SOL002/VNFLCMCoordination-API/environment/variables.txt
index 74326462b8cff61c04550850e1e829f60526646c..25a5fc97701f7cdceb18d82cce43b0b055aec39a 100644
--- a/SOL002/VNFLCMCoordination-API/environment/variables.txt
+++ b/SOL002/VNFLCMCoordination-API/environment/variables.txt
@@ -12,6 +12,10 @@ ${EM-VNF_PORT}      8081    # Listening port of the NFVO
 ${EM-VNF_SCHEMA}    https
 ${CONTENT_TYPE_JSON}    application/json
 ${ACCEPT_JSON}         application/json
+${LCMCOORDINATION_SCOPE}    lcmcoord:v1:all
+${NEG_SCOPE}    lcmcoord:v1:invalid
+${OAUTH_Encryption_ALGORITHM}   HS256
+${API_VERSION}      1.12.0
 
 ${SYNCHRONOUS_MODE_SUPPORT}      1  #Set it to 0 if API producer supporting Asynchronous mode, and set it to 1 if API producer supporting Synchronous mode.
 
diff --git a/SOL002/VNFLifecycleManagement-API/ApiVersion.robot b/SOL002/VNFLifecycleManagement-API/ApiVersion.robot
index 00c056ed261e0d476b9a2ea478d291d3dd886e10..f2fe3aa32a7ac846aa2b9ec8244942ead0e31c5c 100644
--- a/SOL002/VNFLifecycleManagement-API/ApiVersion.robot
+++ b/SOL002/VNFLifecycleManagement-API/ApiVersion.robot
@@ -130,70 +130,80 @@ DELETE API Version with apiMajorVerion - Method not implemented
 
 *** Keywords ***
 POST API Version
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Post    ${apiRoot}/${apiName}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 GET API Version
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 PUT API Version
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Put    ${apiRoot}/${apiName}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 PATCH API Version
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Patch    ${apiRoot}/${apiName}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 DELETE API Version
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 POST API Version with apiMajorVersion
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 GET API Version with apiMajorVersion
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 PUT API Version with apiMajorVersion
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Put    ${apiRoot}/${apiName}/${apiMajorVersion}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 PATCH API Version with apiMajorVersion
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
 DELETE API Version with apiMajorVersion
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/api_versions
     ${outputResponse}=    Output    response
diff --git a/SOL002/VNFLifecycleManagement-API/CancelOperationTask.robot b/SOL002/VNFLifecycleManagement-API/CancelOperationTask.robot
index 6ce7c7c1263a4eb84b762d7ec17df7b8eb705841..e4fe77cf080129d0795ac6d5b3cf91d360e8df88 100644
--- a/SOL002/VNFLifecycleManagement-API/CancelOperationTask.robot
+++ b/SOL002/VNFLifecycleManagement-API/CancelOperationTask.robot
@@ -14,7 +14,7 @@ Post Cancel operation task
     ...    Test title: POST Cancel operation task
     ...    Test objective: The POST method initiates cancelling an ongoing VNF lifecycle operation while it is being executed or rolled back, i.e. the "VNF LCM operation occurrence" is either in "PROCESSING" or "ROLLING_BACK" state.
     ...    Pre-conditions: the "VNF LCM operation occurrence" is either in "PROCESSING" or "ROLLING_BACK" state.
-    ...    Reference: Clause 5.4.17.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.17.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: the resource is in FAILED_TEMP state    
@@ -27,7 +27,7 @@ Post Cancel operation task Conflict
     ...    Test title: POST Cancel operation task Conflict
     ...    Test objective: The POST method is NOT cancelling an ongoing VNF lifecycle operation due to the fact that the VNF instance resource is not in STARTING, PROCESSING or ROLLING_BACK state
     ...    Pre-conditions: operation is not in STARTING, PROCESSING or ROLLING_BACK state
-    ...    Reference: Clause 5.4.17.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.17.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none  
@@ -41,7 +41,7 @@ Post Cancel operation task Not Found
     ...    Test title: POST Cancel operation task
     ...    Test objective: The objective is to test that POST method cannot cancel a VNF lifecycle operation because the resource is not found
     ...    Pre-conditions: 
-    ...    Reference: Clause 5.4.17.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.17.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none  
@@ -54,7 +54,7 @@ GET Cancel operation task - Method not implemented
     ...    Test title: GET Cancel operation task - Method not implemented
     ...    Test objective: The objective is to test that GET method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.17.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.17.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -66,7 +66,7 @@ PUT Cancel operation task - Method not implemented
     ...    Test title: PUT Cancel operation task - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.17.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.17.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -78,7 +78,7 @@ PATCH Cancel operation task - Method not implemented
     ...    Test title: PATCH Cancel operation task - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.17.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.17.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -90,16 +90,41 @@ DELETE Cancel operation task - Method not implemented
     ...    Test title: DELETE Cancel operation task - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.17.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.17.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
     DELETE Cancel operation task
 	Check HTTP Response Status Code Is    405
+Post Cancel operation task with permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.16.8
+    ...    Test title: POST Cancel operation task with permitted authorization scope
+    ...    Test objective: The POST method initiates cancelling an ongoing VNF lifecycle operation while it is being executed or rolled back, i.e. the "VNF LCM operation occurrence" is either in "PROCESSING" or "ROLLING_BACK" state with permitted authorization scope
+    ...    Pre-conditions: the "VNF LCM operation occurrence" is either in "PROCESSING" or "ROLLING_BACK" state.
+    ...    Reference: Clause 5.4.17.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: the resource is in FAILED_TEMP state    
+    POST Cancel operation task with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check operation resource state is FAILED_TEMP
+Post Cancel operation task with not permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.16.9
+    ...    Test title: POST Cancel operation task with not permitted authorization scope
+    ...    Test objective: The POST method initiates cancelling an ongoing VNF lifecycle operation while it is being executed or rolled back, i.e. the "VNF LCM operation occurrence" is either in "PROCESSING" or "ROLLING_BACK" state with not permitted authorization scope
+    ...    Pre-conditions: the "VNF LCM operation occurrence" is either in "PROCESSING" or "ROLLING_BACK" state.
+    ...    Reference: Clause 5.4.17.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: the resource is in FAILED_TEMP state    
+    POST Cancel operation task with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
 
 *** Keywords ***
 Check resource existence
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}
     Integer    response status    200
\ No newline at end of file
diff --git a/SOL002/VNFLifecycleManagement-API/ChangeCurrentVNFPackageTask.robot b/SOL002/VNFLifecycleManagement-API/ChangeCurrentVNFPackageTask.robot
index 918c3f54b557a52070519cce479c18f20eb79992..459a4906d45cd3e746be13d6cb3142a75e2bffbc 100644
--- a/SOL002/VNFLifecycleManagement-API/ChangeCurrentVNFPackageTask.robot
+++ b/SOL002/VNFLifecycleManagement-API/ChangeCurrentVNFPackageTask.robot
@@ -13,7 +13,7 @@ POST Change current VNF Package Task
     ...    Test title: POST Change current VNF Package Task
     ...    Test objective: The objective is to test that the POST method changes the current VNF package on which the VNF instance is based.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.11a.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.11a.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: in response header Location shall not be null         
@@ -26,7 +26,7 @@ POST Change current VNF Package Task - Conflict
     ...    Test title: POST Change current VNF Package Task - Conflict
     ...    Test objective: The objective is to test that the POST method cannot change the current VNF package task when another lifecycle management operation is ongoing. 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.11a.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.11a.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: There is another lifecycle management operation ongoing.
     ...    Post-Conditions: none
@@ -39,7 +39,7 @@ GET Change current VNF Package Task - Method not implemented
     ...    Test title: GET Change current VNF Package Task - Method not implemented
     ...    Test objective: The objective is to test that GET method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.11a.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.11a.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -51,7 +51,7 @@ PUT Change current VNF Package Task - Method not implemented
     ...    Test title: PUT Change current VNF Package Task - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.11a.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.11a.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -63,7 +63,7 @@ PATCH Change current VNF Package Task - Method not implemented
     ...    Test title: PATCH Change current VNF Package Task - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.11a.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.11a.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -75,16 +75,41 @@ DELETE Change current VNF Package Task - Method not implemented
     ...    Test title: DELETE Change current VNF Package Task - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.11a.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.11a.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
     DELETE Change Current VNF Package Task
     Check HTTP Response Status Code Is    405
+POST Change current VNF Package Task with permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.22.7
+    ...    Test title: POST Change current VNF Package Task with permitted authorization scope
+    ...    Test objective: The objective is to test that the POST method changes the current VNF package on which the VNF instance is based with permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.11a.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: in response header Location shall not be null         
+    POST Change Current VNF Package Task with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check Operation Occurrence Id
+POST Change current VNF Package Task with not permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.22.8
+    ...    Test title: POST Change current VNF Package Task with not permitted authorization scope
+    ...    Test objective: The objective is to test that the POST method changes the current VNF package on which the VNF instance is based with not permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.11a.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: in response header Location shall not be null         
+    POST Change Current VNF Package Task with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
 
 *** Keywords ***
 Check resource existence
-    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId} 
diff --git a/SOL002/VNFLifecycleManagement-API/ChangeExternalVNFConnectivityTask.robot b/SOL002/VNFLifecycleManagement-API/ChangeExternalVNFConnectivityTask.robot
index 4ea112541ad6e2d99fc8184a3663113a8002cada..484c2a3f4de1facf919a8777e242122ed635ac98 100644
--- a/SOL002/VNFLifecycleManagement-API/ChangeExternalVNFConnectivityTask.robot
+++ b/SOL002/VNFLifecycleManagement-API/ChangeExternalVNFConnectivityTask.robot
@@ -13,7 +13,7 @@ POST Change external VNF connectivity
     ...    Test title: POST Change external VNF connectivity
     ...    Test objective: The objective is to test that POST method triggers a change in VNF external connectivity
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.11.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.11.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: in response header Location shall not be null         
@@ -26,7 +26,7 @@ GET Change external VNF connectivity - Method not implemented
     ...    Test title: GET Change external VNF connectivity - Method not implemented
     ...    Test objective: The objective is to test that GET method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.11.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.11.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -38,7 +38,7 @@ PUT Change external VNF connectivity - Method not implemented
     ...    Test title: PUT Change external VNF connectivity - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.11.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.11.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -50,7 +50,7 @@ PATCH Change external VNF connectivity - Method not implemented
     ...    Test title: PATCH Change external VNF connectivity - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.11.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.11.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -62,7 +62,7 @@ DELETE Change external VNF connectivity - Method not implemented
     ...    Test title: DELETE Change external VNF connectivity - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.11.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.11.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -74,17 +74,42 @@ POST Change external VNF connectivity Conflict
     ...    Test title: POST Change external VNF connectivity Conflict
     ...    Test objective: The objective is to test that the operation cannot be executed currently, due to a conflict with the state of the VNF instance resource or that a required child attribute of the "extensions" attribue has not been set. 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.11.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.11.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
     POST Change External VNF Connectivity
     Check HTTP Response Status Code Is    409
     Check HTTP Response Body Json Schema Is    ProblemDetails 
+POST Change external VNF connectivity with permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.10.7
+    ...    Test title: POST Change external VNF connectivity with permitted authorization value
+    ...    Test objective: The objective is to test that POST method triggers a change in VNF external connectivity with the permitted authorization value
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.11.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: in response header Location shall not be null         
+    POST Change External VNF Connectivity with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check Operation Occurrence Id
+POST Change external VNF connectivity with not permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.10.8
+    ...    Test title: POST Change external VNF connectivity with not permitted authorization value
+    ...    Test objective: The objective is to test that POST method triggers a change in VNF external connectivity with not permitted authorization value
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.11.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: in response header Location shall not be null         
+    POST Change External VNF Connectivity with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
 
 *** Keywords ***
 Check resource existence
-    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId} 
diff --git a/SOL002/VNFLifecycleManagement-API/ChangeVNFFlavourTask.robot b/SOL002/VNFLifecycleManagement-API/ChangeVNFFlavourTask.robot
index 335bd10303dddd57869ef657229f099bb2dfb62c..def3f569132cf2a5bacdec4c6812876745be7cd6 100644
--- a/SOL002/VNFLifecycleManagement-API/ChangeVNFFlavourTask.robot
+++ b/SOL002/VNFLifecycleManagement-API/ChangeVNFFlavourTask.robot
@@ -13,7 +13,7 @@ POST Change deployment flavour of a vnfInstance
     ...    Test title: POST Change deployment flavour of a vnfInstance
     ...    Test objective: The objective is to test that POST method trigger a change in VNF deployment flavour
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.7.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.7.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: in response header Location shall not be null  
@@ -26,7 +26,7 @@ POST Change deployment flavour of a vnfInstance Conflict (Not-Instantiated)
     ...    Test title: POST Change deployment flavour of a vnfInstance Conflict (Not-Instantiated)
     ...    Test objective: The objective is to test that POST method cannot trigger a change in VNF deployment flavour because of a conflict with the state of the VNF instance resource or that a required child attribute of the "extensions" attribue has not been set. 
     ...    Pre-conditions: VNF instance resource is not in NOT-INSTANTIATED state
-    ...    Reference: Clause 5.4.7.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.7.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none  
@@ -39,7 +39,7 @@ POST Change deployment flavour of a vnfInstance Not Found
     ...    Test title: POST Change deployment flavour of a vnfInstance Not Found
     ...    Test objective: The objective is to test that POST method cannot trigger a change in VNF deployment flavour because the VNF instance resource is not found. 
     ...    Pre-conditions: VNF instance resource is not in NOT-INSTANTIATED state
-    ...    Reference: Clause 5.4.7.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.7.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none  
@@ -52,7 +52,7 @@ GET Change deployment flavour VNFInstance - Method not implemented
     ...    Test title: GET Change deployment flavour VNFInstance - Method not implemented
     ...    Test objective: The objective is to test that GET method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.7.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.7.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -64,7 +64,7 @@ PUT Change deployment flavour VNFInstance - Method not implemented
     ...    Test title: PUT Change deployment flavour VNFInstance - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.7.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.7.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -76,7 +76,7 @@ PATCH Change deployment flavour VNFInstance - Method not implemented
     ...    Test title: PATCH Change deployment flavour VNFInstance - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.7.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.7.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -88,16 +88,42 @@ DELETE Change deployment flavour VNFInstance - Method not implemented
     ...    Test title: DELETE Change deployment flavour VNFInstance - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.7.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.7.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
     DELETE Change VNF deployment flavour   
     Check HTTP Response Status Code Is    405
+POST Change deployment flavour of a vnfInstance with permited authorization scope
+    [Documentation]    Test ID: 6.3.5.6.8
+    ...    Test title: POST Change deployment flavour of a vnfInstance with permited authorization scope
+    ...    Test objective: The objective is to test that POST method trigger a change in VNF deployment flavour with permited authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.7.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: in response header Location shall not be null  
+    POST Change VNF deployment flavour with permited authorization scope
+    Check HTTP Response Status Code Is    202
+    Check Operation Occurrence Id
+
+POST Change deployment flavour of a vnfInstance with not permited authorization scope
+    [Documentation]    Test ID: 6.3.5.6.9
+    ...    Test title: POST Change deployment flavour of a vnfInstance with not permited authorization scope
+    ...    Test objective: The objective is to test that POST method trigger a change in VNF deployment flavour with not permited authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.7.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: in response header Location shall not be null  
+    POST Change VNF deployment flavour with not permited authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
 
 *** Keywords ***
 Check resource existence
-    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId} 
diff --git a/SOL002/VNFLifecycleManagement-API/CreateVNFSnapshotTask.robot b/SOL002/VNFLifecycleManagement-API/CreateVNFSnapshotTask.robot
index 4a4b644c20ea0c68abbf190a20ff4ed153dc075f..39f6239a4df4901fefda298dd3cd5821add0dd2f 100644
--- a/SOL002/VNFLifecycleManagement-API/CreateVNFSnapshotTask.robot
+++ b/SOL002/VNFLifecycleManagement-API/CreateVNFSnapshotTask.robot
@@ -13,7 +13,7 @@ POST Create VNF Snapshot Task
     ...    Test title: POST Create VNF Snapshot Task
     ...    Test objective: The objective is to test that POST method requests taking a snapshot of a VNF instance.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.21.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.21.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: in response header Location shall not be null         
@@ -26,7 +26,7 @@ POST Create VNF Snapshot Task - NOT FOUND
     ...    Test title: POST Create VNF Snapshot Task - NOT FOUND
     ...    Test objective: The objective is to test that the POST method cannot request for a snapshot if the task is not supported for the VNF instance represented by the parent resource. 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.21.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.21.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: Task is not supported for the VNF instance represented by the parent resource.
     ...    Post-Conditions: none
@@ -39,7 +39,7 @@ POST Create VNF Snapshot Task - CONFLICT
     ...    Test title: POST Create VNF Snapshot Task - CONFLICT
     ...    Test objective: The objective is to test that the POST method cannot request for a snapshot when the VNF instance is in NOT_INSTANTIATED state. 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.21.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.21.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: VNF instance is in NOT_INSTANTIATED state.
     ...    Post-Conditions: none
@@ -52,7 +52,7 @@ POST Create VNF Snapshot Task - UNPROCESSABLE CONTENT
     ...    Test title: POST Create VNF Snapshot Task - UNPROCESSABLE CONTENT
     ...    Test objective: The objective is to test that the POST method cannot request for a snapshot when the provided identifier of the target "Individual VNF snapshot" resource for the VNF snapshot is invalid. 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.21.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.21.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: The identifier of the target "Individual VNF snapshot" resource for the VNF snapshot is invalid.
     ...    Post-Conditions: none
@@ -65,7 +65,7 @@ GET Create VNF Snapshot Task - Method not implemented
     ...    Test title: GET Create VNF Snapshot Task - Method not implemented
     ...    Test objective: The objective is to test that GET method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.21.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.21.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -77,7 +77,7 @@ PUT Create VNF Snapshot Task - Method not implemented
     ...    Test title: PUT Create VNF Snapshot Task - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.21.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.21.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -89,7 +89,7 @@ PATCH Create VNF Snapshot Task - Method not implemented
     ...    Test title: PATCH Create VNF Snapshot Task - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.21.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.21.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -101,16 +101,41 @@ DELETE Create VNF Snapshot Task - Method not implemented
     ...    Test title: DELETE Create VNF Snapshot Task - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.21.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.21.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
     DELETE Create VNF Snapshot Task
     Check HTTP Response Status Code Is    405
+POST Create VNF Snapshot Task with permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.23.9
+    ...    Test title: POST Create VNF Snapshot Task with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method requests taking a snapshot of a VNF instance with permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.21.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: in response header Location shall not be null         
+    POST Create VNF Snapshot Task with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check Operation Occurrence Id
+POST Create VNF Snapshot Task with not permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.23.10
+    ...    Test title: POST Create VNF Snapshot Task with not permitted authorization scope
+    ...    Test objective: The objective is to test that POST method requests taking a snapshot of a VNF instance with not permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.21.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: in response header Location shall not be null         
+    POST Create VNF Snapshot Task with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
 
 *** Keywords ***
 Check resource existence
-    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId} 
diff --git a/SOL002/VNFLifecycleManagement-API/FailOperationTask.robot b/SOL002/VNFLifecycleManagement-API/FailOperationTask.robot
index 839a3513ef6067e17683e03ef301654a98d09782..1867bc63189429eeea2083e98b94af4c5bf86176 100644
--- a/SOL002/VNFLifecycleManagement-API/FailOperationTask.robot
+++ b/SOL002/VNFLifecycleManagement-API/FailOperationTask.robot
@@ -12,7 +12,7 @@ POST Fail operation task
     ...    Test title: POST Fail operation task
     ...    Test objective: The objective is to test that POST method mark as "finally failed" a VNF lifecycle operation if that operation has experienced a failure
     ...    Pre-conditions: the "VNF LCM operation occurrence" resource is in "FAILED_TEMP" state.
-    ...    Reference: Clause 5.4.16.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.16.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -26,7 +26,7 @@ POST Fail operation task Conflict (Not-FAILED_TEMP)
     ...    Test title: POST Fail operation task Conflict (Not-FAILED_TEMP)
     ...    Test objective: The objective is to test that POST method cannot mark as "finally failed" due to confilct with the state of LCM Operation Occurrence
     ...    Pre-conditions: the "VNF LCM operation occurrence" resource is not in "FAILED_TEMP" state.
-    ...    Reference: Clause 5.4.16.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.16.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none     
@@ -39,7 +39,7 @@ POST Fail operation task Not Found
     ...    Test title: POST Fail operation task Not Found
     ...    Test objective: The objective is to test that POST method cannot mark as "finally failed" a VNF lifecycle operation because the operation is not supported
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.16.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.16.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none  
@@ -52,7 +52,7 @@ GET Fail operation task - Method not implemented
     ...    Test title: GET Fail operation task- Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.16.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.16.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -64,7 +64,7 @@ PUT Fail operation task - Method not implemented
     ...    Test title: PUT Fail operation task- Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.16.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.16.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -76,7 +76,7 @@ PATCH Fail operation task - Method not implemented
     ...    Test title: PATCH Fail operation task - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.16.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.16.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -88,9 +88,34 @@ DELETE Fail operation task - Method not implemented
     ...    Test title: DELETE Fail operation task- Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.16.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.16.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
     Delete Fail operation
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+POST Fail operation task with permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.15.8
+    ...    Test title: POST Fail operation task with permitted authorization scope with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method mark as "finally failed" a VNF lifecycle operation if that operation has experienced a failure with permitted authorization scope
+    ...    Pre-conditions: the "VNF LCM operation occurrence" resource is in "FAILED_TEMP" state.
+    ...    Reference: Clause 5.4.16.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: none 
+    Post Fail operation with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check Operation Occurrence Id
+    Check operation resource state is FINALLY_FAILED
+POST Fail operation task with not permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.15.9
+    ...    Test title: POST Fail operation task with permitted authorization scope with not permitted authorization scope
+    ...    Test objective: The objective is to test that POST method mark as "finally failed" a VNF lifecycle operation if that operation has experienced a failure with not permitted authorization scope
+    ...    Pre-conditions: the "VNF LCM operation occurrence" resource is in "FAILED_TEMP" state.
+    ...    Reference: Clause 5.4.16.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: none 
+    Post Fail operation with permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
diff --git a/SOL002/VNFLifecycleManagement-API/HealVNFTask.robot b/SOL002/VNFLifecycleManagement-API/HealVNFTask.robot
index aa22bef90ab19f7f578d3b4b275eafa5a9fdaa41..01bd06e9b1c1989d3b1d450c198950330a2b3cc8 100644
--- a/SOL002/VNFLifecycleManagement-API/HealVNFTask.robot
+++ b/SOL002/VNFLifecycleManagement-API/HealVNFTask.robot
@@ -13,7 +13,7 @@ POST Heal a vnfInstance
     ...    Test title: POST Heal a vnfInstance
     ...    Test objective: The objective is to test that POST method heal a VNF instance
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.9.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.9.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -26,7 +26,7 @@ POST Heal a vnfInstance Conflict (Not-Instantiated)
     ...    Test title: POST Heal a vnfInstance (Not-Instantiated)
     ...    Test objective: The objective is to test that the operation cannot be executed currently, due to a conflict with the state of the VNF instance resource or that a required child attribute of the "extensions" attribue has not been set. 
     ...    Pre-conditions: the VNF instance resource is in NOT-INSTANTIATED state
-    ...    Reference: Clause 5.4.9.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.9.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -40,7 +40,7 @@ POST Heal a vnfInstance Not Found
     ...    Test title: POST Heal a vnfInstance Not Found
     ...    Test objective: The objective is to test that the operation cannot be executed because the VNF instance resource is not found. 
     ...    Pre-conditions: the VNF instance resource is not existing
-    ...    Reference: Clause 5.4.9.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.9.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -53,7 +53,7 @@ GET Heal VNFInstance - Method not implemented
     ...    Test title: GET Heal a vnfInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.9.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.9.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -65,7 +65,7 @@ PUT Heal VNFInstance - Method not implemented
     ...    Test title: PUT Heal a vnfInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.9.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.9.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -77,7 +77,7 @@ PATCH Heal VNFInstance - Method not implemented
     ...    Test title: PATCH Heal a vnfInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.9.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.9.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -89,16 +89,41 @@ DELETE Heal VNFInstance - Method not implemented
     ...    Test title: DELETE Heal a vnfInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.9.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.9.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE Heal VNF  
     Check HTTP Response Status Code Is    405
+POST Heal a vnfInstance with permitted authorization scope
+     [Documentation]    Test ID: 6.3.5.8.8
+    ...    Test title: POST Heal a vnfInstance with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method heal a VNF instance with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.9.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Heal VNF with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check Operation Occurrence Id
+POST Heal a vnfInstance with not permitted authorization scope
+     [Documentation]    Test ID: 6.3.5.8.9
+    ...    Test title: POST Heal a vnfInstance with not permitted authorization scope
+    ...    Test objective: The objective is to test that POST method heal a VNF instance with not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.9.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Heal VNF with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
 
 *** Keywords ***
 Check resource existence
-    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId} 
diff --git a/SOL002/VNFLifecycleManagement-API/IndividualSubscription.robot b/SOL002/VNFLifecycleManagement-API/IndividualSubscription.robot
index 8583c4a1f99efce986abb8bca2d95b25922870a0..3b0d668bbd3834a9180bc50bc294c8cd17f7fa49 100644
--- a/SOL002/VNFLifecycleManagement-API/IndividualSubscription.robot
+++ b/SOL002/VNFLifecycleManagement-API/IndividualSubscription.robot
@@ -11,7 +11,7 @@ POST Individual Subscription - Method not implemented
     ...    Test title: POST Individual Subscription - Method not implemented
     ...    Test objective: The objective is to test that the method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.19.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.19.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -23,7 +23,7 @@ GET Individual Subscription
     ...    Test title: GET Individual Subscription
     ...    Test objective: The objective is to test the Get individual subscription
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.19.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.19.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -36,7 +36,7 @@ PUT an individual subscription - Method not implemented
     ...    Test title: PUT Individual Subscription - Method not implemented
     ...    Test objective: The objective is to test that the method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.19.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.19.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -48,7 +48,7 @@ PATCH an individual subscription - Method not implemented
     ...    Test title: PATCH Individual Subscription - Method not implemented
     ...    Test objective: The objective is to test that the method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.19.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.19.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -60,9 +60,33 @@ DELETE an individual subscription
     ...    Test title: DELETE Individual Subscription
     ...    Test objective: The objective is to test that the DELETE method removes an individual subscription
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.19.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.19.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
     Delete Individual subscription
-	Check HTTP Response Status Code Is    204
\ No newline at end of file
+	Check HTTP Response Status Code Is    204
+GET Individual Subscription with permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.18.6
+    ...    Test title: GET Individual Subscription with permitted authorization scope
+    ...    Test objective: The objective is to test the Get individual subscription with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.19.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: none 
+    Get Individual subscription with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    Subscription
+GET Individual Subscription with not permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.18.7
+    ...    Test title: GET Individual Subscription with not permitted authorization scope
+    ...    Test objective: The objective is to test the Get individual subscription with not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.19.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: none 
+    Get Individual subscription with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
\ No newline at end of file
diff --git a/SOL002/VNFLifecycleManagement-API/IndividualVNFInstance.robot b/SOL002/VNFLifecycleManagement-API/IndividualVNFInstance.robot
index 13d232bc7cec116150fee3837bb7241d625394f6..26dd5cbc0c03baa39f9cc26345ea75f7876691f5 100644
--- a/SOL002/VNFLifecycleManagement-API/IndividualVNFInstance.robot
+++ b/SOL002/VNFLifecycleManagement-API/IndividualVNFInstance.robot
@@ -18,7 +18,7 @@ POST Individual VNFInstance - Method not implemented
     ...    Test title: POST Individual VNFInstance - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.3.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.3.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -30,7 +30,7 @@ GET Information about an individual VNF Instance
     ...    Test title: GET Information about an individual VNF Instance
     ...    Test objective: The objective is to create a new VNF instance resource
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -45,7 +45,7 @@ PUT Individual VNFInstance - Method not implemented
     ...    Test title: PUT Individual VNFInstance - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.3.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.3.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: VNF instance not modified
@@ -57,7 +57,7 @@ PATCH Individual VNFInstance
     ...    Test title: PATCH Individual VNFInstance
     ...    Test objective: This method modifies an individual VNF instance resource
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.3.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.3.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: VNF instance modified
@@ -70,7 +70,7 @@ PATCH Individual VNFInstance Precondition failed
     ...    Test title: PATCH Individual VNFInstance Precondition failed
     ...    Test objective: The objective is to that the modification of individual VNFInstance fails because precondition given in an HTTP request header is not fulfilled. Typically, this is due to an ETag mismatch, indicating that the resource was modified by another entity.
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.3.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.3.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -83,7 +83,7 @@ PATCH Individual VNFInstance Conflict
     ...    Test title: PATCH Individual VNFInstance Conflict
     ...    Test objective: The objective is to verify that modification operation cannot be executed currently, due to a conflict with the state of the VNF instance resource because another LCM Operation is ongoing. 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.3.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.3.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -96,7 +96,7 @@ DELETE Individual VNFInstance
     ...    Test title: DELETE Individual VNFInstance
     ...    Test objective: The objective is to delete a VNF instance
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.3.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.3.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: VNF instance deleted
@@ -108,10 +108,37 @@ DELETE Individual VNFInstance Conflict
     ...    Test title: DELETE Individual VNFInstance Conflict
     ...    Test objective: The objective is to verify that The operation cannot be executed currently, due to a conflict with the state of the VNF instance resource.
     ...    Pre-conditions: VNF instance resource is in INSTANTIATED state
-    ...    Reference: Clause 5.4.3.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.3.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE individual vnfInstance
     Check HTTP Response Status Code Is    409
-    Check HTTP Response Body Json Schema Is    ProblemDetails
\ No newline at end of file
+    Check HTTP Response Body Json Schema Is    ProblemDetails
+GET Information about an individual VNF Instance with permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.2.9
+    ...    Test title: GET Information about an individual VNF Instance with permitted authorization scope
+    ...    Test objective: The objective is to create a new VNF instance resource with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET individual vnfInstance with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Header Contains ETag and Last-Modified
+    Check HTTP Response Body Json Schema Is    vnfInstance
+    Check HTTP Response Body vnfInstance content against VNF Descriptor
+GET Information about an individual VNF Instance with permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.2.10
+    ...    Test title: GET Information about an individual VNF Instance with not permitted authorization scope
+    ...    Test objective: The objective is to create a new VNF instance resource with not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET individual vnfInstance with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
+    
\ No newline at end of file
diff --git a/SOL002/VNFLifecycleManagement-API/IndividualVNFSnapshot.robot b/SOL002/VNFLifecycleManagement-API/IndividualVNFSnapshot.robot
index a461d3f2c35abdd7e5023f76f4140e67559a7a06..8c01fa0d1e522d84906aa07d1ed94770ef89ab91 100644
--- a/SOL002/VNFLifecycleManagement-API/IndividualVNFSnapshot.robot
+++ b/SOL002/VNFLifecycleManagement-API/IndividualVNFSnapshot.robot
@@ -8,7 +8,7 @@ POST Individual VNF Snapshot - Method not implemented
     ...    Test title: POST Individual VNF Snapshot - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.24.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.24.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -20,7 +20,7 @@ GET Information about an individual VNF Snapshot - SUCCESSFUL
     ...    Test title: GET Information about an individual VNF Snapshot - SUCCESSFUL
     ...    Test objective: The objective is to GET information about an individual VNF Snapshot
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.24.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.24.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -33,7 +33,7 @@ GET Information about an individual VNF Snapshot - NOT FOUND
     ...    Test title: GET Information about an individual VNF Snapshot - NOT FOUND
     ...    Test objective: The objective is to test that the retrieval of individual VNF Snapshot fails when using an invalid resource identifier.
     ...    Pre-conditions: At least one individual VNF Snapshot is available in the NFV-MANO.
-    ...    Reference: Clause 5.4.24.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.24.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -46,7 +46,7 @@ PUT Individual VNF Snapshot - Method not implemented
     ...    Test title: PUT Individual VNF Snapshot - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.24.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.24.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: VNF Snapshot not modified
@@ -58,7 +58,7 @@ PATCH Individual VNF Snapshot - Method not implemented
     ...    Test title: PATCH Individual VNF Snapshot - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.24.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.24.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -70,7 +70,7 @@ DELETE Individual VNF Snapshot
     ...    Test title: DELETE Individual VNF Snapshot
     ...    Test objective: The objective is to delete a VNF Snapshot
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.24.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.24.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: VNF Snapshot deleted
@@ -82,10 +82,34 @@ DELETE Individual VNF Snapshot - Conflict
     ...    Test title: DELETE Individual VNF Snapshot Conflict
     ...    Test objective: The objective is to verify that The operation cannot be executed currently, due to a conflict with the state of the VNF Snapshot resource.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.24.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.24.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: VNF snapshot is in use by some operation such as reverting a VNF instance to a VNF snapshot or creating a VNF snapshot package.
     ...    Post-Conditions: none
     DELETE individual VNF Snapshot - CONFLICT
     Check HTTP Response Status Code Is    409
+    Check HTTP Response Body Json Schema Is    ProblemDetails
+GET Information about an individual VNF Snapshot with permitted authorization scope - SUCCESSFUL
+    [Documentation]    Test ID: 6.3.5.26.8
+    ...    Test title: GET Information about an individual VNF Snapshot with permitted authorization scope - SUCCESSFUL
+    ...    Test objective: The objective is to GET information about an individual VNF Snapshot with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.24.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET individual VNF Snapshot with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    VnfSnapshotInfo
+GET Information about an individual VNF Snapshot with not permitted authorization scope - SUCCESSFUL
+    [Documentation]    Test ID: 6.3.5.26.9
+    ...    Test title: GET Information about an individual VNF Snapshot with not permitted authorization scope - SUCCESSFUL
+    ...    Test objective: The objective is to GET information about an individual VNF Snapshot with not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.24.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET individual VNF Snapshot with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
     Check HTTP Response Body Json Schema Is    ProblemDetails
\ No newline at end of file
diff --git a/SOL002/VNFLifecycleManagement-API/IndividualVnfLcmOperationOccurence.robot b/SOL002/VNFLifecycleManagement-API/IndividualVnfLcmOperationOccurence.robot
index e135b9a2dd67483fc4f3d001e65694343f78a010..35a95e4d210c0db4f855271fd260950a2e876968 100644
--- a/SOL002/VNFLifecycleManagement-API/IndividualVnfLcmOperationOccurence.robot
+++ b/SOL002/VNFLifecycleManagement-API/IndividualVnfLcmOperationOccurence.robot
@@ -10,19 +10,19 @@ Post Individual VNF LCM OP occurrences - Method not implemented
     ...    Test title: Post Individual VNF LCM OP occurrences - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.13.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.13.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
     Post Individual VNF LCM OP occurrences
     Check HTTP Response Status Code Is    405
     
-Get status information about multiple VNF instances 
+Get status information about individual VNF instances 
     [Documentation]    Test ID: 6.3.5.12.2
-    ...    Test title: Get status information about multiple VNF instances
+    ...    Test title: Get status information about individual VNF instances
     ...    Test objective: The objective is to test that this method retrieve status information about a VNF lifecycle management operation occurrence 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.13.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.13.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -36,7 +36,7 @@ PUT status information about multiple VNF instances - Method not implemented
     ...    Test title: PUT status information about multiple VNF instances - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.13.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.13.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none  
@@ -48,7 +48,7 @@ PATCH status information about multiple VNF instances - Method not implemented
     ...    Test title: PATCH status information about multiple VNF instances - Method not implemented 
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.13.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.13.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none      
@@ -60,9 +60,36 @@ DELETE status information about multiple VNF instances - Method not implemented
     ...    Test title: DELETE status information about multiple VNF instances - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.13.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.13.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none  
     DELETE Individual VNF LCM OP occurrences
     Check HTTP Response Status Code Is    405
+
+Get status information about individual VNF instances with permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.12.6
+    ...    Test title: Get status information about individual VNF instances with permitted authorization scope
+    ...    Test objective: The objective is to test that this method retrieve status information about a VNF lifecycle management operation occurrence with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.13.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: none 
+    Get Individual VNF LCM OP occurrences with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    vnfLcmOpOcc 
+    Check HTTP Response Body vnf LCM OpOCC content against VNF Descriptor
+
+Get status information about individual VNF instances with not permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.12.7
+    ...    Test title: Get status information about individual VNF instances with not permitted authorization scope
+    ...    Test objective: The objective is to test that this method retrieve status information about a VNF lifecycle management operation occurrence with not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.13.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: none 
+    Get Individual VNF LCM OP occurrences with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
diff --git a/SOL002/VNFLifecycleManagement-API/InstantiateVNFTask.robot b/SOL002/VNFLifecycleManagement-API/InstantiateVNFTask.robot
index 1a97b19788ff9328359dbee00871016d32a46bb9..6db96e3fa78edac931923ad7d6ac0db6dc9e964a 100644
--- a/SOL002/VNFLifecycleManagement-API/InstantiateVNFTask.robot
+++ b/SOL002/VNFLifecycleManagement-API/InstantiateVNFTask.robot
@@ -15,7 +15,7 @@ POST Instantiate a vnfInstance
     ...    Test title: POST Instantiate a vnfInstance
     ...    Test objective: The objective is to instantiate a VNF instance
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.4.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.4.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -28,7 +28,7 @@ POST Instantiate a vnfInstance Conflict
     ...    Test title: POST Instantiate a vnfInstance Conflict
     ...    Test objective: The objective is to verify that the instantiation of the vnf cannot be executed currently, due to a conflict with the state of the VNF instance resource. 
     ...    Pre-conditions: VNF instance resource is in INSTANTIATED state
-    ...    Reference: Clause 5.4.4.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.4.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -41,7 +41,7 @@ GET Instantiate VNFInstance - Method not implemented
     ...    Test title: GET Instantiate VNFInstance - Method not implemented
     ...    Test objective: The objective is to test that GET method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.4.3.2  - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.4.3.2  - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -53,7 +53,7 @@ PUT Instantiate VNFInstance - Method not implemented
     ...    Test title: PUT Instantiate VNFInstance  - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.4.3.3  - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.4.3.3  - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -65,7 +65,7 @@ PATCH Instantiate VNFInstance - Method not implemented
     ...    Test title: PATCH Instantiate VNFInstance  - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.4.3.4  - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.4.3.4  - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -77,7 +77,7 @@ DELETE Instantiate VNFInstance - Method not implemented
     ...    Test title: DELETE Instantiate VNFInstance  - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.4.3.5  - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.4.3.5  - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -89,7 +89,7 @@ POST Instantiate a vnfInstance with TaretScaleLevelId
     ...    Test title: POST Instantiate a vnfInstance with TaretScaleLevelId attribute
     ...    Test objective: The objective is to instantiate a VNF instance
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.4.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.4.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -102,7 +102,7 @@ POST Instantiate individual vnfInstance with instantiationLevelId
     ...    Test title: POST Instantiate a vnfInstance with instantiationLevelId attribute
     ...    Test objective: The objective is to instantiate a VNF instance
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.4.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.4.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -110,9 +110,34 @@ POST Instantiate individual vnfInstance with instantiationLevelId
     Check HTTP Response Status Code Is    202
     Check Operation Occurrence Id 
 
+POST Instantiate a vnfInstance with permited authorization scope
+    [Documentation]    Test ID: 6.3.5.3.9
+    ...    Test title: POST Instantiate a vnfInstance with permited authorization scope
+    ...    Test objective: The objective is to instantiate a VNF instance using correct OAuth scope value with permited authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.4.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST instantiate individual vnfInstance with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+
+POST Instantiate a vnfInstance with not permited authorization scope
+    [Documentation]    Test ID: 6.3.5.3.10
+    ...    Test title: POST Instantiate a vnfInstance with non permited authorization scope
+    ...    Test objective: The objective is to instantiate a VNF instance using incorrect OAuth scope value with not permited authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.4.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST instantiate individual vnfInstance with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails 
 *** Keywords ***
 Check resource existence
-    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId} 
diff --git a/SOL002/VNFLifecycleManagement-API/NotificationEndpoint.robot b/SOL002/VNFLifecycleManagement-API/NotificationEndpoint.robot
index df3f54cc9ecefdf625eb735e6cd778e400ac4f96..25bb81a4e3bca06a26fc0c526bedb11746471e0d 100644
--- a/SOL002/VNFLifecycleManagement-API/NotificationEndpoint.robot
+++ b/SOL002/VNFLifecycleManagement-API/NotificationEndpoint.robot
@@ -14,7 +14,7 @@ VNF LCM Operation Occurrence Notification
     ...    Test title: VNF LCM Operation Occurrence Start Notification
     ...    Test objective:  The objective is to test that VNF LCM Operation Occurrence Notification is delivered with success to the notification consumer
     ...    Pre-conditions: A subscription for VNF LCM Operation Occurrence notifications is available in the VNFM.
-    ...    Reference: Clause 5.4.20.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.20.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -26,7 +26,7 @@ VNF Identifier Creation Notification
     ...    Test title: VNF Identifier Creation Notification
     ...    Test objective:  The objective is to test that VNF Identifier Creation Notification is delivered with success to the notification consumer
     ...    Pre-conditions: A subscription for VNF Identifier Creation Notification is available in the VNFM.
-    ...    Reference: Clause 5.4.20.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.20.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -38,7 +38,7 @@ VNF Identifier Deletion Notification
     ...    Test title: VNF Identifier Deletion Notification
     ...    Test objective:  The objective is to test that VNF Identifier Deletion Notification is delivered with success to the notification consumer
     ...    Pre-conditions: A subscription for VNF Identifier Deletion Notification is available in the VNFM.
-    ...    Reference: Clause 5.4.20.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.20.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -48,6 +48,7 @@ VNF Identifier Deletion Notification
 *** Keywords ***
 Check resource existence and get CallbackUri
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
@@ -58,6 +59,7 @@ Check resource existence and get CallbackUri
 Post VNF LCM Operation Occurrence Notification
     log    Trying to perform a POST to get notification
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template} =    Get File    jsons/VnfLcmOperationOccurrenceNotification.json
@@ -69,6 +71,7 @@ Post VNF LCM Operation Occurrence Notification
 Post VNF Identifier Creation Notification
     log    Trying to perform a POST to get notification
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template} =    Get File    jsons/VnfIdentifierCreationNotification.json
@@ -80,6 +83,7 @@ Post VNF Identifier Creation Notification
 Post VNF Identifier Deletion Notification
     log    Trying to perform a POST to get notification
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template} =    Get File    jsons/VnfIdentifierDeletionNotification.json
diff --git a/SOL002/VNFLifecycleManagement-API/Notifications.robot b/SOL002/VNFLifecycleManagement-API/Notifications.robot
index defe022d2716943a6e479d05c2c5969b9e6ba982..be8e0e94ac6597000f6eda01f31b4d4ab7b0bd6d 100644
--- a/SOL002/VNFLifecycleManagement-API/Notifications.robot
+++ b/SOL002/VNFLifecycleManagement-API/Notifications.robot
@@ -13,7 +13,7 @@ VNF LCM Operation Occurrence Start Notification
     ...    Test title: VNF LCM Operation Occurrence Start Notification
     ...    Test objective: The objective is to test the dispatch of VNF LCM Operation Occurrence Start Notification when a new VNF LCM operation is started in the VNFM, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system. 
     ...    Pre-conditions: A subscription for VNF LCM Operation Occurrence notifications is available in the VNFM.
-    ...    Reference: Clause 5.4.20.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.20.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -27,7 +27,7 @@ VNF LCM Operation Occurrence Result Notification
     ...    Test title: VNF LCM Operation Occurrence Result Notification
     ...    Test objective: The objective is to test the dispatch of VNF LCM Operation Occurrence Result Notification when a VNF LCM operation is completed in the VNFM, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: An VNF LCM operation is in progress, and a subscription for VNF LCM Operation Occurrence notifications is available in the VNFM.
-    ...    Reference: Clause 5.4.20.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.20.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -41,7 +41,7 @@ VNF Identifier Creation Notification
     ...    Test title: VNF Identifier Creation Notification
     ...    Test objective: The objective is to test the dispatch of VNF Identifier Creation Notification when a new VNF instance resource is created in the VNFM, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A subscription for VNF identifier creation notifications is available in the VNFM.
-    ...    Reference: Clause 5.4.20.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.20.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -54,7 +54,7 @@ VNF Identifier Deletion Notification
     ...    Test title: VNF Identifier Deletion Notification
     ...    Test objective: The objective is to test the dispatch of VNF Identifier Deletion Notification when a VNF instance resource is deleted in the VNFM, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A VNF instance resource is created, and a subscription for VNF identifier creation notifications is available in the VNFM.
-    ...    Reference: Clause 6.4.18.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.18.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL002/VNFLifecycleManagement-API/OperateVNFTask.robot b/SOL002/VNFLifecycleManagement-API/OperateVNFTask.robot
index 0a99effcfc36cb66fa97a93cf7624b223add2c4e..b803e51e6f0424ef107bba7ec8192019f4a82bb8 100644
--- a/SOL002/VNFLifecycleManagement-API/OperateVNFTask.robot
+++ b/SOL002/VNFLifecycleManagement-API/OperateVNFTask.robot
@@ -13,7 +13,7 @@ POST Operate a vnfInstance
     ...    Test title: POST Operate a vnfInstance
     ...    Test objective: The objective is to test that POST method operate a VNF instance
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -26,7 +26,7 @@ POST Operate a vnfInstance Conflict (Not-Instantiated)
     ...    Test title: POST Operate a vnfInstance Conflict (Not-Instantiated)
     ...    Test objective: The objective is to test that the operation cannot be executed currently, due to a conflict with the state of the VNF instance resource or that a required child attribute of the "extensions" attribue has not been set. 
     ...    Pre-conditions: the VNF instance resource is in NOT_INSTANTIATED state
-    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -39,7 +39,7 @@ POST Operate a vnfInstance Not Found
     ...    Test title: POST Operate a vnfInstance Not Found
     ...    Test objective: The objective is to test that the operation cannot be executed currently, because the resource is not existing
     ...    Pre-conditions: the VNF instance resource is in  not existing
-    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -52,7 +52,7 @@ GET Operate VNFInstance - Method not implemented
     ...    Test title: GET Operate VNFInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.10.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.10.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -64,7 +64,7 @@ PUT Operate VNFInstance - Method not implemented
     ...    Test title: PUT Operate VNFInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.10.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.10.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -76,7 +76,7 @@ PATCH Operate VNFInstance - Method not implemented
     ...    Test title: PATCH Operate VNFInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.10.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.10.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -88,16 +88,41 @@ DELETE Operate VNFInstance - Method not implemented
     ...    Test title: DELETE Operate VNFInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.10.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.10.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE Operate VNF
     Check HTTP Response Status Code Is    405
+POST Operate a vnfInstance with permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.9.8
+    ...    Test title: POST Operate a vnfInstance with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method operate a VNF instance with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Operate VNF with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check Operation Occurrence Id
+POST Operate a vnfInstance with not permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.9.9
+    ...    Test title: POST Operate a vnfInstance with not permitted authorization scope
+    ...    Test objective: The objective is to test that POST method operate a VNF instance with not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Operate VNF with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
 
 *** Keywords ***
 Check resource existence
-    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId} 
diff --git a/SOL002/VNFLifecycleManagement-API/RetryOperationTask.robot b/SOL002/VNFLifecycleManagement-API/RetryOperationTask.robot
index ef3416da61ff45a658610ab908a13cc594172918..53c76dc35f623053c0288ca210cfd44e8b1b4ae3 100644
--- a/SOL002/VNFLifecycleManagement-API/RetryOperationTask.robot
+++ b/SOL002/VNFLifecycleManagement-API/RetryOperationTask.robot
@@ -14,7 +14,7 @@ POST Retry operation task
     ...    Test title: POST Retry operation task
     ...    Test objective: The objective is to test that the POST method initiates retrying a VNF lifecycle operation if that operation has experienced a temporary failure
     ...    Pre-conditions: the "VNF LCM operation occurrence" resource is in "FAILED_TEMP" state.
-    ...    Reference: Clause 5.4.14.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.14.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -27,7 +27,7 @@ POST Retry operation task Conflict (Not-FAILED_TEMP)
     ...    Test title: POST Retry operation task Conflict (Not-FAILED_TEMP)
     ...    Test objective: The objective is to test that the retry operation cannot be executed currently, due to a conflict with the state of the VNF instance resource. (i.e. the VNF instance resource is not in FAILED_TEMP state)
     ...    Pre-conditions: the "VNF LCM operation occurrence" resource is not in "FAILED_TEMP" state.
-    ...    Reference: Clause 5.4.14.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.14.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -40,7 +40,7 @@ POST Retry operation task Not Found
     ...    Test title: POST Retry operation task Not Found
     ...    Test objective: The objective is to test that the retry operation cannot be executed because the operation is not supported
     ...    Pre-conditions: 
-    ...    Reference: Clause 5.4.14.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.14.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -53,7 +53,7 @@ GET Retry operation task - Method not implemented
     ...    Test title: GET Retry operation task- Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.14.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.14.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -65,7 +65,7 @@ PUT Retry operation task - Method not implemented
     ...    Test title: PUT Retry operation task- Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.14.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.14.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -77,7 +77,7 @@ PATCH Retry operation task - Method not implemented
     ...    Test title: PATCH Retry operation task- Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.14.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.14.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -89,15 +89,41 @@ DELETE Retry operation task - Method not implemented
     ...    Test title: DELETE Retry operation task- Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.14.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.14.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
     Delete Retry operation
     Check HTTP Response Status Code Is    405
+POST Retry operation task with permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.13.8
+    ...    Test title: POST Retry operation task with permitted authorization scope
+    ...    Test objective: The objective is to test that the POST method initiates retrying a VNF lifecycle operation if that operation has experienced a temporary failure with permitted authorization scope
+    ...    Pre-conditions: the "VNF LCM operation occurrence" resource is in "FAILED_TEMP" state.
+    ...    Reference: Clause 5.4.14.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: none 
+    Post Retry operation with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check Operation Occurrence Id
+POST Retry operation task with not permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.13.9
+    ...    Test title: POST Retry operation task with not permitted authorization scope
+    ...    Test objective: The objective is to test that the POST method initiates retrying a VNF lifecycle operation if that operation has experienced a temporary failure with not permitted authorization scope
+    ...    Pre-conditions: the "VNF LCM operation occurrence" resource is in "FAILED_TEMP" state.
+    ...    Reference: Clause 5.4.14.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: none 
+    Post Retry operation with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
+
 *** Keywords ***
 Check resource existence
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}
     Integer    response status    200
\ No newline at end of file
diff --git a/SOL002/VNFLifecycleManagement-API/RevertToVNFSnapshotTask.robot b/SOL002/VNFLifecycleManagement-API/RevertToVNFSnapshotTask.robot
index caef4aebacfe7f3ec9e01f8a3b00a69c482e2ac4..0d3168170b563fee4ff1975a6cf0c2dbc7855c4d 100644
--- a/SOL002/VNFLifecycleManagement-API/RevertToVNFSnapshotTask.robot
+++ b/SOL002/VNFLifecycleManagement-API/RevertToVNFSnapshotTask.robot
@@ -13,7 +13,7 @@ POST Revert to VNF Snapshot Task
     ...    Test title: POST Revert to VNF Snapshot Task
     ...    Test objective: The objective is to test that POST method requests reverting a VNF/VNFC instance to a VNF/VNFC snapshot.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.22.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.22.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: in response header Location shall not be null         
@@ -26,7 +26,7 @@ POST Revert to VNF Snapshot Task - NOT FOUND
     ...    Test title: POST Revert to VNF Snapshot Task - NOT FOUND
     ...    Test objective: The objective is to test that the POST method cannot request reverting to a snapshot if the task is not supported for the VNF instance represented by the parent resource. 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.22.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.22.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: Task is not supported for the VNF instance represented by the parent resource.
     ...    Post-Conditions: none
@@ -39,7 +39,7 @@ POST Revert to VNF Snapshot Task - CONFLICT
     ...    Test title: POST Revert to VNF Snapshot Task - CONFLICT
     ...    Test objective: The objective is to test that the POST method cannot request reverting to a snapshot when the VNF instance is in NOT_INSTANTIATED state. 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.22.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.22.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: VNF instance is in NOT_INSTANTIATED state.
     ...    Post-Conditions: none
@@ -52,7 +52,7 @@ GET Revert to VNF Snapshot Task - Method not implemented
     ...    Test title: GET Revert to VNF Snapshot Task - Method not implemented
     ...    Test objective: The objective is to test that GET method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.22.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.22.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -64,7 +64,7 @@ PUT Revert to VNF Snapshot Task - Method not implemented
     ...    Test title: PUT Revert to VNF Snapshot Task - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.22.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.22.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -76,7 +76,7 @@ PATCH Revert to VNF Snapshot Task - Method not implemented
     ...    Test title: PATCH Revert to VNF Snapshot Task - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.22.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.22.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -88,16 +88,41 @@ DELETE Revert to VNF Snapshot Task - Method not implemented
     ...    Test title: DELETE Revert to sVNF Snapshot Task - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.22.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.22.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
     DELETE Revert to VNF Snapshot Task
     Check HTTP Response Status Code Is    405
+POST Revert to VNF Snapshot Task with permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.24.8
+    ...    Test title: POST Revert to VNF Snapshot Task with permitted authorization scope.
+    ...    Test objective: The objective is to test that POST method requests reverting a VNF/VNFC instance to a VNF/VNFC snapshot with permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.22.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: in response header Location shall not be null         
+    POST Revert to VNF Snapshot Task with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check Operation Occurrence Id
+POST Revert to VNF Snapshot Task with not permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.24.9
+    ...    Test title: POST Revert to VNF Snapshot Task with not permitted authorization scope.
+    ...    Test objective: The objective is to test that POST method requests reverting a VNF/VNFC instance to a VNF/VNFC snapshot with not permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.22.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: in response header Location shall not be null         
+    POST Revert to VNF Snapshot Task with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
 
 *** Keywords ***
 Check resource existence
-    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId} 
diff --git a/SOL002/VNFLifecycleManagement-API/RollbackOperationTask.robot b/SOL002/VNFLifecycleManagement-API/RollbackOperationTask.robot
index 58be4d68a31b6840a84595cad806896ed45504c4..301ded5e8c4f4b8544c3a33d67f93cc8017dbb3b 100644
--- a/SOL002/VNFLifecycleManagement-API/RollbackOperationTask.robot
+++ b/SOL002/VNFLifecycleManagement-API/RollbackOperationTask.robot
@@ -14,7 +14,7 @@ POST Rollback operation task
     ...    Test title: POST Rollback operation task
     ...    Test objective: The objective is to test that POST method initiates rollback a VNF lifecycle operation if that operation has experienced a temporary failure
     ...    Pre-conditions: the "VNF LCM operation occurrence" resource is in "FAILED_TEMP" state.
-    ...    Reference: Clause 5.4.15.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.15.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -27,7 +27,7 @@ POST Rollback operation task Conflict (Not-FAILED_TEMP)
     ...    Test title: POST Rollback operation task Conflict (Not-FAILED_TEMP)
     ...    Test objective: The objective is to test that POST method The POST method initiates rollback a VNF lifecycle operation if that operation has experienced a temporary failure
     ...    Pre-conditions: the "VNF LCM operation occurrence" resource is not in "FAILED_TEMP" state.
-    ...    Reference: Clause 5.4.15.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.15.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -40,7 +40,7 @@ POST Rollback operation task Not Found
     ...    Test title: POST Rollback operation task Not Found
     ...    Test objective: The objective is to test that the retry operation cannot be executed because the operation is not supported
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.15.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.15.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -53,7 +53,7 @@ GET Rollback operation task - Method not implemented
     ...    Test title: GET Rollback operation task - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.15.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.15.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -65,7 +65,7 @@ PUT Rollback operation task - Method not implemented
     ...    Test title: PUT Rollback operation task - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.15.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.15.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -77,7 +77,7 @@ PATCH Rollback operation task - Method not implemented
     ...    Test title: PATCH Rollback operation task - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.15.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.15.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -89,16 +89,40 @@ DELETE Rollback operation task - Method not implemented
     ...    Test title: DELETE Rollback operation task - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.15.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.15.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
     Delete Rollback operation
     Check HTTP Response Status Code Is    405
-
+POST Rollback operation task with permitted authorization value
+    [Documentation]    Test ID: 6.3.5.14.8
+    ...    Test title: POST Rollback operation task with permitted authorization value.
+    ...    Test objective: The objective is to test that POST method initiates rollback a VNF lifecycle operation if that operation has experienced a temporary failure with permitted authorization scope
+    ...    Pre-conditions: the "VNF LCM operation occurrence" resource is in "FAILED_TEMP" state.
+    ...    Reference: Clause 5.4.15.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: none 
+    Post Rollback operation with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check Operation Occurrence Id
+POST Rollback operation task with not permitted authorization value
+    [Documentation]    Test ID: 6.3.5.14.9
+    ...    Test title: POST Rollback operation task with not permitted authorization value.
+    ...    Test objective: The objective is to test that POST method initiates rollback a VNF lifecycle operation if that operation has experienced a temporary failure with not permitted authorization scope
+    ...    Pre-conditions: the "VNF LCM operation occurrence" resource is in "FAILED_TEMP" state.
+    ...    Reference: Clause 5.4.15.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: none 
+    Post Rollback operation with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
 *** Keywords ***
 Check resource existence
-    Set Headers    {"Accept":"${ACCEPT}"} 
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}
     Integer    response status    200
\ No newline at end of file
diff --git a/SOL002/VNFLifecycleManagement-API/ScaleVNFTask.robot b/SOL002/VNFLifecycleManagement-API/ScaleVNFTask.robot
index 2409e01cf76708e36a89385b4935f29e0c8576bd..44721d4d3e3a265a97014645d7de014fd6b8f946 100644
--- a/SOL002/VNFLifecycleManagement-API/ScaleVNFTask.robot
+++ b/SOL002/VNFLifecycleManagement-API/ScaleVNFTask.robot
@@ -13,7 +13,7 @@ POST Scale a vnfInstance
     ...    Test title: POST Scale a vnfInstance
     ...    Test objective: The objective is to scale a VNF instance
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -26,7 +26,7 @@ POST Scale a vnfInstance Conflict (Not-Instantiated)
     ...    Test title: POST Scale a vnfInstance Conflict (Not-Instantiated)
     ...    Test objective: The objective is to verify that the operation cannot be executed currently, due to a conflict with the state of the VNF instance resource. 
     ...    Pre-conditions:  VNF instance resource is in NOT-INSTANTIATED state
-    ...    Reference: Clause 5.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -39,7 +39,7 @@ POST Scale a vnfInstance Not Found
     ...    Test title: POST Scale a vnfInstance Not Found
     ...    Test objective: The objective is to verify that the operation cannot be executed currently, due to a conflict with the state of the VNF instance resource. 
     ...    Pre-conditions: none 
-    ...    Reference: Clause 5.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -52,7 +52,7 @@ GET Scale VNFInstance - Method not implemented
     ...    Test title: GET Scale VNFInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented
     ...    Pre-conditions: none  
-    ...    Reference: Clause 5.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -64,7 +64,7 @@ PUT Scale VNFInstance - Method not implemented
     ...    Test title: PUT Scale VNFInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.5.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.5.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -76,7 +76,7 @@ PATCH Scale VNFInstance - Method not implemented
     ...    Test title: PATCH Scale VNFInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.5.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.5.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -88,16 +88,41 @@ DELETE Scale VNFInstance - Method not implemented
     ...    Test title: DELETE Scale VNFInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.5.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.5.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE Scale vnfInstance
     Check HTTP Response Status Code Is    405
 
+POST Scale a vnfInstance with permited authorization scope
+    [Documentation]    Test ID: 6.3.5.4.8
+    ...    Test title: POST Scale a vnfInstance with permited authorization scope
+    ...    Test objective: The objective is to scale a VNF instance with permited authorization scope with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Scale vnfInstance with permitted authorization scope    0
+    Check HTTP Response Status Code Is    202
+
+POST Scale a vnfInstance with not permited authorization scope
+    [Documentation]    Test ID: 6.3.5.4.9
+    ...    Test title: POST Scale a vnfInstance with not permited authorization scope
+    ...    Test objective: The objective is to scale a VNF instance with not permited authorization scope with not permited authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Scale vnfInstance with not permitted authorization scope    0
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails 
 *** Keywords ***
 Check resource existence
-    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId} 
diff --git a/SOL002/VNFLifecycleManagement-API/ScaleVNFToLevelTask.robot b/SOL002/VNFLifecycleManagement-API/ScaleVNFToLevelTask.robot
index 8c17c8f45144689ef604681df18d4f7a71463f6a..9f37e4259b69aaaac920ea63c37b45b7fa2db832 100644
--- a/SOL002/VNFLifecycleManagement-API/ScaleVNFToLevelTask.robot
+++ b/SOL002/VNFLifecycleManagement-API/ScaleVNFToLevelTask.robot
@@ -12,7 +12,7 @@ POST Scale a vnfInstance to level with Attribute instantiationLevelId
     ...    Test title: POST Scale a vnfInstance to level with instantiationLevelId attribute
     ...    Test objective: The objective is to scale a VNF instance to a target level.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.6.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.6.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -26,7 +26,7 @@ POST Scale a vnfInstance to level Conflict (Not-Instantiated)
     ...    Test title: POST Scale a vnfInstance to level Conflict (Not-Instantiated)
     ...    Test objective: The objective is to verify that the operation cannot be executed currently, due to a conflict with the state of the VNF instance resource or that a required child attribute of the "extensions" attribue has not been set. 
     ...    Pre-conditions: VNF instance resource is in NOT-INSTANTIATED state
-    ...    Reference: Clause 5.4.6.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.6.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -39,7 +39,7 @@ POST Scale a vnfInstance Not Found
     ...    Test title: POST Scale a vnfInstance Not Found
     ...    Test objective: The objective is to verify that the VNF Scale operation fails when the VNF instance resource is not present
     ...    Pre-conditions: VNF instance resource is in NOT-INSTANTIATED state
-    ...    Reference: Clause 5.4.6.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.6.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none 
     ...    Post-Conditions: none
@@ -52,7 +52,7 @@ GET Scale to level VNFInstance - Method not implemented
     ...    Test title: GET Scale to level VNFInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.6.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.6.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -64,7 +64,7 @@ PUT Scale to level VNFInstance - Method not implemented
     ...    Test title: PUT Scale to level VNFInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.6.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.6.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -76,7 +76,7 @@ PATCH Scale to level VNFInstance - Method not implemented
     ...    Test title: PATCH Scale to level VNFInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.6.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.6.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -88,16 +88,41 @@ DELETE Scale to level VNFInstance - Method not implemented
     ...    Test title: DELETE Scale to level VNFInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.6.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.6.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE Scale vnfInstance to level
     Check HTTP Response Status Code Is    405
 
+POST Scale a vnfInstance to level with Attribute instantiationLevelId and permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.5.8
+    ...    Test title: POST Scale a vnfInstance to level with instantiationLevelId attribute and permitted authorization scope
+    ...    Test objective: The objective is to scale a VNF instance to a target level using OAuth token with permitted scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.6.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Scale vnfInstance to level with instantiationLevelId and permitted authorization scope
+    Check HTTP Response Status Code Is    202
+
+POST Scale a vnfInstance to level with Attribute instantiationLevelId and not permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.5.9
+    ...    Test title: POST Scale a vnfInstance to level with instantiationLevelId attribute and not permitted authorization scope
+    ...    Test objective: The objective is to scale a VNF instance to a target level using OAuth token with not permitted scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.6.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Scale vnfInstance to level with instantiationLevelId and not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails 
 *** Keywords ***
 Check resource existence
-    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId} 
diff --git a/SOL002/VNFLifecycleManagement-API/Subscriptions.robot b/SOL002/VNFLifecycleManagement-API/Subscriptions.robot
index a203aab8056d3130c35e7cb0555f2cf79455fd7e..13e08586a23c34ef526fd31c21f2c9cecaaab85d 100644
--- a/SOL002/VNFLifecycleManagement-API/Subscriptions.robot
+++ b/SOL002/VNFLifecycleManagement-API/Subscriptions.robot
@@ -15,7 +15,7 @@ POST Create a new subscription
     ...    Test title: POST Create a new subscription
     ...    Test objective: The POST method creates a new subscription
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.18.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.18.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: in response header Location shall not be null
@@ -28,7 +28,7 @@ POST Create a new Subscription - DUPLICATION
     ...    Test title: POST Create a new subscription - DUPLICATION
     ...    Test objective: The POST method creates a new subscription even if an existing subscription to same content exist
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.18.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.18.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: SUT should support duplication of subscription creation
     ...    Post-Conditions: in response header Location shall not be null
@@ -41,7 +41,7 @@ POST Create a new Subscription - NO-DUPLICATION
     ...    Test title: POST Create a new subscription - NO-DUPLICATION
     ...    Test objective: The POST method creates a new subscription even if an existing subscription to same content exist
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.18.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.18.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: SUT should not support duplication of subscription creation
     ...    Post-Conditions: in response header Location shall not be null
@@ -54,7 +54,7 @@ GET Subscriptions
     ...    Test title: GET Subscriptions
     ...    Test objective: The objective is Get the list of active subscriptions
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -67,7 +67,7 @@ GET Subscription - Filter
     ...    Test title: GET Subscriptions - Filter
     ...    Test objective: The objective is Get the list of active subscriptions using a "filter"
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -80,7 +80,7 @@ GET subscriptions - Bad Request Invalid attribute-based filtering parameters
     ...    Test title: GET subscriptions - Bad Request Invalid attribute-based filtering parameters
     ...    Test objective: The objective is Get the list of active subscriptions using a filter
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -93,7 +93,7 @@ GET subscriptions - Bad Request Invalid attribute-based filtering parameters
     ...    Test title: GET subscriptions with all_fields attribute selector
     ...    Test objective: The objective is Get the list of active subscriptions
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -106,7 +106,7 @@ GET subscriptions with exclude_default attribute selector
     ...    Test title: GET subscriptions with exclude_default attribute selector
     ...    Test objective: The objective is Get the list of active subscriptions
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -119,7 +119,7 @@ GET subscriptions with fields attribute selector
     ...    Test title: GET subscriptions with fields attribute selector
     ...    Test objective: The objective is Get the list of active subscriptions
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -132,7 +132,7 @@ GET subscriptions with exclude_fields attribute selector
     ...    Test title: GET subscriptions with exclude_fields attribute selector
     ...    Test objective: The objective is Get the list of active subscriptions
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -145,7 +145,7 @@ PUT subscriptions - Method not implemented
     ...    Test title: PUT subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.18.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.18.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -157,7 +157,7 @@ PATCH subscriptions - Method not implemented
     ...    Test title: PATCH subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.18.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.18.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -169,7 +169,7 @@ DELETE subscriptions - Method not implemented
     ...    Test title: DELETE subscriptions - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.18.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.18.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: check that resources are not deleted
@@ -182,7 +182,7 @@ POST Create a new Subscription - Unprocessable Content
     ...    Test title: POST Create a new Subscription - Unprocessable Content
     ...    Test objective: The objective is to test that content type of the message content is supported and the message content of a request contains syntactically correct data but the data cannot be processed.
     ...    re-conditions: none
-    ...    Reference: Clause 5.4.18.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.18.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -195,7 +195,7 @@ GET information about multiple subscriptions to get Paged Response
     ...    Test title: GET information about multiple subscriptions to get Paged Response
     ...    Test objective: The objective is to retrieve information about the subscriptions to get paged response
     ...    Pre-conditions: 
-    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: 
     ...    Post-Conditions:  
@@ -208,10 +208,34 @@ GET information about multiple subscriptions for Bad Request Response too big
     ...    Test title: GET information about multiple subscriptions for Bad Request Response too big
     ...    Test objective: The objective is to test that GET method fail retrieving status information about subscriptions when Response is too big, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: 
-    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: 
     ...    Post-Conditions: 
     Get subscriptions
     Check HTTP Response Status Code Is    400
+    Check HTTP Response Body Json Schema Is    ProblemDetails
+POST Create a new subscription with permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.17.17
+    ...    Test title: POST Create a new subscription with permitted authorization scope
+    ...    Test objective: The POST method creates a new subscription with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.18.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: in response header Location shall not be null
+    Post Create subscription with permitted authorization scope
+    Check HTTP Response Status Code Is    201
+    Check HTTP Response Body Json Schema Is    subscription
+POST Create a new subscription with not permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.17.18
+    ...    Test title: POST Create a new subscription with not permitted authorization scope
+    ...    Test objective: The POST method creates a new subscription with not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.18.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: in response header Location shall not be null
+    Post Create subscription with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
     Check HTTP Response Body Json Schema Is    ProblemDetails
\ No newline at end of file
diff --git a/SOL002/VNFLifecycleManagement-API/TerminateVNFTask.robot b/SOL002/VNFLifecycleManagement-API/TerminateVNFTask.robot
index 3965554d07e51316f6f5a8450bdd6a48ff14b67d..ca634c012903310153e040ff6f704a100b8f8039 100644
--- a/SOL002/VNFLifecycleManagement-API/TerminateVNFTask.robot
+++ b/SOL002/VNFLifecycleManagement-API/TerminateVNFTask.robot
@@ -13,7 +13,7 @@ POST Terminate a vnfInstance
     ...    Test title: POST Terminate a vnfInstance
     ...    Test objective: The objective is to test that POST method terminate a VNF instance
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.8.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.8.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -26,7 +26,7 @@ POST Terminate a vnfInstance Conflict (Not-Instantiated)
     ...    Test title: POST Terminate a vnfInstance Conflict (Not-Instantiated)
     ...    Test objective: The objective is to test that the operation cannot be executed currently, due to a conflict with the state of the VNF instance resource or that a required child attribute of the "extensions" attribue has not been set.  
     ...    Pre-conditions:  VNF instance resource is in NOT_INSTANTIATED state
-    ...    Reference: Clause 5.4.8.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.8.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -39,7 +39,7 @@ GET Terminate VNFInstance - Method not implemented
     ...    Test title:  GET Terminate VNFInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.8.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.8.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -51,7 +51,7 @@ PUT Terminate VNFInstance - Method not implemented
     ...    Test title:  PUT Terminate VNFInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.8.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.8.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -63,7 +63,7 @@ PATCH Terminate VNFInstance - Method not implemented
     ...    Test title:  PATCH Terminate VNFInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.8.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.8.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -75,16 +75,41 @@ DELETE Terminate VNFInstance - Method not implemented
     ...    Test title:  DELETE Terminate VNFInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.8.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.8.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE Terminate VNF
     Check HTTP Response Status Code Is    405
+POST Terminate a vnfInstance with permited authorization scope
+    [Documentation]    Test ID: 6.3.5.7.7
+    ...    Test title: POST Terminate a vnfInstance with permited authorization scope
+    ...    Test objective: The objective is to test that POST method terminate a VNF instance with permited authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.8.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Terminate VNF with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check Operation Occurrence Id
+POST Terminate a vnfInstance with not permited authorization scope
+    [Documentation]    Test ID: 6.3.5.7.8
+    ...    Test title: POST Terminate a vnfInstance with not permited authorization scope
+    ...    Test objective: The objective is to test that POST method terminate a VNF instance with not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.8.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Terminate VNF with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
 
 *** Keywords ***
 Check resource existence
-    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId} 
diff --git a/SOL002/VNFLifecycleManagement-API/VNFInstances.robot b/SOL002/VNFLifecycleManagement-API/VNFInstances.robot
index 150f77d3a4367b80de56327524220263fad12ed9..4358e7be8812b8f7da0904611d95b3d92d840d94 100644
--- a/SOL002/VNFLifecycleManagement-API/VNFInstances.robot
+++ b/SOL002/VNFLifecycleManagement-API/VNFInstances.robot
@@ -12,7 +12,7 @@ POST Create a new vnfInstance
     ...    Test title: POST Create a new vnfInstance
     ...    Test objective: The objective is to create a new VNF instance resource
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: VNF instance created
@@ -26,7 +26,7 @@ GET information about multiple VNF instances
     ...    Test title: GET information about multiple VNF instances
     ...    Test objective: The objective is to get information about multiples VNF instances
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -40,7 +40,7 @@ GET information about multiple VNF instances Bad Request Invalid attribute-based
     ...    Test title: GET information about multiple VNF instances Bad Request Invalid attribute-based filtering parameters
     ...    Test objective: The objective is to get information about multiples VNF instances with Invalid attribute-based filtering parameters
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -53,7 +53,7 @@ GET information about multiple VNF instances Bad Request Invalid attribute selec
     ...    Test title: GET information about multiple VNF instances Bad Request Invalid attribute selector
     ...    Test objective: The objective is to get information about multiples VNF instances with Invalid attribute-based filtering parameters
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -66,7 +66,7 @@ GET information about multiple VNF instances with "all_fields" attribute selecto
     ...    Test title: GET information about multiple VNF instances with "all_fields" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF instances
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -79,7 +79,7 @@ GET information about multiple VNF instances with "exclude_default" attribute se
     ...    Test title: GET information about multiple VNF instances with "exclude_default" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF instances
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -92,7 +92,7 @@ GET information about multiple VNF instances with "fields" attribute selector
     ...    Test title: GET information about multiple VNF instances with "fields" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF instances
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -105,7 +105,7 @@ GET information about multiple VNF instances with "exclude_fields" attribute sel
     ...    Test title: GET information about multiple VNF instances with "exclude_fields" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF instances
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -118,7 +118,7 @@ PUT VNFInstances - Method not implemented
     ...    Test title: PUT VNFInstances - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.2.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.2.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -130,7 +130,7 @@ PATCH VNFInstances - Method not implemented
     ...    Test title: PATCH VNFInstances - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none 
-    ...    Reference: Clause 5.4.2.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.2.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -142,7 +142,7 @@ DELETE VNFInstances - Method not implemented
     ...    Test title: DELETE VNFInstances - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none 
-    ...    Reference: Clause 5.4.2.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.2.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: VNF instance not deleted
@@ -154,7 +154,7 @@ GET information about multiple VNF instances with "exclude_default" and "fields"
     ...    Test title: GET information about multiple VNF instances with "exclude_default" and "fields" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF instances
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -167,10 +167,35 @@ POST Create a new vnfInstance - UNPROCESSABLE CONTENT
     ...    Test title: POST Create a new vnfInstance - UNPROCESSABLE CONTENT
     ...    Test objective: The objective is to test that a new VNF instance resource is not created when 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: vnfdId of the referenced VNF package is not in ENABLED state or does not exist.
     ...    Post-Conditions: VNF instance created
     POST Create a new vnfInstance with Invalid vnfdId
     Check HTTP Response Status Code Is    422
-    Check HTTP Response Body Json Schema Is    ProblemDetails    
\ No newline at end of file
+    Check HTTP Response Body Json Schema Is    ProblemDetails    
+POST Create a new vnfInstance with permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.1.14
+    ...    Test title: POST Create a new vnfInstance with permitted authorization scope
+    ...    Test objective: The objective is to create a new VNF instance resource with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: VNF instance created
+    POST Create a new vnfInstance with permitted authorization scope
+    Check HTTP Response Status Code Is    201
+    Check HTTP Response Body Json Schema Is    vnfInstance
+    Check HTTP Response Body vnfInstance content against VNF Descriptor
+POST Create a new vnfInstance with not permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.1.15
+    ...    Test title: POST Create a new vnfInstance with not permitted authorization scope
+    ...    Test objective: The objective is to create a new VNF instance resource with not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: VNF instance created
+    POST Create a new vnfInstance with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
diff --git a/SOL002/VNFLifecycleManagement-API/VNFSelectDeployableModules.robot b/SOL002/VNFLifecycleManagement-API/VNFSelectDeployableModules.robot
new file mode 100644
index 0000000000000000000000000000000000000000..5fdf62eebf4a67f16a6cbad509e8db9ad27e337f
--- /dev/null
+++ b/SOL002/VNFLifecycleManagement-API/VNFSelectDeployableModules.robot
@@ -0,0 +1,96 @@
+*** Settings ***
+Resource    environment/variables.txt 
+Library    REST    ${VNFM_SCHEMA}://${VNFM_HOST}:${VNFM_PORT}     ssl_verify=false
+Library    OperatingSystem
+Library    JSONLibrary
+Library    JSONSchemaLibrary    schemas/
+Resource    VnfLcmOperationKeywords.robot
+
+*** Test Cases ***
+POST Select VNF Deployable Module
+    [Documentation]    Test ID: 6.3.5.27.1
+    ...    Test title: POST Select VNF Deployable Module
+    ...    Test objective: The objective is to select VNF Deployable Module
+    ...    Pre-conditions: The VNF instance resource is in INSTANTIATED state
+    ...    Reference: Clause 5.4.11b.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Select VNF Deployable Modules
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Header Contains    Location
+    Check Individual VNF LCM operation occurrence operationState is    STARTING
+
+POST Select VNF Deployable Module Not Found
+    [Documentation]    Test ID: 6.3.5.27.2
+    ...    Test title: POST Select VNF Deployable Module Not Found 
+    ...    Test objective: The objective is to test that the POST Select VNF Deployable Module fails when the resource is not present.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.11b.3.1  - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Select VNF Deployable Modules Not Existing
+    Check HTTP Response Status Code Is    404
+    Check HTTP Response Body Json Schema Is    ProblemDetails
+
+POST Select VNF Deployable Module with conflict (Not Instantiated)
+    [Documentation]    Test ID: 6.3.5.27.3
+    ...    Test title: POST Operate a vnfInstance Conflict (Not-Instantiated)
+    ...    Test objective: The objective is to test that the operation fails when there is a conflict with the resource state.
+    ...    Pre-conditions: the VNF instance resource is in NOT-INSTANTIATED state
+    ...    Reference: Clause 5.4.11b.3.1  - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Select VNF Deployable Modules with conflict
+    Check HTTP Response Status Code Is    409
+    Check HTTP Response Body Json Schema Is    ProblemDetails
+
+GET Select VNF Deployable Module - Method not implemented
+    [Documentation]    Test ID: 6.3.5.27.4
+    ...    Test title: GET Select VNF Deployable Module - Method not implemented
+    ...    Test objective: The objective is to verify that the method is not implemented
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.11b.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Select VNF Deployable Modules
+    Check HTTP Response Status Code Is    405
+
+PUT Select VNF Deployable Module - Method not implemented
+    [Documentation]    Test ID: 6.3.5.27.5
+    ...    Test title: PUT Select VNF Deployable Module - Method not implemented
+    ...    Test objective: The objective is to test that PUT method is not implemented
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.11b.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    PUT Select VNF Deployable Modules
+    Check HTTP Response Status Code Is    405
+
+PATCH Select VNF Deployable Module - Method Not implemented
+    [Documentation]    Test ID: 6.3.5.27.6
+    ...    Test title: PATCH Select VNF Deployable Module - Method Not implemented
+    ...    Test objective: The objective is to test that PATCH method is not implemented
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.11b.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    PATCH Select VNF Deployable Modules
+    Check HTTP Response Status Code Is    405
+
+DELETE Select VNF Deployable Module - Method Not implemented
+    [Documentation]    Test ID: 6.3.5.27.7
+    ...    Test title: DELETE Select VNF Deployable Module - Method Not implemented
+    ...    Test objective: The objective is to test that DELETE method is not implemented
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.11b.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    DELETE Select VNF Deployable Modules
+    Check HTTP Response Status Code Is    405
\ No newline at end of file
diff --git a/SOL002/VNFLifecycleManagement-API/VNFSnapshots.robot b/SOL002/VNFLifecycleManagement-API/VNFSnapshots.robot
index 6bcece86c9343bcb2a09a42e0ca76e54a448fb8f..0556b056e708c92ed360d54c0257dbb67d2a8911 100644
--- a/SOL002/VNFLifecycleManagement-API/VNFSnapshots.robot
+++ b/SOL002/VNFLifecycleManagement-API/VNFSnapshots.robot
@@ -8,7 +8,7 @@ POST Create a new VNF Snapshot
     ...    Test title: POST Create a new VNF Snapshot
     ...    Test objective: The objective is to create a new VNF snapshot
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.23.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.23.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: VNF snapshot is created
@@ -22,7 +22,7 @@ GET information about multiple VNF Snapshots
     ...    Test title: GET information about multiple VNF Snapshots
     ...    Test objective: The objective is to get information about multiples VNF snapshots
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -35,7 +35,7 @@ GET information about multiple VNF Snapshots Bad Request Invalid attribute-based
     ...    Test title: GET information about multiple VNF Snapshots Bad Request Invalid attribute-based filtering parameters
     ...    Test objective: The objective is to get information about multiples VNF Snapshots with Invalid attribute-based filtering parameters
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -48,7 +48,7 @@ GET information about multiple VNF Snapshots Bad Request Invalid attribute selec
     ...    Test title: GET information about multiple VNF Snapshots Bad Request Invalid attribute selector
     ...    Test objective: The objective is to get information about multiples VNF Snapshots with Invalid attribute-based filtering parameters
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -61,7 +61,7 @@ GET information about multiple VNF Snapshots with "all_fields" attribute selecto
     ...    Test title: GET information about multiple VNF Snapshots with "all_fields" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF Snapshots
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -74,7 +74,7 @@ GET information about multiple VNF Snapshots with "exclude_default" attribute se
     ...    Test title: GET information about multiple VNF Snapshots with "exclude_default" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF Snapshots
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -87,7 +87,7 @@ GET information about multiple VNF Snapshots with "fields" attribute selector
     ...    Test title: GET information about multiple VNF Snapshots with "fields" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF Snapshots
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -100,7 +100,7 @@ GET information about multiple VNF Snapshots with "exclude_default" and "fields"
     ...    Test title: GET information about multiple VNF Snapshots with "exclude_default" and "fields" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF Snapshots
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -113,7 +113,7 @@ GET information about multiple VNF Snapshots with "exclude_fields" attribute sel
     ...    Test title: GET information about multiple VNF Snapshots with "exclude_fields" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF Snapshots
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -126,7 +126,7 @@ GET VNF Snapshots - Bad Request Response too Big
     ...    Test title: GET VNF Snapshots - Bad Request Response too Big
     ...    Test objective: The objective is test that the retrieval of existing VNF Snapshots list fails because response is too big, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: VNFM does not support paged response.
     ...    Post-Conditions: none 
@@ -139,7 +139,7 @@ GET VNF Snapshots as Paged Response
     ...    Test title: GET VNF Snapshots as Paged Response
     ...    Test objective: The objective is to test that GET method retrieves the list of existing VNF Snapshots as paged response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: VNFM supports paged response.
     ...    Post-Conditions: none    
@@ -152,7 +152,7 @@ PUT VNF Snapshots - Method not implemented
     ...    Test title: PUT VNF Snapshots - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.23.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.23.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -164,7 +164,7 @@ PATCH VNF Snapshots - Method not implemented
     ...    Test title: PATCH VNF Snapshots - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none 
-    ...    Reference: Clause 5.4.23.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.23.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -176,9 +176,34 @@ DELETE VNF Snapshots - Method not implemented
     ...    Test title: DELETE VNF Snapshots - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none 
-    ...    Reference: Clause 5.4.23.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.23.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: VNF instance not deleted
     DELETE VNF Snapshots
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+POST Create a new VNF Snapshot with permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.25.15
+    ...    Test title: POST Create a new VNF Snapshot with permitted authorization scope
+    ...    Test objective: The objective is to create a new VNF snapshot with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.23.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: VNF snapshot is created
+    POST Create a new VNF Snapshot with permitted authorization scope
+    Check HTTP Response Status Code Is    201
+    Check HTTP Response Body Json Schema Is    VnfSnapshotInfo
+    Check HTTP Location Header Contains URI of Created Resource
+POST Create a new VNF Snapshot with not permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.25.16
+    ...    Test title: POST Create a new VNF Snapshot with not permitted authorization scope
+    ...    Test objective: The objective is to create a new VNF snapshot with not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.23.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: VNF snapshot is created
+    POST Create a new VNF Snapshot with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
\ No newline at end of file
diff --git a/SOL002/VNFLifecycleManagement-API/VnfLcmOperationKeywords.robot b/SOL002/VNFLifecycleManagement-API/VnfLcmOperationKeywords.robot
index 00134fa763281edd4009ea3e50b42dd1ce222957..90deab041aafb7ed0e0159b5977533be3cf9e6aa 100644
--- a/SOL002/VNFLifecycleManagement-API/VnfLcmOperationKeywords.robot
+++ b/SOL002/VNFLifecycleManagement-API/VnfLcmOperationKeywords.robot
@@ -11,6 +11,7 @@ Library    Collections
 Library    JSONSchemaLibrary    schemas/
 Library    String
 Library    Process
+Library    jwt
 #Variables    descriptors/SOL001/VNFD/vnfd_SOL001.yaml
 #Variables    descriptors/SOL006/VNFD/vnfd_SOL006.yaml
 
@@ -22,7 +23,8 @@ Create Sessions
     
 Get Vnf Instance 
     [Arguments]    ${vnfInstanceId}
-    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}
@@ -50,6 +52,8 @@ Check HTTP Response Body Json Schema Is
     Validate Json    ${schema}    ${response['body']}
     Log    Json Schema Validation OK
 
+
+
 Check resource Instantiated
     Check VNF Instance    ${vnfInstanceId}
     Check HTTP Response Status Code Is    200
@@ -63,6 +67,7 @@ Check resource not Instantiated
 Check VNF Instance
     [Arguments]    ${vnfId}
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${response}=    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfId}
@@ -94,9 +99,18 @@ Check HTTP Response Header Contains ETag and Last-Modified
     Should Contain    ${response['headers']}    Last-Modified
     Log    ETag and Last-Modified header are present
 
+Check Individual VNF LCM operation occurrence operationState is
+    [Arguments]    ${status}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    ${opOccResponse}=    Get    ${response['headers']['Location']}
+    Log    Validate operationState  
+    Should Be Equal as Strings  ${opOccResponse['body']['operationState']}    ${status}
+    Log    operationState validated
+
 POST Create a new vnfInstance	
     Log    Create VNF instance by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Run Keyword If    ${check_descriptors} == 1    PARSE the Descriptor File
@@ -109,6 +123,7 @@ POST Create a new vnfInstance
 POST Create a new vnfInstance with Invalid vnfdId	
     Log    Create VNF instance by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances with invalid vnfdId
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template} =    Get File    jsons/createVnfRequest.json
@@ -120,6 +135,7 @@ POST Create a new vnfInstance with Invalid vnfdId
 GET multiple vnfInstances	
      Log    Query VNF The GET method queries information about multiple VNF instances.
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances 
@@ -129,6 +145,7 @@ GET multiple vnfInstances
 GET multiple vnfInstances with bad attribute	
     Log    Query VNF The GET method queries information about multiple VNF instances.
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"} 
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances?attribute_not_exist=some_value
@@ -138,6 +155,7 @@ GET multiple vnfInstances with bad attribute
 GET multiple vnfInstances with bad filter	
     Log    Query VNF The GET method queries information about multiple VNF instances.
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"} 
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances?fields=wrong_field
@@ -146,6 +164,7 @@ GET multiple vnfInstances with bad filter
 GET multiple vnfInstances with all_fields attribute selector
     Log    Query status information about multiple VNF instances, using fields
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances?exclude_default
     ${output}=    Output    response
@@ -153,6 +172,7 @@ GET multiple vnfInstances with all_fields attribute selector
 GET multiple vnfInstances with exclude_default attribute selector
     Log    Query status information about multiple VNF instances using fields
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances?exclude_default
     ${output}=    Output    response
@@ -160,6 +180,7 @@ GET multiple vnfInstances with exclude_default attribute selector
 GET multiple vnfInstances with fields attribute selector
     Log    Query status information about multiple VNF instances, using fields
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances?fields=${fields}
     ${output}=    Output    response
@@ -167,6 +188,7 @@ GET multiple vnfInstances with fields attribute selector
 GET multiple vnfInstances with exclude_default and fields attribute selector
     Log    Query status information about multiple VNF instances, using fields
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances?fields=${fields}&exclude_default
     ${output}=    Output    response
@@ -174,6 +196,7 @@ GET multiple vnfInstances with exclude_default and fields attribute selector
 GET multiple vnfInstances with exclude_fields attribute selector
     Log    Query status information about multiple VNF instances, using fields
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances?exclude_fields=${fields}
     ${output}=    Output    response
@@ -181,6 +204,7 @@ GET multiple vnfInstances with exclude_fields attribute selector
 PUT multiple vnfInstances
     log    Trying to perform a PUT. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Put    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances   	
@@ -190,6 +214,7 @@ PUT multiple vnfInstances
 PATCH multiple vnfInstances
     Log    Trying to perform a PATCH. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfLcmOpOccId}	 	
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
@@ -204,6 +229,7 @@ DELETE multiple vnfInstances
 POST Create a new VNF Snapshot	
     Log    Create VNF snapshot by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template} =    Get File    jsons/CreateVnfSnapshotInfoRequest.json
@@ -215,6 +241,7 @@ POST Create a new VNF Snapshot
 GET multiple VNF Snapshots	
     Log    Query VNF The GET method queries information about multiple VNF snapshots.
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots 
@@ -224,6 +251,7 @@ GET multiple VNF Snapshots
 GET multiple VNF Snapshots with bad attribute	
     Log    Query VNF The GET method queries information about multiple VNF snapshots.
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"} 
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots?attribute_not_exist=some_value
@@ -233,6 +261,7 @@ GET multiple VNF Snapshots with bad attribute
 GET multiple VNF Snapshots with bad filter	
     Log    Query VNF The GET method queries information about multiple VNF snapshots.
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"} 
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots?fields=wrong_field
@@ -242,6 +271,7 @@ GET multiple VNF Snapshots with bad filter
 GET multiple VNF Snapshots with all_fields attribute selector
     Log    Query status information about multiple VNF snapshots, using fields
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots?exclude_default
     ${output}=    Output    response
@@ -250,6 +280,7 @@ GET multiple VNF Snapshots with all_fields attribute selector
 GET multiple VNF Snapshots with exclude_default attribute selector
     Log    Query status information about multiple VNF snapshots using fields
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots?exclude_default
     ${output}=    Output    response
@@ -258,6 +289,7 @@ GET multiple VNF Snapshots with exclude_default attribute selector
 GET multiple VNF Snapshots with fields attribute selector
     Log    Query status information about multiple VNF snapshots, using fields
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots?fields=${fields}
     ${output}=    Output    response
@@ -266,6 +298,7 @@ GET multiple VNF Snapshots with fields attribute selector
 GET multiple VNF Snapshots with exclude_default and fields attribute selector
     Log    Query status information about multiple VNF snapshots, using fields
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots?fields=${fields}&exclude_default
     ${output}=    Output    response
@@ -274,6 +307,7 @@ GET multiple VNF Snapshots with exclude_default and fields attribute selector
 GET multiple VNF Snapshots with exclude_fields attribute selector
     Log    Query status information about multiple VNF snapshots, using fields
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots?exclude_fields=${fields}
     ${output}=    Output    response
@@ -292,6 +326,7 @@ Check HTTP Response Header Contains Link
 PUT VNF Snapshots
     log    Trying to perform a PUT. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Put    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots   	
@@ -301,6 +336,7 @@ PUT VNF Snapshots
 PATCH VNF Snapshots
     Log    Trying to perform a PATCH. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots	 	
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
@@ -315,6 +351,7 @@ DELETE VNF Snapshots
 POST individual vnfInstance
     log    Trying to perform a POST. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}    
@@ -323,7 +360,8 @@ POST individual vnfInstance
 
 GET individual vnfInstance
     log    Trying to get information about an individual VNF instance
-    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId} 		
@@ -333,6 +371,7 @@ GET individual vnfInstance
 PUT individual vnfInstance
     log    Trying to perform a PUT. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Put    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}	  	
@@ -341,7 +380,8 @@ PUT individual vnfInstance
 	
 PATCH individual vnfInstance
     log    Trying to modify an individual VNF instance
-    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers    {"Content-Type": "${CONTENT_TYPE_PATCH}"}
     Set Headers    {"If-Match": "${original_etag}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
@@ -362,6 +402,7 @@ DELETE individual vnfInstance
 POST individual VNF Snapshot
     log    Trying to perform a POST. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots/${vnfSnapshotInfoId}    
@@ -370,7 +411,8 @@ POST individual VNF Snapshot
 
 GET individual VNF Snapshot
     log    Trying to get information about an individual VNF snapshot
-    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots/${vnfSnapshotInfoId} 		
@@ -379,7 +421,8 @@ GET individual VNF Snapshot
 
 GET individual VNF Snapshot with invalid URI
     log    Trying to get information about an individual VNF snapshot
-    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots/${invalidVnfSnapshotInfoId} 		
@@ -389,6 +432,7 @@ GET individual VNF Snapshot with invalid URI
 PUT individual VNF Snapshot
     log    Trying to perform a PUT. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Put    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots/${vnfSnapshotInfoId} 		
@@ -398,6 +442,7 @@ PUT individual VNF Snapshot
 PATCH individual VNF Snapshot
     log    Trying to perform a PATCH. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots/${vnfSnapshotInfoId} 		
@@ -407,6 +452,7 @@ PATCH individual VNF Snapshot
 DELETE individual VNF Snapshot
     log    Trying to DELETE an individual VNF Snapshot
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots/${vnfSnapshotInfoId} 		
@@ -416,6 +462,7 @@ DELETE individual VNF Snapshot
 DELETE individual VNF Snapshot - CONFLICT
     log    Trying to DELETE an individual VNF Snapshot that is already in use by another operation
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots/${vnfSnapshotInfoId_InUse} 		
@@ -424,6 +471,7 @@ DELETE individual VNF Snapshot - CONFLICT
 POST instantiate individual vnfInstance
     Log    Trying to Instantiate a vnf Instance
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File    jsons/instantiateVnfRequest.json
@@ -469,6 +517,7 @@ POST Scale vnfInstance
     ...     
     Log    Trying to Instantiate a vnf Instance
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${body}=    Get File    jsons/scaleVnfRequest.json
@@ -484,6 +533,7 @@ POST Scale vnfInstance
 # POST Scale vnfInstance	
     # Log    Trying to Instantiate a vnf Instance
     # Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     # Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     # Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     # ${template}=    Get File    jsons/scaleVnfRequest.json
@@ -494,6 +544,7 @@ POST Scale vnfInstance
 GET Scale vnfInstance				
     Log    Trying to get a scale a vnf Instance
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${body}=    Get File    jsons/scaleVnfRequest.json
@@ -503,6 +554,7 @@ GET Scale vnfInstance
 PUT Scale vnfInstance				
     Log    Trying to modify a scale vnf Instance
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${body}=    Get File    jsons/scaleVnfRequest.json
@@ -512,6 +564,7 @@ PUT Scale vnfInstance
 PATCH Scale vnfInstance				
     Log    Trying to modify a scale vnf Instance
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${body}=    Get File    jsons/scaleVnfRequest.json
@@ -521,6 +574,7 @@ PATCH Scale vnfInstance
 DELETE Scale vnfInstance				
     Log    Trying to modify a scale vnf Instance
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${body}=    Get File    jsons/scaleVnfRequest.json
@@ -531,6 +585,7 @@ DELETE Scale vnfInstance
 POST Scale vnfInstance to level with instantiationLevelId
     Log    Trying to scale a vnf Instance to level
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File    jsons/scaleVnfToLevelRequestWithinstantiationLevelId.json
@@ -570,6 +625,7 @@ DELETE Scale vnfInstance to level
 POST Change VNF deployment flavour
     Log    Trying to change the deployment flavour of a VNF instance.
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File    jsons/changeVnfFlavourRequest.json
@@ -594,6 +650,7 @@ PUT Change VNF deployment flavour
 PATCH Change VNF deployment flavour
     Log    Trying to perform a PATCH. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/change_flavour   	 	
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
@@ -608,6 +665,7 @@ DELETE Change VNF deployment flavour
 POST Terminate VNF
     Log    Trying to terminate a VNF instance.
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File    jsons/terminateVnfRequest.json
@@ -647,6 +705,7 @@ DELETE Terminate VNF
 POST Heal VNF
     Log    Trying to heal a VNF instance.
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File    jsons/healVnfRequest.json
@@ -686,6 +745,7 @@ DELETE Heal VNF
 POST Change External VNF Connectivity
     Log    Trying to change the external connectivity of a VNF instance.
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File    jsons/changeExtVnfConnectivityRequest.json
@@ -711,6 +771,7 @@ PUT Change External VNF Connectivity
 PATCH Change External VNF Connectivity
     Log    Trying to perform a PATCH. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/change_ext_conn  	 	
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
@@ -725,6 +786,7 @@ DELETE Change External VNF Connectivity
 POST Change Current VNF Package Task
     Log    Trying to change current VNF package task.
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File    jsons/changeCurrentVnfPkgRequest.json
@@ -761,9 +823,83 @@ DELETE Change Current VNF Package Task
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
 
+POST Select VNF Deployable Modules
+    log    Trying to select deployable modules of VNF instance
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    ${template}=    Get File    jsons/SelectVnfDeployableModulesRequest.json
+    ${body}=    Format String    ${template}
+    Post    ${apiRoot}/vnflcm/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/select_depl_mods    ${body}
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+
+POST Select VNF Deployable Modules Not Existing
+    log    Trying to select deployable modules of VNF instance
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    ${template}=    Get File    jsons/SelectVnfDeployableModulesRequest.json
+    ${body}=    Format String    ${template}
+    Post    ${apiRoot}/vnflcm/${apiMajorVersion}/vnf_instances/${notExistingVnfInstanceId}/select_depl_mods    ${body}
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+
+POST Select VNF Deployable Modules with conflict
+    log    Trying to select deployable modules of VNF instance.
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    ${template}=    Get File    jsons/SelectVnfDeployableModulesRequest.json
+    ${body}=    Format String    ${template}
+    Post    ${apiRoot}/vnflcm/${apiMajorVersion}/vnf_instances/${notInstantiatedVnfInstanceId}/select_depl_mods    ${body}
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+
+
+GET Select VNF Deployable Modules
+    log    Trying to perform a GET. This method should not be implemented
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"} 
+    Get    ${apiRoot}/vnflcm/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/select_depl_mods
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+
+PUT Select VNF Deployable Modules
+    log    Trying to perform a PUT. This method should not be implemented
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    Put    ${apiRoot}/vnflcm/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/select_depl_mods
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+
+PATCH Select VNF Deployable Modules
+    log    Trying to perform a PATCH. This method should not be implemented
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    Patch    ${apiRoot}/vnflcm/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/select_depl_mods
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+
+DELETE Select VNF Deployable Modules
+    log    Trying to perform a DELETE. This method should not be implemented
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    Delete    ${apiRoot}/vnflcm/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/select_depl_mods
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+    
 POST Create VNF Snapshot Task
     Log    Trying to request a snapshot of a VNF instance
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File    jsons/CreateVnfSnapshotRequest.json
@@ -775,6 +911,7 @@ POST Create VNF Snapshot Task
 POST Create VNF Snapshot Task NOT SUPPORTED
     Log    Trying to request a snapshot of a VNF instance for which task resource does not exist
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File    jsons/CreateVnfSnapshotRequest.json
@@ -786,6 +923,7 @@ POST Create VNF Snapshot Task NOT SUPPORTED
 POST Create VNF Snapshot Task VNF_NOT_INSTANTIATED
     Log    Trying to request a snapshot of a VNF instance which is in NOT_INSTANTIATED state
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File    jsons/CreateVnfSnapshotRequest.json
@@ -797,6 +935,7 @@ POST Create VNF Snapshot Task VNF_NOT_INSTANTIATED
 POST Create VNF Snapshot Task INVALID IDENTIFIER
     Log    Trying to request a snapshot of a VNF instance with invalid "Individual VNF Snapshot" resource identifier
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File    jsons/CreateVnfSnapshotRequest.json
@@ -836,6 +975,7 @@ DELETE Create VNF Snapshot Task
 POST Revert to VNF Snapshot Task
     Log    Trying to initiate revert to VNF snapshot task.
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File    jsons/RevertToVnfSnapshotRequest.json
@@ -847,6 +987,7 @@ POST Revert to VNF Snapshot Task
 POST Revert to VNF Snapshot Task NOT SUPPORTED
     Log    Trying to revert to a snapshot of a VNF instance for which task resource does not exist
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File    jsons/RevertToVnfSnapshotRequest.json
@@ -858,6 +999,7 @@ POST Revert to VNF Snapshot Task NOT SUPPORTED
 POST Revert to VNF Snapshot Task VNF_NOT_INSTANTIATED
     Log    Trying to revert to a snapshot of a VNF instance which is in NOT_INSTANTIATED state
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File    jsons/RevertToVnfSnapshotRequest.json
@@ -897,6 +1039,7 @@ DELETE Revert to VNF Snapshot Task
 POST Operate VNF
     Log    Trying to operate a VNF instance.
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File    jsons/operateVnfRequest.json
@@ -936,6 +1079,7 @@ DELETE Operate VNF
 Post VNF LCM OP occurrences
     log    Trying to perform a POST. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs  	
     ${outputResponse}=    Output    response
@@ -943,6 +1087,7 @@ Post VNF LCM OP occurrences
 GET VNF LCM OP occurrences
     Log    Query status information about multiple VNF lifecycle management operation occurrences.
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Log    Execute Query and validate response
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs
@@ -951,6 +1096,7 @@ GET VNF LCM OP occurrences
 GET VNF LCM OP occurrences invalid attribute
     Log    Query status information about multiple VNF lifecycle management operation occurrences.
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"} 
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs?attribute_not_exist=some_value	
     ${outputResponse}=    Output    response
@@ -958,6 +1104,7 @@ GET VNF LCM OP occurrences invalid attribute
 GET VNF LCM OP occurrences invalid filter
     Log    Query status information about multiple VNF lifecycle management operation occurrences.
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"} 
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs?fields=wrong_field	
     ${outputResponse}=    Output    response
@@ -965,6 +1112,7 @@ GET VNF LCM OP occurrences invalid filter
 PUT VNF LCM OP occurrences	
     log    Trying to perform a PUT. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Put    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs	
     ${outputResponse}=    Output    response
@@ -972,6 +1120,7 @@ PUT VNF LCM OP occurrences
 PATCH VNF LCM OP occurrences	
     log    Trying to perform a PATCH. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs	
     ${outputResponse}=    Output    response
@@ -979,6 +1128,7 @@ PATCH VNF LCM OP occurrences
 DELETE VNF LCM OP occurrences	
     log    Trying to perform a DELETE. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs	
     ${outputResponse}=    Output    response
@@ -986,6 +1136,7 @@ DELETE VNF LCM OP occurrences
 Post Individual VNF LCM OP occurrences
     log    Trying to perform a POST. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}	
     ${outputResponse}=    Output    response
@@ -993,6 +1144,7 @@ Post Individual VNF LCM OP occurrences
 Get Individual VNF LCM OP occurrences
     log    Trying to perform a POST. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}	
     ${outputResponse}=    Output    response
@@ -1000,6 +1152,7 @@ Get Individual VNF LCM OP occurrences
 Put Individual VNF LCM OP occurrences
     log    Trying to perform a POST. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Put    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}	
     ${outputResponse}=    Output    response
@@ -1007,6 +1160,7 @@ Put Individual VNF LCM OP occurrences
 Patch Individual VNF LCM OP occurrences
     log    Trying to perform a POST. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Patch   ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}	
     ${outputResponse}=    Output    response
@@ -1014,6 +1168,7 @@ Patch Individual VNF LCM OP occurrences
 Delete Individual VNF LCM OP occurrences
     log    Trying to perform a POST. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}	
     ${outputResponse}=    Output    response
@@ -1028,6 +1183,7 @@ Post Retry operation
 Get Retry operation	
     Log    Trying to perform a GET. This method should not be implemented.
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Log    Execute Query and validate response
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/retry	
@@ -1036,6 +1192,7 @@ Get Retry operation
 Put Retry operation	
     log    Trying to perform a PUT. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Put    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/retry	
     ${outputResponse}=    Output    response
@@ -1043,6 +1200,7 @@ Put Retry operation
 Patch Retry operation	
     log    Trying to perform a PATCH. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/retry	
     ${outputResponse}=    Output    response
@@ -1050,6 +1208,7 @@ Patch Retry operation
 Delete Retry operation    
 	log    Trying to perform a DELETE. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/retry	
     ${outputResponse}=    Output    response
@@ -1064,6 +1223,7 @@ Post Rollback operation
 Get Rollback operation	
     Log    Trying to perform a GET. This method should not be implemented.
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Log    Execute Query and validate response
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/rollback	
@@ -1072,6 +1232,7 @@ Get Rollback operation
 Put Rollback operation	
     log    Trying to perform a PUT. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Put    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/rollback	
     ${outputResponse}=    Output    response
@@ -1079,6 +1240,7 @@ Put Rollback operation
 Patch Rollback operation	
     log    Trying to perform a PATCH. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/rollback	
     ${outputResponse}=    Output    response
@@ -1086,6 +1248,7 @@ Patch Rollback operation
 Delete Rollback operation    
 	log    Trying to perform a DELETE. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/rollback	
     ${outputResponse}=    Output    response
@@ -1100,6 +1263,7 @@ Post Fail operation
 Get Fail operation	
     Log    Trying to perform a GET. This method should not be implemented.
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Log    Execute Query and validate response
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/fail
@@ -1108,6 +1272,7 @@ Get Fail operation
 Put Fail operation	
     log    Trying to perform a PUT. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Put    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/fail	
     ${outputResponse}=    Output    response
@@ -1115,6 +1280,7 @@ Put Fail operation
 Patch Fail operation	
     log    Trying to perform a PATCH. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/fail
     ${outputResponse}=    Output    response
@@ -1122,6 +1288,7 @@ Patch Fail operation
 Delete Fail operation    
 	log    Trying to perform a DELETE. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/fail
     ${outputResponse}=    Output    response
@@ -1153,6 +1320,7 @@ PUT Cancel operation task
 PATCH Cancel operation task
     Log    Trying to perform a PATCH. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/cancel  	 	
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
@@ -1167,6 +1335,7 @@ DELETE Cancel operation task
 Post Create subscription
     Log    Create subscription instance by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File    jsons/lccnSubscriptionRequest.json
@@ -1185,7 +1354,8 @@ Post Create subscription
 Post Create subscription - DUPLICATION
     Log    Trying to create a subscription with an already created content
     Pass Execution If    ${VNFM_DUPLICATION} == 0    VNFM is not permitting duplication. Skipping the test
-    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File    jsons/lccnSubscriptionRequest.json
@@ -1203,7 +1373,8 @@ Post Create subscription - DUPLICATION
 Post Create subscription - NO-DUPLICATION	
     Log    Trying to create a subscription with an already created content
     Pass Execution If    ${VNFM_DUPLICATION} == 1    VNFM permits duplication. Skipping the test
-    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File    jsons/lccnSubscriptionRequest.json
@@ -1221,6 +1392,7 @@ Post Create subscription - NO-DUPLICATION
 Get subscriptions
     Log    Get the list of active subscriptions
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Log    Execute Query and validate response
@@ -1229,7 +1401,8 @@ Get subscriptions
 	Set Global Variable    ${response}    ${outputResponse}	
 Get subscriptions - filter
     Log    Get the list of active subscriptions using a filter
-    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions?${sub_filter}	
@@ -1237,7 +1410,8 @@ Get subscriptions - filter
 	Set Global Variable    ${response}    ${outputResponse}		
 Get subscriptions - invalid filter  
     Log    Get the list of active subscriptions using an invalid filter
-    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions?${sub_filter_invalid}   
     ${outputResponse}=    Output    response
@@ -1245,6 +1419,7 @@ Get subscriptions - invalid filter
 Get subscriptions with all_fields attribute selector
     Log    Get the list of active subscriptions, using fields
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions?exclude_default
     ${output}=    Output    response
@@ -1252,6 +1427,7 @@ Get subscriptions with all_fields attribute selector
 Get subscriptions with exclude_default attribute selector
     Log    Get the list of active subscriptions, using fields
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions?exclude_default
     ${output}=    Output    response
@@ -1259,6 +1435,7 @@ Get subscriptions with exclude_default attribute selector
 Get subscriptions with fields attribute selector
     Log    Get the list of active subscriptions, using fields
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions?fields=${fields}
     ${output}=    Output    response
@@ -1266,6 +1443,7 @@ Get subscriptions with fields attribute selector
 Get subscriptions with exclude_fields attribute selector
     Log    Get the list of active subscriptions, using fields
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions?exclude_fields=${fields}
     ${output}=    Output    response
@@ -1273,6 +1451,7 @@ Get subscriptions with exclude_fields attribute selector
 PUT subscriptions
     log    Trying to perform a PUT. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Put    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions  	   
@@ -1281,6 +1460,7 @@ PUT subscriptions
 PATCH subscriptions
     log    Trying to perform a PATCH. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Put    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions  	   
@@ -1289,6 +1469,7 @@ PATCH subscriptions
 DELETE subscriptions
     log    Trying to perform a DELETE. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions  	   
@@ -1297,6 +1478,7 @@ DELETE subscriptions
 Post Create Individual subscription
     log    Trying to perform a POST. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}  	
@@ -1304,7 +1486,8 @@ Post Create Individual subscription
 	Set Global Variable    ${response}    ${outputResponse}		
 Get Individual subscription	
     log    Trying to get information about an individual subscription
-    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
     ${outputResponse}=    Output    response
@@ -1312,6 +1495,7 @@ Get Individual subscription
 Put Individual subscription	
     log    Trying to perform a PUT. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Put    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId} 
@@ -1320,6 +1504,7 @@ Put Individual subscription
 Patch Individual subscription	
     log    Trying to perform a PATCH. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId} 	
@@ -1328,6 +1513,7 @@ Patch Individual subscription
 Delete Individual subscription
     log    Try to delete an individual subscription
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}  	
     ${outputResponse}=    Output    response
@@ -1396,7 +1582,8 @@ GET test endpoint
     Clear Requests  ${callback_endpoint}   
     
 Check Subscription resource exist
-    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
@@ -1404,6 +1591,7 @@ Check Subscription resource exist
 
 Get VNF LCM Operation occurrences with all_fields attribute selector
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs?all_fields
     ${output}=    Output    response
@@ -1412,6 +1600,7 @@ Get VNF LCM Operation occurrences with all_fields attribute selector
 
 Get VNF LCM Operation occurrences with exclude_default attribute selector
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs?exclude_default
     ${output}=    Output    response
@@ -1419,6 +1608,7 @@ Get VNF LCM Operation occurrences with exclude_default attribute selector
     
 Get VNF LCM Operation occurrences with fields attribute selector
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs?fields=${fields}
     ${output}=    Output    response
@@ -1426,6 +1616,7 @@ Get VNF LCM Operation occurrences with fields attribute selector
     
 Get VNF LCM Operation occurrences with exclude_default and fields attribute selector
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs?fields=${fields}&exclude_default
     ${output}=    Output    response
@@ -1433,6 +1624,7 @@ Get VNF LCM Operation occurrences with exclude_default and fields attribute sele
     
 Get VNF LCM Operation occurrences with exclude_fields attribute selector
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs?exclude_fields=${fields}
     ${output}=    Output    response
@@ -1638,6 +1830,7 @@ Match the VNF LCM Operation Occurence Response Attributes with Descriptors
 POST Instantiate individual vnfInstance with instantiationLevelId
     Log    Trying to Instantiate a vnf Instance with instantiationLevelId
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File    jsons/instantiateVnfRequestWithInstantiationLevelId.json
@@ -1649,10 +1842,606 @@ POST Instantiate individual vnfInstance with instantiationLevelId
 POST instantiate individual vnfInstance with targetScaleLevelId
     Log    Trying to Instantiate a vnf Instance with targetScaleLevelId
     Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File    jsons/instantiateVnfRequestWithTargetScaleLevelInfo.json
     ${body}=        Format String   ${template}     flavourId=${flavourId}    scaleVnfRequestAspect=${scaleVnfRequestAspect}
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/instantiate    ${body}	
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}     
\ No newline at end of file
+	Set Global Variable    ${response}    ${outputResponse}     
+
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded}
+
+POST instantiate individual vnfInstance with permitted authorization scope
+    Log    Trying to Instantiate a vnf Instance with OAuth Token with permitted values
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=vnflcm:v2:instantiate
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/instantiateVnfRequest.json
+    ${body}=        Format String   ${template}     flavourId=${flavourId}  
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/instantiate    ${body}	
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 	
+
+POST instantiate individual vnfInstance with not permitted authorization scope
+    Log    Trying to Instantiate a vnf Instance with OAuth Token with not permitted values
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/instantiateVnfRequest.json
+    ${body}=        Format String   ${template}     flavourId=${flavourId}  
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/instantiate    ${body}	
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 	
+
+POST Scale vnfInstance with permitted authorization scope
+    [Arguments]    ${vnf_state}
+    [Documentation]    ${vnf_state} differentiate the VNF ID to be used in the different POST requests
+    ...    ${vnf_state} == 0 -> VNF in instantiated state
+    ...    ${vnf_state} == 1 -> VNF in not_instantiated state
+    ...    ${vnf_state} == 2 -> VNF ID not stored
+    ...     
+    Log    Trying to Instantiate a vnf Instance with permitted authorization scope
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${SCALE_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${body}=    Get File    jsons/scaleVnfRequest.json
+    Run Keyword If    ${vnf_state} == 0    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${instantiatedVnfInstanceId}/scale    ${body}
+    Run Keyword If    ${vnf_state} == 1    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${notInstantiatedVnfInstanceId}/scale    ${body}
+    Run Keyword If    ${vnf_state} == 2    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${NOT_EXISTANT_VNF_INSTANCE_ID}/scale    ${body}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/scale    ${body}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/scale    ${body}
+	${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+POST Scale vnfInstance with not permitted authorization scope
+    [Arguments]    ${vnf_state}
+    [Documentation]    ${vnf_state} differentiate the VNF ID to be used in the different POST requests
+    ...    ${vnf_state} == 0 -> VNF in instantiated state
+    ...    ${vnf_state} == 1 -> VNF in not_instantiated state
+    ...    ${vnf_state} == 2 -> VNF ID not stored
+    ...     
+    Log    Trying to Instantiate a vnf Instance with not permitted authorization scope
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${body}=    Get File    jsons/scaleVnfRequest.json
+    Run Keyword If    ${vnf_state} == 0    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${instantiatedVnfInstanceId}/scale    ${body}
+    Run Keyword If    ${vnf_state} == 1    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${notInstantiatedVnfInstanceId}/scale    ${body}
+    Run Keyword If    ${vnf_state} == 2    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${NOT_EXISTANT_VNF_INSTANCE_ID}/scale    ${body}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/scale    ${body}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/scale    ${body}
+	${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+POST Scale vnfInstance to level with instantiationLevelId and permitted authorization scope
+    Log    Trying to scale a vnf Instance to level using OAuth Token with permited scopes
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${SCALE_TO_LEVEL_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/scaleVnfToLevelRequestWithinstantiationLevelId.json
+    ${body}=        Format String   ${template}     instantiationLevelId=${instantiationLevelId} 
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/scale_to_level    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+POST Scale vnfInstance to level with instantiationLevelId and not permitted authorization scope
+    Log    Trying to scale a vnf Instance to level using OAuth Token with not permited scopes
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/scaleVnfToLevelRequestWithinstantiationLevelId.json
+    ${body}=        Format String   ${template}     instantiationLevelId=${instantiationLevelId} 
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/scale_to_level    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+POST Change VNF deployment flavour with permited authorization scope
+    Log    Trying to change the deployment flavour of a VNF instance with permited authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${CHANGE_FLAVOUR_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/changeVnfFlavourRequest.json
+    ${body}=        Format String   ${template}     newFlavourId=${newFlavourId} 
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/change_flavour    ${body} 
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+POST Change VNF deployment flavour with not permited authorization scope
+    Log    Trying to change the deployment flavour of a VNF instance with not permited authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/changeVnfFlavourRequest.json
+    ${body}=        Format String   ${template}     newFlavourId=${newFlavourId} 
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/change_flavour    ${body} 
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+POST Terminate VNF with permitted authorization scope
+    Log    Trying to terminate a VNF instance with permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${TERMINATE_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/terminateVnfRequest.json
+    ${body}=        Format String   ${template}     terminationType=${terminationType} 
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/terminate    ${body}	
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+POST Terminate VNF with not permitted authorization scope
+    Log    Trying to terminate a VNF instance with not permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/terminateVnfRequest.json
+    ${body}=        Format String   ${template}     terminationType=${terminationType} 
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/terminate    ${body}	
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+POST Heal VNF with permitted authorization scope
+    Log    Trying to heal a VNF instance with permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${HEAL_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/healVnfRequest.json
+    ${body}=        Format String   ${template}     healingCause=${healingCause}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/heal    ${body}		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+POST Heal VNF with not permitted authorization scope
+    Log    Trying to heal a VNF instance with not permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/healVnfRequest.json
+    ${body}=        Format String   ${template}     healingCause=${healingCause}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/heal    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+POST Change External VNF Connectivity with permitted authorization scope
+    Log    Trying to change the external connectivity of a VNF instance with permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${CHANGE_EXT_CONN_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/changeExtVnfConnectivityRequest.json
+    ${body}=        Format String   ${template}     CPD_IDs=${CPD_IDs}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/change_ext_conn    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+POST Change External VNF Connectivity with not permitted authorization scope
+    Log    Trying to change the external connectivity of a VNF instance with not permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/changeExtVnfConnectivityRequest.json
+    ${body}=        Format String   ${template}     CPD_IDs=${CPD_IDs}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/change_ext_conn    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+POST Operate VNF with permitted authorization scope
+    Log    Trying to operate a VNF instance with permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${OPERATE_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/operateVnfRequest.json
+    ${body}=        Format String   ${template}     changeStateTo=${changeStateTo} 
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/operate    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}	
+POST Operate VNF with not permitted authorization scope
+    Log    Trying to operate a VNF instance with not permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/operateVnfRequest.json
+    ${body}=        Format String   ${template}     changeStateTo=${changeStateTo} 
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/operate    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}	
+POST Create VNF Snapshot Task with permitted authorization scope
+    Log    Trying to request a snapshot of a VNF instance with permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${CREATE_SNAPSHOT_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/CreateVnfSnapshotRequest.json
+    ${body}=        Format String   ${template}     vnfSnapshotInfoId=${vnfSnapshotInfoId} 
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/create_snapshot    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+POST Create VNF Snapshot Task with not permitted authorization scope
+    Log    Trying to request a snapshot of a VNF instance with not permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/CreateVnfSnapshotRequest.json
+    ${body}=        Format String   ${template}     vnfSnapshotInfoId=${vnfSnapshotInfoId} 
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/create_snapshot    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+POST Revert to VNF Snapshot Task with permitted authorization scope
+    Log    Trying to initiate revert to VNF snapshot task with permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${REVERT_TO_SNAPSHOT_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/RevertToVnfSnapshotRequest.json
+    ${body}=        Format String   ${template}     vnfSnapshotInfoId=${vnfSnapshotInfoId} 
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/revert_to_snapshot    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+POST Revert to VNF Snapshot Task with not permitted authorization scope
+    Log    Trying to initiate revert to VNF snapshot task with not permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/RevertToVnfSnapshotRequest.json
+    ${body}=        Format String   ${template}     vnfSnapshotInfoId=${vnfSnapshotInfoId} 
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/revert_to_snapshot    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+POST Change Current VNF Package Task with permitted authorization scope
+    Log    Trying to change current VNF package task with permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${CHANGE_VNFPKG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/changeCurrentVnfPkgRequest.json
+    ${body}=        Format String   ${template}     vnfdId=${vnfdId} 
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/change_vnfpkg    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}  
+POST Change Current VNF Package Task with not permitted authorization scope
+    Log    Trying to change current VNF package task with not permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/changeCurrentVnfPkgRequest.json
+    ${body}=        Format String   ${template}     vnfdId=${vnfdId} 
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/change_vnfpkg    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}  
+POST Create a new vnfInstance with permitted authorization scope
+    Log    Create VNF instance by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances with permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${VNF_INSTANCE_INFO_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Run Keyword If    ${check_descriptors} == 1    PARSE the Descriptor File
+    ${template} =    Get File    jsons/createVnfRequest.json
+    ${body}=        Format String   ${template}     vnfdId=${Descriptor_ID}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 	
+POST Create a new vnfInstance with not permitted authorization scope
+    Log    Create VNF instance by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances with not permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Run Keyword If    ${check_descriptors} == 1    PARSE the Descriptor File
+    ${template} =    Get File    jsons/createVnfRequest.json
+    ${body}=        Format String   ${template}     vnfdId=${Descriptor_ID}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+GET individual vnfInstance with permitted authorization scope
+    log    Trying to get information about an individual VNF instance with permitted authorization scope.
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${VNF_INSTANCE_INFO_READONLY_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId} 		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+GET individual vnfInstance with not permitted authorization scope
+    log    Trying to get information about an individual VNF instance with not permitted authorization scope.
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId} 		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+GET VNF LCM OP occurrences with permitted authorization scope
+    Log    Query status information about multiple VNF lifecycle management operation occurrences with permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${OPERATION_OCCURANCE_READONLY_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Execute Query and validate response
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}	
+GET VNF LCM OP occurrences with not permitted authorization scope
+    Log    Query status information about multiple VNF lifecycle management operation occurrences with not permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Execute Query and validate response
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}	
+Get Individual VNF LCM OP occurrences with permitted authorization scope
+    log    Query status information about an individual VNF lifecycle management operation occurrence with permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${OPERATION_OCCURANCE_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}	
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}	
+Get Individual VNF LCM OP occurrences with not permitted authorization scope
+    log    Query status information about an individual VNF lifecycle management operation occurrence with not permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}	
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+Post Retry operation with permitted authorization scope
+    Log    Retry a VNF lifecycle operation if that operation has experienced a temporary failure with permitted authorization scope.
+    ${scope_value}=    Create Dictionary    scopeValue=${OPERATION_OCCURANCE_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Execute Query and validate response
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/retry	
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+Post Retry operation with not permitted authorization scope
+    Log    Retry a VNF lifecycle operation if that operation has experienced a temporary failure with not permitted authorization scope.
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Execute Query and validate response
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/retry	
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+Post Rollback operation with permitted authorization scope
+    Log    Rollback a VNF lifecycle operation if that operation has experienced a temporary failure with permitted autorization scope.
+    ${scope_value}=    Create Dictionary    scopeValue=${OPERATION_OCCURANCE_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Execute Query and validate response
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/rollback
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+Post Rollback operation with not permitted authorization scope
+    Log    Rollback a VNF lifecycle operation if that operation has experienced a temporary failure with not permitted autorization scope.
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Execute Query and validate response
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/rollback
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+Post Fail operation with permitted authorization scope
+    Log    mark as Failed a VNF lifecycle operation if that operation has experienced a failure with permitted authorization scope
+    ${scope_value}=    Create Dictionary    scopeValue=${OPERATION_OCCURANCE_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Execute Query and validate response
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/fail
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+Post Fail operation with not permitted authorization scope
+    Log    mark as Failed a VNF lifecycle operation if that operation has experienced a failure with not permitted authorization scope
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Execute Query and validate response
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/fail
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+POST Cancel operation task with permitted authorization scope
+    Log    Cancel an ongoing VNF lifecycle operation with permitted authorization scope.
+    ${scope_value}=    Create Dictionary    scopeValue=${OPERATION_OCCURANCE_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Cancel a VNF lifecycle operation
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/cancel    ${CancelMode}
+    Log    Validate Status code
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+POST Cancel operation task with not permitted authorization scope
+    Log    Cancel an ongoing VNF lifecycle operation
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Cancel a VNF lifecycle operation with not permitted authorization scope
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/cancel    ${CancelMode}
+    Log    Validate Status code
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+Post Create subscription with permitted authorization scope
+    Log    Create subscription instance by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions with permitted authorization scope
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${SUBSCRIPTIONS_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/lccnSubscriptionRequest.json
+    ${body}=        Format String   ${template}    vnfdIds=${vnfdIds}     callback_uri=${callback_uri}:${callback_port}    callback_endpoint=${callback_endpoint}
+    Log  Creating mock request and response to handle GET operation on notification endpoint
+    &{notification_request}=  Create Mock Request Matcher	GET  ${callback_endpoint}
+    &{notification_response}=  Create Mock Response	status_code=204
+    Log    Issue the subscription request
+    Create Mock Expectation  ${notification_request}  ${notification_response}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions    ${body}    allow_redirects=false
+	${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+	Clear Requests    ${callback_endpoint}
+Post Create subscription with not permitted authorization scope
+    Log    Create subscription instance by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions with not permitted authorization scope
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/lccnSubscriptionRequest.json
+    ${body}=        Format String   ${template}    vnfdIds=${vnfdIds}     callback_uri=${callback_uri}:${callback_port}    callback_endpoint=${callback_endpoint}
+    Log  Creating mock request and response to handle GET operation on notification endpoint
+    &{notification_request}=  Create Mock Request Matcher	GET  ${callback_endpoint}
+    &{notification_response}=  Create Mock Response	status_code=204
+    Log    Issue the subscription request
+    Create Mock Expectation  ${notification_request}  ${notification_response}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions    ${body}    allow_redirects=false
+	${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+	Clear Requests    ${callback_endpoint}
+GET individual VNF Snapshot with permitted authorization scope
+    log    Trying to get information about an individual VNF snapshot with permitted authorization scope
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${VNF_SNAPSHOT_INFO_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots/${vnfSnapshotInfoId} 		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}     
+GET individual VNF Snapshot with not permitted authorization scope
+    log    Trying to get information about an individual VNF snapshot with not permitted authorization scope
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots/${vnfSnapshotInfoId} 		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}  
+Get Individual subscription with permitted authorization scope
+    log    Trying to get information about an individual subscription with permitted authorization scope
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${SUBSCRIPTIONS_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}	
+Get Individual subscription with not permitted authorization scope
+    log    Trying to get information about an individual subscription with not permitted authorization scope
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}	
+POST Create a new VNF Snapshot with permitted authorization scope
+    Log    Create VNF snapshot by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots with permitted authorization scope
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${VNF_SNAPSHOT_INFO_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template} =    Get File    jsons/CreateVnfSnapshotInfoRequest.json
+    ${body}=        Format String   ${template}     vnfSnapshotPkgId=${vnfSnapshotPkgId}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 	
+POST Create a new VNF Snapshot with not permitted authorization scope
+    Log    Create VNF snapshot by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots with not permitted authorization scope
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Version": "${API_VERSION}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template} =    Get File    jsons/CreateVnfSnapshotInfoRequest.json
+    ${body}=        Format String   ${template}     vnfSnapshotPkgId=${vnfSnapshotPkgId}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+    
\ No newline at end of file
diff --git a/SOL002/VNFLifecycleManagement-API/VnfLcmOperationOccurences.robot b/SOL002/VNFLifecycleManagement-API/VnfLcmOperationOccurences.robot
index 49c6c53d38ac2a59f7181f0c72f42d2628820984..ea4973ce5905ceb577297e74aa44cc7af340e4ec 100644
--- a/SOL002/VNFLifecycleManagement-API/VnfLcmOperationOccurences.robot
+++ b/SOL002/VNFLifecycleManagement-API/VnfLcmOperationOccurences.robot
@@ -13,7 +13,7 @@ POST VNF LCM operation occurrences - Method not implemented
     ...    Test title: POST VNF LCM operation occurrences - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.12.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.12.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -25,7 +25,7 @@ GET status information about multiple VNF LCM operation occurrences
     ...    Test title: GET status information about multiple VNF LCM operation occurrences
     ...    Test objective: The objective is to test that GET method retrieve Query status information about multiple VNF lifecycle management operation occurrences.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -39,7 +39,7 @@ GET status information about multiple VNF LCM operation occurrences Bad Request
     ...    Test title: GET status information about multiple VNF LCM operation occurrences Bad Request Invalid attribute-based filtering parameters
     ...    Test objective: The objective is to test that GET method fail retrieving status information about multiple VNF lifecycle management operation occurrences because attribute is invalid.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -52,7 +52,7 @@ GET status information about multiple VNF LCM Operation occurrences Bad Request
     ...    Test title: GET status information about multiple VNF LCM Operation occurrences Bad Request Invalid attribute selector
     ...    Test objective: The objective is to test that GET method fail retrieving status information about multiple VNF lifecycle management operation occurrences because attribute is invalid.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -65,7 +65,7 @@ GET status information about multiple VNF LCM Operation occurrences with "all_fi
     ...    Test title: GET status information about multiple VNF LCM Operation OCC with "all_fields"
     ...    Test objective: The objective is to test that GET method retrieve Query status information about multiple VNF lifecycle management operation occurrences.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -78,7 +78,7 @@ GET status information about multiple VNF LCM Operation occurrences with "exlude
     ...    Test title: GET status information about multiple VNF LCM Operation OCC with "exclude_default"
     ...    Test objective: The objective is to test that GET method retrieve Query status information about multiple VNF lifecycle management operation occurrences.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -91,7 +91,7 @@ GET status information about multiple VNF LCM Operation occurrences with "fields
     ...    Test title: GET status information about multiple VNF LCM Operation OCC with "fields"
     ...    Test objective: The objective is to test that GET method retrieve Query status information about multiple VNF lifecycle management operation occurrences.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -104,7 +104,7 @@ GET status information about multiple VNF LCM Operation occurrences with "exclud
     ...    Test title: GET status information about multiple VNF LCM Operation OCC with "exclude_fields"
     ...    Test objective: The objective is to test that GET method retrieve Query status information about multiple VNF lifecycle management operation occurrences.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -117,7 +117,7 @@ PUT status information about multiple VNF LCM operation occurrences - Method not
     ...    Test title: PUT status information about multiple VNF LCM operation occurrences - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.12.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.12.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -129,7 +129,7 @@ PATCH status information about multiple VNF LCM operation occurrences - Method n
     ...    Test title: PATCH status information about multiple VNF LCM operation occurrences - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.12.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.12.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -141,7 +141,7 @@ DELETE status information about multiple VNF LCM operation occurrences - Method
     ...    Test title: DELETE status information about multiple VNF LCM operation occurrences - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.12.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.12.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -153,7 +153,7 @@ GET status information about multiple VNF LCM operation occurances to get Paged
     ...    Test title: GET status information about multiple VNF LCM operation occurances to get Paged Response
     ...    Test objective: The objective is to test that GET method retrieve Query status information about multiple VNF lifecycle management operation occurrences to get paged response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -166,7 +166,7 @@ GET status information about multiple VNF LCM Operation occurrences Bad Request
     ...    Test title: GET status information about multiple VNF LCM Operation occurrences Bad Request Response too big
     ...    Test objective: The objective is to test that GET method fail retrieving status information about multiple VNF lifecycle management operation occurrences because Response is too big.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -179,10 +179,36 @@ GET status information about multiple VNF LCM Operation occurrences with "exlude
     ...    Test title: GET status information about multiple VNF LCM Operation OCC with "exclude_default" and "fields"
     ...    Test objective: The objective is to test that GET method retrieve Query status information about multiple VNF lifecycle management operation occurrences.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none   
     Get VNF LCM Operation occurrences with exclude_default and fields attribute selector
     Check HTTP Response Status Code Is    202
-    Check HTTP Response Body Json Schema Is    VnfLcmOpOccs 
\ No newline at end of file
+    Check HTTP Response Body Json Schema Is    VnfLcmOpOccs 
+GET status information about multiple VNF LCM operation occurrences with permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.11.15
+    ...    Test title: GET status information about multiple VNF LCM operation occurrences with permitted authorization scope
+    ...    Test objective: The objective is to test that GET method retrieve Query status information about multiple VNF lifecycle management operation occurrences with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: none   
+    GET VNF LCM OP occurrences with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Body Json Schema Is    VnfLcmOpOccs 
+    Check HTTP Response Body vnf LCM OpOCCs content against VNF Descriptor
+GET status information about multiple VNF LCM operation occurrences with not permitted authorization scope
+    [Documentation]    Test ID: 6.3.5.11.16
+    ...    Test title: GET status information about multiple VNF LCM operation occurrences with not permitted authorization scope
+    ...    Test objective: The objective is to test that GET method retrieve Query status information about multiple VNF lifecycle management operation occurrences with not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VE
+    ...    Applicability: none
+    ...    Post-Conditions: none   
+    GET VNF LCM OP occurrences with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails 
+    
\ No newline at end of file
diff --git a/SOL002/VNFLifecycleManagement-API/descriptors/SOL001/VNFD/vnfd_SOL001.yaml b/SOL002/VNFLifecycleManagement-API/descriptors/SOL001/VNFD/vnfd_SOL001.yaml
index 04f00443ca7f093b7dc939e8f4b8d42c1a550080..fba0c049332c7833222c337d90eaf30f5c9405a9 100644
--- a/SOL002/VNFLifecycleManagement-API/descriptors/SOL001/VNFD/vnfd_SOL001.yaml
+++ b/SOL002/VNFLifecycleManagement-API/descriptors/SOL001/VNFD/vnfd_SOL001.yaml
@@ -1,8 +1,8 @@
-tosca_definitions_version: tosca_simple_yaml_1_2
+tosca_definitions_version: tosca_simple_yaml_1_3
 description: "TST010 reference VNF-B"
 
 imports:
-  - https://forge.etsi.org/rep/nfv/SOL001/raw/v3.3.1/etsi_nfv_sol001_vnfd_types.yaml
+  - https://forge.etsi.org/rep/nfv/SOL001/raw/v4.4.1/etsi_nfv_sol001_vnfd_types.yaml
 
 metadata:
   descriptor_id: "VNF-B"
@@ -44,7 +44,7 @@ node_types:
         type: list
         entry_schema:
           type: string
-        default: [ 'etsivnfm:v2.3.1' ]
+        default: [ 'etsivnfm:v4.5.1' ]
     interfaces:
       Vnflcm:
         type: "tosca.interfaces.nfv.Vnflcm"
diff --git a/SOL002/VNFLifecycleManagement-API/environment/variables.txt b/SOL002/VNFLifecycleManagement-API/environment/variables.txt
index ea2072dc4447c89614a6c23a214595b018d32240..dd51a649eee5df345e897f3d8a7d3ddb3d388444 100644
--- a/SOL002/VNFLifecycleManagement-API/environment/variables.txt
+++ b/SOL002/VNFLifecycleManagement-API/environment/variables.txt
@@ -13,7 +13,27 @@ ${ACCEPT_JSON}         application/json
 ${apiRoot}        /
 ${apiName}        vnflcm
 ${apiMajorVersion}    v2
+${API_VERSION}      2.12.0
 ${AUTH_USAGE}     1
+${OAUTH_Encryption_ALGORITHM}   HS256
+${NEG_SCOPE}    vnflcm:v2:invalid
+${INSTANTIATE_SCOPE}    vnflcm:v2:instantiate
+${SCALE_SCOPE}    vnfm:v2:scale
+${SCALE_TO_LEVEL_SCOPE}   vnflcm:v2:scale_to_level
+${CHANGE_FLAVOUR_SCOPE}   vnflcm:v2:change_flavour
+${TERMINATE_SCOPE}   vnflcm:v2:terminate
+${HEAL_SCOPE}   vnflcm:v2:heal:with_vnfc
+${CHANGE_EXT_CONN_SCOPE}   vnflcm:v2:change_ext_conn
+${OPERATE_SCOPE}    vnflcm:v2:operate:with_vnfc
+${CREATE_SNAPSHOT_SCOPE}    vnflcm:v2:create_snapshot:with_vnfc
+${REVERT_TO_SNAPSHOT_SCOPE}    vnflcm:v2:revert_to_snapshot:with_vnfc
+${CHANGE_VNFPKG_SCOPE}    vnflcm:v2:change_vnfpkg 
+${VNF_INSTANCE_INFO_SCOPE}   vnflcm:v2:vnf_instance_info:with_vnfc
+${VNF_INSTANCE_INFO_READONLY_SCOPE}   vnflcm:v2:vnf_instance_info:with_vnfc:readonly
+${OPERATION_OCCURANCE_SCOPE}    vnflcm:v2:op_occs
+${OPERATION_OCCURANCE_READONLY_SCOPE}    vnflcm:v2:op_occs:readonly
+${SUBSCRIPTIONS_SCOPE}   vnflcm:v2:subscriptions
+${VNF_SNAPSHOT_INFO_SCOPE}    vnflcm:v2:vnf_snapshot_info
 
 
 ${HEADER_TEST_SUPPORTED}    0
diff --git a/SOL002/VNFLifecycleManagement-API/jsons/SelectVnfDeployableModulesRequest.json b/SOL002/VNFLifecycleManagement-API/jsons/SelectVnfDeployableModulesRequest.json
new file mode 100644
index 0000000000000000000000000000000000000000..05b5acea51c2d9ef422eebc5efa1615b4a129d28
--- /dev/null
+++ b/SOL002/VNFLifecycleManagement-API/jsons/SelectVnfDeployableModulesRequest.json
@@ -0,0 +1,10 @@
+{{
+  "selectedDeployableModule": ["string"],
+  "targetScaleLevelInfo": [
+    {
+      "aspectId": "string",
+      "scaleLevel": 1
+    }
+  ],
+  "additionalParams": {}
+}}
diff --git a/SOL002/VNFLifecycleManagement-API/schemas/VnfLcmOperationOccurrenceNotification.schema.json b/SOL002/VNFLifecycleManagement-API/schemas/VnfLcmOperationOccurrenceNotification.schema.json
index ab574695702807a4f3b990a52856094f7367f5fa..0976578474880ff1363420701d527caa201cc634 100644
--- a/SOL002/VNFLifecycleManagement-API/schemas/VnfLcmOperationOccurrenceNotification.schema.json
+++ b/SOL002/VNFLifecycleManagement-API/schemas/VnfLcmOperationOccurrenceNotification.schema.json
@@ -615,6 +615,49 @@
 		  }
 		}
 	  },
+	  "affectedCertificates": {
+		"description": "Information about certificate content that were affected during the execution of the lifecycle management  operation, if this notification represents the result of a lifecycle management operation occurrence. Shall be present when using delegation mode, otherwise shall be absent. This attribute shall be supported when delegation mode in certificate management is applicable\n",
+		"type": "array",
+		"items": {
+			"description": "This type provides input information about added, deleted, and modified certificate contents.\n",
+			"type": "object",
+			"required": [
+				"certificateInfoId",
+				"changeType"
+			],
+			"properties": {
+				"certificateInfoId": {
+					"description": "An identifier with the intention of being globally unique.\n",
+					"type": "string"
+				},
+				"certificateBaseProfileId": {
+					"description": "An identifier with the intention of being globally unique.\n",
+					"type": "string"
+				},
+				"securityPolicyId": {
+					"description": "An identifier with the intention of being globally unique.\n",
+					"type": "string"
+				},
+				"cmfInfoId": {
+					"description": "An identifier with the intention of being globally unique.\n",
+					"type": "string"
+				},
+				"certificateContentId": {
+					"description": "An identifier with the intention of being globally unique.\n",
+					"type": "string"
+				},
+				"changeType": {
+					"description": "Signals the type of change.",
+					"type": "string",
+					"enum": [
+						"ADD",
+						"REMOVE",
+						"MODIFY"
+					]
+				}
+			}
+		}
+	},
 	  "changedExtConnectivity": {
 		"description": "Information about changed external connectivity, if this notification represents the result of a lifecycle operation occurrence. Shall be present if the \"notificationStatus\" is set to \"RESULT\" and the \"operation\" has made any change of the external  connectivity of the VNF instance. Shall be absent otherwise.\n",
 		"type": "array",
diff --git a/SOL002/VNFLifecycleManagement-API/schemas/vnfInstance.schema.json b/SOL002/VNFLifecycleManagement-API/schemas/vnfInstance.schema.json
index c21a7b2237f757a8c49bd304d6a34232677a8208..3a760326af7be28301023a3e05eddc00acf14f55 100644
--- a/SOL002/VNFLifecycleManagement-API/schemas/vnfInstance.schema.json
+++ b/SOL002/VNFLifecycleManagement-API/schemas/vnfInstance.schema.json
@@ -1,5 +1,5 @@
 {
-  "description": "This type represents a VNF instance. * NOTE 1:\tModifying the value of this attribute shall not be performed when conflicts exist\n          between the previous and the newly referred VNF package, i.e. when the new VNFD is\n          changed with respect to the previous VNFD in other aspects than merely referencing\n          to other VNF software images. In order to avoid misalignment of the VnfInstance with\n          the current VNF's on-boarded VNF package, the values of attributes in the VnfInstance\n          that have corresponding attributes in the VNFD shall be kept in sync with the values in the VNFD.\n* NOTE 2:\tETSI GS NFV-SOL 001 specifies the structure and format of the VNFD based on TOSCA specifications. * NOTE 3:\tVNF configurable properties are sometimes also referred to as configuration parameters\n          applicable to a VNF. Some of these are set prior to instantiation and cannot be modified\n          if the VNF is instantiated, some are set prior to instantiation (are part of initial configuration)\n          and can be modified later, and others can be set only after instantiation.\n          The applicability of certain configuration may depend on the VNF and the required operation of\n          the VNF at a certain point in time.\n* NOTE 4:\tUpon creation of the VnfInstance structure, the VNFM shall create and initialize all child\n          attributes of \"vnfConfigurableProperties\", \"metadata\" and \"extensions\" that were declared\n          in the VNFD with a defined initial value. The defined initial values can be declared in the VNFD,\n          and/or, in case of \"metadata\", obtained from the \"CreateVnfRequest\" structure. Child attributes of\n          \"vnfConfigurableProperties\", \"metadata\" and \"extensions\" that have no defined initial value shall\n          not be created, in order to be consistent with the semantics of the JSON Merge Patch method\n          (see IETF RFC 7396) that interprets null values as deletion request.\n* NOTE 5:\tIt is possible to have several ExtManagedVirtualLinkInfo for the same VNF internal VL in case\n          of a multi-site VNF spanning several VIMs. The set of ExtManagedVirtualLinkInfo corresponding\n          to the same VNF internal VL shall indicate so by referencing to the same VnfVirtualLinkDesc\n          and externally-managed multi-site VL instance (refer to clause 5.5.3.5).\n* NOTE 6:\tEven though externally-managed internal VLs are also used for VNF-internal connectivity,\n          they shall not be listed in the \"vnfVirtualLinkResourceInfo\" attribute as this would be redundant.\n",
+  "description": "This type represents a VNF instance. * NOTE 1:\tModifying the value of this attribute shall not be performed when conflicts exist\n          between the previous and the newly referred VNF package, i.e. when the new VNFD is\n          changed with respect to the previous VNFD in other aspects than merely referencing\n          to other VNF software images. In order to avoid misalignment of the VnfInstance with\n          the current VNF's on-boarded VNF package, the values of attributes in the VnfInstance\n          that have corresponding attributes in the VNFD shall be kept in sync with the values in the VNFD.\n* NOTE 2:\tETSI GS NFV-SOL 001 specifies the structure and format of the VNFD based on TOSCA specifications. * NOTE 3:\tThese attributes are sometimes also referred to as configuration parameters\n          applicable to a VNF. Some of these are set prior to instantiation and cannot be modified\n          if the VNF is instantiated, some are set prior to instantiation (are part of initial configuration)\n          and can be modified later, and others can be set only after instantiation.\n          The applicability of certain configuration may depend on the VNF and the required operation of\n          the VNF at a certain point in time.\n* NOTE 4:\tUpon creation of the VnfInstance structure, the VNFM shall create and initialize all child\n          attributes of \"vnfConfigurableProperties\", \"metadata\" and \"extensions\" that were declared\n          in the VNFD with a defined initial value. The defined initial values can be declared in the VNFD,\n          and/or, in case of \"metadata\", obtained from the \"CreateVnfRequest\" structure. Child attributes of\n          \"vnfConfigurableProperties\", \"metadata\" and \"extensions\" that have no defined initial value shall\n          not be created, in order to be consistent with the semantics of the JSON Merge Patch method\n          (see IETF RFC 7396) that interprets null values as deletion request.\n* NOTE 5:\tIt is possible to have several ExtManagedVirtualLinkInfo for the same VNF internal VL in case\n          of a multi-site VNF spanning several VIMs. The set of ExtManagedVirtualLinkInfo corresponding\n          to the same VNF internal VL shall indicate so by referencing to the same VnfVirtualLinkDesc\n          and externally-managed multi-site VL instance (refer to clause 5.5.3.5).\n* NOTE 6:\tEven though externally-managed internal VLs are also used for VNF-internal connectivity,\n          they shall not be listed in the \"vnfVirtualLinkResourceInfo\" attribute as this would be redundant.\n* NOTE 7:\tSubports need not be used for containerized VNFCs. The application container can send and receive IP\n          packets with any VLAN tag as long as the network interface to connect to the secondary container cluster\n          network has been configured appropriately. Thus, no individual extCpInfo, except the one representing the\n          trunk, need be modelled to allow traffic tagged with a particular VLAN through the connection point.\n* NOTE 8:\tFor a scaling aspect whose related VNFCs have not been instantiated due to the selection of deployable \n          modules, the \"scaleStatus\" indicates the scale level that would be applicable to the aspect if a VNF LCM \n          operation changes the selected deployable modules and the related VNFCs are instantiated, unless the VNF \n          LCM operation explicitly indicates the scale level for the aspect.\n",
   "type": "object",
   "required": [
     "id",
@@ -48,6 +48,281 @@
       "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
       "type": "object"
     },
+    "certificateInfo": {
+      "description": "This type provides input information related to certificate and certificate management.\n",
+      "type": "object",
+      "required": [
+        "id"
+      ],
+      "properties": {
+        "id": {
+          "description": "An identifier with the intention of being globally unique.\n",
+          "type": "string"
+        },
+        "certificateConfigurationInfo": {
+          "description": "This type provides input information related to certificate management.\n",
+          "type": "object",
+          "required": [
+            "securityPolicy"
+          ],
+          "properties": {
+            "certificateBaseProfile": {
+              "description": "This type provides input information to override certificate base profile for certificate management\nNOTE : At least one overriding attributes shall be present, otherwise shall be absent.\n",
+              "required": [
+                "id"
+              ],
+              "properties": {
+                "id": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                },
+                "issuer": {
+                  "type": "string",
+                  "description": "Issuer of certificates. See note."
+                },
+                "issuerUniqueIdentifier": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                },
+                "subject": {
+                  "description": "This type provides input information related to subject of certificate.\n* NOTE: At least one overriding attributes shall be present, otherwise shall be absent.\n",
+                  "type": "object",
+                  "properties": {
+                    "commonName": {
+                      "description": "Information of certification target subject FQDN. See note.",
+                      "type": "string"
+                    },
+                    "organization": {
+                      "description": "Information of certification target subject Organization. See note.",
+                      "type": "string"
+                    },
+                    "country": {
+                      "description": "Information of certification target subject Country. See note.",
+                      "type": "string"
+                    },
+                    "state": {
+                      "description": "Information of certification target subject State. See note.",
+                      "type": "string"
+                    },
+                    "locality": {
+                      "description": "Information of certification target subject Locality. See note.",
+                      "type": "string"
+                    },
+                    "emailAddress": {
+                      "description": "Information of certification contact email address. See note.",
+                      "type": "string"
+                    }
+                  }
+                },
+                "subjectUniqueIdentifier": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                },
+                "basicConstraints": {
+                  "type": "string",
+                  "description": "Basic constraints of certificates. See note.\n"
+                },
+                "issuerAltName": {
+                  "description": "Alternative name of issuer of certificates in this NS. See note.",
+                  "type": "array",
+                  "items": {
+                    "type": "string"
+                  }
+                },
+                "subjectAltName": {
+                  "description": "Alternative name of subject of certificates. Shall be present when this certificate is used for encrypted communication using IP address and subjectAltName attribute of CertificateBaseProfile in CertificateDesc of VNFD is empty (see ETSI GS NFV-IFA 011 [7],clause 7.1.19.4). See note",
+                  "type": "array",
+                  "items": {
+                    "type": "string"
+                  }
+                },
+                "nameConstraints": {
+                  "description": "Name constraints of certificates. See note.",
+                  "type": "array",
+                  "items": {
+                    "type": "string"
+                  }
+                }
+              }
+            },
+            "securityPolicy": {
+              "description": "Information for security policy to be satisfied for certificate.\n",
+              "type": "array",
+              "items": {
+                "description": "This type provides input information related to security policy for certificate management.\n",
+                "type": "object",
+                "required": [
+                  "id"
+                ],
+                "properties": {
+                  "id": {
+                    "description": "An identifier with the intention of being globally unique.\n",
+                    "type": "string"
+                  },
+                  "maxValidityPeriod": {
+                    "description": "Allowed max validity period for certificates.",
+                    "type": "integer"
+                  },
+                  "allowedAlgorithm": {
+                    "description": "Allowed signature algorithm.",
+                    "type": "string"
+                  },
+                  "minimumKeyLength": {
+                    "description": "Minimum key length for certificates.",
+                    "type": "integer"
+                  }
+                }
+              }
+            },
+            "delegationSupportedCertificateManagements": {
+              "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+              "type": "object"
+            },
+            "cmfInfo": {
+              "description": "This type provides input information related to CMF for certificate management.\n",
+              "type": "object",
+              "required": [
+                "id",
+                "endPoint",
+                "supportedProtocol"
+              ],
+              "properties": {
+                "id": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                },
+                "endPoint": {
+                  "description": "End point of CMF instance.",
+                  "type": "object",
+                  "required": [
+                    "ipAddress",
+                    "link"
+                  ],
+                  "properties": {
+                    "ipAddress": {
+                      "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                      "type": "string",
+                      "format": "IP"
+                    },
+                    "link": {
+                      "description": "This type represents a link to a resource using an absolute URI.\n",
+                      "type": "object",
+                      "required": [
+                        "href"
+                      ],
+                      "properties": {
+                        "href": {
+                          "description": "String formatted according to IETF RFC 3986.\n",
+                          "type": "string"
+                        }
+                      }
+                    }
+                  }
+                },
+                "supportedProtocols": {
+                  "description": "Supported protocol by CMF instance.",
+                  "type": "array",
+                  "items": {
+                    "type": "string",
+                    "enum": [
+                      "CMP",
+                      "CMPv2",
+                      "EST",
+                      "SCEP"
+                    ]
+                  }
+                },
+                "certificateChain": {
+                  "description": "Certificate chain that this CMF provides.",
+                  "type": "array",
+                  "items": {
+                    "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                    "type": "object"
+                  }
+                }
+              }
+            }
+          }
+        },
+        "certificateContents": {
+          "description": "Information for contents of issued certificates. The information contained in this attribute may be updated over time during the VNF LCM, e.g. certificate(s) renewal.\n",
+          "type": "array",
+          "items": {
+            "description": "This type provides input information related to certificate content.\n",
+            "type": "object",
+            "required": [
+              "id",
+              "certificateDescId",
+              "certificateType"
+            ],
+            "properties": {
+              "id": {
+                "description": "An identifier with the intention of being globally unique.\n",
+                "type": "string"
+              },
+              "certficateDescId": {
+                "description": "An identifier that is unique within a VNF descriptor.\n",
+                "type": "string"
+              },
+              "certificateType": {
+                "description": "Type of this certificate.",
+                "type": "string",
+                "enum": [
+                  "VNFCI_CERT",
+                  "VNFOAM_CERT"
+                ]
+              },
+              "supportedCertificateManagements": {
+                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                "type": "object"
+              },
+              "version": {
+                "description": "A version.\n",
+                "type": "string"
+              },
+              "serialNumber": {
+                "description": "Serial number of this certificate.",
+                "type": "integer"
+              },
+              "signatureAlgorithm": {
+                "description": "Algorithm of this certificate's signature.",
+                "type": "string"
+              },
+              "issuer": {
+                "description": "Issuer of this certificate.",
+                "type": "string"
+              },
+              "notBefore": {
+                "description": "Date-time stamp. Representation: String formatted according to IETF RFC 3339.\n",
+                "type": "string",
+                "format": "date-time"
+              },
+              "notAfter": {
+                "description": "Date-time stamp. Representation: String formatted according to IETF RFC 3339.\n",
+                "type": "string",
+                "format": "date-time"
+              },
+              "subject": {
+                "description": "Subject of this certificate.",
+                "type": "string"
+              },
+              "publicKeyAlgorithm": {
+                "description": "Algorithm of this certificate's public key.",
+                "type": "string"
+              },
+              "publicKey": {
+                "description": "Public key of this certificate.",
+                "type": "string"
+              },
+              "certificateExtensions": {
+                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                "type": "object"
+              }
+            }
+          }
+        }
+      }
+    },
     "instantiationState": {
       "description": "The instantiation state of the VNF.\n",
       "type": "string",
@@ -78,7 +353,7 @@
           ]
         },
         "scaleStatus": {
-          "description": "Scale status of the VNF, one entry per aspect. Represents for every scaling aspect how \"big\" the VNF has been scaled w.r.t. that aspect. This attribute shall be present if the VNF supports scaling. See clause B.2 for an explanation of VNF scaling.\n",
+          "description": "Scale status of the VNF, one entry per aspect. Represents for every scaling aspect how \"big\" the VNF has been scaled w.r.t. that aspect. This attribute shall be present if the VNF supports scaling. See clause B.2 for an explanation of VNF scaling. For an aspect that has not been deployed because the related deployableModule has not been selected, it indicates the scale level that has been requested in the instantiation or in a scaling operation, or, if none has been requested in any of them, the scale level applicable to the aspect based on the default instantiation level. See note 8.\n",
           "type": "array",
           "items": {
             "description": "This type represents the scale level of a VNF instance related to a scaling aspect.\n",
@@ -129,6 +404,14 @@
             }
           }
         },
+        "selectedDeployableModule": {
+          "description": "References a currently selected deployable module, as defined in the VNFD, that has already completed the instantiation of its VNFCs\n",
+          "type": "array",
+          "items": {
+            "description": "An identifier that is unique within a VNF descriptor.\n",
+            "type": "string"
+          }
+        },
         "extCpInfo": {
           "description": "Information about the external CPs exposed by the VNF instance. When trunking is enabled, the list of entries includes both, external CPs corresponding to parent ports of a trunk, and external CPs associated to sub-ports of a trunk.\n",
           "type": "array",
@@ -350,6 +633,10 @@
                   "description": "An identifier with the intention of being globally unique.\n",
                   "type": "string"
                 }
+              },
+              "certificateContentId": {
+                "description": "An identifier with the intention of being globally unique.\n",
+                "type": "string"
               }
             }
           }
@@ -1809,6 +2096,10 @@
                   "metadata": {
                     "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
                     "type": "object"
+                  },
+                  "certificateContentId": {
+                    "description": "An identifier with the intention of being globally unique.\n",
+                    "type": "string"
                   }
                 }
               }
@@ -1816,6 +2107,10 @@
             "metadata": {
               "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
               "type": "object"
+            },
+            "certificateContentId": {
+              "description": "An identifier with the intention of being globally unique.\n",
+              "type": "string"
             }
           }
         },
@@ -2138,7 +2433,8 @@
                 "type": "string",
                 "enum": [
                   "Deployment",
-                  "StatefulSet"
+                  "StatefulSet",
+                  "DaemonSet"
                 ]
               },
               "desiredInstances": {
@@ -2149,6 +2445,76 @@
                 "description": "Number of available MCIO instances.\n",
                 "type": "integer"
               },
+              "additionalInfo": {
+                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                "type": "object"
+              },
+              "certificateContentId": {
+                "description": "An identifier with the intention of being globally unique.\n",
+                "type": "string"
+              }
+            }
+          }
+        },
+        "vnfPaasServiceInfo": {
+          "description": "Information on the PaaS Services assigned and used by the VNF instance.\n",
+          "type": "array",
+          "items": {
+            "description": "This type provides information about a PaaS Service that is used by a VNF instance. The PaasServiceInfo is comprised of various sets of information. Some information comes from the VNFD, other information comes from the PaaS Service assets provided by the NFVO to the VNFM, and other information is provided at runtime information about the usage of the PaaS Service.\n",
+            "type": "object",
+            "required": [
+              "id",
+              "paasServiceId",
+              "paasServiceType",
+              "paasServiceRequestId",
+              "paasServiceHandle"
+            ],
+            "properties": {
+              "id": {
+                "description": "An identifier with the intention of being globally unique.\n",
+                "type": "string"
+              },
+              "paasServiceId": {
+                "description": "An identifier with the intention of being globally unique.\n",
+                "type": "string"
+              },
+              "paasServiceType": {
+                "description": "The type of PaaS Service. The value of this attribute is expected to be matched against values of the registered PaaS Services in the PSR.\n",
+                "type": "string"
+              },
+              "paasServiceVersion": {
+                "description": "A version.\n",
+                "type": "string"
+              },
+              "paasServiceRequestId": {
+                "description": "An identifier that is unique within a VNF descriptor.\n",
+                "type": "string"
+              },
+              "paasServiceHandle": {
+                "description": "This type provides information enabling the access and use of the PaaS Service by the  VNF instance. The type and format of the handle depends on the form that the PaaS Service is formed.\n",
+                "type": "object",
+                "required": [
+                  "id"
+                ],
+                "properties": {
+                  "id": {
+                    "description": "An identifier with the intention of being globally unique.\n",
+                    "type": "string"
+                  },
+                  "interfaceInfo": {
+                    "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                    "type": "object"
+                  },
+                  "accessInfo": {
+                    "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                    "type": "object"
+                  },
+                  "extra": {
+                    "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                    "type": "object"
+                  }
+                }
+              },
               "additionalInfo": {
                 "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
                 "type": "object"
diff --git a/SOL002/VNFLifecycleManagement-API/schemas/vnfInstances.schema.json b/SOL002/VNFLifecycleManagement-API/schemas/vnfInstances.schema.json
index d3ed91261a4acaf62de1e2fd7b5c5a0a8db7f984..eb98e0ceb3aeaf26877acb1f54cb2f6c7411b1be 100644
--- a/SOL002/VNFLifecycleManagement-API/schemas/vnfInstances.schema.json
+++ b/SOL002/VNFLifecycleManagement-API/schemas/vnfInstances.schema.json
@@ -1,852 +1,1861 @@
 {
-	"type": "array",
-	"items": {
-		"description": "This type represents a VNF instance. * NOTE 1:\tModifying the value of this attribute shall not be performed when conflicts exist\n          between the previous and the newly referred VNF package, i.e. when the new VNFD is\n          changed with respect to the previous VNFD in other aspects than merely referencing\n          to other VNF software images. In order to avoid misalignment of the VnfInstance with\n          the current VNF's on-boarded VNF package, the values of attributes in the VnfInstance\n          that have corresponding attributes in the VNFD shall be kept in sync with the values in the VNFD.\n* NOTE 2:\tETSI GS NFV-SOL 001 specifies the structure and format of the VNFD based on TOSCA specifications. * NOTE 3:\tVNF configurable properties are sometimes also referred to as configuration parameters\n          applicable to a VNF. Some of these are set prior to instantiation and cannot be modified\n          if the VNF is instantiated, some are set prior to instantiation (are part of initial configuration)\n          and can be modified later, and others can be set only after instantiation.\n          The applicability of certain configuration may depend on the VNF and the required operation of\n          the VNF at a certain point in time.\n* NOTE 4:\tUpon creation of the VnfInstance structure, the VNFM shall create and initialize all child\n          attributes of \"vnfConfigurableProperties\", \"metadata\" and \"extensions\" that were declared\n          in the VNFD with a defined initial value. The defined initial values can be declared in the VNFD,\n          and/or, in case of \"metadata\", obtained from the \"CreateVnfRequest\" structure. Child attributes of\n          \"vnfConfigurableProperties\", \"metadata\" and \"extensions\" that have no defined initial value shall\n          not be created, in order to be consistent with the semantics of the JSON Merge Patch method\n          (see IETF RFC 7396) that interprets null values as deletion request.\n* NOTE 5:\tIt is possible to have several ExtManagedVirtualLinkInfo for the same VNF internal VL in case\n          of a multi-site VNF spanning several VIMs. The set of ExtManagedVirtualLinkInfo corresponding\n          to the same VNF internal VL shall indicate so by referencing to the same VnfVirtualLinkDesc\n          and externally-managed multi-site VL instance (refer to clause 5.5.3.5).\n* NOTE 6:\tEven though externally-managed internal VLs are also used for VNF-internal connectivity,\n          they shall not be listed in the \"vnfVirtualLinkResourceInfo\" attribute as this would be redundant.\n",
-  "type": "object",
-  "required": [
-    "id",
-    "vnfdId",
-    "vnfProvider",
-    "vnfProductName",
-    "vnfSoftwareVersion",
-    "vnfdVersion",
-    "instantiationState",
-    "_links"
-  ],
-  "properties": {
-    "id": {
-      "description": "An identifier with the intention of being globally unique.\n",
-      "type": "string"
-    },
-    "vnfInstanceName": {
-      "description": "Name of the VNF instance. This attribute can be modified with the PATCH method.\n",
-      "type": "string"
-    },
-    "vnfInstanceDescription": {
-      "description": "Human-readable description of the VNF instance. This attribute can be modified with the PATCH method.\n",
-      "type": "string"
-    },
-    "vnfdId": {
-      "description": "An identifier with the intention of being globally unique.\n",
-      "type": "string"
-    },
-    "vnfProvider": {
-      "description": "Provider of the VNF and the VNFD. The value is copied from the VNFD.\n",
-      "type": "string"
-    },
-    "vnfProductName": {
-      "description": "Name to identify the VNF Product. The value is copied from the VNFD.\n",
-      "type": "string"
-    },
-    "vnfSoftwareVersion": {
-      "description": "A version.\n",
-      "type": "string"
-    },
-    "vnfdVersion": {
-      "description": "A version.\n",
-      "type": "string"
-    },
-    "vnfConfigurableProperties": {
-      "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
-      "type": "object"
-    },
-    "instantiationState": {
-      "description": "The instantiation state of the VNF.\n",
-      "type": "string",
-      "enum": [
-        "NOT_INSTANTIATED",
-        "INSTANTIATED"
-      ]
-    },
-    "instantiatedVnfInfo": {
-      "description": "Information specific to an instantiated VNF instance. This attribute shall be present if the instantiateState attribute value is INSTANTIATED.\n",
-      "type": "object",
-      "required": [
-        "flavourId",
-        "vnfState",
-        "extCpInfo"
-      ],
-      "properties": {
-        "flavourId": {
-          "description": "An identifier that is unique within a VNF descriptor.\n",
-          "type": "string"
-        },
-        "vnfState": {
-          "description": "STARTED: The VNF instance is up and running. STOPPED: The VNF instance has been shut down.\n",
-          "type": "string",
-          "enum": [
-            "STARTED",
-            "STOPPED"
-          ]
-        },
-        "scaleStatus": {
-          "description": "Scale status of the VNF, one entry per aspect. Represents for every scaling aspect how \"big\" the VNF has been scaled w.r.t. that aspect. This attribute shall be present if the VNF supports scaling. See clause B.2 for an explanation of VNF scaling.\n",
-          "type": "array",
-          "items": {
-            "description": "This type represents the scale level of a VNF instance related to a scaling aspect.\n",
+  "type": "array",
+  "items": {
+    "description": "This type represents a VNF instance. * NOTE 1:\tModifying the value of this attribute shall not be performed when conflicts exist\n          between the previous and the newly referred VNF package, i.e. when the new VNFD is\n          changed with respect to the previous VNFD in other aspects than merely referencing\n          to other VNF software images. In order to avoid misalignment of the VnfInstance with\n          the current VNF's on-boarded VNF package, the values of attributes in the VnfInstance\n          that have corresponding attributes in the VNFD shall be kept in sync with the values in the VNFD.\n* NOTE 2:\tETSI GS NFV-SOL 001 specifies the structure and format of the VNFD based on TOSCA specifications. * NOTE 3:\tThese attributes are sometimes also referred to as configuration parameters\n          applicable to a VNF. Some of these are set prior to instantiation and cannot be modified\n          if the VNF is instantiated, some are set prior to instantiation (are part of initial configuration)\n          and can be modified later, and others can be set only after instantiation.\n          The applicability of certain configuration may depend on the VNF and the required operation of\n          the VNF at a certain point in time.\n* NOTE 4:\tUpon creation of the VnfInstance structure, the VNFM shall create and initialize all child\n          attributes of \"vnfConfigurableProperties\", \"metadata\" and \"extensions\" that were declared\n          in the VNFD with a defined initial value. The defined initial values can be declared in the VNFD,\n          and/or, in case of \"metadata\", obtained from the \"CreateVnfRequest\" structure. Child attributes of\n          \"vnfConfigurableProperties\", \"metadata\" and \"extensions\" that have no defined initial value shall\n          not be created, in order to be consistent with the semantics of the JSON Merge Patch method\n          (see IETF RFC 7396) that interprets null values as deletion request.\n* NOTE 5:\tIt is possible to have several ExtManagedVirtualLinkInfo for the same VNF internal VL in case\n          of a multi-site VNF spanning several VIMs. The set of ExtManagedVirtualLinkInfo corresponding\n          to the same VNF internal VL shall indicate so by referencing to the same VnfVirtualLinkDesc\n          and externally-managed multi-site VL instance (refer to clause 5.5.3.5).\n* NOTE 6:\tEven though externally-managed internal VLs are also used for VNF-internal connectivity,\n          they shall not be listed in the \"vnfVirtualLinkResourceInfo\" attribute as this would be redundant.\n* NOTE 7:\tSubports need not be used for containerized VNFCs. The application container can send and receive IP\n          packets with any VLAN tag as long as the network interface to connect to the secondary container cluster\n          network has been configured appropriately. Thus, no individual extCpInfo, except the one representing the\n          trunk, need be modelled to allow traffic tagged with a particular VLAN through the connection point.\n* NOTE 8:\tFor a scaling aspect whose related VNFCs have not been instantiated due to the selection of deployable \n          modules, the \"scaleStatus\" indicates the scale level that would be applicable to the aspect if a VNF LCM \n          operation changes the selected deployable modules and the related VNFCs are instantiated, unless the VNF \n          LCM operation explicitly indicates the scale level for the aspect.\n",
+    "type": "object",
+    "required": [
+      "id",
+      "vnfdId",
+      "vnfProvider",
+      "vnfProductName",
+      "vnfSoftwareVersion",
+      "vnfdVersion",
+      "instantiationState",
+      "_links"
+    ],
+    "properties": {
+      "id": {
+        "description": "An identifier with the intention of being globally unique.\n",
+        "type": "string"
+      },
+      "vnfInstanceName": {
+        "description": "Name of the VNF instance. This attribute can be modified with the PATCH method.\n",
+        "type": "string"
+      },
+      "vnfInstanceDescription": {
+        "description": "Human-readable description of the VNF instance. This attribute can be modified with the PATCH method.\n",
+        "type": "string"
+      },
+      "vnfdId": {
+        "description": "An identifier with the intention of being globally unique.\n",
+        "type": "string"
+      },
+      "vnfProvider": {
+        "description": "Provider of the VNF and the VNFD. The value is copied from the VNFD.\n",
+        "type": "string"
+      },
+      "vnfProductName": {
+        "description": "Name to identify the VNF Product. The value is copied from the VNFD.\n",
+        "type": "string"
+      },
+      "vnfSoftwareVersion": {
+        "description": "A version.\n",
+        "type": "string"
+      },
+      "vnfdVersion": {
+        "description": "A version.\n",
+        "type": "string"
+      },
+      "vnfConfigurableProperties": {
+        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+        "type": "object"
+      },
+      "certificateInfo": {
+        "description": "This type provides input information related to certificate and certificate management.\n",
+        "type": "object",
+        "required": [
+          "id"
+        ],
+        "properties": {
+          "id": {
+            "description": "An identifier with the intention of being globally unique.\n",
+            "type": "string"
+          },
+          "certificateConfigurationInfo": {
+            "description": "This type provides input information related to certificate management.\n",
             "type": "object",
             "required": [
-              "aspectId",
-              "scaleLevel"
+              "securityPolicy"
             ],
             "properties": {
-              "aspectId": {
-                "description": "An identifier that is unique within a VNF descriptor.\n",
-                "type": "string"
-              },
-              "vnfdId": {
-                "description": "An identifier that is unique within a VNF descriptor.\n",
-                "type": "string"
-              },
-              "scaleToLevel": {
-                "description": "An identifier with the intention of being globally unique.\n",
-                "type": "string"
-              }
-            }
-          }
-        },
-        "maxScaleLevels": {
-          "description": "Maximum allowed scale levels of the VNF, one entry per aspect. This attribute shall be present if the VNF supports scaling.\n",
-          "type": "array",
-          "items": {
-            "description": "This type represents the scale level of a VNF instance related to a scaling aspect.\n",
-            "type": "object",
-            "required": [
-              "aspectId",
-              "scaleLevel"
-            ],
-            "properties": {
-              "aspectId": {
-                "description": "An identifier that is unique within a VNF descriptor.\n",
-                "type": "string"
-              },
-              "vnfdId": {
-                "description": "An identifier that is unique within a VNF descriptor.\n",
-                "type": "string"
-              },
-              "scaleToLevel": {
-                "description": "An identifier with the intention of being globally unique.\n",
-                "type": "string"
-              }
-            }
-          }
-        },
-        "extCpInfo": {
-          "description": "Information about the external CPs exposed by the VNF instance. When trunking is enabled, the list of entries includes both, external CPs corresponding to parent ports of a trunk, and external CPs associated to sub-ports of a trunk.\n",
-          "type": "array",
-          "minItems": 1,
-          "items": {
-            "description": "This type represents information about an external CP of a VNF.\nNOTE 1:\tThe attributes \"associatedVnfcCpId\", \"associatedVipCpId\", \"associatedVirtualCpId\" and \n        \"associatedVnfVirtualLinkId\" are mutually exclusive. Exactly one shall be present.\nNOTE 2:\tAn external CP instance is not associated to a link port in the cases indicated for the \n        ΓÇ£extLinkPortsΓÇ¥ attribute in clause 4.4.1.11.\nNOTE 3: Cardinality greater than 1 is only applicable for specific cases where more than one network \n        attachment definition resource is needed to fulfil the connectivity requirements of the external \n        CP, e.g. to build a link redundant mated pair in SR-IOV cases.\nNOTE 4: When more than one netAttDefResourceId is indicated, all shall belong to the same namespace.\n",
-            "type": "object",
-            "required": [
-              "id",
-              "cpdId",
-              "cpConfigId",
-              "cpProtocolInfo"
-            ],
-            "oneOf": [
-              {
-                "required": [
-                  "associatedVnfcCpId"
-                ]
-              },
-              {
+              "certificateBaseProfile": {
+                "description": "This type provides input information to override certificate base profile for certificate management\nNOTE : At least one overriding attributes shall be present, otherwise shall be absent.\n",
                 "required": [
-                  "associatedVipCpId"
-                ]
-              },
-              {
-                "required": [
-                  "associatedVnfVirtualLinkId"
-                ]
-              }
-            ],
-            "properties": {
-              "id": {
-                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-                "type": "string"
-              },
-              "cpdId": {
-                "description": "An identifier that is unique within a VNF descriptor.\n",
-                "type": "string"
-              },
-              "cpConfigId": {
-                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-                "type": "string"
-              },
-              "vnfdId": {
-                "description": "An identifier with the intention of being globally unique.\n",
-                "type": "string"
+                  "id"
+                ],
+                "properties": {
+                  "id": {
+                    "description": "An identifier with the intention of being globally unique.\n",
+                    "type": "string"
+                  },
+                  "issuer": {
+                    "type": "string",
+                    "description": "Issuer of certificates. See note."
+                  },
+                  "issuerUniqueIdentifier": {
+                    "description": "An identifier with the intention of being globally unique.\n",
+                    "type": "string"
+                  },
+                  "subject": {
+                    "description": "This type provides input information related to subject of certificate.\n* NOTE: At least one overriding attributes shall be present, otherwise shall be absent.\n",
+                    "type": "object",
+                    "properties": {
+                      "commonName": {
+                        "description": "Information of certification target subject FQDN. See note.",
+                        "type": "string"
+                      },
+                      "organization": {
+                        "description": "Information of certification target subject Organization. See note.",
+                        "type": "string"
+                      },
+                      "country": {
+                        "description": "Information of certification target subject Country. See note.",
+                        "type": "string"
+                      },
+                      "state": {
+                        "description": "Information of certification target subject State. See note.",
+                        "type": "string"
+                      },
+                      "locality": {
+                        "description": "Information of certification target subject Locality. See note.",
+                        "type": "string"
+                      },
+                      "emailAddress": {
+                        "description": "Information of certification contact email address. See note.",
+                        "type": "string"
+                      }
+                    }
+                  },
+                  "subjectUniqueIdentifier": {
+                    "description": "An identifier with the intention of being globally unique.\n",
+                    "type": "string"
+                  },
+                  "basicConstraints": {
+                    "type": "string",
+                    "description": "Basic constraints of certificates. See note.\n"
+                  },
+                  "issuerAltName": {
+                    "description": "Alternative name of issuer of certificates in this NS. See note.",
+                    "type": "array",
+                    "items": {
+                      "type": "string"
+                    }
+                  },
+                  "subjectAltName": {
+                    "description": "Alternative name of subject of certificates. Shall be present when this certificate is used for encrypted communication using IP address and subjectAltName attribute of CertificateBaseProfile in CertificateDesc of VNFD is empty (see ETSI GS NFV-IFA 011 [7],clause 7.1.19.4). See note",
+                    "type": "array",
+                    "items": {
+                      "type": "string"
+                    }
+                  },
+                  "nameConstraints": {
+                    "description": "Name constraints of certificates. See note.",
+                    "type": "array",
+                    "items": {
+                      "type": "string"
+                    }
+                  }
+                }
               },
-              "cpProtocolInfo": {
-                "description": "Network protocol information for this CP.\n",
+              "securityPolicy": {
+                "description": "Information for security policy to be satisfied for certificate.\n",
                 "type": "array",
                 "items": {
-                  "description": "This type describes the protocol layer(s) that a CP uses together with protocol-related information, like addresses.\nNOTE:\tThis attribute allows to signal the addition of further types of layer and protocol in future versions of the \n      present document in a backwards-compatible way. In the current version of the present document, only IP over \n      Ethernet is supported.\n",
+                  "description": "This type provides input information related to security policy for certificate management.\n",
                   "type": "object",
                   "required": [
-                    "layerProtocol"
+                    "id"
                   ],
                   "properties": {
-                    "layerProtocol": {
-                      "description": "The identifier of layer(s) and protocol(s) associated to the network address information.\nPermitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
+                    "id": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "maxValidityPeriod": {
+                      "description": "Allowed max validity period for certificates.",
+                      "type": "integer"
+                    },
+                    "allowedAlgorithm": {
+                      "description": "Allowed signature algorithm.",
+                      "type": "string"
+                    },
+                    "minimumKeyLength": {
+                      "description": "Minimum key length for certificates.",
+                      "type": "integer"
+                    }
+                  }
+                }
+              },
+              "delegationSupportedCertificateManagements": {
+                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                "type": "object"
+              },
+              "cmfInfo": {
+                "description": "This type provides input information related to CMF for certificate management.\n",
+                "type": "object",
+                "required": [
+                  "id",
+                  "endPoint",
+                  "supportedProtocol"
+                ],
+                "properties": {
+                  "id": {
+                    "description": "An identifier with the intention of being globally unique.\n",
+                    "type": "string"
+                  },
+                  "endPoint": {
+                    "description": "End point of CMF instance.",
+                    "type": "object",
+                    "required": [
+                      "ipAddress",
+                      "link"
+                    ],
+                    "properties": {
+                      "ipAddress": {
+                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                        "type": "string",
+                        "format": "IP"
+                      },
+                      "link": {
+                        "description": "This type represents a link to a resource using an absolute URI.\n",
+                        "type": "object",
+                        "required": [
+                          "href"
+                        ],
+                        "properties": {
+                          "href": {
+                            "description": "String formatted according to IETF RFC 3986.\n",
+                            "type": "string"
+                          }
+                        }
+                      }
+                    }
+                  },
+                  "supportedProtocols": {
+                    "description": "Supported protocol by CMF instance.",
+                    "type": "array",
+                    "items": {
                       "type": "string",
                       "enum": [
-                        "IP_OVER_ETHERNET",
-                        "IP_FOR_VIRTUAL_CP"
+                        "CMP",
+                        "CMPv2",
+                        "EST",
+                        "SCEP"
                       ]
-                    },
-                    "ipOverEthernet": {
-                      "description": "This type represents information about a network address that has been assigned.\nNOTE 1:\tAt least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2:\tExactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3:\tIf the Cp instance represents a subport in a trunk, segmentationId shall be present. \n        Otherwise it shall not be present.\nNOTE 4:\tDepending on the NFVI networking infrastructure, the segmentationId may indicate the \n        actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the \n        transport header of the packets or it may be an identifier used between the application \n        and the NFVI networking infrastructure to identify the network sub-interface of the trunk \n        port in question. In the latter case the NFVI infrastructure will map this local segmentationId \n        to whatever segmentationId is actually used by the NFVIΓÇÖs transport technology.\n",
-                      "type": "object",
-                      "anyOf": [
-                        {
-                          "required": [
-                            "macAddress"
-                          ]
-                        },
-                        {
-                          "required": [
-                            "ipAddresses"
-                          ]
-                        }
-                      ],
-                      "oneOf": [
-                        {
-                          "required": [
-                            "addresses"
-                          ]
-                        },
-                        {
-                          "required": [
-                            "addressRange"
-                          ]
-                        }
-                      ],
-                      "properties": {
-                        "macAddress": {
-                          "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
-                          "type": "string",
-                          "format": "MAC"
-                        },
-                        "segmentationId": {
-                          "description": "Identification of the network segment to which the Cp instance connects to. See notes 3 and 4.\n",
-                          "type": "string"
-                        },
-                        "ipAddresses": {
-                          "description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or  dynamic IP address assignment per subnet. See note 1.\n",
-                          "type": "array",
-                          "items": {
-                            "type": "object",
+                    }
+                  },
+                  "certificateChain": {
+                    "description": "Certificate chain that this CMF provides.",
+                    "type": "array",
+                    "items": {
+                      "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                      "type": "object"
+                    }
+                  }
+                }
+              }
+            }
+          },
+          "certificateContents": {
+            "description": "Information for contents of issued certificates. The information contained in this attribute may be updated over time during the VNF LCM, e.g. certificate(s) renewal.\n",
+            "type": "array",
+            "items": {
+              "description": "This type provides input information related to certificate content.\n",
+              "type": "object",
+              "required": [
+                "id",
+                "certificateDescId",
+                "certificateType"
+              ],
+              "properties": {
+                "id": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                },
+                "certficateDescId": {
+                  "description": "An identifier that is unique within a VNF descriptor.\n",
+                  "type": "string"
+                },
+                "certificateType": {
+                  "description": "Type of this certificate.",
+                  "type": "string",
+                  "enum": [
+                    "VNFCI_CERT",
+                    "VNFOAM_CERT"
+                  ]
+                },
+                "supportedCertificateManagements": {
+                  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                  "type": "object"
+                },
+                "version": {
+                  "description": "A version.\n",
+                  "type": "string"
+                },
+                "serialNumber": {
+                  "description": "Serial number of this certificate.",
+                  "type": "integer"
+                },
+                "signatureAlgorithm": {
+                  "description": "Algorithm of this certificate's signature.",
+                  "type": "string"
+                },
+                "issuer": {
+                  "description": "Issuer of this certificate.",
+                  "type": "string"
+                },
+                "notBefore": {
+                  "description": "Date-time stamp. Representation: String formatted according to IETF RFC 3339.\n",
+                  "type": "string",
+                  "format": "date-time"
+                },
+                "notAfter": {
+                  "description": "Date-time stamp. Representation: String formatted according to IETF RFC 3339.\n",
+                  "type": "string",
+                  "format": "date-time"
+                },
+                "subject": {
+                  "description": "Subject of this certificate.",
+                  "type": "string"
+                },
+                "publicKeyAlgorithm": {
+                  "description": "Algorithm of this certificate's public key.",
+                  "type": "string"
+                },
+                "publicKey": {
+                  "description": "Public key of this certificate.",
+                  "type": "string"
+                },
+                "certificateExtensions": {
+                  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                  "type": "object"
+                }
+              }
+            }
+          }
+        }
+      },
+      "instantiationState": {
+        "description": "The instantiation state of the VNF.\n",
+        "type": "string",
+        "enum": [
+          "NOT_INSTANTIATED",
+          "INSTANTIATED"
+        ]
+      },
+      "instantiatedVnfInfo": {
+        "description": "Information specific to an instantiated VNF instance. This attribute shall be present if the instantiateState attribute value is INSTANTIATED.\n",
+        "type": "object",
+        "required": [
+          "flavourId",
+          "vnfState",
+          "extCpInfo"
+        ],
+        "properties": {
+          "flavourId": {
+            "description": "An identifier that is unique within a VNF descriptor.\n",
+            "type": "string"
+          },
+          "vnfState": {
+            "description": "STARTED: The VNF instance is up and running. STOPPED: The VNF instance has been shut down.\n",
+            "type": "string",
+            "enum": [
+              "STARTED",
+              "STOPPED"
+            ]
+          },
+          "scaleStatus": {
+            "description": "Scale status of the VNF, one entry per aspect. Represents for every scaling aspect how \"big\" the VNF has been scaled w.r.t. that aspect. This attribute shall be present if the VNF supports scaling. See clause B.2 for an explanation of VNF scaling. For an aspect that has not been deployed because the related deployableModule has not been selected, it indicates the scale level that has been requested in the instantiation or in a scaling operation, or, if none has been requested in any of them, the scale level applicable to the aspect based on the default instantiation level. See note 8.\n",
+            "type": "array",
+            "items": {
+              "description": "This type represents the scale level of a VNF instance related to a scaling aspect.\n",
+              "type": "object",
+              "required": [
+                "aspectId",
+                "scaleLevel"
+              ],
+              "properties": {
+                "aspectId": {
+                  "description": "An identifier that is unique within a VNF descriptor.\n",
+                  "type": "string"
+                },
+                "vnfdId": {
+                  "description": "An identifier that is unique within a VNF descriptor.\n",
+                  "type": "string"
+                },
+                "scaleToLevel": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                }
+              }
+            }
+          },
+          "maxScaleLevels": {
+            "description": "Maximum allowed scale levels of the VNF, one entry per aspect. This attribute shall be present if the VNF supports scaling.\n",
+            "type": "array",
+            "items": {
+              "description": "This type represents the scale level of a VNF instance related to a scaling aspect.\n",
+              "type": "object",
+              "required": [
+                "aspectId",
+                "scaleLevel"
+              ],
+              "properties": {
+                "aspectId": {
+                  "description": "An identifier that is unique within a VNF descriptor.\n",
+                  "type": "string"
+                },
+                "vnfdId": {
+                  "description": "An identifier that is unique within a VNF descriptor.\n",
+                  "type": "string"
+                },
+                "scaleToLevel": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                }
+              }
+            }
+          },
+          "selectedDeployableModule": {
+            "description": "References a currently selected deployable module, as defined in the VNFD, that has already completed the instantiation of its VNFCs\n",
+            "type": "array",
+            "items": {
+              "description": "An identifier that is unique within a VNF descriptor.\n",
+              "type": "string"
+            }
+          },
+          "extCpInfo": {
+            "description": "Information about the external CPs exposed by the VNF instance. When trunking is enabled, the list of entries includes both, external CPs corresponding to parent ports of a trunk, and external CPs associated to sub-ports of a trunk.\n",
+            "type": "array",
+            "minItems": 1,
+            "items": {
+              "description": "This type represents information about an external CP of a VNF.\nNOTE 1:\tThe attributes \"associatedVnfcCpId\", \"associatedVipCpId\", \"associatedVirtualCpId\" and \n        \"associatedVnfVirtualLinkId\" are mutually exclusive. Exactly one shall be present.\nNOTE 2:\tAn external CP instance is not associated to a link port in the cases indicated for the \n        ΓÇ£extLinkPortsΓÇ¥ attribute in clause 4.4.1.11.\nNOTE 3: Cardinality greater than 1 is only applicable for specific cases where more than one network \n        attachment definition resource is needed to fulfil the connectivity requirements of the external \n        CP, e.g. to build a link redundant mated pair in SR-IOV cases.\nNOTE 4: When more than one netAttDefResourceId is indicated, all shall belong to the same namespace.\n",
+              "type": "object",
+              "required": [
+                "id",
+                "cpdId",
+                "cpConfigId",
+                "cpProtocolInfo"
+              ],
+              "oneOf": [
+                {
+                  "required": [
+                    "associatedVnfcCpId"
+                  ]
+                },
+                {
+                  "required": [
+                    "associatedVipCpId"
+                  ]
+                },
+                {
+                  "required": [
+                    "associatedVnfVirtualLinkId"
+                  ]
+                }
+              ],
+              "properties": {
+                "id": {
+                  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                  "type": "string"
+                },
+                "cpdId": {
+                  "description": "An identifier that is unique within a VNF descriptor.\n",
+                  "type": "string"
+                },
+                "cpConfigId": {
+                  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                  "type": "string"
+                },
+                "vnfdId": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                },
+                "cpProtocolInfo": {
+                  "description": "Network protocol information for this CP.\n",
+                  "type": "array",
+                  "items": {
+                    "description": "This type describes the protocol layer(s) that a CP uses together with protocol-related information, like addresses.\nNOTE:\tThis attribute allows to signal the addition of further types of layer and protocol in future versions of the \n      present document in a backwards-compatible way. In the current version of the present document, only IP over \n      Ethernet is supported.\n",
+                    "type": "object",
+                    "required": [
+                      "layerProtocol"
+                    ],
+                    "properties": {
+                      "layerProtocol": {
+                        "description": "The identifier of layer(s) and protocol(s) associated to the network address information.\nPermitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
+                        "type": "string",
+                        "enum": [
+                          "IP_OVER_ETHERNET",
+                          "IP_FOR_VIRTUAL_CP"
+                        ]
+                      },
+                      "ipOverEthernet": {
+                        "description": "This type represents information about a network address that has been assigned.\nNOTE 1:\tAt least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2:\tExactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3:\tIf the Cp instance represents a subport in a trunk, segmentationId shall be present. \n        Otherwise it shall not be present.\nNOTE 4:\tDepending on the NFVI networking infrastructure, the segmentationId may indicate the \n        actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the \n        transport header of the packets or it may be an identifier used between the application \n        and the NFVI networking infrastructure to identify the network sub-interface of the trunk \n        port in question. In the latter case the NFVI infrastructure will map this local segmentationId \n        to whatever segmentationId is actually used by the NFVIΓÇÖs transport technology.\n",
+                        "type": "object",
+                        "anyOf": [
+                          {
                             "required": [
-                              "type"
-                            ],
-                            "properties": {
-                              "type": {
-                                "description": "The type of the IP addresses. Permitted values: IPV4, IPV6.\n",
-                                "type": "string",
-                                "enum": [
-                                  "IPV4",
-                                  "IPV6"
-                                ]
-                              },
-                              "addresses": {
-                                "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
-                                "type": "array",
-                                "items": {
-                                  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                              "macAddress"
+                            ]
+                          },
+                          {
+                            "required": [
+                              "ipAddresses"
+                            ]
+                          }
+                        ],
+                        "oneOf": [
+                          {
+                            "required": [
+                              "addresses"
+                            ]
+                          },
+                          {
+                            "required": [
+                              "addressRange"
+                            ]
+                          }
+                        ],
+                        "properties": {
+                          "macAddress": {
+                            "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
+                            "type": "string",
+                            "format": "MAC"
+                          },
+                          "segmentationId": {
+                            "description": "Identification of the network segment to which the Cp instance connects to. See notes 3 and 4.\n",
+                            "type": "string"
+                          },
+                          "ipAddresses": {
+                            "description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or  dynamic IP address assignment per subnet. See note 1.\n",
+                            "type": "array",
+                            "items": {
+                              "type": "object",
+                              "required": [
+                                "type"
+                              ],
+                              "properties": {
+                                "type": {
+                                  "description": "The type of the IP addresses. Permitted values: IPV4, IPV6.\n",
                                   "type": "string",
-                                  "format": "IP"
-                                }
-                              },
-                              "isDynamic": {
-                                "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
-                                "type": "boolean"
-                              },
-                              "addressRange": {
-                                "description": "An IP address range used, e.g. in case of egress connections. See note 2.\n",
-                                "type": "object",
-                                "required": [
-                                  "minAddress",
-                                  "maxAddress"
-                                ],
-                                "properties": {
-                                  "minAddress": {
+                                  "enum": [
+                                    "IPV4",
+                                    "IPV6"
+                                  ]
+                                },
+                                "addresses": {
+                                  "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
+                                  "type": "array",
+                                  "items": {
                                     "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
                                     "type": "string",
                                     "format": "IP"
-                                  },
-                                  "maxAddress": {
+                                  }
+                                },
+                                "isDynamic": {
+                                  "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
+                                  "type": "boolean"
+                                },
+                                "addressRange": {
+                                  "description": "An IP address range used, e.g. in case of egress connections. See note 2.\n",
+                                  "type": "object",
+                                  "required": [
+                                    "minAddress",
+                                    "maxAddress"
+                                  ],
+                                  "properties": {
+                                    "minAddress": {
+                                      "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                      "type": "string",
+                                      "format": "IP"
+                                    },
+                                    "maxAddress": {
+                                      "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                      "type": "string",
+                                      "format": "IP"
+                                    }
+                                  }
+                                },
+                                "subnetId": {
+                                  "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                                  "type": "string"
+                                }
+                              }
+                            }
+                          }
+                        }
+                      },
+                      "virtualCpAddress": {
+                        "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
+                        "type": "object",
+                        "required": [
+                          "type"
+                        ],
+                        "properties": {
+                          "type": {
+                            "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
+                            "type": "string",
+                            "enum": [
+                              "IPV4",
+                              "IPV6"
+                            ]
+                          },
+                          "loadBalancerIp": {
+                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                            "type": "string",
+                            "format": "IP"
+                          },
+                          "addressPoolName": {
+                            "description": "Name of an address pool from which an IP address is assigned to the virtual CP.\n",
+                            "type": "string"
+                          }
+                        }
+                      }
+                    }
+                  }
+                },
+                "extLinkPortId": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                },
+                "metadata": {
+                  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                  "type": "object"
+                },
+                "associatedVnfcCpId": {
+                  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                  "type": "string"
+                },
+                "associatedVipCpId": {
+                  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                  "type": "string"
+                },
+                "associatedVirtualCpId": {
+                  "description": "An identifier that is unique within a VNF descriptor.\n",
+                  "type": "string"
+                },
+                "associatedVnfVirtualLinkId": {
+                  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                  "type": "string"
+                },
+                "netAttDefResourceId": {
+                  "description": "Identifier of the ΓÇ£NetAttDefResourceInfoΓÇ¥ structure that provides the specification of the interface to attach the connection point to a secondary container cluster network. See notes 3 and 4. It shall be present if the external CP is associated to a VNFC realized by one or a set of OS containers and is connected to a secondary container cluster network. It shall not be present otherwise.\n",
+                  "type": "array",
+                  "items": {
+                    "description": "An identifier with the intention of being globally unique.\n",
+                    "type": "string"
+                  }
+                },
+                "certificateContentId": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                }
+              }
+            }
+          },
+          "vipCpInfo": {
+            "description": "VIP CPs that are part of the VNF instance. Shall be present when that particular VIP CP of the VNFC instance is associated to an external CP of the VNF instance.\nMay be present otherwise.\n",
+            "type": "array",
+            "items": {
+              "description": "This type provides information related to virtual IP CP.\nNOTE 1:\tIt is possible that there is no associated VnfcCp because the virtual IP CP is available but not associated yet. NOTE 2: If only the value or the presence of this attribute is changed in the \"VipCpInfo\" structure by an LCM operation occurrence, this does not represent a change that requires including a related \"AffectedVipCp\" structure in the VNF LCM operation occurrence notifications or the \"VnfLcmOpOcc\" structure related to this LCM operation occurrence.\n",
+              "type": "object",
+              "required": [
+                "cpInstanceId",
+                "cpdId"
+              ],
+              "properties": {
+                "cpInstanceId": {
+                  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                  "type": "string"
+                },
+                "cpdId": {
+                  "description": "An identifier that is unique within a VNF descriptor.\n",
+                  "type": "string"
+                },
+                "vnfdId": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                },
+                "vnfExtCpId": {
+                  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                  "type": "string"
+                },
+                "cpProtocolInfo": {
+                  "description": "Protocol information for this CP. There shall be one cpProtocolInfo for layer 3. There may be one cpProtocolInfo for layer 2.\n",
+                  "type": "array",
+                  "items": {
+                    "description": "This type describes the protocol layer(s) that a CP uses together with protocol-related information, like addresses.\nNOTE:\tThis attribute allows to signal the addition of further types of layer and protocol in future versions of the \n      present document in a backwards-compatible way. In the current version of the present document, only IP over \n      Ethernet is supported.\n",
+                    "type": "object",
+                    "required": [
+                      "layerProtocol"
+                    ],
+                    "properties": {
+                      "layerProtocol": {
+                        "description": "The identifier of layer(s) and protocol(s) associated to the network address information.\nPermitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
+                        "type": "string",
+                        "enum": [
+                          "IP_OVER_ETHERNET",
+                          "IP_FOR_VIRTUAL_CP"
+                        ]
+                      },
+                      "ipOverEthernet": {
+                        "description": "This type represents information about a network address that has been assigned.\nNOTE 1:\tAt least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2:\tExactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3:\tIf the Cp instance represents a subport in a trunk, segmentationId shall be present. \n        Otherwise it shall not be present.\nNOTE 4:\tDepending on the NFVI networking infrastructure, the segmentationId may indicate the \n        actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the \n        transport header of the packets or it may be an identifier used between the application \n        and the NFVI networking infrastructure to identify the network sub-interface of the trunk \n        port in question. In the latter case the NFVI infrastructure will map this local segmentationId \n        to whatever segmentationId is actually used by the NFVIΓÇÖs transport technology.\n",
+                        "type": "object",
+                        "anyOf": [
+                          {
+                            "required": [
+                              "macAddress"
+                            ]
+                          },
+                          {
+                            "required": [
+                              "ipAddresses"
+                            ]
+                          }
+                        ],
+                        "oneOf": [
+                          {
+                            "required": [
+                              "addresses"
+                            ]
+                          },
+                          {
+                            "required": [
+                              "addressRange"
+                            ]
+                          }
+                        ],
+                        "properties": {
+                          "macAddress": {
+                            "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
+                            "type": "string",
+                            "format": "MAC"
+                          },
+                          "segmentationId": {
+                            "description": "Identification of the network segment to which the Cp instance connects to. See notes 3 and 4.\n",
+                            "type": "string"
+                          },
+                          "ipAddresses": {
+                            "description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or  dynamic IP address assignment per subnet. See note 1.\n",
+                            "type": "array",
+                            "items": {
+                              "type": "object",
+                              "required": [
+                                "type"
+                              ],
+                              "properties": {
+                                "type": {
+                                  "description": "The type of the IP addresses. Permitted values: IPV4, IPV6.\n",
+                                  "type": "string",
+                                  "enum": [
+                                    "IPV4",
+                                    "IPV6"
+                                  ]
+                                },
+                                "addresses": {
+                                  "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
+                                  "type": "array",
+                                  "items": {
                                     "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
                                     "type": "string",
                                     "format": "IP"
                                   }
+                                },
+                                "isDynamic": {
+                                  "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
+                                  "type": "boolean"
+                                },
+                                "addressRange": {
+                                  "description": "An IP address range used, e.g. in case of egress connections. See note 2.\n",
+                                  "type": "object",
+                                  "required": [
+                                    "minAddress",
+                                    "maxAddress"
+                                  ],
+                                  "properties": {
+                                    "minAddress": {
+                                      "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                      "type": "string",
+                                      "format": "IP"
+                                    },
+                                    "maxAddress": {
+                                      "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                      "type": "string",
+                                      "format": "IP"
+                                    }
+                                  }
+                                },
+                                "subnetId": {
+                                  "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                                  "type": "string"
                                 }
-                              },
-                              "subnetId": {
-                                "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
-                                "type": "string"
                               }
                             }
                           }
                         }
-                      }
-                    },
-                    "virtualCpAddress": {
-                      "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
-                      "type": "object",
-                      "required": [
-                        "type"
-                      ],
-                      "properties": {
-                        "type": {
-                          "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
-                          "type": "string",
-                          "enum": [
-                            "IPV4",
-                            "IPV6"
-                          ]
-                        },
-                        "loadBalancerIp": {
-                          "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-                          "type": "string",
-                          "format": "IP"
-                        },
-                        "addressPoolName": {
-                          "description": "Name of an address pool from which an IP address is assigned to the virtual CP.\n",
-                          "type": "string"
+                      },
+                      "virtualCpAddress": {
+                        "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
+                        "type": "object",
+                        "required": [
+                          "type"
+                        ],
+                        "properties": {
+                          "type": {
+                            "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
+                            "type": "string",
+                            "enum": [
+                              "IPV4",
+                              "IPV6"
+                            ]
+                          },
+                          "loadBalancerIp": {
+                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                            "type": "string",
+                            "format": "IP"
+                          },
+                          "addressPoolName": {
+                            "description": "Name of an address pool from which an IP address is assigned to the virtual CP.\n",
+                            "type": "string"
+                          }
                         }
                       }
                     }
                   }
-                }
-              },
-              "extLinkPortId": {
-                "description": "An identifier with the intention of being globally unique.\n",
-                "type": "string"
-              },
-              "metadata": {
-                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
-                "type": "object"
-              },
-              "associatedVnfcCpId": {
-                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-                "type": "string"
-              },
-              "associatedVipCpId": {
-                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-                "type": "string"
-              },
-              "associatedVirtualCpId": {
-                "description": "An identifier that is unique within a VNF descriptor.\n",
-                "type": "string"
-              },
-              "associatedVnfVirtualLinkId": {
-                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-                "type": "string"
-              },
-              "netAttDefResourceId": {
-                "description": "Identifier of the ΓÇ£NetAttDefResourceInfoΓÇ¥ structure that provides the specification of the interface to attach the connection point to a secondary container cluster network. See notes 3 and 4. It shall be present if the external CP is associated to a VNFC realized by one or a set of OS containers and is connected to a secondary container cluster network. It shall not be present otherwise.\n",
-                "type": "array",
-                "items": {
-                  "description": "An identifier with the intention of being globally unique.\n",
+                },
+                "associatedVnfcCpIds": {
+                  "description": "Identifiers of the VnfcCps that share the virtual IP addresse allocated to the virtual IP CP instance. See note.\n",
+                  "type": "array",
+                  "items": {
+                    "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                    "type": "string"
+                  }
+                },
+                "vnfLinkPortId": {
+                  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
                   "type": "string"
+                },
+                "metadata": {
+                  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                  "type": "object"
                 }
               }
             }
-          }
-        },
-        "vipCpInfo": {
-          "description": "VIP CPs that are part of the VNF instance. Shall be present when that particular VIP CP of the VNFC instance is associated to an external CP of the VNF instance.\nMay be present otherwise.\n",
-          "type": "array",
-          "items": {
-            "description": "This type provides information related to virtual IP CP.\nNOTE 1:\tIt is possible that there is no associated VnfcCp because the virtual IP CP is available but not associated yet. NOTE 2: If only the value or the presence of this attribute is changed in the \"VipCpInfo\" structure by an LCM operation occurrence, this does not represent a change that requires including a related \"AffectedVipCp\" structure in the VNF LCM operation occurrence notifications or the \"VnfLcmOpOcc\" structure related to this LCM operation occurrence.\n",
-            "type": "object",
-            "required": [
-              "cpInstanceId",
-              "cpdId"
-            ],
-            "properties": {
-              "cpInstanceId": {
-                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-                "type": "string"
-              },
-              "cpdId": {
-                "description": "An identifier that is unique within a VNF descriptor.\n",
-                "type": "string"
-              },
-              "vnfdId": {
-                "description": "An identifier with the intention of being globally unique.\n",
-                "type": "string"
-              },
-              "vnfExtCpId": {
-                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-                "type": "string"
-              },
-              "cpProtocolInfo": {
-                "description": "Protocol information for this CP. There shall be one cpProtocolInfo for layer 3. There may be one cpProtocolInfo for layer 2.\n",
-                "type": "array",
-                "items": {
-                  "description": "This type describes the protocol layer(s) that a CP uses together with protocol-related information, like addresses.\nNOTE:\tThis attribute allows to signal the addition of further types of layer and protocol in future versions of the \n      present document in a backwards-compatible way. In the current version of the present document, only IP over \n      Ethernet is supported.\n",
-                  "type": "object",
+          },
+          "virtualCpInfo": {
+            "description": "Virtual CPs that are part of the VNF instance. Shall be present when a particular virtual CP is  associated to an external CP of the VNF instance. May be present otherwise.\n",
+            "type": "array",
+            "items": {
+              "description": "This type provides information related to a virtual CP instance of a VNF.\nNOTE: A consumer of the VNF LCM interface can learn the actual VNFC instances implementing the service \n      accessible via the virtual CP instance by querying the \"vnfcResourceInfo\" from the \"InstantiatedVnfInfo\" \n      and filtering by corresponding \"vduIds\" values.\n",
+              "type": "object",
+              "required": [
+                "cpInstanceId",
+                "cpdId",
+                "resourceHandle",
+                "vduIds"
+              ],
+              "properties": {
+                "cpInstanceId": {
+                  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                  "type": "string"
+                },
+                "cpdId": {
+                  "description": "An identifier that is unique within a VNF descriptor.\n",
+                  "type": "string"
+                },
+                "resourceHandle": {
                   "required": [
-                    "layerProtocol"
+                    "resourceId"
                   ],
+                  "type": "object",
+                  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The information about the VIM or CISM connection referenced by the VIM connection id is known to the\n          VNFM. Moreover, the identifier of the VIM connection provides scope to the resourceId.\n\n* NOTE 2: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. When the container\n          infrastructure service is a Kubernetes® instance the vimLevelResourceType is the type of resource, as would \n          correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, e.g.: Pod, \n          PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 3: When the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the \n          following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                   "properties": {
-                    "layerProtocol": {
-                      "description": "The identifier of layer(s) and protocol(s) associated to the network address information.\nPermitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
-                      "type": "string",
-                      "enum": [
-                        "IP_OVER_ETHERNET",
-                        "IP_FOR_VIRTUAL_CP"
-                      ]
+                    "vimConnectionId": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "resourceProviderId": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "resourceId": {
+                      "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                      "type": "string"
+                    },
+                    "vimLevelResourceType": {
+                      "description": "Type of the resource in the scope of the VIM or the CISM or the resource provider. See note 2.\n",
+                      "type": "string"
                     },
-                    "ipOverEthernet": {
-                      "description": "This type represents information about a network address that has been assigned.\nNOTE 1:\tAt least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2:\tExactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3:\tIf the Cp instance represents a subport in a trunk, segmentationId shall be present. \n        Otherwise it shall not be present.\nNOTE 4:\tDepending on the NFVI networking infrastructure, the segmentationId may indicate the \n        actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the \n        transport header of the packets or it may be an identifier used between the application \n        and the NFVI networking infrastructure to identify the network sub-interface of the trunk \n        port in question. In the latter case the NFVI infrastructure will map this local segmentationId \n        to whatever segmentationId is actually used by the NFVIΓÇÖs transport technology.\n",
+                    "vimLevelAdditionalResourceInfo": {
+                      "description": "This type represents additional resource information which resource and resource type specific, and which is available from the VIM or the CISM or the resource provider.\n* NOTE: At least one attribute shall be present.\n",
                       "type": "object",
-                      "anyOf": [
-                        {
-                          "required": [
-                            "macAddress"
-                          ]
-                        },
-                        {
-                          "required": [
-                            "ipAddresses"
-                          ]
-                        }
-                      ],
-                      "oneOf": [
-                        {
-                          "required": [
-                            "addresses"
-                          ]
-                        },
-                        {
-                          "required": [
-                            "addressRange"
-                          ]
-                        }
-                      ],
                       "properties": {
-                        "macAddress": {
-                          "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
-                          "type": "string",
-                          "format": "MAC"
+                        "hostName": {
+                          "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the scope of the CISM and shall be absent otherwise. See note.\n",
+                          "type": "string"
                         },
-                        "segmentationId": {
-                          "description": "Identification of the network segment to which the Cp instance connects to. See notes 3 and 4.\n",
+                        "persistentVolume": {
+                          "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise. See note.\n",
                           "type": "string"
                         },
-                        "ipAddresses": {
-                          "description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or  dynamic IP address assignment per subnet. See note 1.\n",
-                          "type": "array",
-                          "items": {
-                            "type": "object",
+                        "additionalInfo": {
+                          "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                          "type": "object"
+                        }
+                      }
+                    },
+                    "containerNamespace": {
+                      "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed. This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise.\n",
+                      "type": "string"
+                    }
+                  }
+                },
+                "vnfExtCpId": {
+                  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                  "type": "string"
+                },
+                "cpProtocolInfo": {
+                  "description": "Protocol information for this CP. There shall be one cpProtocolInfo for each layer protocol supported.\n",
+                  "type": "array",
+                  "items": {
+                    "description": "This type describes the protocol layer(s) that a CP uses together with protocol-related information, like addresses.\nNOTE:\tThis attribute allows to signal the addition of further types of layer and protocol in future versions of the \n      present document in a backwards-compatible way. In the current version of the present document, only IP over \n      Ethernet is supported.\n",
+                    "type": "object",
+                    "required": [
+                      "layerProtocol"
+                    ],
+                    "properties": {
+                      "layerProtocol": {
+                        "description": "The identifier of layer(s) and protocol(s) associated to the network address information.\nPermitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
+                        "type": "string",
+                        "enum": [
+                          "IP_OVER_ETHERNET",
+                          "IP_FOR_VIRTUAL_CP"
+                        ]
+                      },
+                      "ipOverEthernet": {
+                        "description": "This type represents information about a network address that has been assigned.\nNOTE 1:\tAt least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2:\tExactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3:\tIf the Cp instance represents a subport in a trunk, segmentationId shall be present. \n        Otherwise it shall not be present.\nNOTE 4:\tDepending on the NFVI networking infrastructure, the segmentationId may indicate the \n        actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the \n        transport header of the packets or it may be an identifier used between the application \n        and the NFVI networking infrastructure to identify the network sub-interface of the trunk \n        port in question. In the latter case the NFVI infrastructure will map this local segmentationId \n        to whatever segmentationId is actually used by the NFVIΓÇÖs transport technology.\n",
+                        "type": "object",
+                        "anyOf": [
+                          {
                             "required": [
-                              "type"
-                            ],
-                            "properties": {
-                              "type": {
-                                "description": "The type of the IP addresses. Permitted values: IPV4, IPV6.\n",
-                                "type": "string",
-                                "enum": [
-                                  "IPV4",
-                                  "IPV6"
-                                ]
-                              },
-                              "addresses": {
-                                "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
-                                "type": "array",
-                                "items": {
-                                  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                              "macAddress"
+                            ]
+                          },
+                          {
+                            "required": [
+                              "ipAddresses"
+                            ]
+                          }
+                        ],
+                        "oneOf": [
+                          {
+                            "required": [
+                              "addresses"
+                            ]
+                          },
+                          {
+                            "required": [
+                              "addressRange"
+                            ]
+                          }
+                        ],
+                        "properties": {
+                          "macAddress": {
+                            "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
+                            "type": "string",
+                            "format": "MAC"
+                          },
+                          "segmentationId": {
+                            "description": "Identification of the network segment to which the Cp instance connects to. See notes 3 and 4.\n",
+                            "type": "string"
+                          },
+                          "ipAddresses": {
+                            "description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or  dynamic IP address assignment per subnet. See note 1.\n",
+                            "type": "array",
+                            "items": {
+                              "type": "object",
+                              "required": [
+                                "type"
+                              ],
+                              "properties": {
+                                "type": {
+                                  "description": "The type of the IP addresses. Permitted values: IPV4, IPV6.\n",
                                   "type": "string",
-                                  "format": "IP"
-                                }
-                              },
-                              "isDynamic": {
-                                "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
-                                "type": "boolean"
-                              },
-                              "addressRange": {
-                                "description": "An IP address range used, e.g. in case of egress connections. See note 2.\n",
-                                "type": "object",
-                                "required": [
-                                  "minAddress",
-                                  "maxAddress"
-                                ],
-                                "properties": {
-                                  "minAddress": {
-                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-                                    "type": "string",
-                                    "format": "IP"
-                                  },
-                                  "maxAddress": {
+                                  "enum": [
+                                    "IPV4",
+                                    "IPV6"
+                                  ]
+                                },
+                                "addresses": {
+                                  "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
+                                  "type": "array",
+                                  "items": {
                                     "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
                                     "type": "string",
                                     "format": "IP"
                                   }
+                                },
+                                "isDynamic": {
+                                  "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
+                                  "type": "boolean"
+                                },
+                                "addressRange": {
+                                  "description": "An IP address range used, e.g. in case of egress connections. See note 2.\n",
+                                  "type": "object",
+                                  "required": [
+                                    "minAddress",
+                                    "maxAddress"
+                                  ],
+                                  "properties": {
+                                    "minAddress": {
+                                      "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                      "type": "string",
+                                      "format": "IP"
+                                    },
+                                    "maxAddress": {
+                                      "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                      "type": "string",
+                                      "format": "IP"
+                                    }
+                                  }
+                                },
+                                "subnetId": {
+                                  "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                                  "type": "string"
                                 }
-                              },
-                              "subnetId": {
-                                "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
-                                "type": "string"
                               }
                             }
                           }
                         }
-                      }
-                    },
-                    "virtualCpAddress": {
-                      "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
-                      "type": "object",
-                      "required": [
-                        "type"
-                      ],
-                      "properties": {
-                        "type": {
-                          "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
-                          "type": "string",
-                          "enum": [
-                            "IPV4",
-                            "IPV6"
-                          ]
-                        },
-                        "loadBalancerIp": {
-                          "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-                          "type": "string",
-                          "format": "IP"
-                        },
-                        "addressPoolName": {
-                          "description": "Name of an address pool from which an IP address is assigned to the virtual CP.\n",
-                          "type": "string"
-                        }
-                      }
-                    }
-                  }
-                }
-              },
-              "associatedVnfcCpIds": {
-                "description": "Identifiers of the VnfcCps that share the virtual IP addresse allocated to the virtual IP CP instance. See note.\n",
-                "type": "array",
-                "items": {
-                  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-                  "type": "string"
-                }
-              },
-              "vnfLinkPortId": {
-                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-                "type": "string"
-              },
-              "metadata": {
-                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
-                "type": "object"
-              }
-            }
-          }
-        },
-        "virtualCpInfo": {
-          "description": "Virtual CPs that are part of the VNF instance. Shall be present when a particular virtual CP is  associated to an external CP of the VNF instance. May be present otherwise.\n",
-          "type": "array",
-          "items": {
-            "description": "This type provides information related to a virtual CP instance of a VNF.\nNOTE: A consumer of the VNF LCM interface can learn the actual VNFC instances implementing the service \n      accessible via the virtual CP instance by querying the \"vnfcResourceInfo\" from the \"InstantiatedVnfInfo\" \n      and filtering by corresponding \"vduIds\" values.\n",
-            "type": "object",
-            "required": [
-              "cpInstanceId",
-              "cpdId",
-              "resourceHandle",
-              "vduIds"
-            ],
-            "properties": {
-              "cpInstanceId": {
-                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-                "type": "string"
-              },
-              "cpdId": {
-                "description": "An identifier that is unique within a VNF descriptor.\n",
-                "type": "string"
-              },
-              "resourceHandle": {
-                "required": [
-                  "resourceId"
-                ],
-                "type": "object",
-                "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The information about the VIM or CISM connection referenced by the VIM connection id is known to the\n          VNFM. Moreover, the identifier of the VIM connection provides scope to the resourceId.\n\n* NOTE 2: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. When the container\n          infrastructure service is a Kubernetes® instance the vimLevelResourceType is the type of resource, as would \n          correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, e.g.: Pod, \n          PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 3: When the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the \n          following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
-                "properties": {
-                  "vimConnectionId": {
-                    "description": "An identifier with the intention of being globally unique.\n",
-                    "type": "string"
-                  },
-                  "resourceProviderId": {
-                    "description": "An identifier with the intention of being globally unique.\n",
-                    "type": "string"
-                  },
-                  "resourceId": {
-                    "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
-                    "type": "string"
-                  },
-                  "vimLevelResourceType": {
-                    "description": "Type of the resource in the scope of the VIM or the CISM or the resource provider. See note 2.\n",
+                      },
+                      "virtualCpAddress": {
+                        "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
+                        "type": "object",
+                        "required": [
+                          "type"
+                        ],
+                        "properties": {
+                          "type": {
+                            "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
+                            "type": "string",
+                            "enum": [
+                              "IPV4",
+                              "IPV6"
+                            ]
+                          },
+                          "loadBalancerIp": {
+                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                            "type": "string",
+                            "format": "IP"
+                          },
+                          "addressPoolName": {
+                            "description": "Name of an address pool from which an IP address is assigned to the virtual CP.\n",
+                            "type": "string"
+                          }
+                        }
+                      }
+                    }
+                  }
+                },
+                "vduIds": {
+                  "description": "Reference to the VDU(s) which implement the service accessible via the virtual CP instance. See note.\n",
+                  "type": "array",
+                  "minItems": 1,
+                  "items": {
+                    "description": "An identifier that is unique within a VNF descriptor.\n",
                     "type": "string"
-                  },
-                  "vimLevelAdditionalResourceInfo": {
-                    "description": "This type represents additional resource information which resource and resource type specific, and which is available from the VIM or the CISM or the resource provider.\n* NOTE: At least one attribute shall be present.\n",
+                  }
+                },
+                "additionalServiceInfo": {
+                  "description": "Additional service identification information of the virtual CP instance.\n",
+                  "type": "array",
+                  "items": {
+                    "description": "This type provides additional service information of the virtual CP instance used to expose properties of the  virtual CP to NFV-MANO.\nNOTE: This attribute shall only be present if additional information is needed to identify the service \n      termination within the VNF, such as for example a URL path information in an HTTP request required \n      to allow a single virtual CP IP address to be used for several HTTP based services that use the \n      same port number.\n",
                     "type": "object",
+                    "required": [
+                      "portInfo"
+                    ],
                     "properties": {
-                      "hostName": {
-                        "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the scope of the CISM and shall be absent otherwise. See note.\n",
-                        "type": "string"
-                      },
-                      "persistentVolume": {
-                        "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise. See note.\n",
-                        "type": "string"
+                      "portInfo": {
+                        "description": "Service port numbers exposed by the virtual CP instance.\n",
+                        "minItems": 1,
+                        "type": "array",
+                        "items": {
+                          "description": "This type describes the service identifying port properties exposed by the virtual CP instance.\n",
+                          "type": "object",
+                          "required": [
+                            "name",
+                            "port",
+                            "portConfigurable"
+                          ],
+                          "properties": {
+                            "name": {
+                              "description": "The name of the port exposed by the virtual CP instance.\n",
+                              "type": "string"
+                            },
+                            "protocol": {
+                              "description": "The L4 protocol for this port exposed by the virtual CP instance.\nPermitted values: - TCP - UDP - SCTP\n",
+                              "type": "string",
+                              "enum": [
+                                "TCP",
+                                "UDP",
+                                "SCTP"
+                              ]
+                            },
+                            "port": {
+                              "description": "The L4 port number exposed by the virtual CP instance.\n",
+                              "type": "integer"
+                            },
+                            "portConfigurable": {
+                              "description": "The Boolean is a data type having two values (true and false).\n",
+                              "type": "boolean"
+                            }
+                          }
+                        }
                       },
-                      "additionalInfo": {
+                      "serviceInfo": {
                         "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
                         "type": "object"
                       }
                     }
-                  },
-                  "containerNamespace": {
-                    "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed. This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise.\n",
-                    "type": "string"
                   }
+                },
+                "metadata": {
+                  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                  "type": "object"
                 }
-              },
-              "vnfExtCpId": {
-                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-                "type": "string"
-              },
-              "cpProtocolInfo": {
-                "description": "Protocol information for this CP. There shall be one cpProtocolInfo for each layer protocol supported.\n",
-                "type": "array",
-                "items": {
-                  "description": "This type describes the protocol layer(s) that a CP uses together with protocol-related information, like addresses.\nNOTE:\tThis attribute allows to signal the addition of further types of layer and protocol in future versions of the \n      present document in a backwards-compatible way. In the current version of the present document, only IP over \n      Ethernet is supported.\n",
-                  "type": "object",
+              }
+            }
+          },
+          "extVirtualLinkInfo": {
+            "description": "Information about the external VLs the VNF instance is connected to.\n",
+            "type": "array",
+            "items": {
+              "description": "This type represents information about an external VL.\nNOTE:\tThis attribute reflects the current configuration information that has resulted from merging into this attribute \n      the \"VnfExtCpData\" information which was passed as part of the \"ExtVirtualLinkData\" structure in the input of the \n      most recent VNF LCM operation such as \"InstantiateVnfRequest\", \"ChangeExtVnfConnectivityRequest\", \"ChangeVnfFlavourRequest\" \n      or \"ChangeCurrentVnfPkgRequest\", or in the Grant response. If applying such change results in an empty list of \n      \"currentVnfExtCpData\" structure instances, the affected instance of \"ExtVirtualLinkInfo\" shall be removed from its \n      parent data structure.\n",
+              "type": "object",
+              "required": [
+                "id",
+                "resourceHandle",
+                "currentVnfExtCpData"
+              ],
+              "properties": {
+                "id": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                },
+                "resourceHandle": {
                   "required": [
-                    "layerProtocol"
+                    "resourceId"
                   ],
+                  "type": "object",
+                  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The information about the VIM or CISM connection referenced by the VIM connection id is known to the\n          VNFM. Moreover, the identifier of the VIM connection provides scope to the resourceId.\n\n* NOTE 2: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. When the container\n          infrastructure service is a Kubernetes® instance the vimLevelResourceType is the type of resource, as would \n          correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, e.g.: Pod, \n          PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 3: When the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the \n          following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                   "properties": {
-                    "layerProtocol": {
-                      "description": "The identifier of layer(s) and protocol(s) associated to the network address information.\nPermitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
-                      "type": "string",
-                      "enum": [
-                        "IP_OVER_ETHERNET",
-                        "IP_FOR_VIRTUAL_CP"
-                      ]
+                    "vimConnectionId": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "resourceProviderId": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "resourceId": {
+                      "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                      "type": "string"
+                    },
+                    "vimLevelResourceType": {
+                      "description": "Type of the resource in the scope of the VIM or the CISM or the resource provider. See note 2.\n",
+                      "type": "string"
                     },
-                    "ipOverEthernet": {
-                      "description": "This type represents information about a network address that has been assigned.\nNOTE 1:\tAt least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2:\tExactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3:\tIf the Cp instance represents a subport in a trunk, segmentationId shall be present. \n        Otherwise it shall not be present.\nNOTE 4:\tDepending on the NFVI networking infrastructure, the segmentationId may indicate the \n        actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the \n        transport header of the packets or it may be an identifier used between the application \n        and the NFVI networking infrastructure to identify the network sub-interface of the trunk \n        port in question. In the latter case the NFVI infrastructure will map this local segmentationId \n        to whatever segmentationId is actually used by the NFVIΓÇÖs transport technology.\n",
+                    "vimLevelAdditionalResourceInfo": {
+                      "description": "This type represents additional resource information which resource and resource type specific, and which is available from the VIM or the CISM or the resource provider.\n* NOTE: At least one attribute shall be present.\n",
                       "type": "object",
-                      "anyOf": [
-                        {
-                          "required": [
-                            "macAddress"
-                          ]
-                        },
-                        {
-                          "required": [
-                            "ipAddresses"
-                          ]
-                        }
-                      ],
-                      "oneOf": [
-                        {
-                          "required": [
-                            "addresses"
-                          ]
-                        },
-                        {
-                          "required": [
-                            "addressRange"
-                          ]
-                        }
-                      ],
                       "properties": {
-                        "macAddress": {
-                          "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
-                          "type": "string",
-                          "format": "MAC"
+                        "hostName": {
+                          "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the scope of the CISM and shall be absent otherwise. See note.\n",
+                          "type": "string"
                         },
-                        "segmentationId": {
-                          "description": "Identification of the network segment to which the Cp instance connects to. See notes 3 and 4.\n",
+                        "persistentVolume": {
+                          "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise. See note.\n",
                           "type": "string"
                         },
-                        "ipAddresses": {
-                          "description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or  dynamic IP address assignment per subnet. See note 1.\n",
-                          "type": "array",
-                          "items": {
+                        "additionalInfo": {
+                          "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                          "type": "object"
+                        }
+                      }
+                    },
+                    "containerNamespace": {
+                      "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed. This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise.\n",
+                      "type": "string"
+                    }
+                  }
+                },
+                "extLinkPorts": {
+                  "description": "Link ports of this VL.\n",
+                  "type": "array",
+                  "items": {
+                    "description": "This type represents information about a link port of an external VL, i.e. a port providing connectivity for the VNF to  an NS VL.\nNOTE 1:\tThe use cases UC#4 and UC#5 in clause A.4 of ETSI GS NFV-IFA 007 provide examples for such a configuration. NOTE 2:\tThe value of \"trunkResourceId\" is scoped by the value of \"vimConnectionId\" in the \"resourceHandle\" attribute.\n",
+                    "type": "object",
+                    "required": [
+                      "id",
+                      "resourceHandle"
+                    ],
+                    "properties": {
+                      "id": {
+                        "description": "An identifier with the intention of being globally unique.\n",
+                        "type": "string"
+                      },
+                      "resourceHandle": {
+                        "required": [
+                          "resourceId"
+                        ],
+                        "type": "object",
+                        "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The information about the VIM or CISM connection referenced by the VIM connection id is known to the\n          VNFM. Moreover, the identifier of the VIM connection provides scope to the resourceId.\n\n* NOTE 2: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. When the container\n          infrastructure service is a Kubernetes® instance the vimLevelResourceType is the type of resource, as would \n          correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, e.g.: Pod, \n          PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 3: When the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the \n          following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
+                        "properties": {
+                          "vimConnectionId": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                          },
+                          "resourceProviderId": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                          },
+                          "resourceId": {
+                            "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                            "type": "string"
+                          },
+                          "vimLevelResourceType": {
+                            "description": "Type of the resource in the scope of the VIM or the CISM or the resource provider. See note 2.\n",
+                            "type": "string"
+                          },
+                          "vimLevelAdditionalResourceInfo": {
+                            "description": "This type represents additional resource information which resource and resource type specific, and which is available from the VIM or the CISM or the resource provider.\n* NOTE: At least one attribute shall be present.\n",
                             "type": "object",
-                            "required": [
-                              "type"
-                            ],
                             "properties": {
-                              "type": {
-                                "description": "The type of the IP addresses. Permitted values: IPV4, IPV6.\n",
-                                "type": "string",
-                                "enum": [
-                                  "IPV4",
-                                  "IPV6"
-                                ]
-                              },
-                              "addresses": {
-                                "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
-                                "type": "array",
-                                "items": {
-                                  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-                                  "type": "string",
-                                  "format": "IP"
-                                }
+                              "hostName": {
+                                "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the scope of the CISM and shall be absent otherwise. See note.\n",
+                                "type": "string"
                               },
-                              "isDynamic": {
-                                "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
-                                "type": "boolean"
+                              "persistentVolume": {
+                                "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise. See note.\n",
+                                "type": "string"
                               },
-                              "addressRange": {
-                                "description": "An IP address range used, e.g. in case of egress connections. See note 2.\n",
+                              "additionalInfo": {
+                                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                                "type": "object"
+                              }
+                            }
+                          },
+                          "containerNamespace": {
+                            "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed. This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise.\n",
+                            "type": "string"
+                          }
+                        }
+                      },
+                      "cpInstanceId": {
+                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                        "type": "string"
+                      },
+                      "secondaryCpInstanceId": {
+                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                        "type": "string"
+                      },
+                      "trunkResourceId": {
+                        "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                        "type": "string"
+                      }
+                    }
+                  }
+                },
+                "currentVnfExtCpData":  {
+                  "description": "Allows the API consumer to read the current CP configuration information for the connection of external CPs  to the external virtual link. See note.\n",
+                  "type": "array",
+                  "items": {
+                    "description": "This type represents configuration information for external CPs created. * NOTE 1: \tIn case this identifier refers to a CPD with trunking enabled, the external CP instances created\n              from this CPD will represent ports in a trunk.\n* NOTE 2: \tWithin one VNF instance, all VNFC instances created from a particular VDU have the same external\n              connectivity. Thus, given a particular value of the \"cpdId\" attribute, there shall be one\n              \"cpConfig\" entry for each VNFC instance that has been or can be created from a VDU which includes\n              a CPD identified by the \"cpdId\" attribute. If the cpConfig represents a subport in a trunk,\n              all \"cpConfig\" entries in this list shall have the same segmentationId, which means they are\n              connected to the same set of external VLs via the trunk.\n* NOTE 3: \tThe map entry value shall be set to \"null\" in order to delete a \"VnfExtCpConfig\" entry identified\n              by a particular key value from the map, i.e. for the disconnection of an existing external\n              CP instance addressed by cpInstanceId in the deleted map entry from a particular external\n              virtual link, and deletion of that instance in case it represents a subport. Deleting the\n              last key from the map removes the affected instance of the \"VnfExtCpData\" structure from\n              its parent data structure.\n* NOTE 4:   If, as defined by the input parameters of a \"ChangeVnfFlavour\", \"ChangeExtVnfConnectivity\" or\n            \"ChangeCurrentVnfPkg\" operation, a cpConfig map entry identified by a particular map key value \n            is moved into another \"ExtVirtualLinkData\" or \"VnfExtCpData\" structure, this particular cpConfig\n            map entry may be used by an external CP instance different than the one that has used it before the\n            operation, or by no external CP instance at all. Renaming a CPD identifier during the \"changeCurrentVnfPkg\"\n            operation does not count as moving the related \"cpConfig\" map entries to a new \"extCpData\" structure.\n",
+                    "type": "object",
+                    "required": [
+                      "cpdId"
+                    ],
+                    "properties": {
+                      "cpdId": {
+                        "description": "An identifier that is unique within a VNF descriptor.\n",
+                        "type": "string"
+                      },
+                      "cpConfig": {
+                        "description": "Map of instance data that need to be configured on the CP instances created from the respective CPD. The key of the map which identifies the individual VnfExtCpConfig entries is of type \"IdentifierInVnf\" and is managed by the NFVO. The entries shall be applied by the VNFM according to the rules of JSON Merge Patch (see IETF RFC 7396). See notes 2, 3 and 4.\n",
+                        "type": "object",
+                        "additionalProperties": {
+                          "description": "This type represents an externally provided link port, or a network attachment definition resource of secondary container cluster network, or network address information per instance of an external connection point. In the case of VM-based deployment of the VNFC exposing the external CP:\n  1.  In case a link port is provided, the VNFM shall use that link port when connecting the external CP to the\n      external VL.\n  2.  In case a link port is not provided, the VNFM shall create a link port on the external VL and use that link port\n      to connect the external CP to the external VL.\nIn the case of container-based deployment of the VNFC exposing the external CP, the VNFM shall use the network attachment definition resource of secondary container cluster network when connecting the CP to the external VL.\n* NOTE 1: The following conditions apply to the attributes \"linkPortId\" and \"cpProtocolData\" for an external CP\n          instance connected or to be connected to a virtual network not categorized as secondary container cluster network:\n          1) Void.\n          2) At least one of the \"linkPortId\" and \"cpProtocolData\" attributes shall be present for an external CP instance\n          representing a subport that is to be created, or an external CP instance that is to be created by creating the\n          corresponding VNFC or VNF instance during the current or a subsequent LCM operation, or for an existing\n          external CP instance that is to be re-configured or added to a particular external virtual link.\n          3) If the \"linkPortId\" attribute is absent, the VNFM shall create a link port.\n          4) If the \"cpProtocolData\" attribute is absent, the \"linkPortId\" attribute shall be provided referencing a\n          precreated link port, and the VNFM can use means outside the scope of the present document to obtain the\n          pre-configured address information for the connection point from the resource representing the link port.\n          5) If both \"cpProtocolData\" and \"linkportId\" are provided, the NFVO shall ensure that the\n          cpProtocolData can be used with the pre-created link port referenced by \"linkPortId\".\n\n* NOTE 2: The following conditions apply to the attributes ΓÇ£netAttDefResourceIdΓÇ¥ and ΓÇ£cpProtocolDataΓÇ¥ for an external CP\n          instance connected or to be connected to a secondary container cluster network:\n          1) Void.\n          2) The \"netAttDefResourceId\" attribute shall be present and the \"cpProtocolData\" attribute may be present for\n          a to-be-created external CP instance or an existing external CP instance.\n* NOTE 3: Cardinality greater than 1 is only applicable for specific cases where more than one network attachment\n          definition resource is needed to fulfil the connectivity requirements of the external CP, e.g. to build a link\n          redundant mated pair in SR-IOV cases. When more than one netAttDefResourceId is indicated, all shall belong\n          to the same namespace as defined by the corresponding \"containerNamespace\" attribute in the\n          \"resourceHandle\" attribute in the \"NetAttDefResourceData\".\n* NOTE 4: Either linkPortId or netAttDefResourceId may be included, but not both.\n",
+                          "anyOf": [
+                            {
+                              "required": [
+                                "linkPortId"
+                              ]
+                            },
+                            {
+                              "required": [
+                                "cpProtocolData"
+                              ]
+                            },
+                            {
+                              "required": [
+                                "netAttDefResourceId"
+                              ]
+                            }
+                          ],
+                          "type": "object",
+                          "properties": {
+                            "parentCpConfigId": {
+                              "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                              "type": "string"
+                            },
+                            "linkPortId": {
+                              "description": "An identifier with the intention of being globally unique.\n",
+                              "type": "string"
+                            },
+                            "createExtLinkPort": {
+                              "description": "Indicates to the VNFM the need to create a dedicated link port for the external CP. If set to True, the VNFM shall create a link port. If set to False, the VNFM shall not create a link port. This attribute is only applicable for external CP instances without a floating IP address that expose a virtual IP CP instance for which a dedicated IP address is allocated. It shall be present in that case and shall be absent otherwise.\n",
+                              "type": "boolean"
+                            },
+                            "cpProtocolData": {
+                              "description": "Parameters for configuring the network protocols on the link port that connects the CP to a VL. See notes 1 and 2.\n",
+                              "type": "array",
+                              "items": {
+                                "description": "This type represents network protocol data. * NOTE:\tThis attribute allows to signal the addition of further types of layer and protocol\n          in future versions of the present document in a backwards-compatible way. In the current\n          version of the present document, only IP over Ethernet is supported.\n",
                                 "type": "object",
                                 "required": [
-                                  "minAddress",
-                                  "maxAddress"
+                                  "layerProtocol"
                                 ],
                                 "properties": {
-                                  "minAddress": {
-                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                  "layerProtocol": {
+                                    "description": "Identifier of layer(s) and protocol(s). Permitted values:\n  - IP_OVER_ETHERNET.\n  - IP_FOR_VIRTUAL_CP\nSee note\n",
                                     "type": "string",
-                                    "format": "IP"
+                                    "enum": [
+                                      "IP_OVER_ETHERNET",
+                                      "IP_FOR_VIRTUAL_CP"
+                                    ]
                                   },
-                                  "maxAddress": {
-                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-                                    "type": "string",
-                                    "format": "IP"
+                                  "ipOverEthernet": {
+                                    "description": "This type represents network address data for IP over Ethernet to assign to the external CP. * NOTE 1:\tAt least one of \"macAddress\" or \"ipAddresses\" shall be present. * NOTE 2:\tExactly one of \"fixedAddresses\", \"numDynamicAddresses\" or \"ipAddressRange\" shall be present. * NOTE 3:\tIf the CP instance represents a subport in a trunk, segmentationId shall be present.\n          Otherwise it shall not be present.\n* NOTE 4:\tDepending on the NFVI networking infrastructure, the segmentationId may indicate the actual\n          network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header\n          of the packets or it may be an identifier used between the application and the NFVI networking\n          infrastructure to identify the network sub-interface of the trunk port in question. In the latter\n          case the NFVI infrastructure will map this local segmentationId to whatever segmentationId is\n          actually used by the NFVI's transport technology.\n",
+                                    "type": "object",
+                                    "anyOf": [
+                                      {
+                                        "required": [
+                                          "macAddress"
+                                        ]
+                                      },
+                                      {
+                                        "required": [
+                                          "ipAddresses"
+                                        ]
+                                      }
+                                    ],
+                                    "oneOf": [
+                                      {
+                                        "required": [
+                                          "fixedAddresses"
+                                        ]
+                                      },
+                                      {
+                                        "required": [
+                                          "numDynamicAddresses"
+                                        ]
+                                      },
+                                      {
+                                        "required": [
+                                          "ipAddressRange"
+                                        ]
+                                      }
+                                    ],
+                                    "properties": {
+                                      "macAddress": {
+                                        "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
+                                        "type": "string",
+                                        "format": "MAC"
+                                      },
+                                      "segmentationType": {
+                                        "description": "Specifies the encapsulation type for the traffics coming in and out of the trunk subport. Permitted values: -\tVLAN: the subport uses VLAN as encapsulation type. -\tINHERIT: the subport gets its segmentation type from the network itΓÇÖs connected to. This attribute may be present for CP instances that represent subports in a trunk and shall be absent otherwise. If this attribute is not present for a subport CP instance, default value VLAN shall be used.\n",
+                                        "type": "string",
+                                        "enum": [
+                                          "VLAN",
+                                          "INHERIT"
+                                        ]
+                                      },
+                                      "segmentationId": {
+                                        "description": "Identification of the network segment to which the CP instance connects to. See note 3 and note 4.\n",
+                                        "type": "string"
+                                      },
+                                      "ipAddresses": {
+                                        "description": "List of IP addresses to assign to the CP instance. Each entry represents IP address data for fixed or dynamic IP address assignment per subnet. If this attribute is not present, no IP address shall be assigned. See note 1.\n",
+                                        "type": "array",
+                                        "items": {
+                                          "type": "object",
+                                          "required": [
+                                            "type"
+                                          ],
+                                          "properties": {
+                                            "type": {
+                                              "description": "The type of the IP addresses. Permitted values: IPV4, IPV6.\n",
+                                              "type": "string",
+                                              "enum": [
+                                                "IPV4",
+                                                "IPV6"
+                                              ]
+                                            },
+                                            "fixedAddresses": {
+                                              "description": "Fixed addresses to assign (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
+                                              "type": "array",
+                                              "items": {
+                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                "type": "string",
+                                                "format": "IP"
+                                              }
+                                            },
+                                            "numDynamicAddresses": {
+                                              "description": "Number of dynamic addresses to assign (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
+                                              "type": "integer"
+                                            },
+                                            "addressRange": {
+                                              "description": "An IP address range to be used, e.g. in case of egress connections. In case this attribute is present, IP addresses from the range will be used. See note 2.\n",
+                                              "type": "object",
+                                              "required": [
+                                                "minAddress",
+                                                "maxAddress"
+                                              ],
+                                              "properties": {
+                                                "minAddress": {
+                                                  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                  "type": "string",
+                                                  "format": "IP"
+                                                },
+                                                "maxAddress": {
+                                                  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                  "type": "string",
+                                                  "format": "IP"
+                                                }
+                                              }
+                                            },
+                                            "subnetId": {
+                                              "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                                              "type": "string"
+                                            }
+                                          }
+                                        }
+                                      }
+                                    }
+                                  },
+                                  "virtualCpAddress": {
+                                    "description": "This type represents network address data for a virtual CP.\n* NOTE 1: If the container cluster is set up to be able to configure an external load balancer this address will be used,\n          otherwise it will be ignored by the CISM.\n\n* NOTE 2: In case the cluster can configure an external load balancer but no loadBalancerIp is provided the container\n          cluster will assign an IP address.\n\n* NOTE 3: The attribute is only relevant if the virtual CP is instantiated in a cluster that supports configuration of IP address pools for virtual CPs. Otherwise it shall be ignored. MetalLB is an example of a solution for Kubernetes® that supports configuration of address pools for load balancer services.\n\n* NOTE 4: The loadBalancerIp and the addressPoolName attributes shall not be present at the same time.\n",
+                                    "type": "object",
+                                    "required": [
+                                      "type"
+                                    ],
+                                    "properties": {
+                                      "type": {
+                                        "description": "The type of the IP addresses. Permitted values: IPV4, IPV6.\n",
+                                        "type": "string",
+                                        "enum": [
+                                          "IPV4",
+                                          "IPV6"
+                                        ]
+                                      },
+                                      "loadBalancerIp": {
+                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                        "type": "string",
+                                        "format": "IP"
+                                      },
+                                      "addressPoolName": {
+                                        "description": "Name of an address pool from which an IP address is assigned to the virtual CP.\n",
+                                        "type": "string"
+                                      }
+                                    }
                                   }
                                 }
+                              }
+                            },
+                            "netAttDefResourceId": {
+                              "description": "Identifier of the ΓÇ£NetAttDefResourceDataΓÇ¥ structure that provides the specification of the interface to attach the external CP to a secondary container cluster network. It is only applicable if the external CP is connected or to be connected to a secondary container cluster network. It shall not be present if the external CP is related to a virtual network not categorized as secondary container cluster network. See notes 2, 3 and 4.\n",
+                              "type": "array",
+                              "items": {
+                                "description": "An identifier with the intention of being globally unique.\n",
+                                "type": "string"
+                              }
+                            }
+                          }
+                        }
+                      }
+                    }
+                  }
+                },
+                "extNetAttDefResource": {
+                  "description": "Network attachment definition resources that provide the specification of the interface to attach connection points  to this VL.\n",
+                  "type": "array",
+                  "items": {
+                    "description": "This type contains information related to a network attachment definition resource that provides the  specification of the interface used to connect one or multiple connection points to a secondary container  cluster network.\n",
+                    "type": "object",
+                    "required": [
+                      "netAttDefResourceInfoId",
+                      "netAttDefResource"
+                    ],
+                    "properties": {
+                      "netAttDefResourceInfoId": {
+                        "description": "An identifier with the intention of being globally unique.\n",
+                        "type": "string"
+                      },
+                      "netAttDefResource": {
+                        "required": [
+                          "resourceId"
+                        ],
+                        "type": "object",
+                        "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The information about the VIM or CISM connection referenced by the VIM connection id is known to the\n          VNFM. Moreover, the identifier of the VIM connection provides scope to the resourceId.\n\n* NOTE 2: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. When the container\n          infrastructure service is a Kubernetes® instance the vimLevelResourceType is the type of resource, as would \n          correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, e.g.: Pod, \n          PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 3: When the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the \n          following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
+                        "properties": {
+                          "vimConnectionId": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                          },
+                          "resourceProviderId": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                          },
+                          "resourceId": {
+                            "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                            "type": "string"
+                          },
+                          "vimLevelResourceType": {
+                            "description": "Type of the resource in the scope of the VIM or the CISM or the resource provider. See note 2.\n",
+                            "type": "string"
+                          },
+                          "vimLevelAdditionalResourceInfo": {
+                            "description": "This type represents additional resource information which resource and resource type specific, and which is available from the VIM or the CISM or the resource provider.\n* NOTE: At least one attribute shall be present.\n",
+                            "type": "object",
+                            "properties": {
+                              "hostName": {
+                                "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the scope of the CISM and shall be absent otherwise. See note.\n",
+                                "type": "string"
                               },
-                              "subnetId": {
-                                "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                              "persistentVolume": {
+                                "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise. See note.\n",
                                 "type": "string"
+                              },
+                              "additionalInfo": {
+                                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                                "type": "object"
                               }
                             }
+                          },
+                          "containerNamespace": {
+                            "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed. This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise.\n",
+                            "type": "string"
                           }
                         }
-                      }
-                    },
-                    "virtualCpAddress": {
-                      "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
-                      "type": "object",
-                      "required": [
-                        "type"
-                      ],
-                      "properties": {
-                        "type": {
-                          "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
-                          "type": "string",
-                          "enum": [
-                            "IPV4",
-                            "IPV6"
-                          ]
-                        },
-                        "loadBalancerIp": {
-                          "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-                          "type": "string",
-                          "format": "IP"
-                        },
-                        "addressPoolName": {
-                          "description": "Name of an address pool from which an IP address is assigned to the virtual CP.\n",
+                      },
+                      "associatedExtCpId": {
+                        "description": "Identifier of the external CP associated to this network attachment definition resource. Shall be present  when the network attachment definition resource is used for external connectivity by the VNF.\n",
+                        "type": "array",
+                        "items": {
+                          "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                          "type": "string"
+                        }
+                      },
+                      "associatedVnfcCpId": {
+                        "description": "Identifier of the VNFC CP associated to this network attachment definition resource. May be present when  the network attachment definition resource is used for internal connectivity by the VNF.\n",
+                        "type": "array",
+                        "items": {
+                          "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
                           "type": "string"
                         }
                       }
                     }
                   }
                 }
-              },
-              "vduIds": {
-                "description": "Reference to the VDU(s) which implement the service accessible via the virtual CP instance. See note.\n",
-                "type": "array",
-                "minItems": 1,
-                "items": {
-                  "description": "An identifier that is unique within a VNF descriptor.\n",
+              }
+            }
+          },
+          "extManagedVirtualLinkInfo": {
+            "description": "Information about the externally managed internal VLs of the VNF instance. See note 5 and note 6. It is possible to have several ExtManagedVirtualLinkInfo for the same VNF internal VL in case of a multi-site VNF spanning several VIMs. The set of ExtManagedVirtualLinkInfo corresponding to the same VNF internal VL shall indicate so by referencing to the same VnfVirtualLinkDesc and externally-managed multi-site VL instance (refer to clause 5.5.3.5). Even though externally-managed internal VLs are also used for VNF-internal connectivity, they shall not be listed in the \"vnfVirtualLinkResourceInfo\" attribute as this would be redundant.\n",
+            "type": "array",
+            "items": {
+              "description": "This type provides information about an externally-managed virtual link.\n",
+              "type": "object",
+              "required": [
+                "id",
+                "vnfVirtualLinkDescId",
+                "networkResource"
+              ],
+              "properties": {
+                "id": {
+                  "description": "An identifier with the intention of being globally unique.\n",
                   "type": "string"
-                }
-              },
-              "additionalServiceInfo": {
-                "description": "Additional service identification information of the virtual CP instance.\n",
-                "type": "array",
-                "items": {
-                  "description": "This type provides additional service information of the virtual CP instance used to expose properties of the  virtual CP to NFV-MANO.\nNOTE: This attribute shall only be present if additional information is needed to identify the service \n      termination within the VNF, such as for example a URL path information in an HTTP request required \n      to allow a single virtual CP IP address to be used for several HTTP based services that use the \n      same port number.\n",
-                  "type": "object",
+                },
+                "vnfVirtualLinkDescId": {
+                  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                  "type": "string"
+                },
+                "vnfdId": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                },
+                "networkResource": {
                   "required": [
-                    "portInfo"
+                    "resourceId"
                   ],
+                  "type": "object",
+                  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The information about the VIM or CISM connection referenced by the VIM connection id is known to the\n          VNFM. Moreover, the identifier of the VIM connection provides scope to the resourceId.\n\n* NOTE 2: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. When the container\n          infrastructure service is a Kubernetes® instance the vimLevelResourceType is the type of resource, as would \n          correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, e.g.: Pod, \n          PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 3: When the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the \n          following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                   "properties": {
-                    "portInfo": {
-                      "description": "Service port numbers exposed by the virtual CP instance.\n",
-                      "minItems": 1,
-                      "type": "array",
-                      "items": {
-                        "description": "This type describes the service identifying port properties exposed by the virtual CP instance.\n",
+                    "vimConnectionId": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "resourceProviderId": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "resourceId": {
+                      "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                      "type": "string"
+                    },
+                    "vimLevelResourceType": {
+                      "description": "Type of the resource in the scope of the VIM or the CISM or the resource provider. See note 2.\n",
+                      "type": "string"
+                    },
+                    "vimLevelAdditionalResourceInfo": {
+                      "description": "This type represents additional resource information which resource and resource type specific, and which is available from the VIM or the CISM or the resource provider.\n* NOTE: At least one attribute shall be present.\n",
+                      "type": "object",
+                      "properties": {
+                        "hostName": {
+                          "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the scope of the CISM and shall be absent otherwise. See note.\n",
+                          "type": "string"
+                        },
+                        "persistentVolume": {
+                          "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise. See note.\n",
+                          "type": "string"
+                        },
+                        "additionalInfo": {
+                          "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                          "type": "object"
+                        }
+                      }
+                    },
+                    "containerNamespace": {
+                      "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed. This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise.\n",
+                      "type": "string"
+                    }
+                  }
+                },
+                "vnfLinkPorts": {
+                  "description": "Link ports of this VL.\n",
+                  "type": "array",
+                  "items": {
+                    "description": "This type represents a link port of an internal VL of a VNF.\nNOTE 1: Either cpInstanceId with cpInstanceType set to \"EXT_CP\" or any combination of cpInstanceId\n        with cpInstanceType set to \"VNFC_CP\" and vipCpInstanceId (i.e. one or both of them) shall be \n        present for a VnfLinkPortInfo. In case both cpInstanceId with cpInstanceType set to \"VNFC_CP\" \n        and vipCpInstanceId are present, the two different CP instances share the linkport.\nNOTE 2: Annex A.4 of ETSI GS NFV-IFA 007 provides examples for configurations where both vipCpInstanceId\n        and vnfcCpInstanceId are present (UC#5 and UC#5-b), only vnfcCpInstanceId is present (UC#2), or \n        only vipCpInstanceId is present (UC6 and UC#6-b).\nNOTE 3: The value of \"trunkResourceId\" is scoped by the value of \"vimConnectionId\" in the \"resourceHandle\"\n        attribute.\n",
+                    "type": "object",
+                    "required": [
+                      "id",
+                      "resourceHandle"
+                    ],
+                    "properties": {
+                      "id": {
+                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                        "type": "string"
+                      },
+                      "resourceHandle": {
+                        "required": [
+                          "resourceId"
+                        ],
                         "type": "object",
+                        "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The information about the VIM or CISM connection referenced by the VIM connection id is known to the\n          VNFM. Moreover, the identifier of the VIM connection provides scope to the resourceId.\n\n* NOTE 2: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. When the container\n          infrastructure service is a Kubernetes® instance the vimLevelResourceType is the type of resource, as would \n          correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, e.g.: Pod, \n          PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 3: When the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the \n          following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
+                        "properties": {
+                          "vimConnectionId": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                          },
+                          "resourceProviderId": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                          },
+                          "resourceId": {
+                            "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                            "type": "string"
+                          },
+                          "vimLevelResourceType": {
+                            "description": "Type of the resource in the scope of the VIM or the CISM or the resource provider. See note 2.\n",
+                            "type": "string"
+                          },
+                          "vimLevelAdditionalResourceInfo": {
+                            "description": "This type represents additional resource information which resource and resource type specific, and which is available from the VIM or the CISM or the resource provider.\n* NOTE: At least one attribute shall be present.\n",
+                            "type": "object",
+                            "properties": {
+                              "hostName": {
+                                "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the scope of the CISM and shall be absent otherwise. See note.\n",
+                                "type": "string"
+                              },
+                              "persistentVolume": {
+                                "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise. See note.\n",
+                                "type": "string"
+                              },
+                              "additionalInfo": {
+                                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                                "type": "object"
+                              }
+                            }
+                          },
+                          "containerNamespace": {
+                            "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed. This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise.\n",
+                            "type": "string"
+                          }
+                        }
+                      },
+                      "cpInstanceId": {
+                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                        "type": "string"
+                      },
+                      "cpInstanceType": {
+                        "description": "Type of the CP instance that is identified by cpInstanceId.  Shall be present if \"cpInstanceId\" is present and shall be absent otherwise.\nPermitted values: - VNFC_CP: The link port is connected to a VNFC CP. -\tEXT_CP: The link port is associated to an external CP. See note 1.\n",
+                        "type": "string",
+                        "enum": [
+                          "VNFC_CP",
+                          "EXT_CP"
+                        ]
+                      },
+                      "vipCpInstanceId": {
+                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                        "type": "string"
+                      },
+                      "trunkResourceId": {
+                        "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                        "type": "string"
+                      }
+                    }
+                  }
+                },
+                "vnfNetAttDefResource": {
+                  "description": "Network attachment definition resources that provide the specification of the interface  to attach connection points to this VL.\n",
+                  "type": "array",
+                  "items": {
+                    "description": "This type contains information related to a network attachment definition resource that provides the  specification of the interface used to connect one or multiple connection points to a secondary container  cluster network.\n",
+                    "type": "object",
+                    "required": [
+                      "netAttDefResourceInfoId",
+                      "netAttDefResource"
+                    ],
+                    "properties": {
+                      "netAttDefResourceInfoId": {
+                        "description": "An identifier with the intention of being globally unique.\n",
+                        "type": "string"
+                      },
+                      "netAttDefResource": {
                         "required": [
-                          "name",
-                          "port",
-                          "portConfigurable"
+                          "resourceId"
                         ],
+                        "type": "object",
+                        "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The information about the VIM or CISM connection referenced by the VIM connection id is known to the\n          VNFM. Moreover, the identifier of the VIM connection provides scope to the resourceId.\n\n* NOTE 2: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. When the container\n          infrastructure service is a Kubernetes® instance the vimLevelResourceType is the type of resource, as would \n          correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, e.g.: Pod, \n          PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 3: When the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the \n          following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                         "properties": {
-                          "name": {
-                            "description": "The name of the port exposed by the virtual CP instance.\n",
+                          "vimConnectionId": {
+                            "description": "An identifier with the intention of being globally unique.\n",
                             "type": "string"
                           },
-                          "protocol": {
-                            "description": "The L4 protocol for this port exposed by the virtual CP instance.\nPermitted values: - TCP - UDP - SCTP\n",
-                            "type": "string",
-                            "enum": [
-                              "TCP",
-                              "UDP",
-                              "SCTP"
-                            ]
+                          "resourceProviderId": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                          },
+                          "resourceId": {
+                            "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                            "type": "string"
+                          },
+                          "vimLevelResourceType": {
+                            "description": "Type of the resource in the scope of the VIM or the CISM or the resource provider. See note 2.\n",
+                            "type": "string"
                           },
-                          "port": {
-                            "description": "The L4 port number exposed by the virtual CP instance.\n",
-                            "type": "integer"
+                          "vimLevelAdditionalResourceInfo": {
+                            "description": "This type represents additional resource information which resource and resource type specific, and which is available from the VIM or the CISM or the resource provider.\n* NOTE: At least one attribute shall be present.\n",
+                            "type": "object",
+                            "properties": {
+                              "hostName": {
+                                "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the scope of the CISM and shall be absent otherwise. See note.\n",
+                                "type": "string"
+                              },
+                              "persistentVolume": {
+                                "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise. See note.\n",
+                                "type": "string"
+                              },
+                              "additionalInfo": {
+                                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                                "type": "object"
+                              }
+                            }
                           },
-                          "portConfigurable": {
-                            "description": "The Boolean is a data type having two values (true and false).\n",
-                            "type": "boolean"
+                          "containerNamespace": {
+                            "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed. This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise.\n",
+                            "type": "string"
                           }
                         }
+                      },
+                      "associatedExtCpId": {
+                        "description": "Identifier of the external CP associated to this network attachment definition resource. Shall be present  when the network attachment definition resource is used for external connectivity by the VNF.\n",
+                        "type": "array",
+                        "items": {
+                          "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                          "type": "string"
+                        }
+                      },
+                      "associatedVnfcCpId": {
+                        "description": "Identifier of the VNFC CP associated to this network attachment definition resource. May be present when  the network attachment definition resource is used for internal connectivity by the VNF.\n",
+                        "type": "array",
+                        "items": {
+                          "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                          "type": "string"
+                        }
                       }
-                    },
-                    "serviceInfo": {
-                      "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
-                      "type": "object"
                     }
                   }
                 }
-              },
-              "metadata": {
-                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
-                "type": "object"
               }
             }
-          }
-        },
-        "extVirtualLinkInfo": {
-          "description": "Information about the external VLs the VNF instance is connected to.\n",
-          "type": "array",
-          "items": {
-            "description": "This type represents information about an external VL.\nNOTE:\tThis attribute reflects the current configuration information that has resulted from merging into this attribute \n      the \"VnfExtCpData\" information which was passed as part of the \"ExtVirtualLinkData\" structure in the input of the \n      most recent VNF LCM operation such as \"InstantiateVnfRequest\", \"ChangeExtVnfConnectivityRequest\", \"ChangeVnfFlavourRequest\" \n      or \"ChangeCurrentVnfPkgRequest\", or in the Grant response. If applying such change results in an empty list of \n      \"currentVnfExtCpData\" structure instances, the affected instance of \"ExtVirtualLinkInfo\" shall be removed from its \n      parent data structure.\n",
+          },
+          "monitoringParameters": {
+            "description": "Active monitoring parameters.\n",
+            "type": "array",
+            "items": {
+              "type": "object",
+              "required": [
+                "id",
+                "performanceMetric"
+              ],
+              "properties": {
+                "id": {
+                  "description": "An identifier that is unique within a VNF descriptor.\n",
+                  "type": "string"
+                },
+                "vnfdId": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                },
+                "name": {
+                  "description": "Human readable name of the monitoring parameter, as defined in the VNFD.\n",
+                  "type": "string"
+                },
+                "performanceMetric": {
+                  "description": "Performance metric that is monitored. This attribute shall contain the related \"Measurement Name\" value as defined in clause 7.2 of ETSI GS NFV-IFA 027.\n",
+                  "type": "string"
+                }
+              }
+            }
+          },
+          "localizationLanguage": {
+            "description": "Information about localization language of the VNF (includes e.g. strings in the VNFD). The localization languages supported by a VNF can be declared in the VNFD, and localization language selection can take place at instantiation time. The value shall comply with the format defined in IETF RFC 5646.\n",
+            "type": "string"
+          },
+          "vnfcResourceInfo": {
+            "description": "This type represents the information on virtualised compute and storage resources used by a VNFC in a VNF instance. Depending on the form of virtualisation container of the VNFC:\n  - For a VNFC based on VM, a reference to the corresponding VirtualCompute shall be provided, and\n  - For a VNFC based on OS container(s), a reference to the Compute MCIO shall be provided. Hence, exposure \n    of information by the VNFM to the NFVO is at the MCIO level.\nIn addition, the references to the storage resources depend on the form of the VNFC:\n  - For a VNFC based on VM, storage resource identifiers shall refer to VirtualStorage resources, and\n  - For a VNFC based on OS container(s), storage resource identifiers shall refer to Storage MCIOs.\n\n\n* NOTE 1:\tETSI GS NFV-SOL 001 specifies the structure and format of the VNFD based on TOSCA specifications. * NOTE 2:\tA VNFC CP is \"connected to\" an external CP if the VNFC CP is connected to an internal VL that\n          exposes an external CP. A VNFC CP is \"exposed as\" an external CP if it is connected directly\n          to an external VL.\n* NOTE 3:\tThe information can be omitted because it is already available as part of the external CP information. * NOTE 4: If only the value or the presence of this attribute is changed in the \"VnfcResourceInfo\" structure by \n          an LCM operation occurrence, this does not represent a change that requires including a related \"AffectedVnfc\"\n          structure in the VNF LCM operation occurrence notifications or the \"VnfLcmOpOcc\" structure related to \n          this LCM operation occurrence.\n* NOTE 5: Cardinality greater than 1 is only applicable for specific cases where more than one network attachment \n          definition resource is needed to fulfil the connectivity requirements of the internal CP, e.g. to build \n          a link redundant mated pair in SR-IOV cases.\n* NOTE 6: When more than one netAttDefResourceId is indicated, all shall belong to the same namespace.\n",
             "type": "object",
             "required": [
               "id",
-              "resourceHandle",
-              "currentVnfExtCpData"
+              "vduId",
+              "computeResource"
             ],
             "properties": {
               "id": {
+                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                "type": "string"
+              },
+              "vduId": {
+                "description": "An identifier that is unique within a VNF descriptor.\n",
+                "type": "string"
+              },
+              "vnfdId": {
                 "description": "An identifier with the intention of being globally unique.\n",
                 "type": "string"
               },
-              "resourceHandle": {
+              "computeResource": {
                 "required": [
                   "resourceId"
                 ],
@@ -878,277 +1887,114 @@
                         "type": "string"
                       },
                       "persistentVolume": {
-                        "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise. See note.\n",
-                        "type": "string"
-                      },
-                      "additionalInfo": {
-                        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
-                        "type": "object"
-                      }
-                    }
-                  },
-                  "containerNamespace": {
-                    "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed. This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise.\n",
-                    "type": "string"
-                  }
-                }
-              },
-              "extLinkPorts": {
-                "description": "Link ports of this VL.\n",
-                "type": "array",
-                "items": {
-                  "description": "This type represents information about a link port of an external VL, i.e. a port providing connectivity for the VNF to  an NS VL.\nNOTE 1:\tThe use cases UC#4 and UC#5 in clause A.4 of ETSI GS NFV-IFA 007 provide examples for such a configuration. NOTE 2:\tThe value of \"trunkResourceId\" is scoped by the value of \"vimConnectionId\" in the \"resourceHandle\" attribute.\n",
-                  "type": "object",
-                  "required": [
-                    "id",
-                    "resourceHandle"
-                  ],
-                  "properties": {
-                    "id": {
-                      "description": "An identifier with the intention of being globally unique.\n",
-                      "type": "string"
-                    },
-                    "resourceHandle": {
-                      "required": [
-                        "resourceId"
-                      ],
-                      "type": "object",
-                      "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The information about the VIM or CISM connection referenced by the VIM connection id is known to the\n          VNFM. Moreover, the identifier of the VIM connection provides scope to the resourceId.\n\n* NOTE 2: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. When the container\n          infrastructure service is a Kubernetes® instance the vimLevelResourceType is the type of resource, as would \n          correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, e.g.: Pod, \n          PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 3: When the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the \n          following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
-                      "properties": {
-                        "vimConnectionId": {
-                          "description": "An identifier with the intention of being globally unique.\n",
-                          "type": "string"
-                        },
-                        "resourceProviderId": {
-                          "description": "An identifier with the intention of being globally unique.\n",
-                          "type": "string"
-                        },
-                        "resourceId": {
-                          "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
-                          "type": "string"
-                        },
-                        "vimLevelResourceType": {
-                          "description": "Type of the resource in the scope of the VIM or the CISM or the resource provider. See note 2.\n",
-                          "type": "string"
-                        },
-                        "vimLevelAdditionalResourceInfo": {
-                          "description": "This type represents additional resource information which resource and resource type specific, and which is available from the VIM or the CISM or the resource provider.\n* NOTE: At least one attribute shall be present.\n",
-                          "type": "object",
-                          "properties": {
-                            "hostName": {
-                              "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the scope of the CISM and shall be absent otherwise. See note.\n",
-                              "type": "string"
-                            },
-                            "persistentVolume": {
-                              "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise. See note.\n",
-                              "type": "string"
-                            },
-                            "additionalInfo": {
-                              "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
-                              "type": "object"
-                            }
-                          }
-                        },
-                        "containerNamespace": {
-                          "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed. This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise.\n",
-                          "type": "string"
-                        }
+                        "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise. See note.\n",
+                        "type": "string"
+                      },
+                      "additionalInfo": {
+                        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                        "type": "object"
                       }
-                    },
-                    "cpInstanceId": {
-                      "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-                      "type": "string"
-                    },
-                    "secondaryCpInstanceId": {
-                      "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-                      "type": "string"
-                    },
-                    "trunkResourceId": {
-                      "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
-                      "type": "string"
                     }
+                  },
+                  "containerNamespace": {
+                    "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed. This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise.\n",
+                    "type": "string"
                   }
                 }
               },
-              "currentVnfExtCpData":  {
-                "description": "Allows the API consumer to read the current CP configuration information for the connection of external CPs  to the external virtual link. See note.\n",
+              "storageResourceIds": {
+                "description": "References to the VirtualStorage resources or references to Storage MCIO(s).  The value refers to a VirtualStorageResourceInfo item in the VnfInstance.\n",
+                "type": "array",
+                "items": {
+                  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                  "type": "string"
+                }
+              },
+              "reservationId": {
+                "description": "An identifier with the intention of being globally unique.\n",
+                "type": "string"
+              },
+              "vnfcCpInfo": {
+                "description": "All the CPs of the VNFC instance.\n",
                 "type": "array",
                 "items": {
-                  "description": "This type represents configuration information for external CPs created. * NOTE 1: \tIn case this identifier refers to a CPD with trunking enabled, the external CP instances created\n              from this CPD will represent ports in a trunk.\n* NOTE 2: \tWithin one VNF instance, all VNFC instances created from a particular VDU have the same external\n              connectivity. Thus, given a particular value of the \"cpdId\" attribute, there shall be one\n              \"cpConfig\" entry for each VNFC instance that has been or can be created from a VDU which includes\n              a CPD identified by the \"cpdId\" attribute. If the cpConfig represents a subport in a trunk,\n              all \"cpConfig\" entries in this list shall have the same segmentationId, which means they are\n              connected to the same set of external VLs via the trunk.\n* NOTE 3: \tThe map entry value shall be set to \"null\" in order to delete a \"VnfExtCpConfig\" entry identified\n              by a particular key value from the map, i.e. for the disconnection of an existing external\n              CP instance addressed by cpInstanceId in the deleted map entry from a particular external\n              virtual link, and deletion of that instance in case it represents a subport. Deleting the\n              last key from the map removes the affected instance of the \"VnfExtCpData\" structure from\n              its parent data structure.\n* NOTE 4:   If, as defined by the input parameters of a \"ChangeVnfFlavour\", \"ChangeExtVnfConnectivity\" or\n            \"ChangeCurrentVnfPkg\" operation, a cpConfig map entry identified by a particular map key value \n            is moved into another \"ExtVirtualLinkData\" or \"VnfExtCpData\" structure, this particular cpConfig\n            map entry may be used by an external CP instance different than the one that has used it before the\n            operation, or by no external CP instance at all. Renaming a CPD identifier during the \"changeCurrentVnfPkg\"\n            operation does not count as moving the related \"cpConfig\" map entries to a new \"extCpData\" structure.\n",
                   "type": "object",
                   "required": [
+                    "id",
                     "cpdId"
                   ],
                   "properties": {
+                    "id": {
+                      "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                      "type": "string"
+                    },
                     "cpdId": {
                       "description": "An identifier that is unique within a VNF descriptor.\n",
                       "type": "string"
                     },
-                    "cpConfig": {
-                      "description": "Map of instance data that need to be configured on the CP instances created from the respective CPD. The key of the map which identifies the individual VnfExtCpConfig entries is of type \"IdentifierInVnf\" and is managed by the NFVO. The entries shall be applied by the VNFM according to the rules of JSON Merge Patch (see IETF RFC 7396). See notes 2, 3 and 4.\n",
-                      "type": "object",
-                      "additionalProperties": {
-                        "description": "This type represents an externally provided link port, or a network attachment definition resource of secondary container cluster network, or network address information per instance of an external connection point. In the case of VM-based deployment of the VNFC exposing the external CP:\n  1.  In case a link port is provided, the VNFM shall use that link port when connecting the external CP to the\n      external VL.\n  2.  In case a link port is not provided, the VNFM shall create a link port on the external VL and use that link port\n      to connect the external CP to the external VL.\nIn the case of container-based deployment of the VNFC exposing the external CP, the VNFM shall use the network attachment definition resource of secondary container cluster network when connecting the CP to the external VL.\n* NOTE 1: The following conditions apply to the attributes \"linkPortId\" and \"cpProtocolData\" for an external CP\n          instance connected or to be connected to a virtual network not categorized as secondary container cluster network:\n          1) Void.\n          2) At least one of the \"linkPortId\" and \"cpProtocolData\" attributes shall be present for an external CP instance\n          representing a subport that is to be created, or an external CP instance that is to be created by creating the\n          corresponding VNFC or VNF instance during the current or a subsequent LCM operation, or for an existing\n          external CP instance that is to be re-configured or added to a particular external virtual link.\n          3) If the \"linkPortId\" attribute is absent, the VNFM shall create a link port.\n          4) If the \"cpProtocolData\" attribute is absent, the \"linkPortId\" attribute shall be provided referencing a\n          precreated link port, and the VNFM can use means outside the scope of the present document to obtain the\n          pre-configured address information for the connection point from the resource representing the link port.\n          5) If both \"cpProtocolData\" and \"linkportId\" are provided, the NFVO shall ensure that the\n          cpProtocolData can be used with the pre-created link port referenced by \"linkPortId\".\n\n* NOTE 2: The following conditions apply to the attributes ΓÇ£netAttDefResourceIdΓÇ¥ and ΓÇ£cpProtocolDataΓÇ¥ for an external CP\n          instance connected or to be connected to a secondary container cluster network:\n          1) Void.\n          2) The \"netAttDefResourceId\" attribute shall be present and the \"cpProtocolData\" attribute may be present for\n          a to-be-created external CP instance or an existing external CP instance.\n* NOTE 3: Cardinality greater than 1 is only applicable for specific cases where more than one network attachment\n          definition resource is needed to fulfil the connectivity requirements of the external CP, e.g. to build a link\n          redundant mated pair in SR-IOV cases. When more than one netAttDefResourceId is indicated, all shall belong\n          to the same namespace as defined by the corresponding \"containerNamespace\" attribute in the\n          \"resourceHandle\" attribute in the \"NetAttDefResourceData\".\n* NOTE 4: Either linkPortId or netAttDefResourceId may be included, but not both.\n",
-                        "anyOf": [
-                          {
-                            "required": [
-                              "linkPortId"
-                            ]
-                          },
-                          {
-                            "required": [
-                              "cpProtocolData"
-                            ]
-                          },
-                          {
-                            "required": [
-                              "netAttDefResourceId"
-                            ]
-                          }
-                        ],
+                    "vnfExtCpId": {
+                      "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                      "type": "string"
+                    },
+                    "cpProtocolInfo": {
+                      "description": "Network protocol information for this CP. May be omitted if the VNFC CP is exposed as an external CP. The information can be omitted because it is already available as part of the external CP information. See note 3.\n",
+                      "type": "array",
+                      "items": {
+                        "description": "This type describes the protocol layer(s) that a CP uses together with protocol-related information, like addresses.\nNOTE:\tThis attribute allows to signal the addition of further types of layer and protocol in future versions of the \n      present document in a backwards-compatible way. In the current version of the present document, only IP over \n      Ethernet is supported.\n",
                         "type": "object",
+                        "required": [
+                          "layerProtocol"
+                        ],
                         "properties": {
-                          "parentCpConfigId": {
-                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-                            "type": "string"
-                          },
-                          "linkPortId": {
-                            "description": "An identifier with the intention of being globally unique.\n",
-                            "type": "string"
-                          },
-                          "createExtLinkPort": {
-                            "description": "Indicates to the VNFM the need to create a dedicated link port for the external CP. If set to True, the VNFM shall create a link port. If set to False, the VNFM shall not create a link port. This attribute is only applicable for external CP instances without a floating IP address that expose a virtual IP CP instance for which a dedicated IP address is allocated. It shall be present in that case and shall be absent otherwise.\n",
-                            "type": "boolean"
+                          "layerProtocol": {
+                            "description": "The identifier of layer(s) and protocol(s) associated to the network address information.\nPermitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
+                            "type": "string",
+                            "enum": [
+                              "IP_OVER_ETHERNET",
+                              "IP_FOR_VIRTUAL_CP"
+                            ]
                           },
-                          "cpProtocolData": {
-                            "description": "Parameters for configuring the network protocols on the link port that connects the CP to a VL. See notes 1 and 2.\n",
-                            "type": "array",
-                            "items": {
-                              "description": "This type represents network protocol data. * NOTE:\tThis attribute allows to signal the addition of further types of layer and protocol\n          in future versions of the present document in a backwards-compatible way. In the current\n          version of the present document, only IP over Ethernet is supported.\n",
-                              "type": "object",
-                              "required": [
-                                "layerProtocol"
-                              ],
-                              "properties": {
-                                "layerProtocol": {
-                                  "description": "Identifier of layer(s) and protocol(s). Permitted values:\n  - IP_OVER_ETHERNET.\n  - IP_FOR_VIRTUAL_CP\nSee note\n",
-                                  "type": "string",
-                                  "enum": [
-                                    "IP_OVER_ETHERNET",
-                                    "IP_FOR_VIRTUAL_CP"
-                                  ]
-                                },
-                                "ipOverEthernet": {
-                                  "description": "This type represents network address data for IP over Ethernet to assign to the external CP. * NOTE 1:\tAt least one of \"macAddress\" or \"ipAddresses\" shall be present. * NOTE 2:\tExactly one of \"fixedAddresses\", \"numDynamicAddresses\" or \"ipAddressRange\" shall be present. * NOTE 3:\tIf the CP instance represents a subport in a trunk, segmentationId shall be present.\n          Otherwise it shall not be present.\n* NOTE 4:\tDepending on the NFVI networking infrastructure, the segmentationId may indicate the actual\n          network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header\n          of the packets or it may be an identifier used between the application and the NFVI networking\n          infrastructure to identify the network sub-interface of the trunk port in question. In the latter\n          case the NFVI infrastructure will map this local segmentationId to whatever segmentationId is\n          actually used by the NFVI's transport technology.\n",
-                                  "type": "object",
-                                  "anyOf": [
-                                    {
-                                      "required": [
-                                        "macAddress"
-                                      ]
-                                    },
-                                    {
-                                      "required": [
-                                        "ipAddresses"
-                                      ]
-                                    }
-                                  ],
-                                  "oneOf": [
-                                    {
-                                      "required": [
-                                        "fixedAddresses"
-                                      ]
-                                    },
-                                    {
-                                      "required": [
-                                        "numDynamicAddresses"
-                                      ]
-                                    },
-                                    {
-                                      "required": [
-                                        "ipAddressRange"
-                                      ]
-                                    }
-                                  ],
-                                  "properties": {
-                                    "macAddress": {
-                                      "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
-                                      "type": "string",
-                                      "format": "MAC"
-                                    },
-                                    "segmentationType": {
-                                      "description": "Specifies the encapsulation type for the traffics coming in and out of the trunk subport. Permitted values: -\tVLAN: the subport uses VLAN as encapsulation type. -\tINHERIT: the subport gets its segmentation type from the network itΓÇÖs connected to. This attribute may be present for CP instances that represent subports in a trunk and shall be absent otherwise. If this attribute is not present for a subport CP instance, default value VLAN shall be used.\n",
-                                      "type": "string",
-                                      "enum": [
-                                        "VLAN",
-                                        "INHERIT"
-                                      ]
-                                    },
-                                    "segmentationId": {
-                                      "description": "Identification of the network segment to which the CP instance connects to. See note 3 and note 4.\n",
-                                      "type": "string"
-                                    },
-                                    "ipAddresses": {
-                                      "description": "List of IP addresses to assign to the CP instance. Each entry represents IP address data for fixed or dynamic IP address assignment per subnet. If this attribute is not present, no IP address shall be assigned. See note 1.\n",
-                                      "type": "array",
-                                      "items": {
-                                        "type": "object",
-                                        "required": [
-                                          "type"
-                                        ],
-                                        "properties": {
-                                          "type": {
-                                            "description": "The type of the IP addresses. Permitted values: IPV4, IPV6.\n",
-                                            "type": "string",
-                                            "enum": [
-                                              "IPV4",
-                                              "IPV6"
-                                            ]
-                                          },
-                                          "fixedAddresses": {
-                                            "description": "Fixed addresses to assign (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
-                                            "type": "array",
-                                            "items": {
-                                              "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-                                              "type": "string",
-                                              "format": "IP"
-                                            }
-                                          },
-                                          "numDynamicAddresses": {
-                                            "description": "Number of dynamic addresses to assign (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
-                                            "type": "integer"
-                                          },
-                                          "addressRange": {
-                                            "description": "An IP address range to be used, e.g. in case of egress connections. In case this attribute is present, IP addresses from the range will be used. See note 2.\n",
-                                            "type": "object",
-                                            "required": [
-                                              "minAddress",
-                                              "maxAddress"
-                                            ],
-                                            "properties": {
-                                              "minAddress": {
-                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-                                                "type": "string",
-                                                "format": "IP"
-                                              },
-                                              "maxAddress": {
-                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-                                                "type": "string",
-                                                "format": "IP"
-                                              }
-                                            }
-                                          },
-                                          "subnetId": {
-                                            "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
-                                            "type": "string"
-                                          }
-                                        }
-                                      }
-                                    }
-                                  }
-                                },
-                                "virtualCpAddress": {
-                                  "description": "This type represents network address data for a virtual CP.\n* NOTE 1: If the container cluster is set up to be able to configure an external load balancer this address will be used,\n          otherwise it will be ignored by the CISM.\n\n* NOTE 2: In case the cluster can configure an external load balancer but no loadBalancerIp is provided the container\n          cluster will assign an IP address.\n\n* NOTE 3: The attribute is only relevant if the virtual CP is instantiated in a cluster that supports configuration of IP address pools for virtual CPs. Otherwise it shall be ignored. MetalLB is an example of a solution for Kubernetes® that supports configuration of address pools for load balancer services.\n\n* NOTE 4: The loadBalancerIp and the addressPoolName attributes shall not be present at the same time.\n",
+                          "ipOverEthernet": {
+                            "description": "This type represents information about a network address that has been assigned.\nNOTE 1:\tAt least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2:\tExactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3:\tIf the Cp instance represents a subport in a trunk, segmentationId shall be present. \n        Otherwise it shall not be present.\nNOTE 4:\tDepending on the NFVI networking infrastructure, the segmentationId may indicate the \n        actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the \n        transport header of the packets or it may be an identifier used between the application \n        and the NFVI networking infrastructure to identify the network sub-interface of the trunk \n        port in question. In the latter case the NFVI infrastructure will map this local segmentationId \n        to whatever segmentationId is actually used by the NFVIΓÇÖs transport technology.\n",
+                            "type": "object",
+                            "anyOf": [
+                              {
+                                "required": [
+                                  "macAddress"
+                                ]
+                              },
+                              {
+                                "required": [
+                                  "ipAddresses"
+                                ]
+                              }
+                            ],
+                            "oneOf": [
+                              {
+                                "required": [
+                                  "addresses"
+                                ]
+                              },
+                              {
+                                "required": [
+                                  "addressRange"
+                                ]
+                              }
+                            ],
+                            "properties": {
+                              "macAddress": {
+                                "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
+                                "type": "string",
+                                "format": "MAC"
+                              },
+                              "segmentationId": {
+                                "description": "Identification of the network segment to which the Cp instance connects to. See notes 3 and 4.\n",
+                                "type": "string"
+                              },
+                              "ipAddresses": {
+                                "description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or  dynamic IP address assignment per subnet. See note 1.\n",
+                                "type": "array",
+                                "items": {
                                   "type": "object",
                                   "required": [
                                     "type"
@@ -1162,13 +2008,41 @@
                                         "IPV6"
                                       ]
                                     },
-                                    "loadBalancerIp": {
-                                      "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-                                      "type": "string",
-                                      "format": "IP"
+                                    "addresses": {
+                                      "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
+                                      "type": "array",
+                                      "items": {
+                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                        "type": "string",
+                                        "format": "IP"
+                                      }
                                     },
-                                    "addressPoolName": {
-                                      "description": "Name of an address pool from which an IP address is assigned to the virtual CP.\n",
+                                    "isDynamic": {
+                                      "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
+                                      "type": "boolean"
+                                    },
+                                    "addressRange": {
+                                      "description": "An IP address range used, e.g. in case of egress connections. See note 2.\n",
+                                      "type": "object",
+                                      "required": [
+                                        "minAddress",
+                                        "maxAddress"
+                                      ],
+                                      "properties": {
+                                        "minAddress": {
+                                          "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                          "type": "string",
+                                          "format": "IP"
+                                        },
+                                        "maxAddress": {
+                                          "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                          "type": "string",
+                                          "format": "IP"
+                                        }
+                                      }
+                                    },
+                                    "subnetId": {
+                                      "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
                                       "type": "string"
                                     }
                                   }
@@ -1176,122 +2050,88 @@
                               }
                             }
                           },
-                          "netAttDefResourceId": {
-                            "description": "Identifier of the ΓÇ£NetAttDefResourceDataΓÇ¥ structure that provides the specification of the interface to attach the external CP to a secondary container cluster network. It is only applicable if the external CP is connected or to be connected to a secondary container cluster network. It shall not be present if the external CP is related to a virtual network not categorized as secondary container cluster network. See notes 2, 3 and 4.\n",
-                            "type": "array",
-                            "items": {
-                              "description": "An identifier with the intention of being globally unique.\n",
-                              "type": "string"
+                          "virtualCpAddress": {
+                            "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
+                            "type": "object",
+                            "required": [
+                              "type"
+                            ],
+                            "properties": {
+                              "type": {
+                                "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
+                                "type": "string",
+                                "enum": [
+                                  "IPV4",
+                                  "IPV6"
+                                ]
+                              },
+                              "loadBalancerIp": {
+                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                "type": "string",
+                                "format": "IP"
+                              },
+                              "addressPoolName": {
+                                "description": "Name of an address pool from which an IP address is assigned to the virtual CP.\n",
+                                "type": "string"
+                              }
                             }
                           }
                         }
                       }
-                    }
-                  }
-                }
-              },
-              "extNetAttDefResource": {
-                "description": "Network attachment definition resources that provide the specification of the interface to attach connection points  to this VL.\n",
-                "type": "array",
-                "items": {
-                  "description": "This type contains information related to a network attachment definition resource that provides the  specification of the interface used to connect one or multiple connection points to a secondary container  cluster network.\n",
-                  "type": "object",
-                  "required": [
-                    "netAttDefResourceInfoId",
-                    "netAttDefResource"
-                  ],
-                  "properties": {
-                    "netAttDefResourceInfoId": {
-                      "description": "An identifier with the intention of being globally unique.\n",
+                    },
+                    "vnfLinkPortId": {
+                      "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
                       "type": "string"
                     },
-                    "netAttDefResource": {
-                      "required": [
-                        "resourceId"
-                      ],
-                      "type": "object",
-                      "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The information about the VIM or CISM connection referenced by the VIM connection id is known to the\n          VNFM. Moreover, the identifier of the VIM connection provides scope to the resourceId.\n\n* NOTE 2: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. When the container\n          infrastructure service is a Kubernetes® instance the vimLevelResourceType is the type of resource, as would \n          correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, e.g.: Pod, \n          PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 3: When the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the \n          following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
-                      "properties": {
-                        "vimConnectionId": {
-                          "description": "An identifier with the intention of being globally unique.\n",
-                          "type": "string"
-                        },
-                        "resourceProviderId": {
-                          "description": "An identifier with the intention of being globally unique.\n",
-                          "type": "string"
-                        },
-                        "resourceId": {
-                          "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
-                          "type": "string"
-                        },
-                        "vimLevelResourceType": {
-                          "description": "Type of the resource in the scope of the VIM or the CISM or the resource provider. See note 2.\n",
-                          "type": "string"
-                        },
-                        "vimLevelAdditionalResourceInfo": {
-                          "description": "This type represents additional resource information which resource and resource type specific, and which is available from the VIM or the CISM or the resource provider.\n* NOTE: At least one attribute shall be present.\n",
-                          "type": "object",
-                          "properties": {
-                            "hostName": {
-                              "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the scope of the CISM and shall be absent otherwise. See note.\n",
-                              "type": "string"
-                            },
-                            "persistentVolume": {
-                              "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise. See note.\n",
-                              "type": "string"
-                            },
-                            "additionalInfo": {
-                              "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
-                              "type": "object"
-                            }
-                          }
-                        },
-                        "containerNamespace": {
-                          "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed. This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise.\n",
-                          "type": "string"
-                        }
-                      }
+                    "parentCpId": {
+                      "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                      "type": "string"
                     },
-                    "associatedExtCpId": {
-                      "description": "Identifier of the external CP associated to this network attachment definition resource. Shall be present  when the network attachment definition resource is used for external connectivity by the VNF.\n",
+                    "netAttDefResourceId": {
+                      "description": "Identifier of the ΓÇ£NetAttDefResourceInfoΓÇ¥ structure that provides the specification of the interface  to attach the connection point to a secondary container cluster network. See notes 5 and 6. It shall be present if the internal CP is associated to a VNFC realized by one or a set of OS  containers and is connected to a secondary container cluster network. It shall not be present otherwise.\n",
                       "type": "array",
                       "items": {
-                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                        "description": "An identifier with the intention of being globally unique.\n",
                         "type": "string"
                       }
                     },
-                    "associatedVnfcCpId": {
-                      "description": "Identifier of the VNFC CP associated to this network attachment definition resource. May be present when  the network attachment definition resource is used for internal connectivity by the VNF.\n",
-                      "type": "array",
-                      "items": {
-                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-                        "type": "string"
-                      }
+                    "metadata": {
+                      "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                      "type": "object"
+                    },
+                    "certificateContentId": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
                     }
                   }
                 }
+              },
+              "metadata": {
+                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                "type": "object"
+              },
+              "certificateContentId": {
+                "description": "An identifier with the intention of being globally unique.\n",
+                "type": "string"
               }
             }
-          }
-        },
-        "extManagedVirtualLinkInfo": {
-          "description": "Information about the externally managed internal VLs of the VNF instance. See note 5 and note 6. It is possible to have several ExtManagedVirtualLinkInfo for the same VNF internal VL in case of a multi-site VNF spanning several VIMs. The set of ExtManagedVirtualLinkInfo corresponding to the same VNF internal VL shall indicate so by referencing to the same VnfVirtualLinkDesc and externally-managed multi-site VL instance (refer to clause 5.5.3.5). Even though externally-managed internal VLs are also used for VNF-internal connectivity, they shall not be listed in the \"vnfVirtualLinkResourceInfo\" attribute as this would be redundant.\n",
-          "type": "array",
-          "items": {
-            "description": "This type provides information about an externally-managed virtual link.\n",
+          },
+          "vnfVirtualLinkResourceInfo": {
+            "description": "This type represents the information that allows addressing a virtualised resource that is used by an internal VL instance in a VNF instance. NOTE: If only the value or the presence of this attribute is changed in the \"VnfVirtualLinkResourceInfo\" \n      structure by an LCM operation occurrence, this does not represent a change that requires including a \n      related \"AffectedVirtualLink\" structure in the VNF LCM operation occurrence notifications or the \n      \"VnfLcmOpOcc\" structure related to this LCM operation occurrence.\n",
             "type": "object",
             "required": [
               "id",
               "vnfVirtualLinkDescId",
-              "networkResource"
+              "networkResource",
+              "vnfLinkPorts"
             ],
             "properties": {
               "id": {
-                "description": "An identifier with the intention of being globally unique.\n",
+                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
                 "type": "string"
               },
               "vnfVirtualLinkDescId": {
-                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                "description": "An identifier that is unique within a VNF descriptor.\n",
                 "type": "string"
               },
               "vnfdId": {
@@ -1345,8 +2185,12 @@
                   }
                 }
               },
+              "reservationId": {
+                "description": "An identifier with the intention of being globally unique.\n",
+                "type": "string"
+              },
               "vnfLinkPorts": {
-                "description": "Link ports of this VL.\n",
+                "description": "Links ports of this VL. Shall be present when the linkPort is used for external connectivity by the VNF (refer to VnfLinkPortInfo). May be present otherwise.\n",
                 "type": "array",
                 "items": {
                   "description": "This type represents a link port of an internal VL of a VNF.\nNOTE 1: Either cpInstanceId with cpInstanceType set to \"EXT_CP\" or any combination of cpInstanceId\n        with cpInstanceType set to \"VNFC_CP\" and vipCpInstanceId (i.e. one or both of them) shall be \n        present for a VnfLinkPortInfo. In case both cpInstanceId with cpInstanceType set to \"VNFC_CP\" \n        and vipCpInstanceId are present, the two different CP instances share the linkport.\nNOTE 2: Annex A.4 of ETSI GS NFV-IFA 007 provides examples for configurations where both vipCpInstanceId\n        and vnfcCpInstanceId are present (UC#5 and UC#5-b), only vnfcCpInstanceId is present (UC#2), or \n        only vipCpInstanceId is present (UC6 and UC#6-b).\nNOTE 3: The value of \"trunkResourceId\" is scoped by the value of \"vimConnectionId\" in the \"resourceHandle\"\n        attribute.\n",
@@ -1430,101 +2274,26 @@
                   }
                 }
               },
-              "vnfNetAttDefResource": {
-                "description": "Network attachment definition resources that provide the specification of the interface  to attach connection points to this VL.\n",
-                "type": "array",
-                "items": {
-                  "description": "This type contains information related to a network attachment definition resource that provides the  specification of the interface used to connect one or multiple connection points to a secondary container  cluster network.\n",
-                  "type": "object",
-                  "required": [
-                    "netAttDefResourceInfoId",
-                    "netAttDefResource"
-                  ],
-                  "properties": {
-                    "netAttDefResourceInfoId": {
-                      "description": "An identifier with the intention of being globally unique.\n",
-                      "type": "string"
-                    },
-                    "netAttDefResource": {
-                      "required": [
-                        "resourceId"
-                      ],
-                      "type": "object",
-                      "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The information about the VIM or CISM connection referenced by the VIM connection id is known to the\n          VNFM. Moreover, the identifier of the VIM connection provides scope to the resourceId.\n\n* NOTE 2: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. When the container\n          infrastructure service is a Kubernetes® instance the vimLevelResourceType is the type of resource, as would \n          correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, e.g.: Pod, \n          PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 3: When the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the \n          following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
-                      "properties": {
-                        "vimConnectionId": {
-                          "description": "An identifier with the intention of being globally unique.\n",
-                          "type": "string"
-                        },
-                        "resourceProviderId": {
-                          "description": "An identifier with the intention of being globally unique.\n",
-                          "type": "string"
-                        },
-                        "resourceId": {
-                          "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
-                          "type": "string"
-                        },
-                        "vimLevelResourceType": {
-                          "description": "Type of the resource in the scope of the VIM or the CISM or the resource provider. See note 2.\n",
-                          "type": "string"
-                        },
-                        "vimLevelAdditionalResourceInfo": {
-                          "description": "This type represents additional resource information which resource and resource type specific, and which is available from the VIM or the CISM or the resource provider.\n* NOTE: At least one attribute shall be present.\n",
-                          "type": "object",
-                          "properties": {
-                            "hostName": {
-                              "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the scope of the CISM and shall be absent otherwise. See note.\n",
-                              "type": "string"
-                            },
-                            "persistentVolume": {
-                              "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise. See note.\n",
-                              "type": "string"
-                            },
-                            "additionalInfo": {
-                              "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
-                              "type": "object"
-                            }
-                          }
-                        },
-                        "containerNamespace": {
-                          "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed. This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise.\n",
-                          "type": "string"
-                        }
-                      }
-                    },
-                    "associatedExtCpId": {
-                      "description": "Identifier of the external CP associated to this network attachment definition resource. Shall be present  when the network attachment definition resource is used for external connectivity by the VNF.\n",
-                      "type": "array",
-                      "items": {
-                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-                        "type": "string"
-                      }
-                    },
-                    "associatedVnfcCpId": {
-                      "description": "Identifier of the VNFC CP associated to this network attachment definition resource. May be present when  the network attachment definition resource is used for internal connectivity by the VNF.\n",
-                      "type": "array",
-                      "items": {
-                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-                        "type": "string"
-                      }
-                    }
-                  }
-                }
+              "metadata": {
+                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                "type": "object"
               }
             }
-          }
-        },
-        "monitoringParameters": {
-          "description": "Active monitoring parameters.\n",
-          "type": "array",
-          "items": {
+          },
+          "virtualStorageResourceInfo":{
+            "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance.\nNOTE: If only the value or the presence of this attribute is changed in the \"VirtualStorageResourceInfo\" structure by an LCM operation occurrence, this does not represent a change that requires  including a related \"AffectedVirtualStorage\" structure in the VNF LCM operation occurrence  notifications or the \"VnfLcmOpOcc\" structure related to this LCM operation occurrence.\n",
             "type": "object",
             "required": [
               "id",
-              "performanceMetric"
+              "virtualStorageDescId",
+              "storageResource"
             ],
             "properties": {
               "id": {
+                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                "type": "string"
+              },
+              "virtualStorageDescId": {
                 "description": "An identifier that is unique within a VNF descriptor.\n",
                 "type": "string"
               },
@@ -1532,820 +2301,417 @@
                 "description": "An identifier with the intention of being globally unique.\n",
                 "type": "string"
               },
-              "name": {
-                "description": "Human readable name of the monitoring parameter, as defined in the VNFD.\n",
-                "type": "string"
-              },
-              "performanceMetric": {
-                "description": "Performance metric that is monitored. This attribute shall contain the related \"Measurement Name\" value as defined in clause 7.2 of ETSI GS NFV-IFA 027.\n",
-                "type": "string"
-              }
-            }
-          }
-        },
-        "localizationLanguage": {
-          "description": "Information about localization language of the VNF (includes e.g. strings in the VNFD). The localization languages supported by a VNF can be declared in the VNFD, and localization language selection can take place at instantiation time. The value shall comply with the format defined in IETF RFC 5646.\n",
-          "type": "string"
-        },
-        "vnfcResourceInfo": {
-          "description": "This type represents the information on virtualised compute and storage resources used by a VNFC in a VNF instance. Depending on the form of virtualisation container of the VNFC:\n  - For a VNFC based on VM, a reference to the corresponding VirtualCompute shall be provided, and\n  - For a VNFC based on OS container(s), a reference to the Compute MCIO shall be provided. Hence, exposure \n    of information by the VNFM to the NFVO is at the MCIO level.\nIn addition, the references to the storage resources depend on the form of the VNFC:\n  - For a VNFC based on VM, storage resource identifiers shall refer to VirtualStorage resources, and\n  - For a VNFC based on OS container(s), storage resource identifiers shall refer to Storage MCIOs.\n\n\n* NOTE 1:\tETSI GS NFV-SOL 001 specifies the structure and format of the VNFD based on TOSCA specifications. * NOTE 2:\tA VNFC CP is \"connected to\" an external CP if the VNFC CP is connected to an internal VL that\n          exposes an external CP. A VNFC CP is \"exposed as\" an external CP if it is connected directly\n          to an external VL.\n* NOTE 3:\tThe information can be omitted because it is already available as part of the external CP information. * NOTE 4: If only the value or the presence of this attribute is changed in the \"VnfcResourceInfo\" structure by \n          an LCM operation occurrence, this does not represent a change that requires including a related \"AffectedVnfc\"\n          structure in the VNF LCM operation occurrence notifications or the \"VnfLcmOpOcc\" structure related to \n          this LCM operation occurrence.\n* NOTE 5: Cardinality greater than 1 is only applicable for specific cases where more than one network attachment \n          definition resource is needed to fulfil the connectivity requirements of the internal CP, e.g. to build \n          a link redundant mated pair in SR-IOV cases.\n* NOTE 6: When more than one netAttDefResourceId is indicated, all shall belong to the same namespace.\n",
-          "type": "object",
-          "required": [
-            "id",
-            "vduId",
-            "computeResource"
-          ],
-          "properties": {
-            "id": {
-              "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-              "type": "string"
-            },
-            "vduId": {
-              "description": "An identifier that is unique within a VNF descriptor.\n",
-              "type": "string"
-            },
-            "vnfdId": {
-              "description": "An identifier with the intention of being globally unique.\n",
-              "type": "string"
-            },
-            "computeResource": {
-              "required": [
-                "resourceId"
-              ],
-              "type": "object",
-              "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The information about the VIM or CISM connection referenced by the VIM connection id is known to the\n          VNFM. Moreover, the identifier of the VIM connection provides scope to the resourceId.\n\n* NOTE 2: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. When the container\n          infrastructure service is a Kubernetes® instance the vimLevelResourceType is the type of resource, as would \n          correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, e.g.: Pod, \n          PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 3: When the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the \n          following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
-              "properties": {
-                "vimConnectionId": {
-                  "description": "An identifier with the intention of being globally unique.\n",
-                  "type": "string"
-                },
-                "resourceProviderId": {
-                  "description": "An identifier with the intention of being globally unique.\n",
-                  "type": "string"
-                },
-                "resourceId": {
-                  "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
-                  "type": "string"
-                },
-                "vimLevelResourceType": {
-                  "description": "Type of the resource in the scope of the VIM or the CISM or the resource provider. See note 2.\n",
-                  "type": "string"
-                },
-                "vimLevelAdditionalResourceInfo": {
-                  "description": "This type represents additional resource information which resource and resource type specific, and which is available from the VIM or the CISM or the resource provider.\n* NOTE: At least one attribute shall be present.\n",
-                  "type": "object",
-                  "properties": {
-                    "hostName": {
-                      "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the scope of the CISM and shall be absent otherwise. See note.\n",
-                      "type": "string"
-                    },
-                    "persistentVolume": {
-                      "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise. See note.\n",
-                      "type": "string"
-                    },
-                    "additionalInfo": {
-                      "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
-                      "type": "object"
-                    }
-                  }
-                },
-                "containerNamespace": {
-                  "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed. This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise.\n",
-                  "type": "string"
-                }
-              }
-            },
-            "storageResourceIds": {
-              "description": "References to the VirtualStorage resources or references to Storage MCIO(s).  The value refers to a VirtualStorageResourceInfo item in the VnfInstance.\n",
-              "type": "array",
-              "items": {
-                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-                "type": "string"
-              }
-            },
-            "reservationId": {
-              "description": "An identifier with the intention of being globally unique.\n",
-              "type": "string"
-            },
-            "vnfcCpInfo": {
-              "description": "All the CPs of the VNFC instance.\n",
-              "type": "array",
-              "items": {
-                "type": "object",
+              "storageResource": {
                 "required": [
-                  "id",
-                  "cpdId"
+                  "resourceId"
                 ],
+                "type": "object",
+                "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The information about the VIM or CISM connection referenced by the VIM connection id is known to the\n          VNFM. Moreover, the identifier of the VIM connection provides scope to the resourceId.\n\n* NOTE 2: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. When the container\n          infrastructure service is a Kubernetes® instance the vimLevelResourceType is the type of resource, as would \n          correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, e.g.: Pod, \n          PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 3: When the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the \n          following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                 "properties": {
-                  "id": {
-                    "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-                    "type": "string"
-                  },
-                  "cpdId": {
-                    "description": "An identifier that is unique within a VNF descriptor.\n",
+                  "vimConnectionId": {
+                    "description": "An identifier with the intention of being globally unique.\n",
                     "type": "string"
                   },
-                  "vnfExtCpId": {
-                    "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                  "resourceProviderId": {
+                    "description": "An identifier with the intention of being globally unique.\n",
                     "type": "string"
                   },
-                  "cpProtocolInfo": {
-                    "description": "Network protocol information for this CP. May be omitted if the VNFC CP is exposed as an external CP. The information can be omitted because it is already available as part of the external CP information. See note 3.\n",
-                    "type": "array",
-                    "items": {
-                      "description": "This type describes the protocol layer(s) that a CP uses together with protocol-related information, like addresses.\nNOTE:\tThis attribute allows to signal the addition of further types of layer and protocol in future versions of the \n      present document in a backwards-compatible way. In the current version of the present document, only IP over \n      Ethernet is supported.\n",
-                      "type": "object",
-                      "required": [
-                        "layerProtocol"
-                      ],
-                      "properties": {
-                        "layerProtocol": {
-                          "description": "The identifier of layer(s) and protocol(s) associated to the network address information.\nPermitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
-                          "type": "string",
-                          "enum": [
-                            "IP_OVER_ETHERNET",
-                            "IP_FOR_VIRTUAL_CP"
-                          ]
-                        },
-                        "ipOverEthernet": {
-                          "description": "This type represents information about a network address that has been assigned.\nNOTE 1:\tAt least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2:\tExactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3:\tIf the Cp instance represents a subport in a trunk, segmentationId shall be present. \n        Otherwise it shall not be present.\nNOTE 4:\tDepending on the NFVI networking infrastructure, the segmentationId may indicate the \n        actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the \n        transport header of the packets or it may be an identifier used between the application \n        and the NFVI networking infrastructure to identify the network sub-interface of the trunk \n        port in question. In the latter case the NFVI infrastructure will map this local segmentationId \n        to whatever segmentationId is actually used by the NFVIΓÇÖs transport technology.\n",
-                          "type": "object",
-                          "anyOf": [
-                            {
-                              "required": [
-                                "macAddress"
-                              ]
-                            },
-                            {
-                              "required": [
-                                "ipAddresses"
-                              ]
-                            }
-                          ],
-                          "oneOf": [
-                            {
-                              "required": [
-                                "addresses"
-                              ]
-                            },
-                            {
-                              "required": [
-                                "addressRange"
-                              ]
-                            }
-                          ],
-                          "properties": {
-                            "macAddress": {
-                              "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
-                              "type": "string",
-                              "format": "MAC"
-                            },
-                            "segmentationId": {
-                              "description": "Identification of the network segment to which the Cp instance connects to. See notes 3 and 4.\n",
-                              "type": "string"
-                            },
-                            "ipAddresses": {
-                              "description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or  dynamic IP address assignment per subnet. See note 1.\n",
-                              "type": "array",
-                              "items": {
-                                "type": "object",
-                                "required": [
-                                  "type"
-                                ],
-                                "properties": {
-                                  "type": {
-                                    "description": "The type of the IP addresses. Permitted values: IPV4, IPV6.\n",
-                                    "type": "string",
-                                    "enum": [
-                                      "IPV4",
-                                      "IPV6"
-                                    ]
-                                  },
-                                  "addresses": {
-                                    "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
-                                    "type": "array",
-                                    "items": {
-                                      "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-                                      "type": "string",
-                                      "format": "IP"
-                                    }
-                                  },
-                                  "isDynamic": {
-                                    "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
-                                    "type": "boolean"
-                                  },
-                                  "addressRange": {
-                                    "description": "An IP address range used, e.g. in case of egress connections. See note 2.\n",
-                                    "type": "object",
-                                    "required": [
-                                      "minAddress",
-                                      "maxAddress"
-                                    ],
-                                    "properties": {
-                                      "minAddress": {
-                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-                                        "type": "string",
-                                        "format": "IP"
-                                      },
-                                      "maxAddress": {
-                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-                                        "type": "string",
-                                        "format": "IP"
-                                      }
-                                    }
-                                  },
-                                  "subnetId": {
-                                    "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
-                                    "type": "string"
-                                  }
-                                }
-                              }
-                            }
-                          }
-                        },
-                        "virtualCpAddress": {
-                          "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
-                          "type": "object",
-                          "required": [
-                            "type"
-                          ],
-                          "properties": {
-                            "type": {
-                              "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
-                              "type": "string",
-                              "enum": [
-                                "IPV4",
-                                "IPV6"
-                              ]
-                            },
-                            "loadBalancerIp": {
-                              "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-                              "type": "string",
-                              "format": "IP"
-                            },
-                            "addressPoolName": {
-                              "description": "Name of an address pool from which an IP address is assigned to the virtual CP.\n",
-                              "type": "string"
-                            }
-                          }
-                        }
-                      }
-                    }
-                  },
-                  "vnfLinkPortId": {
-                    "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                  "resourceId": {
+                    "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
                     "type": "string"
                   },
-                  "parentCpId": {
-                    "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                  "vimLevelResourceType": {
+                    "description": "Type of the resource in the scope of the VIM or the CISM or the resource provider. See note 2.\n",
                     "type": "string"
                   },
-                  "netAttDefResourceId": {
-                    "description": "Identifier of the ΓÇ£NetAttDefResourceInfoΓÇ¥ structure that provides the specification of the interface  to attach the connection point to a secondary container cluster network. See notes 5 and 6. It shall be present if the internal CP is associated to a VNFC realized by one or a set of OS  containers and is connected to a secondary container cluster network. It shall not be present otherwise.\n",
-                    "type": "array",
-                    "items": {
-                      "description": "An identifier with the intention of being globally unique.\n",
-                      "type": "string"
+                  "vimLevelAdditionalResourceInfo": {
+                    "description": "This type represents additional resource information which resource and resource type specific, and which is available from the VIM or the CISM or the resource provider.\n* NOTE: At least one attribute shall be present.\n",
+                    "type": "object",
+                    "properties": {
+                      "hostName": {
+                        "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the scope of the CISM and shall be absent otherwise. See note.\n",
+                        "type": "string"
+                      },
+                      "persistentVolume": {
+                        "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise. See note.\n",
+                        "type": "string"
+                      },
+                      "additionalInfo": {
+                        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                        "type": "object"
+                      }
                     }
                   },
-                  "metadata": {
-                    "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
-                    "type": "object"
+                  "containerNamespace": {
+                    "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed. This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise.\n",
+                    "type": "string"
                   }
                 }
+              },
+              "reservationId": {
+                "description": "An identifier with the intention of being globally unique.\n",
+                "type": "string"
+              },
+              "metadata": {
+                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                "type": "object"
               }
-            },
-            "metadata": {
-              "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
-              "type": "object"
             }
-          }
-        },
-        "vnfVirtualLinkResourceInfo": {
-          "description": "This type represents the information that allows addressing a virtualised resource that is used by an internal VL instance in a VNF instance. NOTE: If only the value or the presence of this attribute is changed in the \"VnfVirtualLinkResourceInfo\" \n      structure by an LCM operation occurrence, this does not represent a change that requires including a \n      related \"AffectedVirtualLink\" structure in the VNF LCM operation occurrence notifications or the \n      \"VnfLcmOpOcc\" structure related to this LCM operation occurrence.\n",
-          "type": "object",
-          "required": [
-            "id",
-            "vnfVirtualLinkDescId",
-            "networkResource",
-            "vnfLinkPorts"
-          ],
-          "properties": {
-            "id": {
-              "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-              "type": "string"
-            },
-            "vnfVirtualLinkDescId": {
-              "description": "An identifier that is unique within a VNF descriptor.\n",
-              "type": "string"
-            },
-            "vnfdId": {
-              "description": "An identifier with the intention of being globally unique.\n",
-              "type": "string"
-            },
-            "networkResource": {
+          },
+          "vnfcInfo": {
+            "description": "Information about the VNFC instances.\n",
+            "type": "array",
+            "items": {
+              "description": "This type represents the information about a VNFC instance that is part of a VNF instance. * NOTE:\tThis allows to represent the error condition that a VNFC instance has lost its resources.\n",
+              "type": "object",
               "required": [
-                "resourceId"
+                "id",
+                "vduId",
+                "vnfcState"
               ],
+              "properties": {
+                "id": {
+                  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                  "type": "string"
+                },
+                "vduId": {
+                  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                  "type": "string"
+                },
+                "vnfcResourceInfoId": {
+                  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                  "type": "string"
+                },
+                "vnfcState": {
+                  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                  "type": "string"
+                },
+                "vnfcConfigurableProperties": {
+                  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                  "type": "object"
+                }
+              }
+            }
+          },
+          "mcioInfo": {
+            "description": "Information on the MCIO(s) representing VNFC instance(s) realized by one or a set of OS containers and created from the same VDU for the VNF instance.\n",
+            "type": "array",
+            "items": {
+              "description": "This type provides information about an MCIO representing the set of VNFC instances realized by one  or a set of OS containers which have been created based on the same VDU. Within the CISM, an MCIO controller monitors the actual state of an MCIO representing the set of VNFC  instances realized by one or a set of OS containers and compare it to the desired state as specified  in the respective declarative descriptor. It triggers actions toward the CIS to align the actual to  the desired state. Monitoring the actual state includes monitoring the number of MCIO instances available  at any specific point in time. In addition, an MCIO controller maintains properties and runtime information  on the MCIO instances which have been created based on the same VDU. The McioInfo data structure provides the runtime information on the MCIOs obtained from the MCIO controller.\nNOTE: There are different types of MCIOs. The set of VNFC instances based on the same VDU is represented \n      by one MCIO, e.g. of type Deployment. Each individual VNFC instance is represented by another type \n      of MCIO, e.g. a POD.\n\nRuntime information of the set of OS containers realizing an individual VNFC instance is not part of the  McioInfo data structure; such runtime information is provided in the ResourceHandle data structure  referenced from the VnfcResourceInfo. The McioInfo does not provide runtime information of a constituent  VNFC instance created based on a specific VDU.\nNOTE 1: The type of MCIO as specified in the declarative descriptor of the MCIO, and that can be read from \n        the CISM. EXAMPLE: In case of MCIOs managed by Kubernetes®, the type of MCIO corresponds to the \n        “kind” property of the declarative descriptor.\nNOTE 2: If the attribute additionalInfo is present, it may contain runtime information on the actual and \n        desired state of the MCIO(s).   \nNOTE 3: When the container infrastructure service is a Kubernetes® instance, the mcioId is the combined \n        values from the kind and name fields of the Kubernetes resource object, separated by a slash. \n        Example: \"Deployment/abcd\". \nNOTE 4: When the container infrastructure service is a Kubernetes® instance, the mcioName is the name \n        field of the resource object.          \n",
               "type": "object",
-              "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The information about the VIM or CISM connection referenced by the VIM connection id is known to the\n          VNFM. Moreover, the identifier of the VIM connection provides scope to the resourceId.\n\n* NOTE 2: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. When the container\n          infrastructure service is a Kubernetes® instance the vimLevelResourceType is the type of resource, as would \n          correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, e.g.: Pod, \n          PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 3: When the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the \n          following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
+              "required": [
+                "mcioId",
+                "mcioName",
+                "mcioNamespace",
+                "vduId",
+                "cismId",
+                "mcioType",
+                "desiredInstances",
+                "availableInstances"
+              ],
               "properties": {
-                "vimConnectionId": {
+                "mcioId": {
                   "description": "An identifier with the intention of being globally unique.\n",
                   "type": "string"
                 },
-                "resourceProviderId": {
-                  "description": "An identifier with the intention of being globally unique.\n",
+                "mcioName": {
+                  "description": "Human readable name of this MCIO. See note 4.\n",
+                  "type": "string"
+                },
+                "mcioNamespace": {
+                  "description": "Namespace of this MCIO.\n",
                   "type": "string"
                 },
-                "resourceId": {
-                  "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                "vduId": {
+                  "description": "An identifier that is unique within a VNF descriptor.\n",
                   "type": "string"
                 },
-                "vimLevelResourceType": {
-                  "description": "Type of the resource in the scope of the VIM or the CISM or the resource provider. See note 2.\n",
+                "cismId": {
+                  "description": "An identifier with the intention of being globally unique.\n",
                   "type": "string"
                 },
-                "vimLevelAdditionalResourceInfo": {
-                  "description": "This type represents additional resource information which resource and resource type specific, and which is available from the VIM or the CISM or the resource provider.\n* NOTE: At least one attribute shall be present.\n",
-                  "type": "object",
-                  "properties": {
-                    "hostName": {
-                      "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the scope of the CISM and shall be absent otherwise. See note.\n",
-                      "type": "string"
-                    },
-                    "persistentVolume": {
-                      "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise. See note.\n",
-                      "type": "string"
-                    },
-                    "additionalInfo": {
-                      "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
-                      "type": "object"
-                    }
-                  }
+                "mcioType": {
+                  "description": "The type of MCIO. Specific values, their semantics and associated MCIO types are defined in clause  5.5.4.9. Additional values are also permitted. See note 1.\n",
+                  "type": "string",
+                  "enum": [
+                    "Deployment",
+                    "StatefulSet",
+                    "DaemonSet"
+                  ]
+                },
+                "desiredInstances": {
+                  "description": "Number of desired MCIO instances.\n",
+                  "type": "integer"
+                },
+                "availableInstances": {
+                  "description": "Number of available MCIO instances.\n",
+                  "type": "integer"
+                },
+                "additionalInfo": {
+                  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                  "type": "object"
                 },
-                "containerNamespace": {
-                  "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed. This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise.\n",
+                "certificateContentId": {
+                  "description": "An identifier with the intention of being globally unique.\n",
                   "type": "string"
                 }
               }
-            },
-            "reservationId": {
-              "description": "An identifier with the intention of being globally unique.\n",
-              "type": "string"
-            },
-            "vnfLinkPorts": {
-              "description": "Links ports of this VL. Shall be present when the linkPort is used for external connectivity by the VNF (refer to VnfLinkPortInfo). May be present otherwise.\n",
-              "type": "array",
-              "items": {
-                "description": "This type represents a link port of an internal VL of a VNF.\nNOTE 1: Either cpInstanceId with cpInstanceType set to \"EXT_CP\" or any combination of cpInstanceId\n        with cpInstanceType set to \"VNFC_CP\" and vipCpInstanceId (i.e. one or both of them) shall be \n        present for a VnfLinkPortInfo. In case both cpInstanceId with cpInstanceType set to \"VNFC_CP\" \n        and vipCpInstanceId are present, the two different CP instances share the linkport.\nNOTE 2: Annex A.4 of ETSI GS NFV-IFA 007 provides examples for configurations where both vipCpInstanceId\n        and vnfcCpInstanceId are present (UC#5 and UC#5-b), only vnfcCpInstanceId is present (UC#2), or \n        only vipCpInstanceId is present (UC6 and UC#6-b).\nNOTE 3: The value of \"trunkResourceId\" is scoped by the value of \"vimConnectionId\" in the \"resourceHandle\"\n        attribute.\n",
-                "type": "object",
-                "required": [
-                  "id",
-                  "resourceHandle"
-                ],
-                "properties": {
-                  "id": {
-                    "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-                    "type": "string"
-                  },
-                  "resourceHandle": {
-                    "required": [
-                      "resourceId"
-                    ],
-                    "type": "object",
-                    "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The information about the VIM or CISM connection referenced by the VIM connection id is known to the\n          VNFM. Moreover, the identifier of the VIM connection provides scope to the resourceId.\n\n* NOTE 2: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. When the container\n          infrastructure service is a Kubernetes® instance the vimLevelResourceType is the type of resource, as would \n          correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, e.g.: Pod, \n          PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 3: When the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the \n          following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
-                    "properties": {
-                      "vimConnectionId": {
-                        "description": "An identifier with the intention of being globally unique.\n",
-                        "type": "string"
-                      },
-                      "resourceProviderId": {
-                        "description": "An identifier with the intention of being globally unique.\n",
-                        "type": "string"
-                      },
-                      "resourceId": {
-                        "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
-                        "type": "string"
-                      },
-                      "vimLevelResourceType": {
-                        "description": "Type of the resource in the scope of the VIM or the CISM or the resource provider. See note 2.\n",
-                        "type": "string"
-                      },
-                      "vimLevelAdditionalResourceInfo": {
-                        "description": "This type represents additional resource information which resource and resource type specific, and which is available from the VIM or the CISM or the resource provider.\n* NOTE: At least one attribute shall be present.\n",
-                        "type": "object",
-                        "properties": {
-                          "hostName": {
-                            "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the scope of the CISM and shall be absent otherwise. See note.\n",
-                            "type": "string"
-                          },
-                          "persistentVolume": {
-                            "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise. See note.\n",
-                            "type": "string"
-                          },
-                          "additionalInfo": {
-                            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
-                            "type": "object"
-                          }
-                        }
-                      },
-                      "containerNamespace": {
-                        "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed. This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise.\n",
-                        "type": "string"
-                      }
-                    }
-                  },
-                  "cpInstanceId": {
-                    "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-                    "type": "string"
-                  },
-                  "cpInstanceType": {
-                    "description": "Type of the CP instance that is identified by cpInstanceId.  Shall be present if \"cpInstanceId\" is present and shall be absent otherwise.\nPermitted values: - VNFC_CP: The link port is connected to a VNFC CP. -\tEXT_CP: The link port is associated to an external CP. See note 1.\n",
-                    "type": "string",
-                    "enum": [
-                      "VNFC_CP",
-                      "EXT_CP"
-                    ]
-                  },
-                  "vipCpInstanceId": {
-                    "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-                    "type": "string"
-                  },
-                  "trunkResourceId": {
-                    "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
-                    "type": "string"
-                  }
-                }
-              }
-            },
-            "metadata": {
-              "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
-              "type": "object"
             }
-          }
-        },
-        "virtualStorageResourceInfo":{
-          "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance.\nNOTE: If only the value or the presence of this attribute is changed in the \"VirtualStorageResourceInfo\" structure by an LCM operation occurrence, this does not represent a change that requires  including a related \"AffectedVirtualStorage\" structure in the VNF LCM operation occurrence  notifications or the \"VnfLcmOpOcc\" structure related to this LCM operation occurrence.\n",
-          "type": "object",
-          "required": [
-            "id",
-            "virtualStorageDescId",
-            "storageResource"
-          ],
-          "properties": {
-            "id": {
-              "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-              "type": "string"
-            },
-            "virtualStorageDescId": {
-              "description": "An identifier that is unique within a VNF descriptor.\n",
-              "type": "string"
-            },
-            "vnfdId": {
-              "description": "An identifier with the intention of being globally unique.\n",
-              "type": "string"
-            },
-            "storageResource": {
+          },
+          "vnfPaasServiceInfo": {
+            "description": "Information on the PaaS Services assigned and used by the VNF instance.\n",
+            "type": "array",
+            "items": {
+              "description": "This type provides information about a PaaS Service that is used by a VNF instance. The PaasServiceInfo is comprised of various sets of information. Some information comes from the VNFD, other information comes from the PaaS Service assets provided by the NFVO to the VNFM, and other information is provided at runtime information about the usage of the PaaS Service.\n",
+              "type": "object",
               "required": [
-                "resourceId"
+                "id",
+                "paasServiceId",
+                "paasServiceType",
+                "paasServiceRequestId",
+                "paasServiceHandle"
               ],
-              "type": "object",
-              "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The information about the VIM or CISM connection referenced by the VIM connection id is known to the\n          VNFM. Moreover, the identifier of the VIM connection provides scope to the resourceId.\n\n* NOTE 2: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. When the container\n          infrastructure service is a Kubernetes® instance the vimLevelResourceType is the type of resource, as would \n          correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, e.g.: Pod, \n          PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 3: When the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the \n          following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
               "properties": {
-                "vimConnectionId": {
+                "id": {
                   "description": "An identifier with the intention of being globally unique.\n",
                   "type": "string"
                 },
-                "resourceProviderId": {
+                "paasServiceId": {
                   "description": "An identifier with the intention of being globally unique.\n",
                   "type": "string"
                 },
-                "resourceId": {
-                  "description": "An identifier maintained by the VIM  or the CISM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                "paasServiceType": {
+                  "description": "The type of PaaS Service. The value of this attribute is expected to be matched against values of the registered PaaS Services in the PSR.\n",
+                  "type": "string"
+                },
+                "paasServiceVersion": {
+                  "description": "A version.\n",
                   "type": "string"
                 },
-                "vimLevelResourceType": {
-                  "description": "Type of the resource in the scope of the VIM or the CISM or the resource provider. See note 2.\n",
+                "paasServiceRequestId": {
+                  "description": "An identifier that is unique within a VNF descriptor.\n",
                   "type": "string"
                 },
-                "vimLevelAdditionalResourceInfo": {
-                  "description": "This type represents additional resource information which resource and resource type specific, and which is available from the VIM or the CISM or the resource provider.\n* NOTE: At least one attribute shall be present.\n",
+                "paasServiceHandle": {
+                  "description": "This type provides information enabling the access and use of the PaaS Service by the  VNF instance. The type and format of the handle depends on the form that the PaaS Service is formed.\n",
                   "type": "object",
+                  "required": [
+                    "id"
+                  ],
                   "properties": {
-                    "hostName": {
-                      "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the scope of the CISM and shall be absent otherwise. See note.\n",
+                    "id": {
+                      "description": "An identifier with the intention of being globally unique.\n",
                       "type": "string"
                     },
-                    "persistentVolume": {
-                      "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise. See note.\n",
-                      "type": "string"
+                    "interfaceInfo": {
+                      "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                      "type": "object"
+                    },
+                    "accessInfo": {
+                      "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                      "type": "object"
                     },
-                    "additionalInfo": {
+                    "extra": {
                       "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
                       "type": "object"
                     }
                   }
                 },
-                "containerNamespace": {
-                  "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed. This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise.\n",
-                  "type": "string"
+                "additionalInfo": {
+                  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                  "type": "object"
                 }
               }
-            },
-            "reservationId": {
-              "description": "An identifier with the intention of being globally unique.\n",
-              "type": "string"
-            },
-            "metadata": {
-              "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
-              "type": "object"
             }
           }
-        },
-        "vnfcInfo": {
-          "description": "Information about the VNFC instances.\n",
-          "type": "array",
-          "items": {
-            "description": "This type represents the information about a VNFC instance that is part of a VNF instance. * NOTE:\tThis allows to represent the error condition that a VNFC instance has lost its resources.\n",
+        }
+      },
+      "metadata": {
+        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+        "type": "object"
+      },
+      "extensions": {
+        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+        "type": "object"
+      },
+      "_links": {
+        "description": "Links to resources related to this resource.\n",
+        "type": "object",
+        "required": [
+          "self"
+        ],
+        "properties": {
+          "self": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
             "type": "object",
             "required": [
-              "id",
-              "vduId",
-              "vnfcState"
+              "href"
             ],
             "properties": {
-              "id": {
-                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-                "type": "string"
-              },
-              "vduId": {
-                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-                "type": "string"
-              },
-              "vnfcResourceInfoId": {
-                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-                "type": "string"
-              },
-              "vnfcState": {
-                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
                 "type": "string"
-              },
-              "vnfcConfigurableProperties": {
-                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
-                "type": "object"
               }
             }
-          }
-        },
-        "mcioInfo": {
-          "description": "Information on the MCIO(s) representing VNFC instance(s) realized by one or a set of OS containers and created from the same VDU for the VNF instance.\n",
-          "type": "array",
-          "items": {
-            "description": "This type provides information about an MCIO representing the set of VNFC instances realized by one  or a set of OS containers which have been created based on the same VDU. Within the CISM, an MCIO controller monitors the actual state of an MCIO representing the set of VNFC  instances realized by one or a set of OS containers and compare it to the desired state as specified  in the respective declarative descriptor. It triggers actions toward the CIS to align the actual to  the desired state. Monitoring the actual state includes monitoring the number of MCIO instances available  at any specific point in time. In addition, an MCIO controller maintains properties and runtime information  on the MCIO instances which have been created based on the same VDU. The McioInfo data structure provides the runtime information on the MCIOs obtained from the MCIO controller.\nNOTE: There are different types of MCIOs. The set of VNFC instances based on the same VDU is represented \n      by one MCIO, e.g. of type Deployment. Each individual VNFC instance is represented by another type \n      of MCIO, e.g. a POD.\n\nRuntime information of the set of OS containers realizing an individual VNFC instance is not part of the  McioInfo data structure; such runtime information is provided in the ResourceHandle data structure  referenced from the VnfcResourceInfo. The McioInfo does not provide runtime information of a constituent  VNFC instance created based on a specific VDU.\nNOTE 1: The type of MCIO as specified in the declarative descriptor of the MCIO, and that can be read from \n        the CISM. EXAMPLE: In case of MCIOs managed by Kubernetes®, the type of MCIO corresponds to the \n        “kind” property of the declarative descriptor.\nNOTE 2: If the attribute additionalInfo is present, it may contain runtime information on the actual and \n        desired state of the MCIO(s).   \nNOTE 3: When the container infrastructure service is a Kubernetes® instance, the mcioId is the combined \n        values from the kind and name fields of the Kubernetes resource object, separated by a slash. \n        Example: \"Deployment/abcd\". \nNOTE 4: When the container infrastructure service is a Kubernetes® instance, the mcioName is the name \n        field of the resource object.          \n",
+          },
+          "indicators": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
             "type": "object",
             "required": [
-              "mcioId",
-              "mcioName",
-              "mcioNamespace",
-              "vduId",
-              "cismId",
-              "mcioType",
-              "desiredInstances",
-              "availableInstances"
+              "href"
             ],
             "properties": {
-              "mcioId": {
-                "description": "An identifier with the intention of being globally unique.\n",
-                "type": "string"
-              },
-              "mcioName": {
-                "description": "Human readable name of this MCIO. See note 4.\n",
-                "type": "string"
-              },
-              "mcioNamespace": {
-                "description": "Namespace of this MCIO.\n",
-                "type": "string"
-              },
-              "vduId": {
-                "description": "An identifier that is unique within a VNF descriptor.\n",
-                "type": "string"
-              },
-              "cismId": {
-                "description": "An identifier with the intention of being globally unique.\n",
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
                 "type": "string"
-              },
-              "mcioType": {
-                "description": "The type of MCIO. Specific values, their semantics and associated MCIO types are defined in clause  5.5.4.9. Additional values are also permitted. See note 1.\n",
-                "type": "string",
-                "enum": [
-                  "Deployment",
-                  "StatefulSet"
-                ]
-              },
-              "desiredInstances": {
-                "description": "Number of desired MCIO instances.\n",
-                "type": "integer"
-              },
-              "availableInstances": {
-                "description": "Number of available MCIO instances.\n",
-                "type": "integer"
-              },
-              "additionalInfo": {
-                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
-                "type": "object"
               }
             }
-          }
-        }
-      }
-    },
-    "metadata": {
-      "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
-      "type": "object"
-    },
-    "extensions": {
-      "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
-      "type": "object"
-    },
-    "_links": {
-      "description": "Links to resources related to this resource.\n",
-      "type": "object",
-      "required": [
-        "self"
-      ],
-      "properties": {
-        "self": {
-          "description": "This type represents a link to a resource using an absolute URI.\n",
-          "type": "object",
-          "required": [
-            "href"
-          ],
-          "properties": {
-            "href": {
-              "description": "String formatted according to IETF RFC 3986.\n",
-              "type": "string"
-            }
-          }
-        },
-        "indicators": {
-          "description": "This type represents a link to a resource using an absolute URI.\n",
-          "type": "object",
-          "required": [
-            "href"
-          ],
-          "properties": {
-            "href": {
-              "description": "String formatted according to IETF RFC 3986.\n",
-              "type": "string"
-            }
-          }
-        },
-        "instantiate": {
-          "description": "This type represents a link to a resource using an absolute URI.\n",
-          "type": "object",
-          "required": [
-            "href"
-          ],
-          "properties": {
-            "href": {
-              "description": "String formatted according to IETF RFC 3986.\n",
-              "type": "string"
+          },
+          "instantiate": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
             }
-          }
-        },
-        "terminate": {
-          "description": "This type represents a link to a resource using an absolute URI.\n",
-          "type": "object",
-          "required": [
-            "href"
-          ],
-          "properties": {
-            "href": {
-              "description": "String formatted according to IETF RFC 3986.\n",
-              "type": "string"
+          },
+          "terminate": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
             }
-          }
-        },
-        "scale": {
-          "description": "This type represents a link to a resource using an absolute URI.\n",
-          "type": "object",
-          "required": [
-            "href"
-          ],
-          "properties": {
-            "href": {
-              "description": "String formatted according to IETF RFC 3986.\n",
-              "type": "string"
+          },
+          "scale": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
             }
-          }
-        },
-        "scaleToLevel": {
-          "description": "This type represents a link to a resource using an absolute URI.\n",
-          "type": "object",
-          "required": [
-            "href"
-          ],
-          "properties": {
-            "href": {
-              "description": "String formatted according to IETF RFC 3986.\n",
-              "type": "string"
+          },
+          "scaleToLevel": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
             }
-          }
-        },
-        "changeFlavour": {
-          "description": "This type represents a link to a resource using an absolute URI.\n",
-          "type": "object",
-          "required": [
-            "href"
-          ],
-          "properties": {
-            "href": {
-              "description": "String formatted according to IETF RFC 3986.\n",
-              "type": "string"
+          },
+          "changeFlavour": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
             }
-          }
-        },
-        "heal": {
-          "description": "This type represents a link to a resource using an absolute URI.\n",
-          "type": "object",
-          "required": [
-            "href"
-          ],
-          "properties": {
-            "href": {
-              "description": "String formatted according to IETF RFC 3986.\n",
-              "type": "string"
+          },
+          "heal": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
             }
-          }
-        },
-        "operate": {
-          "description": "This type represents a link to a resource using an absolute URI.\n",
-          "type": "object",
-          "required": [
-            "href"
-          ],
-          "properties": {
-            "href": {
-              "description": "String formatted according to IETF RFC 3986.\n",
-              "type": "string"
+          },
+          "operate": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
             }
-          }
-        },
-        "changeExtConn": {
-          "description": "This type represents a link to a resource using an absolute URI.\n",
-          "type": "object",
-          "required": [
-            "href"
-          ],
-          "properties": {
-            "href": {
-              "description": "String formatted according to IETF RFC 3986.\n",
-              "type": "string"
+          },
+          "changeExtConn": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
             }
-          }
-        },
-        "createSnapshot": {
-          "description": "This type represents a link to a resource using an absolute URI.\n",
-          "type": "object",
-          "required": [
-            "href"
-          ],
-          "properties": {
-            "href": {
-              "description": "String formatted according to IETF RFC 3986.\n",
-              "type": "string"
+          },
+          "createSnapshot": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
             }
-          }
-        },
-        "revertToSnapshot": {
-          "description": "This type represents a link to a resource using an absolute URI.\n",
-          "type": "object",
-          "required": [
-            "href"
-          ],
-          "properties": {
-            "href": {
-              "description": "String formatted according to IETF RFC 3986.\n",
-              "type": "string"
+          },
+          "revertToSnapshot": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
             }
-          }
-        },
-        "changeCurrentVnfPkg": {
-          "description": "This type represents a link to a resource using an absolute URI.\n",
-          "type": "object",
-          "required": [
-            "href"
-          ],
-          "properties": {
-            "href": {
-              "description": "String formatted according to IETF RFC 3986.\n",
-              "type": "string"
+          },
+          "changeCurrentVnfPkg": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
             }
           }
         }
       }
     }
   }
-}
 }
\ No newline at end of file
diff --git a/SOL002/VNFLifecycleManagement-API/schemas/vnfLcmOpOcc.schema.json b/SOL002/VNFLifecycleManagement-API/schemas/vnfLcmOpOcc.schema.json
index 465863abff367dd7997d6904d67699b68eb92561..6601f1e57cc0def183ec401ec45950d6cb92ea66 100644
--- a/SOL002/VNFLifecycleManagement-API/schemas/vnfLcmOpOcc.schema.json
+++ b/SOL002/VNFLifecycleManagement-API/schemas/vnfLcmOpOcc.schema.json
@@ -21,7 +21,8 @@
     "vnfInstanceId",
     "operation",
     "isAutomaticInvocation",
-    "isCancelPending"
+    "isCancelPending",
+    "_links"
   ],
   "properties": {
     "id": {
diff --git a/SOL002/VNFLifecycleManagement-API/schemas/vnfLcmOpOccs.schema.json b/SOL002/VNFLifecycleManagement-API/schemas/vnfLcmOpOccs.schema.json
index 197ffe0469f2cdeab98a1a28da65532ba4b94920..2cdb3d918d70b8b46b58675cab44b73fc523d43b 100644
--- a/SOL002/VNFLifecycleManagement-API/schemas/vnfLcmOpOccs.schema.json
+++ b/SOL002/VNFLifecycleManagement-API/schemas/vnfLcmOpOccs.schema.json
@@ -23,7 +23,8 @@
 			"vnfInstanceId",
 			"operation",
 			"isAutomaticInvocation",
-			"isCancelPending"
+			"isCancelPending",
+			"_links"
 		],
 		"properties": {
 			"id": {
diff --git a/SOL002/VNFPerformanceManagement-API/IndividualPmJob.robot b/SOL002/VNFPerformanceManagement-API/IndividualPmJob.robot
index d02951365b798aa08277dc4d84b79909d8069a21..411d03f7b0685787060ab6b4de8cdea63763b3cd 100644
--- a/SOL002/VNFPerformanceManagement-API/IndividualPmJob.robot
+++ b/SOL002/VNFPerformanceManagement-API/IndividualPmJob.robot
@@ -1,6 +1,7 @@
 *** Settings ***
 Library     JSONSchemaLibrary    schemas/
 Resource    environment/variables.txt    # Generic Parameters
+Resource    VNFPerformanceManagementKeywords.robot
 Library     JSONLibrary
 Library     REST    ${VNFM_SCHEMA}://${VNFM_HOST}:${VNFM_PORT}    ssl_verify=false
 Library     OperatingSystem
@@ -13,7 +14,7 @@ GET individual VNF Performance Job
     ...    Test title: Get individual VNF Performance Job
     ...    Test objective: The objective is to test the retrieval of an individual VNF performance monitoring job and perform a JSON schema and content validation of the collected job data structure
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNFM.
-    ...    Reference: Clause 6.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -28,7 +29,7 @@ GET individual VNF Performance Job with invalid resource identifier
     ...    Test title: Get individual VNF Performance Job with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of an individual VNF performance monitoring job fails when using an invalid resource identifier, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNFM.
-    ...    Reference: Clause 6.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.3.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -41,7 +42,7 @@ DELETE Individual VNF Performance Job
     ...    Test title: Delete Individual VNF Performance Job
     ...    Test objective: The objective is to test the deletion of an individual VNF performance monitoring job
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNFM.
-    ...    Reference: Clause 6.4.3.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.3.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: The VNF Performance Job is no more available in the VNFM    
@@ -54,7 +55,7 @@ DELETE Individual VNF Performance Job with invalid resource identifier
     ...    Test title: Delete individual VNF Performance Job with invalid resource identifier
     ...    Test objective: The objective is to test that the deletion of an individual VNF performance monitoring job fails when using an invalid resource identifier, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNFM.
-    ...    Reference: Clause 6.4.3.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.3.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -67,7 +68,7 @@ POST Individual VNF Performance Job - Method not implemented
     ...    Test title: POST Individual VNF Performance Job - method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new VNF Performance Monitoring Job
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.3.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.3.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -79,7 +80,7 @@ PUT Individual VNF Performance Job - Method not implemented
     ...    Test title: PUT Individual VNF Performance Job - method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to update an existing VNF Performance Monitoring Job
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.3.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.3.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -91,7 +92,7 @@ PATCH Individual VNF Performance Job
     ...    Test title: PATCH Individual VNF Performance Job
     ...    Test objective: The objective is to test that PATCH method allows to modify an exsisting individual PM job resource.
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNFM.
-    ...    Reference: Clause 6.4.3.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.3.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -105,7 +106,7 @@ PATCH Individual VNF Performance Job - Precondition failed
     ...    Test title: PATCH Individual VNF Performance Job - Precondition failed
     ...    Test objective: The objective is to attempt to Modify an individual alarm resource, where the precondition was not met
     ...    Pre-conditions:  A VNF instance is instantiated. One or more VNF performance jobs are set in the VNFM.
-    ...    Reference: Clause 6.4.3.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.3.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions:  The VNF Performance Job is not modified by the operation
@@ -119,18 +120,43 @@ PATCH Individual VNF Performance Job - UNPROCESSABLE CONTENT
     ...    Test title: PATCH Individual VNF Performance Job - UNPROCESSABLE CONTENT
     ...    Test objective: The objective is to test that PATCH method cannot modify an exsisting individual PM job resource when the callback URI provided in the Request body is unreachable by the VNFM.
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNFM.
-    ...    Reference: Clause 6.4.3.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.3.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: The VNFM cannot reach the Notification endpoint.
     ...    Post-Conditions: none
     Send Patch request for individual VNF Performance Job with Unreachable Callback URI
     Check HTTP Response Status Code Is    422
     Check HTTP Response Body Json Schema Is    ProblemDetails
+DELETE Individual VNF Performance Job with permitted authorization scope
+    [Documentation]    Test ID: 6.3.3.2.10
+    ...    Test title: Delete Individual VNF Performance Job with permitted authorization scope
+    ...    Test objective: The objective is to test the deletion of an individual VNF performance monitoring job with permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNFM.
+    ...    Reference: Clause 6.4.3.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: The VNF Performance Job is no more available in the VNFM    
+    Send Delete request for individual VNF Performance Job with permitted authorization scope
+    Check HTTP Response Status Code Is    204
+    Check Postcondition VNF Pm Job is Deleted
+DELETE Individual VNF Performance Job with NOT permitted authorization scope
+    [Documentation]    Test ID: 6.3.3.2.11
+    ...    Test title: Delete Individual VNF Performance Job with NOT permitted authorization scope
+    ...    Test objective: The objective is to test the deletion of an individual VNF performance monitoring job with NOT permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNFM.
+    ...    Reference: Clause 6.4.3.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: The VNF Performance Job is no more available in the VNFM    
+    Send Delete request for individual VNF Performance Job with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is   ProblemDetails
 
 *** Keywords ***
 GET individual VNF Performance Job
     Log    Trying to get a Pm Job present in the NFVO Catalogue
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs/${pmJobId}
     ${output}=    Output    response
@@ -139,6 +165,7 @@ GET individual VNF Performance Job
 GET individual VNF Performance Job with invalid resource identifier  
     Log    Trying to perform a negative get, using erroneous PM Job identifier
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs/${erroneousPmJobId}
     ${output}=    Output    response
@@ -147,6 +174,7 @@ GET individual VNF Performance Job with invalid resource identifier
 Send Delete request for individual VNF Performance Job
     Log    Trying to delete an existing PM Job
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     DELETE    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs/${pmJobId}
     ${output}=    Output    response
@@ -155,6 +183,7 @@ Send Delete request for individual VNF Performance Job
 Send Delete request for individual VNF Performance Job with invalid resource identifier
     Log    Trying to perform a negative delete, using erroneous PM Job identifier
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     DELETE    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs/${erroneousPmJobId}
     ${output}=    Output    response
@@ -163,6 +192,7 @@ Send Delete request for individual VNF Performance Job with invalid resource ide
 Send Post request for individual VNF Performance Job    
     Log    Trying to perform a POST (method should not be implemented)
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     POST    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs/${newPmJobId}
     ${output}=    Output    response
@@ -171,6 +201,7 @@ Send Post request for individual VNF Performance Job
 Send Put request for individual VNF Performance Job    
     Log    Trying to perform a POST (method should not be implemented)
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs/${pmJobId}
     ${origOutput}=    Output    response
@@ -180,7 +211,9 @@ Send Put request for individual VNF Performance Job
     Set Suite Variable    ${response}    ${output}
     
 Send Patch request for individual VNF Performance Job    
-    Set Headers  {"Accept":"${ACCEPT_JSON}"} 
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Set Headers  {"Content-Type": "${CONTENT_TYPE_PATCH}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File    jsons/PMJobModification.json
@@ -190,7 +223,9 @@ Send Patch request for individual VNF Performance Job
     Set Suite Variable    ${response}    ${output}
 
 Send Patch request for individual VNF Performance Job with Unreachable Callback URI    
-    Set Headers  {"Accept":"${ACCEPT_JSON}"} 
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Set Headers  {"Content-Type": "${CONTENT_TYPE_PATCH}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File    jsons/PMJobModification.json
diff --git a/SOL002/VNFPerformanceManagement-API/IndividualReport.robot b/SOL002/VNFPerformanceManagement-API/IndividualReport.robot
index f5c8ccb2c27d08d5ade9b84b92905f7d0b03d483..dded85442606b55d4c65765ffe418cb34f14b705 100644
--- a/SOL002/VNFPerformanceManagement-API/IndividualReport.robot
+++ b/SOL002/VNFPerformanceManagement-API/IndividualReport.robot
@@ -1,6 +1,7 @@
 *** Settings ***
 Library           JSONSchemaLibrary    schemas/
 Resource          environment/variables.txt    # Generic Parameters
+Resource          VNFPerformanceManagementKeywords.robot
 Library           JSONLibrary
 Library           REST    ${VNFM_SCHEMA}://${VNFM_HOST}:${VNFM_PORT}    ssl_verify=false
 
@@ -10,7 +11,7 @@ Get Individual Performance Report
     ...    Test title: Get Individual Performance Report
     ...    Test objective: The objective is to test the retrieval of an individual VNF performance report associated to a monitoring job and perform a JSON schema validation of the collected report data structure
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance reports are set for a monitoring job in the VNFM.
-    ...    Reference: Clause 6.4.4.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.4.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -23,7 +24,7 @@ Get Individual Performance Report with invalid resource endpoint
     ...    Test title: Get Individual Performance Report with invalid resource endpoint
     ...    Test objective:  The objective is to test that the retrieval of an individual VNF performance report associated to a monitoring job fails when using an invalid resource endpoint 
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance reports are set for a monitoring job in the VNFM.
-    ...    Reference: Clause 6.4.4.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.4.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -36,7 +37,7 @@ POST Individual Performance Report - Method not implemented
     ...    Test title: POST Individual Performance Report - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new VNF performance report within a monitoring job
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.4.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.4.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -48,7 +49,7 @@ PUT Individual Performance Report - Method not implemented
     ...    Test title: PUT Individual Performance Report - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to update an existing VNF performance report within a monitoring job
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.4.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.4.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -60,7 +61,7 @@ PATCH Individual Performance Report - Method not implemented
     ...    Test title: PATCH Individual Performance Report - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to modify an existing VNF performance report within a monitoring job
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.4.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.4.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -72,17 +73,42 @@ DELETE Individual Performance Report - Method not implemented
     ...    Test title: DELETE Individual Performance Report - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete an existing VNF performance report within a monitoring job
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.4.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.4.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
     Send Delete request for Individual Performance Report
     Check HTTP Response Status Code Is    405
+Get Individual Performance Report with permitted authorization scope
+    [Documentation]    Test ID: 6.3.3.3.7
+    ...    Test title: Get Individual Performance Report with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of an individual VNF performance report associated to a monitoring job and perform a JSON schema validation of the collected report data structure with permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance reports are set for a monitoring job in the VNFM.
+    ...    Reference: Clause 6.4.4.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Individual Performance Report with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   PerformanceReport
+Get Individual Performance Report with NOT permitted authorization scope
+    [Documentation]    Test ID: 6.3.3.3.8
+    ...    Test title: Get Individual Performance Report with NOT permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of an individual VNF performance report associated to a monitoring job and perform a JSON schema validation of the collected report data structure with NOT permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance reports are set for a monitoring job in the VNFM.
+    ...    Reference: Clause 6.4.4.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Individual Performance Report with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is   ProblemDetails
 
 *** Keywords ***
 Get Individual Performance Report
     Log    Trying to get a performance report present in the VNFM
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs/${pmJobId}/reports/${reportId}
     ${output}=    Output    response
@@ -91,6 +117,7 @@ Get Individual Performance Report
 Get Individual Performance Report with invalid resource endpoint
     Log    Trying to get a performance report with invalid resource endpoint
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs/${pmJobId}/reports/${erroneousReportId}
     ${output}=    Output    response
@@ -137,6 +164,7 @@ Check Postcondition VNF Individual Performance Report Exists
 Check Postcondition VNF Individual Performance Report is not Created
     Log    Trying to get a new report
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs/${pmJobId}/reports/${newReportId}
     ${output}=    Output    response
diff --git a/SOL002/VNFPerformanceManagement-API/IndividualThreshold.robot b/SOL002/VNFPerformanceManagement-API/IndividualThreshold.robot
index 2f4a25f48a3df7d1e6bd361014360575276a2f57..252516ad2d5345463eee1bb7316f620261330d7a 100644
--- a/SOL002/VNFPerformanceManagement-API/IndividualThreshold.robot
+++ b/SOL002/VNFPerformanceManagement-API/IndividualThreshold.robot
@@ -1,6 +1,7 @@
 *** Settings ***
 Library           JSONSchemaLibrary    schemas/
 Resource          environment/variables.txt    # Generic Parameters
+Resource          VNFPerformanceManagementKeywords.robot
 Library           JSONLibrary
 Library           REST    ${VNFM_SCHEMA}://${VNFM_HOST}:${VNFM_PORT}    ssl_verify=false
 Library           OperatingSystem
@@ -12,7 +13,7 @@ GET Individual Threshold
     ...    Test title: GET Individual Threshold
     ...    Test objective: The objective is to test the retrieval of an individual VNF performance threshold and perform a JSON schema and content validation of the collected threshold data structure
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
-    ...    Reference: Clause 6.4.6.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.6.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -27,7 +28,7 @@ GET Individual Threshold with invalid resource identifier
     ...    Test title: GET Individual Threshold with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of an individual VNF performance threshold fails when using an invalid resource identifier
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNFM.
-    ...    Reference: Clause 6.4.6.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.6.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -40,7 +41,7 @@ DELETE Individual Threshold
     ...    Test title: DELETE Individual Threshold
     ...    Test objective: The objective is to test the deletion of an individual VNF performance threshold
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
-    ...    Reference: Clause 6.4.6.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.6.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: The VNF Performance Threshold is not available anymore in the VNFM    
@@ -53,7 +54,7 @@ DELETE Individual Threshold with invalid resource identifier
     ...    Test title: DELETE Individual Threshold with invalid resource identifier
     ...    Test objective: The objective is to test the deletion of an individual VNF performance threshold
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
-    ...    Reference: Clause 6.4.6.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.6.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -66,7 +67,7 @@ POST Individual Threshold - Method not implemented
     ...    Test title: POST Individual Threshold - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new VNF Performance Threshold
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.6.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.6.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: The VNF Performance Threshold is not created on the VNFM
@@ -78,7 +79,7 @@ PUT Individual Threshold - Method not implemented
     ...    Test title: PUT Individual Threshold - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to update an existing VNF Performance threshold
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.6.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.6.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -90,7 +91,7 @@ PATCH Individual Threshold
     ...    Test title: PATCH Individual Threshold 
     ...    Test objective: The objective is to test that PATCH method allows to modify an Individual threshold resource.
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
-    ...    Reference: Clause 6.4.6.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.6.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: The VNF Performance Threshold is not modified by the operation
@@ -104,7 +105,7 @@ PATCH Individual Threshold - Precondition failed
     ...    Test title: PATCH Individual Threshold - Preconition failed
     ...    Test objective: The objective is to attempt to modify an individual threshold resource, where the precondition was not met.
     ...    Pre-conditions:  A VNF instance is instantiated. One or more VNF performance jobs are set in the VNFM.
-    ...    Reference: Clause 6.4.6.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.6.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions:  The VNF Performance Job is not modified by the operation
@@ -118,7 +119,7 @@ PATCH Individual Threshold - UNPROCESSABLE CONTENT
     ...    Test title: PATCH Individual Threshold - UNPROCESSABLE CONTENT
     ...    Test objective: The objective is to test that PATCH method cannot modify an exsisting individual PM job resource when the callback URI provided in the Request body is unreachable by the VNFM.
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
-    ...    Reference: Clause 6.4.6.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.6.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: The VNFM cannot reach the Notification endpoint.
     ...    Post-Conditions: The VNF Performance Threshold is not modified by the operation
@@ -126,11 +127,38 @@ PATCH Individual Threshold - UNPROCESSABLE CONTENT
     Check HTTP Response Status Code Is    422
     Check HTTP Response Body Json Schema Is    ProblemDetails
     Check Postcondition VNF Performance Threshold is Unmodified (Implicit)
+GET Individual Threshold with permitted authorization scope
+    [Documentation]    Test ID: 6.3.3.5.10
+    ...    Test title: GET Individual Threshold with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of an individual VNF performance threshold and perform a JSON schema and content validation of the collected threshold data structure with permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
+    ...    Reference: Clause 6.4.6.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual VNF Performance Threshold with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Header Contains ETag and Last-Modified
+    Check HTTP Response Body Json Schema Is   Threshold
+    Check HTTP Response Body Threshold Identifier matches the requested Threshold
+GET Individual Threshold with NOT permitted authorization scope
+    [Documentation]    Test ID: 6.3.3.5.11
+    ...    Test title: GET Individual Threshold with NOT permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of an individual VNF performance threshold and perform a JSON schema and content validation of the collected threshold data structure with not permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
+    ...    Reference: Clause 6.4.6.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual VNF Performance Threshold with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is   ProblemDetails
 
 *** Keywords ***
 GET Individual VNF Performance Threshold
     Log    Trying to get a Threhsold present in the VNFM
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/thresholds/${thresholdId}
     ${output}=    Output    response
@@ -139,6 +167,7 @@ GET Individual VNF Performance Threshold
 GET individual VNF Performance Threshold with invalid resource identifier
     Log    Trying to get a Threhsold with invalid resource endpoint
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/thresholds/${erroneousThresholdId}
     ${output}=    Output    response
@@ -168,13 +197,15 @@ Send Post request for individual VNF Performance Threshold
 Send Put request for individual VNF Performance Threshold
     Log    Trying to perform a PUT. This method should not be supported.
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     PUT    ${apiRoot}/${apiName}/${apiMajorVersion}/thresholds/${thresholdId}
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
     
 Send Patch request for individual VNF Performance Threshold
-    Set Headers  {"Accept":"${ACCEPT_JSON}"} 
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Set Headers  {"Content-Type": "${CONTENT_TYPE_PATCH}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/thresholds/${thresholdId}
@@ -187,7 +218,8 @@ Send Patch request for individual VNF Performance Threshold
     Set Suite Variable    ${response}    ${output}
 
 Send Patch request for individual VNF Performance Threshold with Unreachable Callback URI    
-    Set Headers  {"Accept":"${ACCEPT_JSON}"} 
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Set Headers  {"Content-Type": "${CONTENT_TYPE_PATCH}"} 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/thresholds/${thresholdId}
diff --git a/SOL002/VNFPerformanceManagement-API/NotificationEndpoint.robot b/SOL002/VNFPerformanceManagement-API/NotificationEndpoint.robot
index 64f9d32c7c874a8f7136fec5e41d055b7a7e7432..fb266385b0ed6f741262513756962418232891dd 100644
--- a/SOL002/VNFPerformanceManagement-API/NotificationEndpoint.robot
+++ b/SOL002/VNFPerformanceManagement-API/NotificationEndpoint.robot
@@ -13,7 +13,7 @@ VNF Performance Information Availability Notification
     ...    Test title: VNF Performance Information Availability Notification
     ...    Test objective: The objective is to test that VNF Performance Information Availability Notification is delivered with success to the notification consumer
     ...    Pre-conditions: A VNF performance job is created, and a subscription for information availability notifications is available in the VNFM.
-    ...    Reference: Clause 6.4.9.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.9.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -25,7 +25,7 @@ VNF Threshold Crossed Notification
     ...    Test title: VNF Threshold Crossed Notification
     ...    Test objective: The objective is to test that VNF Threshold Crossed Notification is delivered with success to the notification consumer
     ...    Pre-conditions: A VNF performance job is created, and a subscription for Threshold Crossed Notification is available in the VNFM.
-    ...    Reference: Clause 6.4.9.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.9.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -34,7 +34,9 @@ VNF Threshold Crossed Notification
     
 *** Keywords ***
 Check resource existence and get CallbackUri
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
+    Set Headers    {"Version": "${API_VERSION}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs/${pmJobId}	
@@ -50,7 +52,8 @@ Check HTTP Response Status Code Is
     
 Post VNF Performance Information Availability Notification
     log    Trying to perform a POST to get notification
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template} =    Get File    jsons/PerformanceInformationAvaliableNotification.json
@@ -61,7 +64,8 @@ Post VNF Performance Information Availability Notification
 
 Post VNF Threshold Crossed Notification
     log    Trying to perform a POST to get notification
-    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"} 
     Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template} =    Get File    jsons/ThresholdCrossedNotification.json
diff --git a/SOL002/VNFPerformanceManagement-API/Notifications.robot b/SOL002/VNFPerformanceManagement-API/Notifications.robot
index ea973feef5f810e243ddd2c0de9c8c038ab3547c..a34c4bb2e57a1812da1753e428b1923b42810e92 100644
--- a/SOL002/VNFPerformanceManagement-API/Notifications.robot
+++ b/SOL002/VNFPerformanceManagement-API/Notifications.robot
@@ -17,7 +17,7 @@ VNF Performance Information Availability Notification
     ...    Test title: VNF Performance Information Availability Notification
     ...    Test objective: The objective is to test the dispatch of VNF Performance Information Availability Notification when new VNF performance information is available in the NFVO, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A VNF performance job is created, and a subscription for information availability notifications is available in the VNFM.
-    ...    Reference: Clause 6.4.9.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.9.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -30,7 +30,7 @@ VNF Threshold Crossed Notification
     ...    Test title: VNF Threshold Crossed Notification
     ...    Test objective: The objective is to test the dispatch of VNF Threshold Crossed Notification when a previously set VNF performance metric threshold is crossed, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A VNF performance job is created, and a threshold subscription is available in the VNFM.
-    ...    Reference: Clause 6.4.9.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.9.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL002/VNFPerformanceManagement-API/PMJobs.robot b/SOL002/VNFPerformanceManagement-API/PMJobs.robot
index 044df0cca398520cb22171ea8d2a4c7aa25d22ca..7022751742e556e0279d6527f707fd06d537385a 100644
--- a/SOL002/VNFPerformanceManagement-API/PMJobs.robot
+++ b/SOL002/VNFPerformanceManagement-API/PMJobs.robot
@@ -1,6 +1,7 @@
 *** Settings ***
 Library           JSONSchemaLibrary    schemas/
 Resource          environment/variables.txt    # Generic Parameters
+Resource          VNFPerformanceManagementKeywords.robot
 Library           JSONLibrary
 Library           OperatingSystem
 Library           String
@@ -12,7 +13,7 @@ GET all VNF Performance Monitoring Jobs
     ...    Test title: GET all VNF Performance Monitoring Jobs
     ...    Test objective: The objective is to test the retrieval of all the available VNF performance monitoring jobs and perform a JSON schema and content validation of the collected jobs data structure
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
-    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -25,7 +26,7 @@ GET VNF Performance Monitoring Jobs with attribute-based filter
     ...    Test title: GET all VNF Performance Monitoring Jobs with attribute-based filter
     ...    Test objective: The objective is to test the retrieval of VNF performance monitoring jobs using attribute-based filter, perform a JSON schema validation of the collected jobs data structure, and verify that the retrieved information matches the issued attribute-based filter
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
-    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -39,7 +40,7 @@ GET all VNF Performance Monitoring Jobs with all_fields attribute selector
     ...    Test title: GET all VNF Performance Monitoring Jobs with all_fields attribute selector
     ...    Test objective: The objective is to test the retrieval of all VNF performance monitoring jobs all_fields attribute selector, perform a JSON schema validation of the collected jobs data structure, and verify that the retrieved information matches the issued all_fileds selector
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
-    ...    Reference: Clause 4.3.3.2.1, 6.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 4.3.3.2.1, 6.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -53,7 +54,7 @@ GET all VNF Performance Monitoring Jobs with exclude_default attribute selector
     ...    Test title: GET all VNF Performance Monitoring Jobs with exclude_default attribute selector
     ...    Test objective: The objective is to test the retrieval of all VNF performance monitoring jobs exclude_default attribute selector, perform a JSON schema validation of the collected jobs data structure, and verify that the retrieved information matches the issued exclude_default selector
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
-    ...    Reference: Clause 4.3.3.2.1, 6.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 4.3.3.2.1, 6.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -67,7 +68,7 @@ GET all VNF Performance Monitoring Jobs with fields attribute selector
     ...    Test title: GET all VNF Performance Monitoring Jobs with fields attribute selector
     ...    Test objective: The objective is to test the retrieval of all VNF performance monitoring jobs fields attribute selector, perform a JSON schema validation of the collected jobs data structure, and verify that the retrieved information matches the issued fields selector
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
-    ...    Reference: Clause 4.3.3.2.1, 6.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 4.3.3.2.1, 6.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: The VNFM supports the use of exclude_fields attribute selector
     ...    Post-Conditions: none
@@ -81,7 +82,7 @@ GET all VNF Performance Monitoring Jobs with exclude_fields attribute selector
     ...    Test title: GET all VNF Performance Monitoring Jobs with exclude_fields attribute selector
     ...    Test objective: The objective is to test the retrieval of all VNF performance monitoring jobs exclude_fields attribute selector, perform a JSON schema validation of the collected jobs data structure, and verify that the retrieved information matches the issued exclude_fields selector
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
-    ...    Reference: Clause 4.3.3.2.1, 6.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 4.3.3.2.1, 6.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: The VNFM supports the use of exclude_fields attribute selector
     ...    Post-Conditions: none
@@ -95,7 +96,7 @@ GET VNF Performance Monitoring Jobs with invalid attribute-based filter
     ...    Test title: GET VNF Performance Monitoring Jobs with invalid attribute-based filter
     ...    Test objective: The objective is to test that the retrieval of VNF performance monitoring jobs fails when using invalid attribute-based filter, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
-    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -108,7 +109,7 @@ GET VNF Performance Monitoring Jobs with invalid resource endpoint
     ...    Test title: GET VNF Performance Monitoring Jobs with invalid resource endpoint
     ...    Test objective: The objective is to test that the retrieval of VNF performance monitoring jobs fails when using invalid resource endpoint, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
-    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -121,7 +122,7 @@ POST Create new VNF Performance Monitoring Job - SUCCESSFUL
     ...    Test title:  POST Create a new VNF Performance Monitoring Job - SUCCESSFUL
     ...    Test objective: The objective is to test that the POST method creates a new VNF performance monitoring job and perform the JSON schema validation of the returned job data structure
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
-    ...    Reference: Clause 6.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: The VNF Performance Job is successfully created on the VNFM
@@ -135,7 +136,7 @@ PUT all VNF Performance Monitoring Jobs - Method not implemented
     ...    Test title: PUT all VNF Performance Monitoring Jobs - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify VNF Performance Monitoring Jobs
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.2.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.2.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -147,7 +148,7 @@ PATCH all VNF Performance Monitoring Jobs - Method not implemented
     ...    Test title: PATCH all VNF Performance Monitoring Jobs - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update VNF Performance Monitoring Jobs
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.2.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.2.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -159,7 +160,7 @@ DELETE all VNF Performance Monitoring Jobs - Method not implemented
     ...    Test title: DELETE all VNF Performance Monitoring Jobs - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to update VNF Performance Monitoring Jobs
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.2.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.2.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -171,7 +172,7 @@ GET VNF Performance Monitoring Jobs to get Paged Response
     ...    Test title: GET VNF Performance Monitoring Jobs to get Paged Response
     ...    Test objective: The objective is to test the retrieval of VNF performance monitoring jobs to get Paged response.
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
-    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -184,7 +185,7 @@ GET VNF Performance Monitoring Jobs for Bad Request Response too big
     ...    Test title: GET VNF Performance Monitoring Jobs for Bad Request Response too big
     ...    Test objective: The objective is to test that GET method fail retrieving status information about VNF Performance Monitoring when Response is too big, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
-    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -197,7 +198,7 @@ GET all VNF Performance Monitoring Jobs with exclude_default and fields attribut
     ...    Test title: GET all VNF Performance Monitoring Jobs with exclude_default and fields attribute selector
     ...    Test objective: The objective is to test the retrieval of all VNF performance monitoring jobs with exclude_default and fields attribute selector, perform a JSON schema validation of the collected jobs data structure, and verify that the retrieved information matches the issued exclude_default selector
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
-    ...    Reference: Clause 4.3.3.2.1, 6.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 4.3.3.2.1, 6.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -210,18 +211,43 @@ POST Create new VNF Performance Monitoring Job - UNPROCESSABLE CONTENT
     ...    Test title:  POST Create a new VNF Performance Monitoring Job - UNPROCESSABLE CONTENT
     ...    Test objective: The objective is to test that the POST method cannot create a new VNF performance monitoring job when the callback URI provided in the Request body is unreachable by the VNFM.
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
-    ...    Reference: Clause 6.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: The VNFM cannot reach the Notification endpoint.
     ...    Post-Conditions: none
     Send Post Request Create new VNF Performance Monitoring Job with Unreachable Callback URI
     Check HTTP Response Status Code Is    422
     Check HTTP Response Body Json Schema Is   ProblemDetails
-    
+GET all VNF Performance Monitoring Jobs with permitted authorization scope
+    [Documentation]    Test ID: 6.3.3.1.17
+    ...    Test title: GET all VNF Performance Monitoring Jobs with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of all the available VNF performance monitoring jobs and perform a JSON schema and content validation of the collected jobs data structure with permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
+    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET all VNF Performance Monitoring Jobs with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   PmJobs
+GET all VNF Performance Monitoring Jobs with NOT permitted authorization scope
+    [Documentation]    Test ID: 6.3.3.1.18
+    ...    Test title: GET all VNF Performance Monitoring Jobs with not permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of all the available VNF performance monitoring jobs and perform a JSON schema and content validation of the collected jobs data structure with not permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
+    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET all VNF Performance Monitoring Jobs with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is   ProblemDetails
+
 *** Keywords ***
 GET all VNF Performance Monitoring Jobs
     Log    Trying to get all PM Jobs present in the VNFM
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs
     ${output}=    Output    response
@@ -230,6 +256,7 @@ GET all VNF Performance Monitoring Jobs
 GET VNF Performance Monitoring Jobs with attribute-based filter
     Log    Trying to get all PM Jobs present in the VNFM, using filter params
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs?${POS_FILTER}
     ${output}=    Output    response
@@ -238,6 +265,7 @@ GET VNF Performance Monitoring Jobs with attribute-based filter
 GET VNF Performance Monitoring Jobs with all_fields attribute selector
     Log    Trying to get all PM Jobs present in the VNFM, using 'all_fields' filter
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs?all_fields
     ${output}=    Output    response
@@ -246,6 +274,7 @@ GET VNF Performance Monitoring Jobs with all_fields attribute selector
 GET VNF Performance Monitoring Jobs with exclude_default attribute selector
     Log    Trying to get all VNF Packages present in the VNFM, using filter params
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs?exclude_default
     ${output}=    Output    response
@@ -255,6 +284,7 @@ GET VNF Performance Monitoring Jobs with fields attribute selector
     Log    Trying to get all VNF Packages present in the VNFM, using filter params
     Pass Execution If    ${FIELD_USAGE} == 0    Skipping test as VNFM is not supporting 'fields'
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs?fields=${fields}
     ${output}=    Output    response
@@ -263,6 +293,7 @@ GET VNF Performance Monitoring Jobs with fields attribute selector
 GET VNF Performance Monitoring Jobs with exclude_default and fields attribute selector
     Log    Trying to get all VNF Packages present in the VNFM, using filter params
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs?fields=${fields}&exclude_default
     ${output}=    Output    response
@@ -272,6 +303,7 @@ GET VNF Performance Monitoring Jobs with exclude_fields attribute selector
     Log    Trying to get all VNF Packages present in the VNFM, using filter params
     Pass Execution If    ${FIELD_USAGE} == 0    Skipping test as VNFM is not supporting 'fields'
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs?fields=${fields}
     ${output}=    Output    response
@@ -280,6 +312,7 @@ GET VNF Performance Monitoring Jobs with exclude_fields attribute selector
 GET VNF Performance Monitoring Jobs with invalid attribute-based filter
     Log    Trying to get all PM Jobs present in the VNFM, using an erroneous filter param
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs?${NEG_FILTER}
     ${output}=    Output    response
@@ -288,6 +321,7 @@ GET VNF Performance Monitoring Jobs with invalid attribute-based filter
 GET VNF Performance Monitoring Jobs with invalid resource endpoint    
     Log    Trying to perform a GET on a erroneous URI
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_job    # wrong URI /pm_job instead of /pm_jobs
     ${output}=    Output    response
@@ -296,6 +330,7 @@ GET VNF Performance Monitoring Jobs with invalid resource endpoint
 Send Post Request Create new VNF Performance Monitoring Job
     Log    Creating a new PM Job
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File    jsons/CreatePmJobRequest.json
@@ -307,6 +342,7 @@ Send Post Request Create new VNF Performance Monitoring Job
 Send Post Request Create new VNF Performance Monitoring Job with Unreachable Callback URI
     Log    Creating a new PM Job
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template}=    Get File    jsons/CreatePmJobRequest.json
@@ -318,6 +354,7 @@ Send Post Request Create new VNF Performance Monitoring Job with Unreachable Cal
 Send PUT Request for all VNF Performance Monitoring Jobs 
     Log    Trying to perform a PUT. This method should not be implemented
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     PUT    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs
     ${output}=    Output    response
@@ -326,6 +363,7 @@ Send PUT Request for all VNF Performance Monitoring Jobs
 Send PATCH Request for all VNF Performance Monitoring Jobs 
     Log    Trying to perform a PUT. This method should not be implemented
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     PATCH    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs
     ${output}=    Output    response
@@ -334,6 +372,7 @@ Send PATCH Request for all VNF Performance Monitoring Jobs
 Send DELETE Request for all VNF Performance Monitoring Jobs 
     Log    Trying to perform a PUT. This method should not be implemented
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     PATCH    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs
     ${output}=    Output    response
@@ -342,6 +381,7 @@ Send DELETE Request for all VNF Performance Monitoring Jobs
 Check Postcondition PmJob Exists
     Log    Checking that Pm Job exists
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs/${response['body']['id']}
     ${output}=    Output    response
diff --git a/SOL002/VNFPerformanceManagement-API/Thresholds.robot b/SOL002/VNFPerformanceManagement-API/Thresholds.robot
index cd718e26fc369723320d77e43d314e3b401f65ad..35acea2c34b3fcf78a2adb88bba46252d3c16a9b 100644
--- a/SOL002/VNFPerformanceManagement-API/Thresholds.robot
+++ b/SOL002/VNFPerformanceManagement-API/Thresholds.robot
@@ -1,6 +1,7 @@
 *** Settings ***
 Library           JSONSchemaLibrary    schemas/
 Resource          environment/variables.txt    # Generic Parameters
+Resource    VNFPerformanceManagementKeywords.robot
 Library           JSONLibrary
 Library           String
 Library           REST    ${VNFM_SCHEMA}://${VNFM_HOST}:${VNFM_PORT}    ssl_verify=false
@@ -12,7 +13,7 @@ GET All Performance Thresholds
     ...    Test title: GET All Performance Thresholds
     ...    Test objective: The objective is to test the retrieval of all the available VNF performance thresholds and perform a JSON schema validation of the collected thresholds data structure
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
-    ...    Reference: Clause 6.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -25,7 +26,7 @@ GET Performance Thresholds with attribute-based filter
     ...    Test title: GET Performance Thresholds with attribute-based filter
     ...    Test objective: The objective is to test the retrieval of all the available VNF performance thresholds when using attribute-based filters, perform a JSON schema validation of the collected thresholds data structure, and verify that the retrieved information matches the issued attribute-based filter
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
-    ...    Reference: Clause 6.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -39,7 +40,7 @@ GET Performance Thresholds with invalid attribute-based filter
     ...    Test title: GET Performance Thresholds with invalid attribute-based filter
     ...    Test objective: The objective is to test that the retrieval of VNF performance thresholds fails when using invalid attribute-based filter, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
-    ...    Reference: Clause 6.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -52,7 +53,7 @@ GET Performance Thresholds with invalid resource endpoint
     ...    Test title: GET Performance Thresholds with invalid resource endpoint
     ...    Test objective: The objective is to test that the retrieval of VNF performance thresholds fails when using invalid resource endpoint, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
-    ...    Reference: Clause 6.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -65,7 +66,7 @@ POST Create new Performance Threshold
     ...    Test title:  POST Create new Performance Threshold
     ...    Test objective: The objective is to test that the POST method creates a new VNF performance threshold and perform the JSON schema validation of the returned threshold data structure
     ...    Pre-conditions: A VNF instance is instantiated.
-    ...    Reference: Clause 6.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: The VNF Performance Threshold is successfully created on the VNFM
@@ -80,7 +81,7 @@ PUT Performance Thresholds - Method not implemented
     ...    Test title: PUT Performance Thresholds - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify VNF Performance Thresholds
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.5.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.5.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -92,7 +93,7 @@ PATCH Performance Thresholds - Method not implemented
     ...    Test title: PATCH Performance Thresholds - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to modify VNF Performance Thresholds
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.5.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.5.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -104,7 +105,7 @@ DELETE Performance Thresholds - Method not implemented
     ...    Test title: DELETE Performance Thresholds - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to update VNF Performance Thresholds
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.5.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.5.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -116,7 +117,7 @@ GET Performance Thresholds with Paged Response
     ...    Test title: GET Performance Thresholds with Paged Response
     ...    Test objective: The objective is to test the retrieval of all the available VNF performance thresholds with Paged response
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
-    ...    Reference: Clause 6.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -129,7 +130,7 @@ GET Performance Thresholds for Bad Request Response too big
     ...    Test title: GET Performance Thresholds for Bad Request Response too big
     ...    Test objective: The objective is to test that the retrieval of VNF performance thresholds fails when response is too big, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
-    ...    Reference: Clause 6.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.5.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -142,19 +143,46 @@ POST Create new Performance Threshold - UNPROCESSABLE CONTENT
     ...    Test title:  POST Create new Performance Threshold - UNPROCESSABLE CONTENT
     ...    Test objective: The objective is to test that the POST method does not create a new VNF performance threshold when the callback URI provided in the Request body is unreachable by the VNFM.
     ...    Pre-conditions: A VNF instance is instantiated.
-    ...    Reference: Clause 6.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1
+    ...    Reference: Clause 6.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: The VNFM cannot reach the Notification endpoint.
     ...    Post-Conditions: none
     Send Post Request Create new Performance Threshold with Unreachable Callback URI
     Check HTTP Response Status Code Is    422
     Check HTTP Response Body Json Schema Is    ProblemDetails
+POST Create new Performance Threshold with permitted authorization scope
+    [Documentation]    Test ID: 6.3.3.4.12
+    ...    Test title:  POST Create new Performance Threshold with permitted authorization scope
+    ...    Test objective: The objective is to test that the POST method creates a new VNF performance threshold and perform the JSON schema validation of the returned threshold data structure when the authorization scope is permitted
+    ...    Pre-conditions: A VNF instance is instantiated.
+    ...    Reference: Clause 6.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: The VNF Performance Threshold is successfully created on the VNFM
+    Send Post Request Create new Performance Threshold with permitted authorization scope
+    Check HTTP Response Status Code Is    201
+    Check HTTP Response Body Json Schema Is   Threshold
+    Check HTTP Response Header Contains    Location
+    Check Postcondition Threshold Exists
+POST Create new Performance Threshold with NOT permitted authorization scope
+    [Documentation]    Test ID: 6.3.3.4.13
+    ...    Test title:  POST Create new Performance Threshold with permitted authorization scope
+    ...    Test objective: The objective is to test that the POST method creates a new VNF performance threshold and perform the JSON schema validation of the returned threshold data structure when the authorization scope is not permitted
+    ...    Pre-conditions: A VNF instance is instantiated.
+    ...    Reference: Clause 6.4.5.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: The VNF Performance Threshold is successfully created on the VNFM
+    Send Post Request Create new Performance Threshold with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is   ProblemDetails
 
     
 *** Keywords ***
 GET all Performance Thresholds
     Log    Trying to get all thresholds present in the VNFM    
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/thresholds
     ${output}=    Output    response
@@ -163,6 +191,7 @@ GET all Performance Thresholds
 GET Performance Thresholds with attribute-based filter
     Log    Trying to get thresholds present in the VNFM with filter
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/thresholds?${FILTER_OK}
     ${output}=    Output    response
@@ -171,6 +200,7 @@ GET Performance Thresholds with attribute-based filter
 GET Performance Thresholds with invalid attribute-based filter
     Log    Trying to get thresholds present in the VNFM with invalid filter
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/thresholds?${FILTER_KO}
     ${output}=    Output    response
@@ -179,6 +209,7 @@ GET Performance Thresholds with invalid attribute-based filter
 GET VNF Performance Thresholds with invalid resource endpoint
     Log    Trying to get thresholds present in the VNFM with invalid resource endpoint
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/threshold
     ${output}=    Output    response
@@ -188,6 +219,7 @@ Send Post Request Create new Performance Threshold
     Log    Creating a new THreshold
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
     ${template}=    Get File    jsons/CreateThresholdRequest.json
     ${body}=        Format String   ${template}     objectInstanceIds=${objectInstanceIds}    callback_uri=${callback_uri}:${callback_port}
@@ -199,6 +231,7 @@ Send Post Request Create new Performance Threshold with Unreachable Callback URI
     Log    Creating a new THreshold
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
     ${template}=    Get File    jsons/CreateThresholdRequest.json
     ${body}=        Format String   ${template}     objectInstanceIds=${objectInstanceIds}    callback_uri=${unreachable_callback_uri}:${callback_port}
@@ -210,6 +243,7 @@ Send PUT Request for all Performance Thresholds
     Log    PUT THresholds
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
     PUT    ${apiRoot}/${apiName}/${apiMajorVersion}/thresholds
     ${output}=    Output    response
@@ -219,6 +253,7 @@ Send PATCH Request for all Performance Thresholds
     Log    PUT THresholds
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
     PATCH    ${apiRoot}/${apiName}/${apiMajorVersion}/thresholds
     ${output}=    Output    response
@@ -234,6 +269,7 @@ Send DELETE Request for all Performance Thresholds
 Check Postcondition Threshold Exists
     Log    Checking that Threshold exists
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/thresholds/${response['body']['id']}
     ${output}=    Output    response
diff --git a/SOL002/VNFPerformanceManagement-API/VNFPerformanceManagementKeywords.robot b/SOL002/VNFPerformanceManagement-API/VNFPerformanceManagementKeywords.robot
index 8651f5c8edc68ec3fd674690e33e1601bf286f8d..b4097348f3cd294fe103004a0e8ad6fa9674f9dc 100644
--- a/SOL002/VNFPerformanceManagement-API/VNFPerformanceManagementKeywords.robot
+++ b/SOL002/VNFPerformanceManagement-API/VNFPerformanceManagementKeywords.robot
@@ -10,6 +10,7 @@ Library    JSONLibrary
 Library    Collections
 Library    JSONSchemaLibrary    schemas/
 Library    Process    
+Library    jwt
 
 *** Keywords ***
 
@@ -246,6 +247,7 @@ Check Postcondition VNF Performance Subscription is Unmodified (Implicit)
 Check Postcondition VNF Performance Subscription is not Created
     Log    Trying to get a new subscription
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${newSubscriptionId}
     ${output}=    Output    response
@@ -296,6 +298,7 @@ Check HTTP Response Body PmSubscription Attributes Values Match the Issued Subsc
 Check Postcondition VNF Performance Subscription Is Set
     Log    Check Postcondition subscription exist
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${response['body']['id']}
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
@@ -352,3 +355,121 @@ Check Notification Endpoint
 Check LINK in Header
     ${linkURL}=    Get Value From Json    ${response['headers']}    $..Link
     Should Not Be Empty    ${linkURL}
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded}
+GET all VNF Performance Monitoring Jobs with permitted authorization scope
+    Log    Trying to get all PM Jobs present in the VNFM with permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${PM_JOBS_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+GET all VNF Performance Monitoring Jobs with not permitted authorization scope
+    Log    Trying to get all PM Jobs present in the VNFM with not permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+Send Delete request for individual VNF Performance Job with permitted authorization scope
+    Log    Trying to delete an existing PM Job with permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${PM_JOBS_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    DELETE    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs/${pmJobId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+Send Delete request for individual VNF Performance Job with not permitted authorization scope
+    Log    Trying to delete an existing PM Job with not permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    DELETE    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs/${pmJobId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+Get Individual Performance Report with permitted authorization scope
+    Log    Trying to get a performance report present in the VNFM with permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${PM_JOBS_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs/${pmJobId}/reports/${reportId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+Get Individual Performance Report with not permitted authorization scope
+    Log    Trying to get a performance report present in the VNFM with not permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs/${pmJobId}/reports/${reportId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+Send Post Request Create new Performance Threshold with permitted authorization scope
+    Log    Creating a new THreshold with permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${THRESHOLDS_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/CreateThresholdRequest.json
+    ${body}=        Format String   ${template}     objectInstanceIds=${objectInstanceIds}    callback_uri=${callback_uri}:${callback_port}
+    POST    ${apiRoot}/${apiName}/${apiMajorVersion}/thresholds    ${body}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+Send Post Request Create new Performance Threshold with not permitted authorization scope
+    Log    Creating a new THreshold with not permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/CreateThresholdRequest.json
+    ${body}=        Format String   ${template}     objectInstanceIds=${objectInstanceIds}    callback_uri=${callback_uri}:${callback_port}
+    POST    ${apiRoot}/${apiName}/${apiMajorVersion}/thresholds    ${body}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+GET Individual VNF Performance Threshold with permitted authorization scope
+    Log    Trying to get a Threhsold present in the VNFM with permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${THRESHOLDS_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/thresholds/${thresholdId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+GET Individual VNF Performance Threshold with not permitted authorization scope
+    Log    Trying to get a Threhsold present in the VNFM with not permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Version": "${API_VERSION}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/thresholds/${thresholdId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
\ No newline at end of file
diff --git a/SOL002/VNFPerformanceManagement-API/environment/variables.txt b/SOL002/VNFPerformanceManagement-API/environment/variables.txt
index 927b59b9ba51b41e781bb8415b9b753db8eafd93..e641301df0fc257e485eb873289e23161c63d4ce 100644
--- a/SOL002/VNFPerformanceManagement-API/environment/variables.txt
+++ b/SOL002/VNFPerformanceManagement-API/environment/variables.txt
@@ -16,6 +16,12 @@ ${AUTHORIZATION_HEADER}    Authorization
 ${AUTHORIZATION_TOKEN}    Bearer 0b79bab50daca910b000d4f1a2b675d604257e42
 ${AUTH_USAGE}    1
 
+${PM_JOBS_SCOPE}    vnfpm:v1:pm_jobs
+${THRESHOLDS_SCOPE}   vnfpm:v1:thresholds
+${NEG_SCOPE}    vnfpm:v1:invalid
+${OAUTH_Encryption_ALGORITHM}   HS256
+${API_VERSION}      2.12.0
+
 ${HEADER_TEST_SUPPORTED}    0
 
 ${VNFM_CHECKS_NOTIF_ENDPOINT}    1
diff --git a/SOL003/VNFFaultManagement-API/Alarms.robot b/SOL003/VNFFaultManagement-API/Alarms.robot
index f9c057c78d3a82e91d531b388a83dd394136d49f..eb41dc3f8a62148bd4ccd0b17ed43ffc863c4b9d 100644
--- a/SOL003/VNFFaultManagement-API/Alarms.robot
+++ b/SOL003/VNFFaultManagement-API/Alarms.robot
@@ -13,7 +13,7 @@ POST Alarms - Method not implemented
     ...    Test title: POST Alarms - Method not implemented 
     ...    Test objective: The objective is to test that Post method is not allowed to create Fault management alarms on VNF 
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions:  none
@@ -25,7 +25,7 @@ Get information about multiple alarms
     ...    Test title: Get information about multiple alarms
     ...    Test objective: The objective is to retrieve information about the alarm list and perform a JSON schema and content validation of the returned alarms data structure
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -38,7 +38,7 @@ Get information about multiple alarms with filter
     ...    Test title: Get information about multiple alarms with filter
     ...    Test objective: The objective is to retrieve information about the alarm list and perform a JSON schema and content validation of the returned alarms data structure, and verify that the retrieved information matches the issued attribute-based filters 
     ...    Pre-conditions: none 
-    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -51,7 +51,7 @@ Get information about multiple alarms Bad Request Invalid attribute-based filter
     ...    Test title:  Get information about multiple alarms Bad Request Invalid attribute-based filtering parameters
     ...    Test objective: The objective is to try to retrieve information about the alarm list with invalid filters and perform a JSON schema and content validation of the returned problem details data structure
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -109,7 +109,7 @@ PUT Alarms - Method not implemented
     ...    Test title: PUT Alarms - Method not implemented 
     ...    Test objective: The objective is to test that PUT method is not allowed to for Fault management alarms on VNF 
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.2.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.2.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions:  none
@@ -121,7 +121,7 @@ PATCH Alarms - Method not implemented
     ...    Test title: PATCH Alarms - Method not implemented 
     ...    Test objective: The objective is to test that PATCH method is not allowed to for Fault management alarms on VNF 
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.2.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.2.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions:  none
@@ -133,7 +133,7 @@ DELETE Alarms - Method not implemented
     ...    Test title: POST Alarms - Method not implemented 
     ...    Test objective: The objective is to test that DELETE method is not allowed for Fault management alarms on VNF 
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.2.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.2.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions:  none
@@ -145,7 +145,7 @@ Get information about multiple alarms as a Paged Response
     ...    Test title: Get information about multiple alarms as a Paged Response
     ...    Test objective: The objective is to retrieve information about the alarm list as a Paged Response
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: The VNFM supports response paging for the VNF alarm resources
     ...    Post-Conditions: none
@@ -158,7 +158,7 @@ GET information about multiple alarms as a Paged Response with nextpage_opauque_
     ...    Test title: GET information about multiple alarms as a Paged Response with nextpage_opauque_marker parameter  
     ...    Test objective: The objective is to query information about multiple alarms as a Paged Response and retrieve the next page using the nextpage_opaque_marker parameter
     ...    Pre-conditions: A request for retrieving multiple alarms as a paged response has been successfully issued (Test ID 7.3.5.1.12)
-    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: The VNFM supports response paging for the VNF alarm resources
     ...    Post-Conditions: none 
@@ -171,14 +171,40 @@ Get information about multiple alarms - Bad Request Response too Big
     ...    Test title:  Get information about multiple alarms - Bad Request Response too Big
     ...    Test objective: The objective is to try to retrieve information about the alarm list because response is too big and perform a JSON schema and content validation of the returned problem details data structure
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
     GET Fault Management Alarms
     Check HTTP Response Status Code Is    400
     Check HTTP Response Body Json Schema Is    ProblemDetails
-    
+
+Get information about multiple alarms with permitted authorization scope 
+    [Documentation]    Test ID: 7.3.5.1.14
+    ...    Test title: Get information about multiple alarms with permitted authorization scope 
+    ...    Test objective: The objective is to retrieve information about the alarm list and perform a JSON schema and content validation of the returned alarms data structure with permitted authorization scope 
+    ...    Pre-conditions: none
+    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Fault Management Alarms with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    Alarms
+
+Get information about multiple alarms with not permitted authorization scope 
+    [Documentation]    Test ID: 7.3.5.1.15
+    ...    Test title: Get information about multiple alarms with not permitted authorization scope 
+    ...    Test objective: The objective is to retrieve information about the alarm list and perform a JSON schema and content validation of the returned alarms data structure with not permitted authorization scope 
+    ...    Pre-conditions: none
+    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Fault Management Alarms with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
+
 *** Keywords ***
 Void
     Log    do nothing
diff --git a/SOL003/VNFFaultManagement-API/FaultManagement-APIKeyword.robot b/SOL003/VNFFaultManagement-API/FaultManagement-APIKeyword.robot
index 5fae4b6bb83155fb34dba38b7327930b4b54cd27..ad5fcde0c0fe9bf0f4088c576f401df987bf6021 100644
--- a/SOL003/VNFFaultManagement-API/FaultManagement-APIKeyword.robot
+++ b/SOL003/VNFFaultManagement-API/FaultManagement-APIKeyword.robot
@@ -14,7 +14,7 @@ Library    Process
 Create Sessions
     Start Process  java  -jar  ${MOCK_SERVER_JAR}  -serverPort  ${callback_port}  alias=mockInstance
     Wait For Process  handle=mockInstance  timeout=5s  on_timeout=continue
-    Create Mock Session  ${callback_uri}:${callback_port} 
+    Create Mock Session  ${callback_uri}:${callback_port}
     
 Check created Subscription existence
     Set Headers    {"Accept":"${ACCEPT}"}
@@ -201,7 +201,29 @@ Send POST request for fault management Individual Alarm
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms/${alarmId}
     ${outputResponse}=    Output    response 
     Set Global Variable    ${response}    ${outputResponse}
-    
+
+GET Fault Management Alarms with permitted authorization scope 
+    Log    Query NFVO The GET method queries information about multiple alarms with permitted authorization scope .
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    ${scopeValue}=    Create Dictionary    scopeValue=${ALARMS_READONLY_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Execute Query
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+
+GET Fault Management Alarms with not permitted authorization scope 
+    Log    Query NFVO The GET method queries information about multiple alarms with not permitted authorization scope .
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    ${scopeValue}=    Create Dictionary    scopeValue=${ALARMS_READONLY_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Execute Query
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+
 DELETE Fault Management Individual Alarm
     log    Trying to perform a DELETE. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
@@ -247,6 +269,30 @@ PATCH Fault Management Individual Alarm
     Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms/${alarmId}    ${body}
     ${outputResponse}=    Output    response
     Set Global Variable    ${response}    ${outputResponse}
+
+PATCH Fault Management Individual Alarm with permitted authorization scope
+    log    Trying to perform a PATCH. This method modifies an individual alarm resource with permitted authorization scope
+    Set Headers  {"Accept":"${ACCEPT}"} 
+    Set Headers  {"Content-Type": "${CONTENT_TYPE_PATCH}"} 
+    ${scopeValue}=    Create Dictionary    scopeValue=${ALARMS_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${body}=    Get File    jsons/alarmModifications.json
+    Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms/${alarmId}    ${body}
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+
+PATCH Fault Management Individual Alarm with not permitted authorization scope
+    log    Trying to perform a PATCH. This method modifies an individual alarm resource with not permitted authorization scope
+    Set Headers  {"Accept":"${ACCEPT}"} 
+    Set Headers  {"Content-Type": "${CONTENT_TYPE_PATCH}"} 
+    ${scopeValue}=    Create Dictionary    scopeValue=${ALARMS_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${body}=    Get File    jsons/alarmModifications.json
+    Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms/${alarmId}    ${body}
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
     
 PATCH Fault Management Individual Alarm - Etag mismatch
     log    Trying to perform a PATCH. This method modifies an individual alarm resource
@@ -326,6 +372,46 @@ Send POST Request for duplicated subscription not permitted
 	Verify Mock Expectation   ${notification_request}
 	Clear Requests    ${callback_endpoint}
 
+POST Subscription with permitted authorization scope
+    Log    Create subscription instance by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions with permitted authorization scope
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${ALARMS_SUBSCRIPTIONS_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/fmSubscriptionRequest.json
+    ${body}=        Format String   ${template}    vnfdIds=${vnfdIds}      callback_uri=${callback_uri}:${callback_port}    callback_endpoint=${callback_endpoint}
+    Log  Creating mock request and response to handle GET operation on notification endpoint
+    &{notification_request}=  Create Mock Request Matcher	GET  ${callback_endpoint}
+    &{notification_response}=  Create Mock Response	status_code=204
+    Log    Issue the subscription request
+    Create Mock Expectation  ${notification_request}  ${notification_response}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions    ${body}    allow_redirects=false
+	${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+	Verify Mock Expectation   ${notification_request}
+	Clear Requests    ${callback_endpoint}
+
+POST Subscription with not permitted authorization scope
+    Log    Create subscription instance by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions with not permitted authorization scope
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${ALARMS_SUBSCRIPTIONS_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/fmSubscriptionRequest.json
+    ${body}=        Format String   ${template}    vnfdIds=${vnfdIds}      callback_uri=${callback_uri}:${callback_port}    callback_endpoint=${callback_endpoint}
+    Log  Creating mock request and response to handle GET operation on notification endpoint
+    &{notification_request}=  Create Mock Request Matcher	GET  ${callback_endpoint}
+    &{notification_response}=  Create Mock Response	status_code=204
+    Log    Issue the subscription request
+    Create Mock Expectation  ${notification_request}  ${notification_response}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions    ${body}    allow_redirects=false
+	${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+	Verify Mock Expectation   ${notification_request}
+	Clear Requests    ${callback_endpoint}
+
 GET Subscriptions
     Log    Get the list of active subscriptions
     Set Headers    {"Accept": "${ACCEPT}"}
@@ -415,7 +501,27 @@ GET Individual Subscription
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
     ${outputResponse}=    Output    response
-    Set Global Variable    ${response}    ${outputResponse}   
+    Set Global Variable    ${response}    ${outputResponse}
+
+GET Individual Subscription with permitted authorization scope
+    log    Trying to get information about an individual subscription with permitted authorization scope
+    Set Headers    {"Accept":"${ACCEPT}"}  
+    ${scopeValue}=    Create Dictionary    scopeValue=${ALARMS_SUBSCRIPTIONS_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+
+GET Individual Subscription with not permitted authorization scope 
+    log    Trying to get information about an individual subscription with not permitted authorization scope 
+    Set Headers    {"Accept":"${ACCEPT}"}  
+    ${scopeValue}=    Create Dictionary    scopeValue=${ALARMS_SUBSCRIPTIONS_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}  
     
 PUT Individual Subscription
     log    Trying to perform a PUT. This method should not be implemented
@@ -527,3 +633,8 @@ Check PostCondition HTTP Response Body Subscriptions Matches the requested attri
     FOR   ${item}   IN  ${response['body']}
         Should Be Equal As Strings    ${item['filter']['probableCauses']}   ${probableCause}
     END
+
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded}
\ No newline at end of file
diff --git a/SOL003/VNFFaultManagement-API/IndividualAlarm.robot b/SOL003/VNFFaultManagement-API/IndividualAlarm.robot
index 7e0d123e10e2d3494a401d44068cff8eb4b5354d..cd5d7cdcd343b2ce6b18cb4a7ccaf73ae753ab44 100644
--- a/SOL003/VNFFaultManagement-API/IndividualAlarm.robot
+++ b/SOL003/VNFFaultManagement-API/IndividualAlarm.robot
@@ -14,7 +14,7 @@ POST Alarm - Method not implemented
     ...    Test title: POST Alarm - Method not implemented
     ...    Test objective: The objective is to test that Post method is not allowed to create Fault management individual alarm on VNF 
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.3.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.3.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none  
@@ -26,7 +26,7 @@ Get information about an fault management individual alarm
     ...    Test title: Get information about an fault management individual alarm
     ...    Test objective: The objective is to retrieve information about an individual alarm and perform a JSON schema and content validation of the returned alarm data structure
     ...    Pre-conditions: The related alarm exists
-    ...    Reference: Clause 7.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions:  none 
@@ -40,7 +40,7 @@ PUT Alarm - Method not implemented
     ...    Test title: PUT Alarm - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to for Fault management individual alarm on VNF 
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.3.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.3.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions:  none 
@@ -52,7 +52,7 @@ PATCH Fault Management Individual Alarm
     ...    Test title: PATCH Fault Management Individual Alarm
     ...    Test objective: The objective is to Modify an individual alarm resource and perform a JSON schema and content validation of the returned alarm data structure
     ...    Pre-conditions: The related alarm exists
-    ...    Reference: Clause 7.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -66,7 +66,7 @@ Modify an individual alarm resource - Precondition failed
     ...    Test title: Modify an individual alarm resource - Precondition failed
     ...    Test objective: The objective is to test that an individual alarm resource cannot be modified if the resource was modified by another entity
     ...    Pre-conditions: The related alarm exists
-    ...    Reference: Clause 7.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -79,7 +79,7 @@ Modify an individual alarm resource - Conflict
     ...    Test title: Modify an individual alarm resource - Conflict
     ...    Test objective: The objective is to test that an individual alarm resource cannot be modified if the alarm is already in the state that is requested to be set 
     ...    Pre-conditions: The related alarm exists
-    ...    Reference: Clause 7.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -93,7 +93,7 @@ DELETE Alarm - Method not implemented
     ...    Test title: DELETE Alarm - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to for Fault management individual alarm on VNF 
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.3.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.3.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions:  none
@@ -105,10 +105,37 @@ Get information about an fault management individual alarm - Not Found
     ...    Test title: Get information about an fault management individual alarm - Not Found
     ...    Test objective: The objective is to test that retrieval of information about an individual alarm fails when individual alarm is not present
     ...    Pre-conditions: The related alarm does not exists
-    ...    Reference: Clause 7.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions:  none 
     GET Fault Management Individual Alarm
     Check HTTP Response Status Code Is    404
-    Check HTTP Response Body Json Schema Is    ProblemDetails
\ No newline at end of file
+    Check HTTP Response Body Json Schema Is    ProblemDetails
+
+PATCH Fault Management Individual Alarm with permitted authorization scope
+    [Documentation]    Test ID: 7.3.5.2.9
+    ...    Test title: PATCH Fault Management Individual Alarm with permitted authorization scope
+    ...    Test objective: The objective is to Modify an individual alarm resource and perform a JSON schema and content validation of the returned alarm data structure with permitted authorization scope
+    ...    Pre-conditions: The related alarm exists
+    ...    Reference: Clause 7.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    PATCH Fault Management Individual Alarm with permitted authorization scope
+    Check HTTP Response Header Contains ETag and Last-Modified
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is  alarmModification
+
+PATCH Fault Management Individual Alarm with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.5.2.10
+    ...    Test title: PATCH Fault Management Individual Alarm with not permitted authorization scope
+    ...    Test objective: The objective is to Modify an individual alarm resource and perform a JSON schema and content validation of the returned alarm data structure with not permitted authorization scope
+    ...    Pre-conditions: The related alarm exists
+    ...    Reference: Clause 7.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    PATCH Fault Management Individual Alarm with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
diff --git a/SOL003/VNFFaultManagement-API/IndividualSubscription.robot b/SOL003/VNFFaultManagement-API/IndividualSubscription.robot
index 8bd03cb3cf6c951a8c8836b5f7acaf60df3ca5d2..692a59c26552bc30d6cc997591b743d93514e067 100644
--- a/SOL003/VNFFaultManagement-API/IndividualSubscription.robot
+++ b/SOL003/VNFFaultManagement-API/IndividualSubscription.robot
@@ -11,7 +11,7 @@ Post Individual Subscription - Method not implemented
     ...    Test title: Post Individual Subscription - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed for Fault management subscription on VNF  
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.5.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.5.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions:  none
@@ -23,7 +23,7 @@ Get Information about an individual subscription
     ...    Test title: Get Information about an individual subscription
     ...    Test objective: The objective is to read an individual subscription for NFVO alarms subscribed by the client and perform a JSON schema and content validation of the returned fault management individual subscription data structure
     ...    Pre-conditions: The subscription with the given id exists
-    ...   Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...   Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:   none
     ...    Post-Conditions:  none
@@ -36,7 +36,7 @@ PUT an individual subscription - Method not implemented
     ...    Test title:PUT an individual subscription - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed for Fault management individual subscription on VNF  
     ...    Pre-conditions:  none
-    ...    Reference: Clause 7.4.5.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.5.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions:  none
@@ -48,7 +48,7 @@ PATCH an individual subscription - Method not implemented
     ...    Test title:PATCH an individual subscription - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed for Fault management individual subscription on VNF  
     ...    Pre-conditions:  none
-    ...    Reference: Clause 7.4.5.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.5.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions:  none
@@ -60,7 +60,7 @@ DELETE an individual subscription
     ...    Test title:DELETE an individual subscription
     ...    Test objective: The objective is to test that DELETE method removes individual subscription on VNF   
     ...    Pre-conditions: The Subsbcription already exists
-    ...    Reference: Clause 7.4.5.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.5.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions:  subscription is deleted
@@ -73,10 +73,36 @@ Get Information about an individual subscription - Not Found
     ...    Test title: Get Information about an individual subscription - Not Found
     ...    Test objective: The objective is to test that the retrieval of an individual subscription for NFVO alarms subscribed by the client fails when subscription is not present
     ...    Pre-conditions: The subscription with the given id does not exists
-    ...   Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...   Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:   none
     ...    Post-Conditions:  none
     GET Individual Subscription
     Check HTTP Response Status Code Is    404
-    Check HTTP Response Body Json Schema Is    ProblemDetails
\ No newline at end of file
+    Check HTTP Response Body Json Schema Is    ProblemDetails
+
+Get Information about an individual subscription with permitted authorization scope 
+    [Documentation]    Test ID: 7.3.5.4.7
+    ...    Test title: Get Information about an individual subscription with permitted authorization scope 
+    ...    Test objective: The objective is to read an individual subscription for NFVO alarms subscribed by the client and perform a JSON schema and content validation of the returned fault management individual subscription data structure with permitted authorization scope 
+    ...    Pre-conditions: The subscription with the given id exists
+    ...   Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability:   none
+    ...    Post-Conditions:  none
+    GET Individual Subscription with permitted authorization scope 
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    FmSubscription
+
+Get Information about an individual subscription with not permitted authorization scope 
+    [Documentation]    Test ID: 7.3.5.4.8
+    ...    Test title: Get Information about an individual subscription with not permitted authorization scope
+    ...    Test objective: The objective is to read an individual subscription for NFVO alarms subscribed by the client and perform a JSON schema and content validation of the returned fault management individual subscription data structure with not permitted authorization scope 
+    ...    Pre-conditions: The subscription with the given id exists
+    ...   Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability:   none
+    ...    Post-Conditions:  none
+    GET Individual Subscription with not permitted authorization scope 
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
diff --git a/SOL003/VNFFaultManagement-API/NotificationEndpoint.robot b/SOL003/VNFFaultManagement-API/NotificationEndpoint.robot
index 86fc0cd0bfe40747e95894f09a9aaf31896504c9..ae2c722d2b65c7c7da969ccc703a84b6dbb16f00 100644
--- a/SOL003/VNFFaultManagement-API/NotificationEndpoint.robot
+++ b/SOL003/VNFFaultManagement-API/NotificationEndpoint.robot
@@ -13,7 +13,7 @@ VNF Fault Alarm Notification
     ...    Test title: VNF Fault Alarm Notification
     ...    Test objective: The objective is to test that the POST request triggers VNF Fault Alarm Notification.
     ...    Pre-conditions: A VNF instance is instantiated, and a subscription for fault alarm notifications is available in the VNFM.
-    ...    Reference: Clause 7.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -25,7 +25,7 @@ VNF Fault Alarm Cleared Notification
     ...    Test title: VNF Fault Alarm Cleared Notification
     ...    Test objective: The objective is to test that the POST request triggers VNF Fault Alarm Cleared Notification.
     ...    Pre-conditions: A VNF instance is instantiated, and a subscription for fault alarm cleared notifications is available in the VNFM.
-    ...    Reference: Clause 7.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -37,7 +37,7 @@ VNF Fault Alarm List Reulit Notification
     ...    Test title: VNF Fault Alarm List Rebuilt Notification
     ...    Test objective: The objective is to test that the POST request triggers VNF Fault Alarm List Rebuilt Notification.
     ...    Pre-conditions: A VNF instance is instantiated, and a subscription for fault alarm list rebuilt notifications is available in the VNFM.
-    ...    Reference: Clause 7.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL003/VNFFaultManagement-API/Notifications.robot b/SOL003/VNFFaultManagement-API/Notifications.robot
index fd4cbfdd3bd28091d58d98226c17a3a7c7b5fced..55e1ae60ae976932ba5e2506f85ef4e2235e4ad9 100644
--- a/SOL003/VNFFaultManagement-API/Notifications.robot
+++ b/SOL003/VNFFaultManagement-API/Notifications.robot
@@ -15,7 +15,7 @@ VNF Fault Alarm Notification
     ...    Test title: VNF Fault Alarm Notification
     ...    Test objective: The objective is to test the dispatch of VNF Fault Alarm Notification when a virtualised resource within an VNF instance fails, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A VNF instance is instantiated, and a subscription for fault alarm notifications is available in the VNFM.
-    ...    Reference: Clause 7.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -28,7 +28,7 @@ VNF Fault Alarm Cleared Notification
     ...    Test title: VNF Fault Alarm Cleared Notification
     ...    Test objective: The objective is to test the dispatch of VNF Fault Alarm Cleared Notification when a faulty virtualised resource within an VNF instance is cleared, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A VNF instance is instantiated, a virtualised resource is in faulty state, and a subscription for fault alarm cleared notifications is available in the VNFM.
-    ...    Reference: Clause 7.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -41,7 +41,7 @@ VNF Fault Alarm List Rebuilt Notification
     ...    Test title: VNF Fault Alarm List Rebuilt Notification 
     ...    Test objective: The objective is to test the dispatch of VNF Fault Alarm List Rebuilt Notification when the VNFM decides to rebuild the list of its VNF alarms, e.g. due to a corruption in the alarm storage, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A VNF instance is instantiated, one or more virtualised resource are in faulty state, and a subscription for fault alarm list rebuilt notifications is available in the VNFM.
-    ...    Reference: Clause 7.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL003/VNFFaultManagement-API/Subscriptions.robot b/SOL003/VNFFaultManagement-API/Subscriptions.robot
index b0f7d57f5d9e119c3a4d60c2e97d23a2d1cead4d..f91f20b963ebe2164f98a9d4fdc924c1c43598b4 100644
--- a/SOL003/VNFFaultManagement-API/Subscriptions.robot
+++ b/SOL003/VNFFaultManagement-API/Subscriptions.robot
@@ -16,7 +16,7 @@ Create a new Fault Management alarm subscription
     ...    Test title: Create a new Fault Management alarm subscription
     ...    Test objective: The objective is to create a new Fault management alarm subscriptions and perform a JSON schema and content validation of the returned fault management alarms subscription data structure
     ...    Pre-conditions: No subscription with the same filter and callbackUri exists
-    ...    Reference: Clause 7.4.4.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.4.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID:   Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: subscription is created
@@ -25,13 +25,13 @@ Create a new Fault Management alarm subscription
     Check Operation Occurrence Id
     Check HTTP Response Body Json Schema Is  FmSubscription
     Check created Subscription existence 
-  
+
 Create a new alarm subscription - DUPLICATION
-     [Documentation]    Test ID: 7.3.5.3.2
+    [Documentation]    Test ID: 7.3.5.3.2
     ...    Test title: Create a new alarm subscription - DUPLICATION
     ...    Test objective: The objective is to create a new subscription with the VNF allowing duplication and perform a JSON schema and content validation of the returned fault management alarms subscription data structure.
     ...    Pre-conditions: subscription with the same filter and callbackUri exists
-    ...    Reference: Clause 7.4.4.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.4.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID:   Config_prod_VNFM
     ...    Applicability: the NFVO allows creating a subscription resource if another subscription resource with the same filter and callbackUri already exists
     ...    Post-Conditions: duplicated subscription is created
@@ -46,7 +46,7 @@ Create a new alarm subscription - NO DUPLICATION
     ...    Test title: Create a new alarm subscription - NO DUPLICATION
     ...    Test objective: The objective is to create a new subscription with the VNF not allowing duplication and perform a JSON schema and content validation of the returned fault management alarms subscription data structure.
     ...    Pre-conditions: subscription with the same filter and callbackUri exists
-    ...    Reference: Clause 7.4.4.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.4.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID:   Config_prod_VNFM
     ...    Applicability: the NFVO decides to not create a duplicate subscription resource 
     ...    Post-Conditions: duplicated subscription is not created
@@ -60,7 +60,7 @@ Retrieve a list of alarm subscriptions
     ...    Test title: Retrieve a list of alarm subscriptions
     ...    Test objective: The objective is to retrieve the list of active subscriptions and perform a JSON schema and content validation of the returned fault management alarms subscription data structure.
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID:   Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions: noe
@@ -73,7 +73,7 @@ Retrieve a list of alarm subscriptions with filter
     ...    Test title: Retrieve a list of alarm subscriptions with filter
     ...    Test objective: The objective is to retrieve the list of active subscriptions with filter and perform a JSON schema and content validation of the returned fault management alarms subscription data structure.
     ...    Pre-conditions: none 
-    ...    Reference: Clause 7.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID:   Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -86,7 +86,7 @@ GET subscriptions - Bad Request Invalid attribute-based filtering parameters
     ...    Test title: GET subscriptions - Bad Request Invalid attribute-based filtering parameters
     ...    Test objective: The objective is to retrieve the list of active subscriptions with Invalid attribute-based filtering parameters and perform a JSON schema and content validation of the returned problem details data structure.
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID:   Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions:    none 
@@ -99,7 +99,7 @@ GET subscriptions with "all_fields" attribute selector
     ...    Test title: GET subscriptions with "all_fields" attribute selector
     ...    Test objective: The objective is to retrieve the list of active subscriptions with attribute selector
     ...    Pre-conditions: 
-    ...    Reference: Clause 7.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  
     ...    Post-Conditions: 
@@ -112,7 +112,7 @@ GET subscriptions with "exclude_default" attribute selector
     ...    Test title: GET subscriptions with "exclude_default" attribute selector
     ...    Test objective: The objective is to retrieve the list of active subscriptions with attribute selector
     ...    Pre-conditions: 
-    ...    Reference: Clause 7.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  
     ...    Post-Conditions: 
@@ -125,7 +125,7 @@ GET subscriptions with "fields" attribute selector
     ...    Test title: GET subscriptions with "fields" attribute selector
     ...    Test objective: The objective is to retrieve the list of active subscriptions with attribute selector
     ...    Pre-conditions: 
-    ...    Reference: Clause 7.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  
     ...    Post-Conditions: 
@@ -138,7 +138,7 @@ GET subscriptions with "exclude_fields" attribute selector
     ...    Test title: GET subscriptions with "exclude_fields" attribute selector
     ...    Test objective: The objective is to retrieve the list of active subscriptions with attribute selector
     ...    Pre-conditions: 
-    ...    Reference: Clause 7.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  
     ...    Post-Conditions: 
@@ -151,7 +151,7 @@ PUT subscriptions - Method not implemented
     ...    Test title:PUT subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to for Fault management subscriptions on VNF 
     ...    Pre-conditions: none
-    ...    RReference: Clause 7.4.4.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    RReference: Clause 7.4.4.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID:  Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions:  none
@@ -163,7 +163,7 @@ PATCH subscriptions - Method not implemented
     ...    Test title: PATCH subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to for Fault management subscriptions on VNF  
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.4.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.4.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID:  Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions:  none
@@ -175,7 +175,7 @@ DELETE subscriptions - Method not implemented
     ...    Test title: DELETE subscriptions - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to for Fault management subscriptions on VNF  
     ...    Pre-conditions: none 
-    ...    Reference: Clause 7.4.4.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.4.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID:  Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: subscription is not deleted
@@ -187,7 +187,7 @@ Retrieve a list of alarm subscriptions as Paged Response
     ...    Test title: Retrieve a list of alarm subscriptions as Paged Response
     ...    Test objective: The objective is to retrieve the list of active subscriptions as Paged Response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID:   Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions: noe
@@ -200,7 +200,7 @@ GET subscriptions - Bad Request Response too Big
     ...    Test title: GET subscriptions - Bad Request Response too Big
     ...    Test objective: The objective is to retrieve the list of active subscriptions because response is too big and perform a JSON schema and content validation of the returned problem details data structure.
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID:   Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions:    none 
@@ -213,7 +213,7 @@ GET Subscription with attribute-based filter "id"
     ...    Test title: GET Subscription with attribute-based filter "id"
     ...    Test objective: The objective is to retrieve the list of active subscriptions with filter "id"
     ...    Pre-conditions: 
-    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  
     ...    Post-Conditions: 
@@ -227,7 +227,7 @@ Get subscriptions with filter "filter.notificationTypes"
     ...    Test title: GET Subscription with attribute-based filter "filter.notificationTypes"
     ...    Test objective: The objective is to retrieve the list of active subscriptions with filter "filter.notificationTypes"
     ...    Pre-conditions: 
-    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  
     ...    Post-Conditions: 
@@ -241,7 +241,7 @@ Get subscriptions with filter "filter.faultyResourceTypes"
     ...    Test title: GET Subscription with attribute-based filter "filter.faultyResourceTypes"
     ...    Test objective: The objective is to retrieve the list of active subscriptions with filter "filter.faultyResourceTypes"
     ...    Pre-conditions: 
-    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  
     ...    Post-Conditions: 
@@ -255,7 +255,7 @@ Get subscriptions with filter "filter.perceivedSeverities"
     ...    Test title: GET Subscription with attribute-based filter "filter.perceivedSeverities"
     ...    Test objective: The objective is to retrieve the list of active subscriptions with filter "filter.perceivedSeverities"
     ...    Pre-conditions: 
-    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  
     ...    Post-Conditions: 
@@ -269,7 +269,7 @@ Get subscriptions with filter "filter.eventTypes"
     ...    Test title: GET Subscription with attribute-based filter "filter.eventTypes"
     ...    Test objective: The objective is to retrieve the list of active subscriptions with filter "filter.eventTypes"
     ...    Pre-conditions: 
-    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  
     ...    Post-Conditions: 
@@ -283,7 +283,7 @@ Get subscriptions with filter "filter.probableCauses"
     ...    Test title: GET Subscription with attribute-based filter "filter.probableCauses"
     ...    Test objective: The objective is to retrieve the list of active subscriptions with filter "filter.probableCauses"
     ...    Pre-conditions: 
-    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  
     ...    Post-Conditions: 
@@ -297,10 +297,38 @@ POST Create a new Subscription - Unprocessable Content
     ...    Test title: POST Create a new Subscription - Unprocessable Content
     ...    Test objective: The objective is to test that content type of the message content is supported and the message content of a request contains syntactically correct data but the data cannot be processed.
     ...    re-conditions: none
-    ...    Reference: Clause 7.4.5.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 7.4.5.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
     Post Subscription
     Check HTTP Response Status Code Is    422
     Check HTTP Response Body Json Schema Is  ProblemDetails
+
+Create a new Fault Management alarm subscription with permitted authorization scope 
+    [Documentation]    Test ID: 7.3.5.3.23
+    ...    Test title: Create a new Fault Management alarm subscription with permitted authorization scope 
+    ...    Test objective: The objective is to create a new Fault management alarm subscriptions and perform a JSON schema and content validation of the returned fault management alarms subscription data structure with permitted authorization scope 
+    ...    Pre-conditions: No subscription with the same filter and callbackUri exists
+    ...    Reference: Clause 7.4.4.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID:   Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: subscription is created
+    POST Subscription with permitted authorization scope
+    Check HTTP Response Status Code Is    201
+    Check Operation Occurrence Id
+    Check HTTP Response Body Json Schema Is  FmSubscription
+    Check created Subscription existence
+
+Create a new Fault Management alarm subscription with not permitted authorization scope 
+    [Documentation]    Test ID: 7.3.5.3.24
+    ...    Test title: Create a new Fault Management alarm subscription with not permitted authorization scope 
+    ...    Test objective: The objective is to create a new Fault management alarm subscriptions and perform a JSON schema and content validation of the returned fault management alarms subscription data structure with not permitted authorization scope 
+    ...    Pre-conditions: No subscription with the same filter and callbackUri exists
+    ...    Reference: Clause 7.4.4.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID:   Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: subscription is created
+    POST Subscription with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is  ProblemDetails
diff --git a/SOL003/VNFFaultManagement-API/environment/variables.txt b/SOL003/VNFFaultManagement-API/environment/variables.txt
index b267ef6895851f6fb515db665e569e5b9614413d..874a047563e98f50ce50eef2256a46e8ad991685 100644
--- a/SOL003/VNFFaultManagement-API/environment/variables.txt
+++ b/SOL003/VNFFaultManagement-API/environment/variables.txt
@@ -2,7 +2,17 @@
 ${VNFM_HOST}      localhost    # Hostname of the VNFM
 ${VNFM_PORT}      8080    # Listening port of the VNFM
 ${VNFM_SCHEMA}    https
+${OAUTH_ENCRYPTION_ALGORITHM}  HS256
 ${AUTHORIZATION_HEADER}    Authorization
+${OAUTH_KEY}
+
+${ALARMS_PERMITTED_SCOPE}    vnffm:v1:alarms
+${ALARMS_NOT_PERMITTED_SCOPE}    vnffm:v1:alarms:invalid
+${ALARMS_READONLY_PERMITTED_SCOPE}    vnffm:v1:alarms:readonly
+${ALARMS_READONLY_NOT_PERMITTED_SCOPE}    vnffm:v1:alarms:readonly:invalid
+${ALARMS_SUBSCRIPTIONS_PERMITTED_SCOPE}    vnffm:v1:subscriptions
+${ALARMS_SUBSCRIPTIONS_NOT_PERMITTED_SCOPE}    vnffm:v1:subscriptions:invalid
+
 ${AUTHORIZATION_TOKEN}    Bearer 0b79bab50daca910b000d4f1a2b675d604257e42
 ${CONTENT_TYPE}    application/json
 ${ACCEPT}         application/json
diff --git a/SOL003/VNFIndicator-API/IndividualSubscription.robot b/SOL003/VNFIndicator-API/IndividualSubscription.robot
index 1dbe79c5936062c3956673af48d2eaa04a161549..38a99e120056aaaf19395298b222f51f3a3ec803 100644
--- a/SOL003/VNFIndicator-API/IndividualSubscription.robot
+++ b/SOL003/VNFIndicator-API/IndividualSubscription.robot
@@ -11,7 +11,7 @@ GET Individual VNF Indicator Subscription
     ...    Test title: GET Individual VNF Indicator Subscription
     ...    Test objective: The objective is to test the retrieval of individual VNF indicator subscription and perform a JSON schema validation of the returned subscription data structure
     ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNFM.
-    ...    Reference: Clause 8.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -24,7 +24,7 @@ GET Individual VNF Indicator Subscription with invalid resource identifier
     ...    Test title: GET Individual VNF Indicator Subscription with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of individual VNF indicator subscription fails when using an invalid resource identifier.
     ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNFM.
-    ...    Reference: Clause 8.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -37,7 +37,7 @@ DELETE Individual VNF Indicator Subscription
     ...    Test title: DELETE Individual VNF Indicator Subscription
     ...    Test objective: The objective is to test the deletion of an individual VNF indicator subscription.
     ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNFM.
-    ...    Reference: Clause 8.4.6.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.6.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: The subscription to VNF indicators is deleted
@@ -50,7 +50,7 @@ DELETE Individual VNF Indicator Subscription with invalid resource identifier
     ...    Test title: DELETE Individual VNF Indicator Subscription with invalid resource identifier
     ...    Test objective: The objective is to test that the deletion of an individual VNF indicator subscription fails when using an invalid resource identifier.
     ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNFM.
-    ...    Reference: Clause 8.4.6.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.6.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -62,7 +62,7 @@ PUT Individual VNF Indicator Subscription - Method not implemented
     ...    Test title: PUT Individual VNF Indicator Subscription - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify an individual VNF indicator subscription
     ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNFM.
-    ...    Reference: Clause 8.4.6.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.6.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: The individual VNF indicator subscription is not modified by the operation
@@ -74,7 +74,7 @@ PATCH Individual VNF Indicator Subscription - Method not implemented
     ...    Test title: PATCH Individual VNF Indicator Subscription - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update an individual VNF indicator subscription
     ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNFM.
-    ...    Reference: Clause 8.4.6.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.6.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -86,9 +86,35 @@ POST Individual VNF Indicator Subscription - Method not implemented
     ...    Test title: POST Individual VNF Indicator Subscription - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new VNF indicator subscription
     ...    Pre-conditions: A VNF instance is instantiated.
-    ...    Reference: Clause 8.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
     Send Post Request for Individual VNF Indicator Subscription
-    Check HTTP Response Status Code Is    405 
\ No newline at end of file
+    Check HTTP Response Status Code Is    405 
+
+GET Individual VNF Indicator Subscription with permitted authorization scope
+    [Documentation]    Test ID: 7.3.6.5.8
+    ...    Test title: GET Individual VNF Indicator Subscription with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of individual VNF indicator subscription and perform a JSON schema validation of the returned subscription data structure with permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNFM.
+    ...    Reference: Clause 8.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual VNF Indicator Subscription with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   VnfIndicatorSubscription
+
+GET Individual VNF Indicator Subscription with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.6.5.9
+    ...    Test title: GET Individual VNF Indicator Subscription with not permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of individual VNF indicator subscription and perform a JSON schema validation of the returned subscription data structure with not permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNFM.
+    ...    Reference: Clause 8.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual VNF Indicator Subscription with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is   ProblemDetails
\ No newline at end of file
diff --git a/SOL003/VNFIndicator-API/IndividualVNFindicator.robot b/SOL003/VNFIndicator-API/IndividualVNFindicator.robot
index a5407944d792d2a50bd1132e2970772f3adff039..b2760123e0ff5159b28f8f3fc4bfcef4088947b1 100644
--- a/SOL003/VNFIndicator-API/IndividualVNFindicator.robot
+++ b/SOL003/VNFIndicator-API/IndividualVNFindicator.robot
@@ -10,7 +10,7 @@ Get Individual Indicator for VNF Instance
     ...    Test title: Get Individual Indicator for VNF Instance
     ...    Test objective: The objective is to test the retrieval of an indicator for a given VNF instance and perform a JSON schema validation of the returned indicator data structure
     ...    Pre-conditions: A VNF instance is instantiated. At least one measure of VNF indicator is available in the VNFM.
-    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -25,7 +25,7 @@ Get Individual Indicator for VNF Instance with invalid indicator identifier
     ...    Test title: Get Individual Indicator for VNF Instance with invalid indicator identifier
     ...    Test objective: The objective is to test that the retrieval of an indicator for a given VNF instance fails when using an invalid resource identifier. The test also checks the JSON schema of the unsuccessful operation HTTP response.
     ...    Pre-conditions: A VNF instance is instantiated. At least one measure of VNF indicator is available in the VNFM.
-    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -38,7 +38,7 @@ POST Individual VNF Indicator for VNF Instance - Method not implemented
     ...    Test title: POST Individual VNF Indicator for VNF Instance - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new VNF indicator in the VNFM
     ...    Pre-conditions: A VNF instance is instantiated.
-    ...    Reference: Clause 8.4.4.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.4.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -50,7 +50,7 @@ PUT Individual VNF Indicator for VNF Instance - Method not implemented
     ...    Test title: PUT Individual VNF Indicator for VNF Instance - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify an existing indicator for a VNF instance
     ...    Pre-conditions: A VNF instance is instantiated. At least one measure of VNF indicator is available in the VNFM
-    ...    Reference: Clause 8.4.4.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.4.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -62,7 +62,7 @@ PATCH Individual VNF Indicator for VNF Instance - Method not implemented
     ...    Test title: PATCH Individual VNF Indicator for VNF Instance - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update an existing indicator for a VNF instance
     ...    Pre-conditions: A VNF instance is instantiated. At least one measure of VNF indicator is available for the given VNF instance.
-    ...    Reference: Clause 8.4.4.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.4.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -74,9 +74,37 @@ DELETE Individual VNF Indicator for VNF Instance - Method not implemented
     ...    Test title: DELETE Individual VNF Indicator for VNF Instance - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete an existing indicator for a VNF instance
     ...    Pre-conditions: A VNF instance is instantiated. At least one measure of VNF indicator is available in the VNFM
-    ...    Reference: Clause 8.4.3.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.3.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
     Send DELETE Request for individual indicator in VNF instance
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+Get Individual Indicator for VNF Instance with permitted authorization scope 
+    [Documentation]    Test ID: 7.3.6.3.7
+    ...    Test title: Get Individual Indicator for VNF Instance with permitted authorization scope 
+    ...    Test objective: The objective is to test the retrieval of an indicator for a given VNF instance and perform a JSON schema validation of the returned indicator data structure with permitted authorization scope 
+    ...    Pre-conditions: A VNF instance is instantiated. At least one measure of VNF indicator is available in the VNFM.
+    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Individual Indicator for a VNF instance with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   vnfIndicator
+    Check HTTP Response Body Includes Requested VNF Instance ID
+    Check HTTP Response Body Includes Requested Indicator ID
+
+Get Individual Indicator for VNF Instance with not permitted authorization scope 
+    [Documentation]    Test ID: 7.3.6.3.8
+    ...    Test title: Get Individual Indicator for VNF Instance with not permitted authorization scope 
+    ...    Test objective: The objective is to test the retrieval of an indicator for a given VNF instance and perform a JSON schema validation of the returned indicator data structure with not permitted authorization scope 
+    ...    Pre-conditions: A VNF instance is instantiated. At least one measure of VNF indicator is available in the VNFM.
+    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Individual Indicator for a VNF instance with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is   ProblemDetails
\ No newline at end of file
diff --git a/SOL003/VNFIndicator-API/NotificationEndpoint.robot b/SOL003/VNFIndicator-API/NotificationEndpoint.robot
index 073cfa9269e85d4f422790275cb924fb28772621..be9c4de235169f170e4ab112e932c5777f456cac 100644
--- a/SOL003/VNFIndicator-API/NotificationEndpoint.robot
+++ b/SOL003/VNFIndicator-API/NotificationEndpoint.robot
@@ -12,7 +12,7 @@ VNF Indicator Value Change Notification
     ...    Test title: VNF Indicator Value Change Notification
     ...    Test objective: The objective is to test that the POST request triggers VNF Indicator Value Change Notification.
     ...    Pre-conditions: A VNF is instantiated, and a subscription for indicator value change notifications is available in the VNFM.
-    ...    Reference: Clause 8.4.7.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.7.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -24,7 +24,7 @@ Supported Indicators Change Notification
     ...    Test title: Supported Indicators Change Notification
     ...    Test objective: The objective is to test that the POST request triggers Supported Indicators Change Notification.
     ...    Pre-conditions: A VNF is instantiated, and a individual subscription resource for supported indicators change notifications is available in the VNFM.
-    ...    Reference: Clause 8.4.7.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.7.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL003/VNFIndicator-API/Notifications.robot b/SOL003/VNFIndicator-API/Notifications.robot
index fb16d34882e3047d1cb8e5cac5ff3751d09a3186..60b4df6d913190fec4594ed69b255e4ace5a73cf 100644
--- a/SOL003/VNFIndicator-API/Notifications.robot
+++ b/SOL003/VNFIndicator-API/Notifications.robot
@@ -16,7 +16,7 @@ VNF Indicator Value Change Notification
     ...    Test title: VNF Indicator Value Change Notification
     ...    Test objective: The objective is to test the dispatch of VNF Indicator Value Change Notification when new indicator values are available in the VNFM, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A VNF is instantiated, and a subscription for indicator value change notifications is available in the VNFM.
-    ...    Reference: Clause 8.4.7.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.7.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL003/VNFIndicator-API/Subscriptions.robot b/SOL003/VNFIndicator-API/Subscriptions.robot
index f0b69335313027e76ed8f072e4d00449c96c2484..db1194cee4a3d76bbec86138a043ebd6efb18711 100644
--- a/SOL003/VNFIndicator-API/Subscriptions.robot
+++ b/SOL003/VNFIndicator-API/Subscriptions.robot
@@ -16,7 +16,7 @@ GET All VNF Indicator Subscriptions
     ...    Test title: GET All VNF Indicator Subscriptions
     ...    Test objective: The objective is to test the retrieval of all VNF indicator subscriptions and perform a JSON schema validation of the returned subscriptions data structure
     ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNFM.
-    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none        
@@ -29,7 +29,7 @@ GET VNF Indicator Subscriptions with attribute-based filter
     ...    Test title: GET VNF Indicator Subscriptions with attribute-based filter
     ...    Test objective: The objective is to test the retrieval of VNF indicator subscriptions using attribute-based filter, perform a JSON schema validation of the collected indicators data structure, and verify that the retrieved information matches the issued attribute-based filters 
     ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNFM.
-    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -43,7 +43,7 @@ GET VNF Indicator Subscriptions with invalid attribute-based filter
     ...    Test title: GET VNF Indicator Subscriptions with invalid attribute-based filter
     ...    Test objective: The objective is to test that the retrieval of VNF indicator subscriptions fails when using invalid attribute-based filters, and perform the JSON schema validation of the failed operation HTTP response. 
     ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNFM.
-    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -56,7 +56,7 @@ GET VNF Indicator Subscriptions with invalid resource endpoint
     ...    Test title: GET VNF Indicator Subscriptions with invalid resource endpoint
     ...    Test objective: The objective is to test that the retrieval of all VNF indicator subscriptions fails when using invalid resource endpoint.
     ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNFM.
-    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -68,7 +68,7 @@ Create new VNF indicator subscription
     ...    Test title: Create new VNF indicator subscription
     ...    Test objective: The objective is to test the creation of a new VNF indicator subscription and perform a JSON schema and content validation of the returned subscription data structure
     ...    Pre-conditions: A VNF instance is instantiated.
-    ...    Reference: Clause 8.4.5.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.5.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: The VNF indicator subscription is successfully set and it matches the issued subscription   
@@ -84,7 +84,7 @@ Create duplicated VNF indicator subscription with VNFM not creating duplicated s
     ...    Test title: Create duplicated VNF indicator subscription with VNFM not creating duplicated subscriptions
     ...    Test objective: The objective is to test the attempt of a creation of a duplicated VNF indicator subscription and check that no new subscription is created by the VNFM and a link to the original subscription is returned
     ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNFM.
-    ...    Reference: Clause 8.4.5.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.5.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: The VNFM does not support the creation of duplicated subscriptions
     ...    Post-Conditions: The existing VNF indicator subscription returned is available in the VNFM
@@ -100,7 +100,7 @@ Create duplicated VNF indicator subscription with VNFM creating duplicated subsc
     ...    Test title: Create duplicated VNF indicator subscription with VNFM creating duplicated subscriptions
     ...    Test objective: The objective is to test the creation of a duplicated VNF indicator subscription and perform a JSON schema and content validation of the returned duplicated subscription data structure
     ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNFM.
-    ...    Reference: Clause 8.4.5.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.5.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: The VNFM supports the creation of duplicated subscriptions
     ...    Post-Conditions: The duplicated VNF indicator subscription is successfully set and it matches the issued subscription
@@ -115,7 +115,7 @@ PUT VNF Indicator Subscriptions - Method not implemented
     ...    Test title: PUT VNF Indicator Subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify VNF indicator subscriptions
     ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNFM.
-    ...    Reference: Clause 8.4.5.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.5.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -127,7 +127,7 @@ PATCH VNF Indicator Subscriptions - Method not implemented
     ...    Test title: PATCH VNF Indicator Subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update VNF indicator subscriptions
     ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNFM.
-    ...    Reference: Clause 8.4.5.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.5.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -139,7 +139,7 @@ DELETE VNF Indicator Subscriptions - Method not implemented
     ...    Test title: DELETE VNF Indicator Subscriptions - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete VNF indicators subscriptions
     ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNFM.
-    ...    Reference: Clause 8.4.5.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.5.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -151,7 +151,7 @@ GET All VNF Indicator Subscriptions as Paged Response
     ...    Test title: GET All VNF Indicator Subscriptions as Paged Response
     ...    Test objective: The objective is to test the retrieval of all VNF indicator subscriptions as Paged Response.
     ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNFM.
-    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none        
@@ -164,7 +164,7 @@ GET VNF Indicator Subscriptions - Bad Request Response too Big
     ...    Test title: GET VNF Indicator Subscriptions - Bad Request Response too Big
     ...    Test objective: The objective is to test that the retrieval of VNF indicator subscriptions fails because reponse is too big, and perform the JSON schema validation of the failed operation HTTP response. 
     ...    Pre-conditions: A VNF instance is instantiated. At least one VNF indicator subscription is available in the VNFM.
-    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -177,10 +177,38 @@ POST Create a new Subscription - Unprocessable Content
     ...    Test title: POST Create a new Subscription - Unprocessable Content
     ...    Test objective: The objective is to test that content type of the message content is supported and the message content of a request contains syntactically correct data but the data cannot be processed.
     ...    re-conditions: none
-    ...    Reference: Clause 8.4.5.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.5.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
     Send Post Request for VNF Indicator Subscription
     Check HTTP Response Status Code Is    422
     Check HTTP Response Body Json Schema Is  ProblemDetails
+
+Create new VNF indicator subscription with permitted authorization scope
+    [Documentation]    Test ID: 7.3.6.4.14
+    ...    Test title: Create new VNF indicator subscription with permitted authorization scope
+    ...    Test objective: The objective is to test the creation of a new VNF indicator subscription and perform a JSON schema and content validation of the returned subscription data structure with permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated.
+    ...    Reference: Clause 8.4.5.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: The VNF indicator subscription is successfully set and it matches the issued subscription   
+    Send Post Request for VNF Indicator Subscription with permitted authorization scope
+    Check HTTP Response Status Code Is    201
+    Check HTTP Response Body Json Schema Is    VnfIndicatorSubscription
+    Check HTTP Response Body Matches the Subscription
+    Check Postcondition VNF Indicator Subscription Is Set
+
+Create new VNF indicator subscription with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.6.4.15
+    ...    Test title: Create new VNF indicator subscription with not permitted authorization scope
+    ...    Test objective: The objective is to test the creation of a new VNF indicator subscription and perform a JSON schema and content validation of the returned subscription data structure with not permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated.
+    ...    Reference: Clause 8.4.5.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: The VNF indicator subscription is successfully set and it matches the issued subscription   
+    Send Post Request for VNF Indicator Subscription with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is  ProblemDetails
\ No newline at end of file
diff --git a/SOL003/VNFIndicator-API/VNFIndicators.robot b/SOL003/VNFIndicator-API/VNFIndicators.robot
index 5c16a991390cc429b5617d8c24013e0ee19f22e0..40eb5cf4ba20f678a19dfb2e4e5800025c3029d2 100644
--- a/SOL003/VNFIndicator-API/VNFIndicators.robot
+++ b/SOL003/VNFIndicator-API/VNFIndicators.robot
@@ -11,7 +11,7 @@ Get all VNF Indicators
     ...    Test title: Get all VNF Indicators
     ...    Test objective: The objective is to test the retrieval of all the available VNF indicators and perform a JSON schema validation of the collected indicators data structure
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF indicators are available in the VNFM.
-    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -24,7 +24,7 @@ Get VNF Indicators with attribute-based filter
     ...    Test title: Get VNF Indicators with attribute-based filter
     ...    Test objective: The objective is to test the retrieval of VNF indicators using attribute-based filter, perform a JSON schema validation of the collected indicators data structure, and verify that the retrieved information matches the issued attribute-based filters 
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF indicators are available in the VNFM.
-    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -38,7 +38,7 @@ Get VNF Indicators with invalid attribute-based filter
     ...    Test title: Get VNF Indicators with invalid attribute-based filter
     ...    Test objective: The objective is to test that the retrieval of VNF indicators fails when using invalid attribute-based filters, and perform the JSON schema validation of the failed operation HTTP response. 
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF indicators are available in the VNFM.
-    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -51,7 +51,7 @@ Get all VNF Indicators with malformed authorization token
     ...    Test title: Get all VNF Indicators with malformed authorization token
     ...    Test objective: The objective is to test that the retrieval of VNF indicators fails when using malformed authorization token
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF indicators are available in the VNFM.
-    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: The VNFM requires the usage of access tokens for authorizing the API requests.
     ...    Post-Conditions: none
@@ -63,7 +63,7 @@ Get all VNF Indicators without authorization token
     ...    Test title: Get all VNF Indicators without authorization token
     ...    Test objective: The objective is to test that the retrieval of VNF indicators fails when omitting the authorization token
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF indicators are available in the VNFM.
-    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: The VNF requires the usage of access tokens for authorizing the API requests.
     ...    Post-Conditions: none
@@ -75,7 +75,7 @@ GET all VNF Indicators with expired or revoked authorization token
     ...    Test title: GET all VNF Indicators with expired or revoked authorization token
     ...    Test objective: The objective is to test that the retrieval of VNF indicators fails when using expired or revoked authorization token
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF indicators are available in the VNFM.
-    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: The VNF requires the usage of access tokens for authorizing the API requests.
     ...    Post-Conditions: none
@@ -87,7 +87,7 @@ Get all VNF Indicators with invalid resource endpoint
     ...    Test title: Get all VNF Indicators with invalid resource endpoint
     ...    Test objective: The objective is to test that the retrieval of VNF indicators fails when using invalid resource endpoint
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF indicators are available in the VNFM.
-    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -99,7 +99,7 @@ POST all VNF Indicators - Method not implemented
     ...    Test title: POST all VNF Indicators - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create new VNF indicators
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF indicators are available in the VNFM
-    ...    Reference: Clause 8.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -111,7 +111,7 @@ PUT all VNF Indicators - Method not implemented
     ...    Test title: PUT all VNF Indicators - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify VNF indicators
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF indicators are available in the VNFM
-    ...    Reference: Clause 8.4.2.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.2.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -123,7 +123,7 @@ PATCH all VNF Indicators - Method not implemented
     ...    Test title: PATCH all VNF Indicators - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update VNF indicators
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF indicators are available in the VNF
-    ...    Reference: Clause 8.4.2.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.2.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -135,7 +135,7 @@ DELETE all VNF Indicators - Method not implemented
     ...    Test title: DELETE all VNF Indicators - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete VNF indicators
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF indicators are available in the VNF
-    ...    Reference: Clause 8.4.2.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.2.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: The VNF indicators are not deleted by the unsuccessful operation
@@ -148,7 +148,7 @@ Get all VNF Indicators as Paged Response
     ...    Test title: Get all VNF Indicators as Paged Response
     ...    Test objective: The objective is to test the retrieval of all the available VNF indicators as Paged Response.
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF indicators are available in the VNFM.
-    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -161,10 +161,36 @@ Get VNF Indicators - Bad Request Response too Big
     ...    Test title: Get VNF Indicators - Bad Request Response too Big
     ...    Test objective: The objective is to test that the retrieval of VNF indicators fails because reponse is too big, and perform the JSON schema validation of the failed operation HTTP response. 
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF indicators are available in the VNFM.
-    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
     Get all VNF indicators
     Check HTTP Response Status Code Is    400
+    Check HTTP Response Body Json Schema Is   ProblemDetails
+
+Get all VNF Indicators with permitted authorization scope 
+    [Documentation]    Test ID: 7.3.6.1.14
+    ...    Test title: Get all VNF Indicators with permitted authorization scope 
+    ...    Test objective: The objective is to test the retrieval of all the available VNF indicators and perform a JSON schema validation of the collected indicators data structure with permitted authorization scope 
+    ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF indicators are available in the VNFM.
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get all VNF indicators with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   vnfIndicators
+
+Get all VNF Indicators with not permitted authorization scope 
+    [Documentation]    Test ID: 7.3.6.1.15
+    ...    Test title: Get all VNF Indicators with not permitted authorization scope 
+    ...    Test objective: The objective is to test the retrieval of all the available VNF indicators and perform a JSON schema validation of the collected indicators data structure with not permitted authorization scope 
+    ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF indicators are available in the VNFM.
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get all VNF indicators with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
     Check HTTP Response Body Json Schema Is   ProblemDetails
\ No newline at end of file
diff --git a/SOL003/VNFIndicator-API/VNFIndicatorsKeywords.robot b/SOL003/VNFIndicator-API/VNFIndicatorsKeywords.robot
index f890cbacc1f4c7774cb73a5b6ced7f0c80544a96..02da02e804c75cbb1332dabb77e590a290edaf3d 100644
--- a/SOL003/VNFIndicator-API/VNFIndicatorsKeywords.robot
+++ b/SOL003/VNFIndicator-API/VNFIndicatorsKeywords.robot
@@ -129,7 +129,46 @@ Send Post Request for Duplicated VNF indicator Subscription
 	Set Global Variable    ${response}    ${output}
     Verify Mock Expectation    ${notification_request}
 	Clear Requests    ${callback_endpoint}
-    
+
+Send Post Request for VNF Indicator Subscription with permitted authorization scope
+    Log    Trying to create a new subscription with permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${template}=    Get File    jsons/subscriptions.json
+    ${body}=        Format String   ${template}     callback_uri=${callback_uri}    callback_port=${callback_port}    callback_endpoint=${callback_endpoint}
+    ${scopeValue}=    Create Dictionary    scopeValue=${INDICATORS_SUBSCRIPTION_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log  Creating mock request and response to handle GET operation on notification endpoint
+    &{notification_request}=  Create Mock Request Matcher	GET  ${callback_endpoint}
+    &{notification_response}=  Create Mock Response	status_code=204
+    Log    Issue the subscription request
+    Create Mock Expectation  ${notification_request}  ${notification_response}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions    ${body}    allow_redirects=false
+	${output}=    Output    response
+	Set Global Variable    ${response}    ${output}
+	Verify Mock Expectation    ${notification_request}
+	Clear Requests    ${callback_endpoint}
+
+Send Post Request for VNF Indicator Subscription with not permitted authorization scope
+    Log    Trying to create a new subscription with not permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${template}=    Get File    jsons/subscriptions.json
+    ${body}=        Format String   ${template}     callback_uri=${callback_uri}    callback_port=${callback_port}    callback_endpoint=${callback_endpoint}
+    ${scopeValue}=    Create Dictionary    scopeValue=${INDICATORS_SUBSCRIPTION_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log  Creating mock request and response to handle GET operation on notification endpoint
+    &{notification_request}=  Create Mock Request Matcher	GET  ${callback_endpoint}
+    &{notification_response}=  Create Mock Response	status_code=204
+    Log    Issue the subscription request
+    Create Mock Expectation  ${notification_request}  ${notification_response}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions    ${body}    allow_redirects=false
+	${output}=    Output    response
+	Set Global Variable    ${response}    ${output}
+	Verify Mock Expectation    ${notification_request}
+	Clear Requests    ${callback_endpoint}
     
 Send Put Request for VNF Indicator Subscriptions
     Log    Trying to perform a PUT. This method should not be implemented
@@ -283,6 +322,30 @@ Get all VNF indicators with invalid resource endpoint
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+Get all VNF indicators with permitted authorization scope 
+    Log    The GET method queries multiple VNF indicators with permitted authorization scope 
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${INDICATORS_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Execute Query and validate response
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+    Set Suite Variable    ${vnfIndicators}    ${response['body']}
+
+Get all VNF indicators with not permitted authorization scope 
+    Log    The GET method queries multiple VNF indicators with not permitted authorization scope 
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${INDICATORS_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Execute Query and validate response
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+    Set Suite Variable    ${vnfIndicators}    ${response['body']}
+
 Send POST Request for all VNF indicators
     log    Trying to perform a POST. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT_JSON}"}  
@@ -411,6 +474,26 @@ Get Individual Indicator for a VNF instance with invalid indicator identifier
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+Get Individual Indicator for a VNF instance with permitted authorization scope 
+    Log    This resource represents a VNF indicator related to a VNF instance with permitted authorization scope .
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${INDICATORS_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators/${vnfInstanceId}/${indicatorId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Get Individual Indicator for a VNF instance with not permitted authorization scope 
+    Log    This resource represents a VNF indicator related to a VNF instance with not permitted authorization scope .
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${INDICATORS_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/indicators/${vnfInstanceId}/${indicatorId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
 Send POST Request for individual indicator in VNF instance
     Log    Trying to perform a POST (method should not be implemented)
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
@@ -465,6 +548,26 @@ GET Individual VNF Indicator Subscription
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+GET Individual VNF Indicator Subscription with permitted authorization scope
+    Log    Trying to get a given subscription identified by subscriptionId with permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${INDICATORS_SUBSCRIPTION_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+GET Individual VNF Indicator Subscription with not permitted authorization scope
+    Log    Trying to get a given subscription identified by subscriptionId with not permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${INDICATORS_SUBSCRIPTION_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
 GET Individual VNF Indicator Subscription with invalid resource identifier
     Log    Trying to perform a request on a subscriptionID which doesn't exist
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
@@ -494,7 +597,7 @@ Send Post Request for Individual VNF Indicator Subscription
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     POST    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${erroneousSubscriptionId}
     ${output}=    Output    response
-    Set Suite Variable    ${response}    ${output}   
+    Set Suite Variable    ${response}    ${output} 
 
 Send Put Request for Individual VNF Indicator Subscription
     Log    Trying to perform a PUT. This method should not be implemented
@@ -538,3 +641,8 @@ Check Notification Endpoint
 Check HTTP Response Header Contain Link
     ${linkURL}=    Get Value From Json    ${response['headers']}    $..Link
     Should Not Be Empty    ${linkURL}
+
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded}
\ No newline at end of file
diff --git a/SOL003/VNFIndicator-API/VnfIndicatorsInVnfInstanceId.robot b/SOL003/VNFIndicator-API/VnfIndicatorsInVnfInstanceId.robot
index 9d62078876e9213cfc1feec2771636e53063d223..28993eb3302403105bf0265d4aa74c6ea2a96bed 100644
--- a/SOL003/VNFIndicator-API/VnfIndicatorsInVnfInstanceId.robot
+++ b/SOL003/VNFIndicator-API/VnfIndicatorsInVnfInstanceId.robot
@@ -11,7 +11,7 @@ Get Indicators for VNF Instance
     ...    Test title: Get Indicators for VNF Instance
     ...    Test objective: The objective is to test the retrieval of all indicators for a given VNF instance and perform a JSON schema validation of the returned indicators data structure
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF indicators are available in the VNFM for the given VNF instance.
-    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -25,7 +25,7 @@ GET Indicators for VNF Instance with attribute-based filter
     ...    Test title: GET Indicators for VNF Instance with attribute-based filter
     ...    Test objective: The objective is to test the retrieval of all indicators for a given VNF instance using attribute-based filter and perform a JSON schema validation of the returned indicators data structure
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF indicators are available in the VNFM for the given VNF instance.
-    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -39,7 +39,7 @@ Get Indicators for VNF Instance with invalid attribute-based filter
     ...    Test title: Get Indicators for VNF Instance with invalid attribute-based filter
     ...    Test objective: The objective is to test that the retrieval of all indicators for a given VNF instance fails using invalid attribute-based filter. The test also checks the JSON schema of the unsuccessful operation HTTP response.
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF indicators are available in the VNFM for the given VNF instance.
-    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -52,7 +52,7 @@ Get Indicators for VNF Instance with invalid resource identifier
     ...    Test title: Get Indicators for VNF Instance with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of all indicators for a given VNF instance fails when using invalid resource identifier. The test also checks the JSON schema of the unsuccessful operation HTTP response.
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF indicators are available in the VNFM for the given VNF instance.
-    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -65,7 +65,7 @@ POST Indicators for VNF instance - Method not implemented
     ...    Test title: POST Indicators for VNF instance - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create new indicators for a VNF instance
     ...    Pre-conditions: A VNF instance is instantiated.
-    ...    Reference: Clause 8.4.3.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.3.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -77,7 +77,7 @@ PUT Indicators for VNF instance - Method not implemented
     ...    Test title: PUT Indicators for VNF instance - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify existing indicators for a VNF instance
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF indicators are available in the VNFM for the given VNF instance.
-    ...    Reference: Clause 8.4.3.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.3.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -89,7 +89,7 @@ PATCH Indicators for VNF instance - Method not implemented
     ...    Test title: PATCH Indicators for VNF instance - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update existing indicators for a VNF instance
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF indicators are available in the VNFM for the given VNF instance.
-    ...    Reference: Clause 8.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -101,7 +101,7 @@ DELETE Indicators for VNF instance - Method not implemented
     ...    Test title: DELETE Indicators for VNF instance - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete indicators for a VNF instance
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF indicators are available in the VNFM for the given VNF instance.
-    ...    Reference: Clause 8.4.3.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.3.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -113,7 +113,7 @@ Get Indicators for VNF Instance as Paged Response
     ...    Test title: Get Indicators for VNF Instance as Paged Response
     ...    Test objective: The objective is to test the retrieval of all indicators for a given VNF instance as Paged Response.
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF indicators are available in the VNFM for the given VNF instance.
-    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -126,7 +126,7 @@ Get Indicators for VNF Instance - Bad Request Response too Big
     ...    Test title: Get Indicators for VNF Instance - Bad Request Response too Big
     ...    Test objective: The objective is to test that the retrieval of all indicators for a given VNF instance fails because response is too big. The test also checks the JSON schema of the unsuccessful operation HTTP response.
     ...    Pre-conditions: A VNF instance is instantiated. One or more measures of VNF indicators are available in the VNFM for the given VNF instance.
-    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
diff --git a/SOL003/VNFIndicator-API/environment/variables.txt b/SOL003/VNFIndicator-API/environment/variables.txt
index 1c953b145cb9890c72e9c571eec85b12efa5fea2..443de9cfda1eb595360a73f8417e9d70cfc54f26 100644
--- a/SOL003/VNFIndicator-API/environment/variables.txt
+++ b/SOL003/VNFIndicator-API/environment/variables.txt
@@ -3,7 +3,15 @@ ${VNFM_HOST}      localhost    # Hostname of the VNFM
 ${VNFM_PORT}      8080    # Listening port of the VNFM
 ${VNFM_SCHEMA}    https
 
+${OAUTH_ENCRYPTION_ALGORITHM}  HS256
 ${AUTHORIZATION_HEADER}    Authorization
+${OAUTH_KEY}
+
+${INDICATORS_PERMITTED_SCOPE}    vnfind:v2:indicators
+${INDICATORS_NOT_PERMITTED_SCOPE}    vnfind:v2:indicators:invalid
+${INDICATORS_SUBSCRIPTION_PERMITTED_SCOPE}  vnfind:v2:subscriptions
+${INDICATORS_SUBSCRIPTION_NOT_PERMITTED_SCOPE}  vnfind:v2:subscriptions:invalid
+
 ${AUTHORIZATION_TOKEN}    Bearer 0b79bab50daca910b000d4f1a2b675d604257e42
 ${NEG_AUTHORIZATION_TOKEN}    Bearer negativetoken
 ${BAD_AUTHORIZATION_TOKEN}    Bear sometoken
diff --git a/SOL003/VNFLifecycleManagement-API/CancelOperationTask.robot b/SOL003/VNFLifecycleManagement-API/CancelOperationTask.robot
index 5482d6018849e15ef27a7755f4bcfb0953335993..17df4fcdad89121be6b0d93f88c071b7ca69545c 100644
--- a/SOL003/VNFLifecycleManagement-API/CancelOperationTask.robot
+++ b/SOL003/VNFLifecycleManagement-API/CancelOperationTask.robot
@@ -12,7 +12,7 @@ POST Cancel operation task
     ...    Test title: POST Cancel operation task
     ...    Test objective: The POST method initiates cancelling an ongoing VNF lifecycle operation while it is being executed or rolled back, i.e. the "VNF LCM operation occurrence" is either in "PROCESSING" or "ROLLING_BACK" state.
     ...    Pre-conditions: The "VNF LCM operation occurrence" is either in "PROCESSING" or "ROLLING_BACK" state.
-    ...    Reference: Clause 5.4.17.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.17.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: VNF instance status equal to FAILED_TEMP     
@@ -25,7 +25,7 @@ POST Cancel operation task Conflict
     ...    Test title: POST Cancel operation task Conflict
     ...    Test objective: The POST method is NOT cancelling an ongoing VNF lifecycle operation due to the fact that the VNF instance resource is not in STARTING, PROCESSING or ROLLING_BACK state
     ...    Pre-conditions: The "VNF LCM operation occurrence" is not in STARTING, PROCESSING or ROLLING_BACK state
-    ...    Reference: Clause 5.4.17.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.17.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -38,7 +38,7 @@ POST Cancel operation task Not Found
     ...    Test title: POST Cancel operation task Not Found
     ...    Test objective: The objective is to test that POST method cannot cancel a VNF lifecycle operation because the resource is not found
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.17.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.17.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -51,7 +51,7 @@ GET Cancel operation task - Method not implemented
     ...    Test title: GET Cancel operation task - Method not implemented
     ...    Test objective: The objective is to test that GET method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.17.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.17.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -63,7 +63,7 @@ PUT Cancel operation task - Method not implemented
     ...    Test title: PUT Cancel operation task - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.17.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.17.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -75,7 +75,7 @@ PATCH Cancel operation task - Method not implemented
     ...    Test title: PATCH Cancel operation task - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.17.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.17.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -87,9 +87,34 @@ DELETE Cancel operation task - Method not implemented
     ...    Test title: DELETE Cancel operation task - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.17.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.17.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
     DELETE Cancel operation task
-	Check HTTP Response Status Code Is    405
\ No newline at end of file
+	Check HTTP Response Status Code Is    405
+
+POST Cancel operation task with permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.16.8
+    ...    Test title: POST Cancel operation task with permitted authorization scope
+    ...    Test objective: The POST method initiates cancelling an ongoing VNF lifecycle operation while it is being executed or rolled back, i.e. the "VNF LCM operation occurrence" is either in "PROCESSING" or "ROLLING_BACK" state.
+    ...    Pre-conditions: The "VNF LCM operation occurrence" is either in "PROCESSING" or "ROLLING_BACK" state with permitted authorization scope.
+    ...    Reference: Clause 5.4.17.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: VNF instance status equal to FAILED_TEMP     
+    POST Cancel operation task with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check operation resource state is FAILED_TEMP
+
+POST Cancel operation task with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.16.9
+    ...    Test title: POST Cancel operation task with not permitted authorization scope
+    ...    Test objective: The POST method initiates cancelling an ongoing VNF lifecycle operation while it is being executed or rolled back, i.e. the "VNF LCM operation occurrence" is either in "PROCESSING" or "ROLLING_BACK" state.
+    ...    Pre-conditions: The "VNF LCM operation occurrence" is either in "PROCESSING" or "ROLLING_BACK" state with not permitted authorization scope.
+    ...    Reference: Clause 5.4.17.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: VNF instance status equal to FAILED_TEMP     
+    POST Cancel operation task with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
\ No newline at end of file
diff --git a/SOL003/VNFLifecycleManagement-API/CancelOperationWorkflow.robot b/SOL003/VNFLifecycleManagement-API/CancelOperationWorkflow.robot
index f0dd71e4dff88527817fa327574ca1cd7c91c18d..393779ecf5951c8e70f9de00093b112a23accde1 100644
--- a/SOL003/VNFLifecycleManagement-API/CancelOperationWorkflow.robot
+++ b/SOL003/VNFLifecycleManagement-API/CancelOperationWorkflow.robot
@@ -18,7 +18,7 @@ Cancel a VNF LCM Operation - STARTING
     ...    Test title: Cancel a VNF LCM Operation - STARTING
     ...    Test objective: The objective is to test the workflow for Cancelling a VNF LCM Operation being in the STARTING state
     ...    Pre-conditions: The VNF lifecycle management operation occurrence is in STARTING state. NFVO is subscribed to VNF LCM Operation Occurrence notifications (Test ID 5.4.20.1)
-    ...    Reference: Clause 5.4.17 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.17 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: NFVO is able to receive notifications from VNFM
     ...    Post-Conditions: The VNF lifecycle management operation occurrence is in ROLLED_BACK state
@@ -34,7 +34,7 @@ Cancel a VNF LCM Operation - PROCESSING - ROLLING_BACK
     ...    Test title: Cancel a VNF LCM Operation - PROCESSING - ROLLING_BACK
     ...    Test objective: The objective is to test the workflow for Cancelling a VNF LCM Operation being either in the PROCESSIONG or ROLLING_BACK state
     ...    Pre-conditions: The VNF lifecycle management operation occurrence is in PROCESSING or ROLLING_BACK state. NFVO is subscribed to VNF LCM Operation Occurrence notifications
-    ...    Reference: Clause 5.3.10 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.3.10 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: NFVO is able to receive notifications from VNFM
     ...    Post-Conditions: The VNF lifecycle management operation occurrence is in FAILED_TEMP state
diff --git a/SOL003/VNFLifecycleManagement-API/ChangeCurrentVNFPackageTask.robot b/SOL003/VNFLifecycleManagement-API/ChangeCurrentVNFPackageTask.robot
index e95699840c79717807358f6a952eb6e21a41b1fd..7b05fd10558f16104453aa7a36a4f06aac7e3238 100644
--- a/SOL003/VNFLifecycleManagement-API/ChangeCurrentVNFPackageTask.robot
+++ b/SOL003/VNFLifecycleManagement-API/ChangeCurrentVNFPackageTask.robot
@@ -13,7 +13,7 @@ POST Change current VNF Package Task
     ...    Test title: POST Change current VNF Package Task
     ...    Test objective: The objective is to test that the POST method changes the current VNF package on which the VNF instance is based.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.11a.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.11a.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: in response header Location shall not be null         
@@ -26,7 +26,7 @@ POST Change current VNF Package Task - Conflict
     ...    Test title: POST Change current VNF Package Task - Conflict
     ...    Test objective: The objective is to test that the POST method cannot change the current VNF package task when another lifecycle management operation is ongoing. 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.11a.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.11a.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: There is another lifecycle management operation ongoing.
     ...    Post-Conditions: none
@@ -39,7 +39,7 @@ GET Change current VNF Package Task - Method not implemented
     ...    Test title: GET Change current VNF Package Task - Method not implemented
     ...    Test objective: The objective is to test that GET method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.11a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.11a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -51,7 +51,7 @@ PUT Change current VNF Package Task - Method not implemented
     ...    Test title: PUT Change current VNF Package Task - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.11a.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.11a.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -63,7 +63,7 @@ PATCH Change current VNF Package Task - Method not implemented
     ...    Test title: PATCH Change current VNF Package Task - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.11a.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.11a.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -75,12 +75,38 @@ DELETE Change current VNF Package Task - Method not implemented
     ...    Test title: DELETE Change current VNF Package Task - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.11a.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.11a.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
     DELETE Change Current VNF Package Task
     Check HTTP Response Status Code Is    405
+
+POST Change current VNF Package Task with permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.37.7
+    ...    Test title: POST Change current VNF Package Task with permitted authorization scope
+    ...    Test objective: The objective is to test that the POST method changes the current VNF package on which the VNF instance is based with permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.11a.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: in response header Location shall not be null         
+    POST Change Current VNF Package Task with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check HTTP Location Header Contains URI of Created Resource
+
+POST Change current VNF Package Task with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.37.8
+    ...    Test title: POST Change current VNF Package Task with not permitted authorization scope
+    ...    Test objective: The objective is to test that the POST method changes the current VNF package on which the VNF instance is based with not permitted authorization scope with not permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.11a.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: in response header Location shall not be null         
+    POST Change Current VNF Package Task with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails 
     
 *** Keywords ***
 Check resource existence
diff --git a/SOL003/VNFLifecycleManagement-API/ChangeExternalVNFConnectivityTask.robot b/SOL003/VNFLifecycleManagement-API/ChangeExternalVNFConnectivityTask.robot
index 5c6a9b2df8f5fbb6f4115ae939bd9a2591871618..f9fd3ebb7d8f00f1cf2f80eacd08e3c905194213 100644
--- a/SOL003/VNFLifecycleManagement-API/ChangeExternalVNFConnectivityTask.robot
+++ b/SOL003/VNFLifecycleManagement-API/ChangeExternalVNFConnectivityTask.robot
@@ -12,7 +12,7 @@ POST Change external VNF connectivity
     ...    Test title: POST Change external VNF connectivity
     ...    Test objective: The objective is to test that POST method trigger a change in VNF external connectivity
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.11.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.11.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: in response header Location shall not be null         
@@ -26,7 +26,7 @@ GET Change external VNF connectivity - Method not implemented
     ...    Test title: GET Change external VNF connectivity - Method not implemented
     ...    Test objective: The objective is to test that GET method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.11.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.11.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -38,7 +38,7 @@ PUT Change external VNF connectivity - Method not implemented
     ...    Test title: PUT Change external VNF connectivity - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.11.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.11.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -50,7 +50,7 @@ PATCH Change external VNF connectivity - Method not implemented
     ...    Test title: PATCH Change external VNF connectivity - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.11.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.11.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -62,9 +62,35 @@ DELETE Change external VNF connectivity - Method not implemented
     ...    Test title: DELETE Change external VNF connectivity - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.11.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.11.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
     DELETE Change External VNF Connectivity
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+POST Change external VNF connectivity with permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.10.6
+    ...    Test title: POST Change external VNF connectivity with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method trigger a change in VNF external connectivity with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.11.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: in response header Location shall not be null         
+    POST Change External VNF Connectivity with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Header Contains    Location
+    Check Individual VNF LCM operation occurrence operationState is    STARTING
+        
+POST Change external VNF connectivity with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.10.7
+    ...    Test title: POST Change external VNF connectivity with not permitted authorization scope
+    ...    Test objective: The objective is to test that POST method trigger a change in VNF external connectivity with not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.11.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: in response header Location shall not be null         
+    POST Change External VNF Connectivity with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
\ No newline at end of file
diff --git a/SOL003/VNFLifecycleManagement-API/ChangeExternalVNFConnectivityWorkflow.robot b/SOL003/VNFLifecycleManagement-API/ChangeExternalVNFConnectivityWorkflow.robot
index f419f744adbdfd25455b15e56622572d481f9872..29b1c2b50d6e40fc73b7ca5da8c76d4b778b4be9 100644
--- a/SOL003/VNFLifecycleManagement-API/ChangeExternalVNFConnectivityWorkflow.robot
+++ b/SOL003/VNFLifecycleManagement-API/ChangeExternalVNFConnectivityWorkflow.robot
@@ -17,7 +17,7 @@ Change external connectivity of VNF Workflow
     ...    Test title: Change external connectivity of VNF Workflow
     ...    Test objective: The objective is to change the external connectivity of a VNF instance.
     ...    Pre-conditions: VNF instance in INSTANTIATED state 
-    ...    Reference: Clause 5.4.11 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.11 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: NFVO is able to receive notifications from VNFM. The VNFD supports the external connectivity change
     ...    Post-Conditions: VNF instance still in INSTANTIATED state and external connectivity of the VNF is changed
diff --git a/SOL003/VNFLifecycleManagement-API/ChangeVNFFlavourTask.robot b/SOL003/VNFLifecycleManagement-API/ChangeVNFFlavourTask.robot
index c0ea923096a7f21714118766b735566391ea12d5..11b9418739f18700ef586b5c516ab8790f5f03b9 100644
--- a/SOL003/VNFLifecycleManagement-API/ChangeVNFFlavourTask.robot
+++ b/SOL003/VNFLifecycleManagement-API/ChangeVNFFlavourTask.robot
@@ -12,11 +12,11 @@ POST Change deployment flavour of a vnfInstance
     ...    Test title: POST Change deployment flavour of a vnfInstance
     ...    Test objective: The objective is to test that POST method trigger a change in VNF deployment flavour
     ...    Pre-conditions: VNF instance resource is not in NOT-INSTANTIATED state
-    ...    Reference: Clause 5.4.7.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.7.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: in response header Location shall not be null  
-    POST Change VNF deployment flavour   
+    POST Change VNF deployment flavour
     Check HTTP Response Status Code Is    202
     Check HTTP Response Header Contains    Location
     Check Individual VNF LCM operation occurrence operationState is    STARTING
@@ -26,7 +26,7 @@ POST Change deployment flavour of a vnfInstance Conflict (Not-Instantiated)
     ...    Test title: POST Change deployment flavour of a vnfInstance Conflict (Not-Instantiated)
     ...    Test objective: The objective is to test that POST method cannot trigger a change in VNF deployment flavour because of a conflict with the state of the VNF instance resource. (VNF instance resource is not in NOT-INSTANTIATED state)
     ...    Pre-conditions: VNF instance resource is in NOT-INSTANTIATED state
-    ...    Reference: Clause 5.4.7.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.7.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none  
@@ -39,7 +39,7 @@ POST Change deployment flavour of a vnfInstance Not Found
     ...    Test title: POST Change deployment flavour of a vnfInstance Not Found
     ...    Test objective: The objective is to test that POST method cannot trigger a change in VNF deployment flavour because the VNF instance resource is not found. 
     ...    Pre-conditions: the VNF instance resource is not existing
-    ...    Reference: Clause 5.4.7.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.7.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none  
@@ -52,7 +52,7 @@ GET Change deployment flavour VNFInstance - Method not implemented
     ...    Test title: GET Change deployment flavour VNFInstance - Method not implemented
     ...    Test objective: The objective is to test that GET method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.7.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.7.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -64,7 +64,7 @@ PUT Change deployment flavour VNFInstance - Method not implemented
     ...    Test title: PUT Change deployment flavour VNFInstance - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.7.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.7.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -76,7 +76,7 @@ PATCH Change deployment flavour VNFInstance - Method not implemented
     ...    Test title: PATCH Change deployment flavour VNFInstance - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.7.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.7.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -88,9 +88,36 @@ DELETE Change deployment flavour VNFInstance - Method not implemented
     ...    Test title: DELETE Change deployment flavour VNFInstance - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.7.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.7.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
     DELETE Change VNF deployment flavour   
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+POST Change deployment flavour of a vnfInstance with permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.6.8
+    ...    Test title: POST Change deployment flavour of a vnfInstance with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method trigger a change in VNF deployment flavour with permitted authorization scope
+    ...    Pre-conditions: VNF instance resource is not in NOT-INSTANTIATED state
+    ...    Reference: Clause 5.4.7.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: in response header Location shall not be null  
+    POST Change VNF deployment flavour with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Header Contains    Location
+    Check Individual VNF LCM operation occurrence operationState is    STARTING
+
+POST Change deployment flavour of a vnfInstance with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.6.9
+    ...    Test title: POST Change deployment flavour of a vnfInstance with not permitted authorization scope
+    ...    Test objective: The objective is to test that POST method trigger a change in VNF deployment flavour with not permitted authorization scope
+    ...    Pre-conditions: VNF instance resource is not in NOT-INSTANTIATED state
+    ...    Reference: Clause 5.4.7.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: in response header Location shall not be null  
+    POST Change VNF deployment flavour with not permitted authorization scope 
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
\ No newline at end of file
diff --git a/SOL003/VNFLifecycleManagement-API/ChangeVNFFlavourWorkflow.robot b/SOL003/VNFLifecycleManagement-API/ChangeVNFFlavourWorkflow.robot
index 178c959116fb6a54f04375553f99191e76765591..ec093fd66f2fd8304c7a0922ede9344c75bf7bbc 100644
--- a/SOL003/VNFLifecycleManagement-API/ChangeVNFFlavourWorkflow.robot
+++ b/SOL003/VNFLifecycleManagement-API/ChangeVNFFlavourWorkflow.robot
@@ -17,7 +17,7 @@ Change VNF Flavour Workflow
     ...    Test title: Change VNF Flavour Workflow
     ...    Test objective: The objective is to test the workflow for a change flavour of an existing VNF instance
     ...    Pre-conditions: VNF instance in INSTANTIATED state . NFVO is subscribed to VNF LCM Operation Occurrence notifications 
-    ...    Reference: Clause 5.4.7 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.7 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: Multiple flavours are supported for the VNF (as capability in the VNFD). NFVO is able to receive notifications from VNFM
     ...    Post-Conditions: VNF instance still in INSTANTIATED state and the flavour is changed
diff --git a/SOL003/VNFLifecycleManagement-API/CreateVNFSnapshotTask.robot b/SOL003/VNFLifecycleManagement-API/CreateVNFSnapshotTask.robot
index ad90d751223bfe213d97f9dc53737252c8dc5fca..f1e87e46e007305b93f6c315b67eb84af23dd465 100644
--- a/SOL003/VNFLifecycleManagement-API/CreateVNFSnapshotTask.robot
+++ b/SOL003/VNFLifecycleManagement-API/CreateVNFSnapshotTask.robot
@@ -13,7 +13,7 @@ POST Create VNF Snapshot Task
     ...    Test title: POST Create VNF Snapshot Task
     ...    Test objective: The objective is to test that POST method requests taking a snapshot of a VNF instance.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.21.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.21.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: in response header Location shall not be null         
@@ -26,7 +26,7 @@ POST Create VNF Snapshot Task - NOT FOUND
     ...    Test title: POST Create VNF Snapshot Task - NOT FOUND
     ...    Test objective: The objective is to test that the POST method cannot request for a snapshot if the task is not supported for the VNF instance represented by the parent resource. 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.21.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.21.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: Task is not supported for the VNF instance represented by the parent resource.
     ...    Post-Conditions: none
@@ -39,7 +39,7 @@ POST Create VNF Snapshot Task - CONFLICT
     ...    Test title: POST Create VNF Snapshot Task - CONFLICT
     ...    Test objective: The objective is to test that the POST method cannot request for a snapshot when the VNF instance is in NOT_INSTANTIATED state. 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.21.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.21.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: VNF instance is in NOT_INSTANTIATED state.
     ...    Post-Conditions: none
@@ -52,7 +52,7 @@ POST Create VNF Snapshot Task - Unprocessable Content
     ...    Test title: POST Create VNF Snapshot Task - Unprocessable Content
     ...    Test objective: The objective is to test that the POST method cannot request for a snapshot when the provided identifier of the target "Individual VNF snapshot" resource for the VNF snapshot is invalid. 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.21.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.21.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: The identifier of the target "Individual VNF snapshot" resource for the VNF snapshot is invalid.
     ...    Post-Conditions: none
@@ -65,7 +65,7 @@ GET Create VNF Snapshot Task - Method not implemented
     ...    Test title: GET Create VNF Snapshot Task - Method not implemented
     ...    Test objective: The objective is to test that GET method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.21.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.21.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -77,7 +77,7 @@ PUT Create VNF Snapshot Task - Method not implemented
     ...    Test title: PUT Create VNF Snapshot Task - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.21.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.21.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -89,7 +89,7 @@ PATCH Create VNF Snapshot Task - Method not implemented
     ...    Test title: PATCH Create VNF Snapshot Task - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.21.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.21.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -101,13 +101,39 @@ DELETE Create VNF Snapshot Task - Method not implemented
     ...    Test title: DELETE Create VNF Snapshot Task - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.21.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.21.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
     DELETE Create VNF Snapshot Task
     Check HTTP Response Status Code Is    405
 
+POST Create VNF Snapshot Task with permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.38.9
+    ...    Test title: POST Create VNF Snapshot Task with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method requests taking a snapshot of a VNF instance with permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.21.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: in response header Location shall not be null         
+    POST Create VNF Snapshot Task with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check HTTP Location Header Contains URI of Created Resource
+
+POST Create VNF Snapshot Task with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.38.10
+    ...    Test title: POST Create VNF Snapshot Task with not permitted authorization scope
+    ...    Test objective: The objective is to test that POST method requests taking a snapshot of a VNF instance with not permitted authorization scope with not permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.21.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: in response header Location shall not be null         
+    POST Create VNF Snapshot Task with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails 
+
 *** Keywords ***
 Check resource existence
     Set Headers    {"Accept":"${ACCEPT}"}  
diff --git a/SOL003/VNFLifecycleManagement-API/CreateVNFWorkflow.robot b/SOL003/VNFLifecycleManagement-API/CreateVNFWorkflow.robot
index 96ff10132f7e5072d2b514f7f583b2b99b7292a0..33167b5d85aa0a4b039d66e1359af5018d2d954d 100644
--- a/SOL003/VNFLifecycleManagement-API/CreateVNFWorkflow.robot
+++ b/SOL003/VNFLifecycleManagement-API/CreateVNFWorkflow.robot
@@ -17,7 +17,7 @@ Create VNF Instance Resource
     ...    Test title: Create VNF Instance workflow
     ...    Test objective: The objective is to test the workflow for the creation of a new VNF instance resource.
     ...    Pre-conditions: NFVO is subscribed to VNF Identifier Creation notifications 
-    ...    Reference: Clause 5.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: NFVO is able to receive notifications from VNFM
     ...    Post-Conditions: The VNF instance resource has been created in "NOT_INSTANTIATED" state.
diff --git a/SOL003/VNFLifecycleManagement-API/DeleteVNFWorkflow.robot b/SOL003/VNFLifecycleManagement-API/DeleteVNFWorkflow.robot
index 243b8c1f1126a049bba37106399bfe4c5f134edb..c75a6ee307ddd5e6f95a7035f334b295d12096a5 100644
--- a/SOL003/VNFLifecycleManagement-API/DeleteVNFWorkflow.robot
+++ b/SOL003/VNFLifecycleManagement-API/DeleteVNFWorkflow.robot
@@ -17,7 +17,7 @@ Delete VNF Instance Resource
     ...    Test title: Delete VNF Instance workflow
     ...    Test objective: The objective is to test the workflow for the deleteion of an existing VNF instance resource
     ...    Pre-conditions: The VNF Instance resource is in NOT_INSTANTIATED state. NFVO is subscribed to VNF Identifier Creation notifications 
-    ...    Reference: Clause 5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: NFVO is able to receive notifications from VNFM
     ...    Post-Conditions: The VNF instance resource is deleted on the VNFM.
diff --git a/SOL003/VNFLifecycleManagement-API/FailOperationTask.robot b/SOL003/VNFLifecycleManagement-API/FailOperationTask.robot
index ad99f5a227ca36de74b85a904517733f88dd3b92..dfb02cfb26a22211bfad1220004503ed861009bf 100644
--- a/SOL003/VNFLifecycleManagement-API/FailOperationTask.robot
+++ b/SOL003/VNFLifecycleManagement-API/FailOperationTask.robot
@@ -12,7 +12,7 @@ POST Fail operation task
     ...    Test title: POST Fail operation task
     ...    Test objective: The objective is to test that POST method mark as "finally failed" a VNF lifecycle operation 
     ...    Pre-conditions: the "VNF LCM operation occurrence" resource is in "FAILED_TEMP" state.
-    ...    Reference: Clause 5.4.16.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.16.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: VNF resource state is FINALLY_FAILED
@@ -26,7 +26,7 @@ Post Fail operation task Conflict (Not-FAILED_TEMP)
     ...    Test title: Post Fail operation task Conflict (Not-FAILED_TEMP)
     ...    Test objective: The objective is to test that POST method cannot mark as "finally failed" a VNF lifecycle operation 
     ...    Pre-conditions: the "VNF LCM operation occurrence" resource is not in "FAILED_TEMP" state.
-    ...    Reference: Clause 5.4.16.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.16.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none     
@@ -39,7 +39,7 @@ Post Fail operation task Not Found
     ...    Test title: Post Fail operation task Not Found 
     ...    Test objective: The objective is to test that POST method cannot mark as "finally failed" a VNF lifecycle operation because the operation is not supported
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.16.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.16.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none  
@@ -52,7 +52,7 @@ GET Fail operation task - Method not implemented
     ...    Test title: GET Fail operation task- Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.16.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.16.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: 
@@ -64,7 +64,7 @@ PUT Fail operation task - Method not implemented
     ...    Test title: PUT Fail operation task- Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.16.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.16.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: 
@@ -76,7 +76,7 @@ PATCH Fail operation task - Method not implemented
     ...    Test title: PATCH Fail operation task- Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.16.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.16.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: 
@@ -88,9 +88,36 @@ DELETE Fail operation task - Method not implemented
     ...    Test title: DELETE Fail operation task- Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.16.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.16.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: 
     Delete Fail operation
     Check HTTP Response Status Code Is    405
+
+POST Fail operation task with permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.15.8
+    ...    Test title: POST Fail operation task with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method mark as "finally failed" a VNF lifecycle operation with permitted authorization scope
+    ...    Pre-conditions: the "VNF LCM operation occurrence" resource is in "FAILED_TEMP" state.
+    ...    Reference: Clause 5.4.16.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: VNF resource state is FINALLY_FAILED
+    Post Fail operation with permitted authorization scope 
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Header Contains    Location
+    Check operation resource state is FINALLY_FAILED
+
+POST Fail operation task with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.15.9
+    ...    Test title: POST Fail operation task with not permitted authorization scope
+    ...    Test objective: The objective is to test that POST method mark as "finally failed" a VNF lifecycle operation with not permitted authorization scope
+    ...    Pre-conditions: the "VNF LCM operation occurrence" resource is in "FAILED_TEMP" state.
+    ...    Reference: Clause 5.4.16.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: VNF resource state is FINALLY_FAILED
+    Post Fail operation with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
\ No newline at end of file
diff --git a/SOL003/VNFLifecycleManagement-API/FailOperationWorkflow.robot b/SOL003/VNFLifecycleManagement-API/FailOperationWorkflow.robot
index 5f2b0b7f800bb49b817699b5732a2ee902885ccd..ce239c6eaf218184af956c7bb76dbf2870fae64e 100644
--- a/SOL003/VNFLifecycleManagement-API/FailOperationWorkflow.robot
+++ b/SOL003/VNFLifecycleManagement-API/FailOperationWorkflow.robot
@@ -17,7 +17,7 @@ Fail a VNF LCM Operation Workflow
     ...    Test title: Fail a VNF LCM Operation Workflow
     ...    Test objective: The objective is to test the workflow for a Fail VNF LCM Operation
     ...    Pre-conditions: The VNF lifecycle management operation occurrence is in FAILED_TEMP state. NFVO is subscribed to VNF LCM Operation Occurrence notifications 
-    ...    Reference: Clause 5.4.16 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.16 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: NFVO is able to receive notifications from VNFM
     ...    Post-Conditions: The VNF lifecycle management operation occurrence is in FAILED state
diff --git a/SOL003/VNFLifecycleManagement-API/HealVNFTask.robot b/SOL003/VNFLifecycleManagement-API/HealVNFTask.robot
index acdca8aef5207a15037205f63fad5ae326094cfa..324ee24f059e9e7ffeea0b2b8f91e773d6f82164 100644
--- a/SOL003/VNFLifecycleManagement-API/HealVNFTask.robot
+++ b/SOL003/VNFLifecycleManagement-API/HealVNFTask.robot
@@ -12,7 +12,7 @@ POST Heal a vnfInstance
     ...    Test title: POST Heal a vnfInstance
     ...    Test objective: The objective is to test that POST method heal a VNF instance
     ...    Pre-conditions: the VNF instance resource is not in NOT-INSTANTIATED state
-    ...    Reference: Clause 5.4.9.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.9.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -26,7 +26,7 @@ POST Heal a vnfInstance Conflict (Not-Instantiated)
     ...    Test title: POST Heal a vnfInstance Conflict (Not-Instantiated)
     ...    Test objective: The objective is to test that the operation cannot be executed currently, due to a conflict with the state of the VNF instance resource. 
     ...    Pre-conditions: the VNF instance resource is in NOT-INSTANTIATED state
-    ...    Reference: Clause 5.4.9.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.9.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -39,7 +39,7 @@ POST Heal a vnfInstance Not Found
     ...    Test title: POST Heal a vnfInstance Not Found
     ...    Test objective: The objective is to test that the operation cannot be executed because the VNF instance resource is not found. 
     ...    Pre-conditions: the VNF instance resource is not existing
-    ...    Reference: Clause 5.4.9.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.9.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -52,7 +52,7 @@ GET Heal VNFInstance - Method not implemented
     ...    Test title: GET Heal a vnfInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.9.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.9.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -64,7 +64,7 @@ PUT Heal VNFInstance - Method not implemented
     ...    Test title: PUT Heal a vnfInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.9.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.9.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -76,7 +76,7 @@ PATCH Heal VNFInstance - Method not implemented
     ...    Test title: PATCH Heal a vnfInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.9.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.9.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -88,9 +88,36 @@ DELETE Heal VNFInstance - Method not implemented
     ...    Test title: DELETE Heal a vnfInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.9.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.9.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE Heal VNF  
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+POST Heal a vnfInstance with permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.8.8
+    ...    Test title: POST Heal a vnfInstance with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method heal a VNF instance with permitted authorization scope
+    ...    Pre-conditions: the VNF instance resource is not in NOT-INSTANTIATED state
+    ...    Reference: Clause 5.4.9.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Heal VNF with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Header Contains    Location
+    Check Individual VNF LCM operation occurrence operationState is    STARTING
+
+POST Heal a vnfInstance with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.8.9
+    ...    Test title: POST Heal a vnfInstance with not permitted authorization scope
+    ...    Test objective: The objective is to test that POST method heal a VNF instance with not permitted authorization scope
+    ...    Pre-conditions: the VNF instance resource is not in NOT-INSTANTIATED state
+    ...    Reference: Clause 5.4.9.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Heal VNF with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails 
\ No newline at end of file
diff --git a/SOL003/VNFLifecycleManagement-API/HealVNFWorkflow.robot b/SOL003/VNFLifecycleManagement-API/HealVNFWorkflow.robot
index 7e5981a31eace31aa3718ca2cf83e37f41681e66..2f6fa856be66d29c37428422ee0c9b766b52a516 100644
--- a/SOL003/VNFLifecycleManagement-API/HealVNFWorkflow.robot
+++ b/SOL003/VNFLifecycleManagement-API/HealVNFWorkflow.robot
@@ -17,7 +17,7 @@ Heal a VNF Instance
     ...    Test title: Heal a VNF Instance
     ...    Test objective: The objective is to heal a VNF instance.
     ...    Pre-conditions: VNF instance in INSTANTIATED state 
-    ...    Reference: Clause 5.4.9 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.9 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: NFVO is able to receive notifications from VNFM. Heal a VNF instance is supported for the VNF (as capability in the VNFD)
     ...    Post-Conditions: VNF instance still in INSTANTIATED state 
diff --git a/SOL003/VNFLifecycleManagement-API/IndividualSubscription.robot b/SOL003/VNFLifecycleManagement-API/IndividualSubscription.robot
index bbe48b8eb0216b75267f2269b48691be3eab6d30..a18e72e41a684a64eeeab2794453983a26f07a64 100644
--- a/SOL003/VNFLifecycleManagement-API/IndividualSubscription.robot
+++ b/SOL003/VNFLifecycleManagement-API/IndividualSubscription.robot
@@ -11,7 +11,7 @@ POST Individual Subscription - Method not implemented
     ...    Test title: POST Individual Subscription - Method not implemented
     ...    Test objective: The objective is to test that the method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.19.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.19.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -23,7 +23,7 @@ GET Individual Subscription
     ...    Test title: GET Individual Subscription
     ...    Test objective: The objective is to test the Get individual subscription
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.19.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.19.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -36,7 +36,7 @@ PUT an individual subscription - Method not implemented
     ...    Test title: PUT an individual subscription - Method not implemented
     ...    Test objective: The objective is to test that the method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.19.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.19.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -48,7 +48,7 @@ PATCH an individual subscription - Method not implemented
     ...    Test title: PATCH an individual subscription - Method not implemented
     ...    Test objective: The objective is to test that the method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.19.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.19.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -60,7 +60,7 @@ DELETE an individual subscription
     ...    Test title: DELETE an individual subscription
     ...    Test objective: The objective is to test that the method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.19.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.19.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: subscription deleted from VNFM
@@ -72,10 +72,36 @@ GET Individual Subscription - Not Found
     ...    Test title: GET Individual Subscription - Not Found
     ...    Test objective: The objective is to test the retrieval of individual subscription fails when subscription is not present
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.19.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.19.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
     Get Individual Subscription
     Check HTTP Response Status Code Is    404
+    Check HTTP Response Body Json Schema Is    ProblemDetails
+
+GET Individual Subscription with permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.18.7
+    ...    Test title: GET Individual Subscription with permitted authorization scope
+    ...    Test objective: The objective is to test the Get individual subscription with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.19.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Individual subscription with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    Subscription
+
+GET Individual Subscription with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.18.8
+    ...    Test title: GET Individual Subscription with not permitted authorization scope
+    ...    Test objective: The objective is to test the Get individual subscription with not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.19.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Individual subscription with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
     Check HTTP Response Body Json Schema Is    ProblemDetails
\ No newline at end of file
diff --git a/SOL003/VNFLifecycleManagement-API/IndividualVNFInstance.robot b/SOL003/VNFLifecycleManagement-API/IndividualVNFInstance.robot
index f9c88f3d732feb768ee2a79f410c2d52877e4d1f..c63baa783e08c85c7ec11fa9c0d18a08b861221c 100644
--- a/SOL003/VNFLifecycleManagement-API/IndividualVNFInstance.robot
+++ b/SOL003/VNFLifecycleManagement-API/IndividualVNFInstance.robot
@@ -16,7 +16,7 @@ Post Individual VNFInstance - Method not implemented
     ...    Test title: Post Individual VNFInstance - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.3.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.3.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -28,7 +28,7 @@ Get Information about an individual VNF Instance
     ...    Test title: Get Information about an individual VNF Instance
     ...    Test objective: The objective is to create a new VNF instance resource
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -37,13 +37,13 @@ Get Information about an individual VNF Instance
     Check HTTP Response Status Code Is    200
     Check HTTP Response Body Json Schema Is    vnfInstance
     Check HTTP Response Body vnfInstance content against VNF Descriptor
-    
+
 PUT Individual VNFInstance - Method not implemented 
     [Documentation]    Test ID: 7.3.1.2.3
     ...    Test title: PUT Individual VNFInstance - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.3.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.3.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -55,7 +55,7 @@ PATCH Individual VNFInstance
     ...    Test title: PATCH Individual VNFInstance
     ...    Test objective: This method modifies an individual VNF instance resource
     ...    Pre-conditions: an existing VNF instance resource
-    ...    Reference: Clause 5.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: VNFInstance modified
@@ -68,7 +68,7 @@ PATCH Individual VNFInstance Precondition failed
     ...    Test title: PATCH Individual VNFInstance Precondition failed
     ...    Test objective: The objective is to test that modification of a VNF instance resource fails when a precondition given in an HTTP request header is not fulfilled due to an ETag mismatch
     ...    Pre-conditions:  an existing VNF instance resource
-    ...    Reference: Clause 5.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -81,7 +81,7 @@ PATCH Individual VNFInstance Conflict
     ...    Test title: PATCH Individual VNFInstance Conflict
     ...    Test objective: The objective is to test the conflict while modifying a VNF instance resource
     ...    Pre-conditions: another LCM operation is ongoing
-    ...    Reference: Clause 5.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: VNFInstance not modified
@@ -94,7 +94,7 @@ DELETE Individual VNFInstance
     ...    Test title: DELETE Individual VNFInstance
     ...    Test objective: The objective is to delete a VNF instance
     ...    Pre-conditions: the VNF instance resource is existing
-    ...    Reference: Clause 5.4.3.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.3.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: VNFInstance deleted
@@ -106,7 +106,7 @@ DELETE Individual VNFInstance Conflict
     ...    Test title: DELETE Individual VNFInstance Conflict
     ...    Test objective: The objective is to verify that the deletion cannot be executed currently, due to a conflict with the state of the VNF instance resource. 
     ...    Pre-conditions: VNF instance resource is in INSTANTIATED state
-    ...    Reference: Clause 5.4.3.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.3.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: Resources are not deleted
@@ -120,13 +120,41 @@ Get Information about an individual VNF Instance - Not Found
     ...    Test title: Get Information about an individual VNF Instance - Not Found
     ...    Test objective: The objective is to test that the retrieval of an individual VNF Instance fails when instance is not present.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
     GET individual vnfInstance
     Check HTTP Response Status Code Is    404
     Check HTTP Response Body Json Schema Is    ProblemDetails
+
+Get Information about an individual VNF Instance with permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.2.10
+    ...    Test title: Get Information about an individual VNF Instance with permitted authorization scope
+    ...    Test objective: The objective is to create a new VNF instance resource with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET individual vnfInstance with permitted authorization scope
+    Check HTTP Response Header Contains ETag and Last-Modified
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    vnfInstance
+    Check HTTP Response Body vnfInstance content against VNF Descriptor
+
+Get Information about an individual VNF Instance with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.2.11
+    ...    Test title: Get Information about an individual VNF Instance with not permitted authorization scope
+    ...    Test objective: The objective is to create a new VNF instance resource with not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET individual vnfInstance with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
     
 *** Keywords ***
 Check resource existence
diff --git a/SOL003/VNFLifecycleManagement-API/IndividualVNFSnapshot.robot b/SOL003/VNFLifecycleManagement-API/IndividualVNFSnapshot.robot
index 6242a630022eb9da56c7ad277580aedc9cc79408..ed828b560ef1bafce99e75d7c73c555c65d64952 100644
--- a/SOL003/VNFLifecycleManagement-API/IndividualVNFSnapshot.robot
+++ b/SOL003/VNFLifecycleManagement-API/IndividualVNFSnapshot.robot
@@ -7,7 +7,7 @@ POST Individual VNF Snapshot - Method not implemented
     ...    Test title: POST Individual VNF Snapshot - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.24.4.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.24.4.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -19,7 +19,7 @@ GET Information about an individual VNF Snapshot - SUCCESSFUL
     ...    Test title: GET Information about an individual VNF Snapshot - SUCCESSFUL
     ...    Test objective: The objective is to GET information about an individual VNF Snapshot
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.24.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.24.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -33,7 +33,7 @@ GET Information about an individual VNF Snapshot - NOT FOUND
     ...    Test title: GET Information about an individual VNF Snapshot - NOT FOUND
     ...    Test objective: The objective is to test that the retrieval of individual VNF Snapshot fails when using an invalid resource identifier.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.24.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.24.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -46,7 +46,7 @@ PUT Individual VNF Snapshot - Method not implemented
     ...    Test title: PUT Individual VNF Snapshot - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.24.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.24.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: VNF Snapshot not modified
@@ -58,7 +58,7 @@ PATCH Individual VNF Snapshot - Success
     ...    Test title: PATCH Individual VNF Snapshot - Success
     ...    Test objective: The objective is to test that PATCH method successfully modifies an individual VNF Snapshot resource
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.24.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.24.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: VNF Snapshot modified
@@ -72,7 +72,7 @@ PATCH Individual VNF Snapshot - Conflict
     ...    Test title: PATCH Individual VNF Snapshot - Success
     ...    Test objective: The objective is to test that PATCH method cannot modify an individual VNF Snapshot resource due to the fact that another modification is ongoing.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.24.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.24.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: The Individual VNF Snapshot resource is currently being modified due to an underlying VNF snapshot operation.
     ...    Post-Conditions: none
@@ -85,7 +85,7 @@ PATCH Individual VNF Snapshot - Precondition Failed
     ...    Test title: PATCH Individual VNF Snapshot - Precondition Failed
     ...    Test objective: The objective is to that the modification of individual VNF Snapshot fails because precondition given in an HTTP request header is not fulfilled due to an ETag mismatch.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.24.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.24.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: VNF snapshot is not modified
@@ -98,7 +98,7 @@ DELETE Individual VNF Snapshot
     ...    Test title: DELETE Individual VNF Snapshot
     ...    Test objective: The objective is to delete a VNF Snapshot
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.24.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.24.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: VNF Snapshot deleted
@@ -111,11 +111,38 @@ DELETE Individual VNF Snapshot - Conflict
     ...    Test title: DELETE Individual VNF Snapshot Conflict
     ...    Test objective: The objective is to verify that The operation cannot be executed currently, due to a conflict with the state of the VNF Snapshot resource.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.24.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.24.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: VNF snapshot is in use by some operation such as reverting a VNF instance to a VNF snapshot or creating a VNF snapshot package.
     ...    Post-Conditions: none
     DELETE individual VNF Snapshot - CONFLICT
     Check HTTP Response Status Code Is    409
     Check HTTP Response Body Json Schema Is    ProblemDetails
-    Check Postcondition VNF Snapshot Resource Existence
\ No newline at end of file
+    Check Postcondition VNF Snapshot Resource Existence
+
+GET Information about an individual VNF Snapshot - SUCCESSFUL with permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.41.10
+    ...    Test title: GET Information about an individual VNF Snapshot - SUCCESSFUL with permitted authorization scope
+    ...    Test objective: The objective is to GET information about an individual VNF Snapshot with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.24.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET individual VNF Snapshot with permitted authorization scope
+    Check HTTP Response Header Contains ETag and Last-Modified
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    VnfSnapshotInfo
+
+GET Information about an individual VNF Snapshot with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.41.11
+    ...    Test title: GET Information about an individual VNF Snapshot with not permitted authorization scope
+    ...    Test objective: The objective is to GET information about an individual VNF Snapshot with not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.24.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET individual VNF Snapshot with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
\ No newline at end of file
diff --git a/SOL003/VNFLifecycleManagement-API/IndividualVnfLcmOperationOccurence.robot b/SOL003/VNFLifecycleManagement-API/IndividualVnfLcmOperationOccurence.robot
index 73ab723fb2246db3cff3b8970fb72d66a1a7a9c8..04e0d1a8226dfbcebf3892deb0d8622b496b4ad7 100644
--- a/SOL003/VNFLifecycleManagement-API/IndividualVnfLcmOperationOccurence.robot
+++ b/SOL003/VNFLifecycleManagement-API/IndividualVnfLcmOperationOccurence.robot
@@ -11,7 +11,7 @@ Post Individual VNF LCM Operation occurrences - Method not implemented
     ...    Test title: Post Individual VNF LCM Operation occurrences - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.13.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.13.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -23,7 +23,7 @@ Get Individual VNF LCM Operation occurrences
     ...    Test title: Get Individual VNF LCM Operation occurrences
     ...    Test objective: The objective is to test that this method retrieve information about a VNF lifecycle management operation occurrence 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.13.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.13.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -37,7 +37,7 @@ PUT Individual VNF LCM Operation occurrences - Method not implemented
     ...    Test title: PUT Individual VNF LCM Operation occurrences - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.13.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.13.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none  
@@ -49,7 +49,7 @@ PATCH Individual VNF LCM Operation occurrences - Method not implemented
     ...    Test title: PATCH Individual VNF LCM Operation occurrences - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.13.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.13.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none      
@@ -61,7 +61,7 @@ DELETE Individual VNF LCM Operation occurrences - Method not implemented
     ...    Test title: DELETE Individual VNF LCM Operation occurrences - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.13.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.13.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none  
@@ -73,10 +73,37 @@ Get Individual VNF LCM Operation occurrences - Not Found
     ...    Test title: Get Individual VNF LCM Operation occurrences - Not Found
     ...    Test objective: The objective is to test that the retrieval of VNF lifecycle management operation occurrence fails when instance is not present. 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.13.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.13.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
     Get Individual VNF LCM Operation occurrences
     Check HTTP Response Status Code Is    404 
+    Check HTTP Response Body Json Schema Is    ProblemDetails
+
+Get Individual VNF LCM Operation occurrences with permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.12.7
+    ...    Test title: Get Individual VNF LCM Operation occurrences with permitted authorization scope
+    ...    Test objective: The objective is to test that this method retrieve information about a VNF lifecycle management operation occurrence with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.13.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none 
+    Get Individual VNF LCM Operation occurrences with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    VnfLcmOpOcc 
+    Check HTTP Response Body of Individual VNF LCM Operation occurrences content against VNF Descriptor
+
+Get Individual VNF LCM Operation occurrences with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.12.8
+    ...    Test title: Get Individual VNF LCM Operation occurrences with not permitted authorization scope
+    ...    Test objective: The objective is to test that this method retrieve information about a VNF lifecycle management operation occurrence with not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.13.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none 
+    Get Individual VNF LCM Operation occurrences with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
     Check HTTP Response Body Json Schema Is    ProblemDetails
\ No newline at end of file
diff --git a/SOL003/VNFLifecycleManagement-API/InstantiateVNFTask.robot b/SOL003/VNFLifecycleManagement-API/InstantiateVNFTask.robot
index 0d1d1acd9e863a1af4adc449c711129982a9b7f8..e6d9a28a3c4bf194e8cceb91d017b1471dc45169 100644
--- a/SOL003/VNFLifecycleManagement-API/InstantiateVNFTask.robot
+++ b/SOL003/VNFLifecycleManagement-API/InstantiateVNFTask.robot
@@ -13,7 +13,7 @@ Instantiate a vnfInstance
     ...    Test title: Post Instantiate Individual VNFInstance 
     ...    Test objective: The objective is to instantiate a VNF instance
     ...    Pre-conditions: VNF instance resource is in NOT INSTANTIATED state
-    ...    Reference: Clause 5.4.4.4.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.4.4.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -27,7 +27,7 @@ Instantiate a vnfInstance Conflict
     ...    Test title: Post Instantiate Individual VNFInstance 
     ...    Test objective: The objective is to verify that the instantiation of the vnf cannot be executed currently, due to a conflict with the state of the VNF instance resource. 
     ...    Pre-conditions: VNF instance resource is in INSTANTIATED state
-    ...    Reference: Clause 5.4.4.4.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.4.4.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -40,7 +40,7 @@ GET Instantiate VNFInstance - Method not implemented
     ...    Test title: GET Instantiate Individual VNFInstance - Method not implemented
     ...    Test objective: The objective is to test that GET method is not implemented
     ...    Pre-conditions: none  
-    ...    Reference: Clause 5.4.4.3.2  - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.4.3.2  - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -52,7 +52,7 @@ PUT Instantiate VNFInstance - Method not implemented
     ...    Test title: PUT Instantiate Individual VNFInstance  - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.4.3.3  - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.4.3.3  - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -64,7 +64,7 @@ PATCH Instantiate VNFInstance - Method not implemented
     ...    Test title: PATCH Instantiate Individual VNFInstance  - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.4.3.4  - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.4.3.4  - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -76,9 +76,36 @@ DELETE Instantiate VNFInstance - Method not implemented
     ...    Test title: DELETE Instantiate Individual VNFInstance  - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none  
-    ...    Reference: Clause 5.4.4.3.5  - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.4.3.5  - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE instantiate individual vnfInstance   
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+Instantiate a vnfInstance with permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.3.7
+    ...    Test title: Post Instantiate Individual VNFInstance with permitted authorization scope
+    ...    Test objective: The objective is to instantiate a VNF instance with permitted authorization scope
+    ...    Pre-conditions: VNF instance resource is in NOT INSTANTIATED state
+    ...    Reference: Clause 5.4.4.4.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST instantiate individual vnfInstance with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Header Contains    Location
+    Check Individual VNF LCM operation occurrence operationState is    STARTING
+
+Instantiate a vnfInstance with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.3.8
+    ...    Test title: Post Instantiate Individual VNFInstance with not permitted authorization scope
+    ...    Test objective: The objective is to instantiate a VNF instance with not permitted authorization scope
+    ...    Pre-conditions: VNF instance resource is in NOT INSTANTIATED state
+    ...    Reference: Clause 5.4.4.4.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST instantiate individual vnfInstance with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
\ No newline at end of file
diff --git a/SOL003/VNFLifecycleManagement-API/InstantiateVNFTaskWorkflow.robot b/SOL003/VNFLifecycleManagement-API/InstantiateVNFTaskWorkflow.robot
index db6caddb1638cf3c327329b2cc4c5b11eef4ae66..36ff993ac6defff778955a7e21927c53255c8654 100644
--- a/SOL003/VNFLifecycleManagement-API/InstantiateVNFTaskWorkflow.robot
+++ b/SOL003/VNFLifecycleManagement-API/InstantiateVNFTaskWorkflow.robot
@@ -20,7 +20,7 @@ VNF Instantiation
     ...    Test title: VNF Instantiation workflow
     ...    Test objective: The objective is to test the workflow for the instantiation of a VNF instance
     ...    Pre-conditions: VNF instance resources is already created. NFVO is subscribed to VNF LCM Operation Occurrence notifications 
-    ...    Reference: Clause 5.4.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  NFVO is able to receive notifications from VNFM
     ...    Post-Conditions: VNF instance in INSTANTIATED state
@@ -38,7 +38,7 @@ VNF Instantiation with attribute instantiationLevelId
     ...    Test title: VNF Instantiation workflow with attribute instantiationLevelId
     ...    Test objective: The objective is to test the workflow for the instantiation of a VNF instance
     ...    Pre-conditions: VNF instance resources is already created. NFVO is subscribed to VNF LCM Operation Occurrence notifications 
-    ...    Reference: Clause 5.4.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  NFVO is able to receive notifications from VNFM
     ...    Post-Conditions: VNF instance in INSTANTIATED state
@@ -56,7 +56,7 @@ VNF Instantiation with attribute targetScaleLevelInfo
     ...    Test title: VNF Instantiation workflow with attribute targetScaleLevelInfo 
     ...    Test objective: The objective is to test the workflow for the instantiation of a VNF instance
     ...    Pre-conditions: VNF instance resources is already created. NFVO is subscribed to VNF LCM Operation Occurrence notifications 
-    ...    Reference: Clause 5.4.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  NFVO is able to receive notifications from VNFM
     ...    Post-Conditions: VNF instance in INSTANTIATED state
diff --git a/SOL003/VNFLifecycleManagement-API/ModifyVNFInformationWorkflow.robot b/SOL003/VNFLifecycleManagement-API/ModifyVNFInformationWorkflow.robot
index e700d2caff6ba1173c883ba8e5505bae1658941d..0094b3c27f3d208ffd0b9072f62a55b1033ef466 100644
--- a/SOL003/VNFLifecycleManagement-API/ModifyVNFInformationWorkflow.robot
+++ b/SOL003/VNFLifecycleManagement-API/ModifyVNFInformationWorkflow.robot
@@ -17,7 +17,7 @@ Modify info of a VNF Instance
     ...    Test title: Update information about a VNF instance
     ...    Test objective: The objective is to update information about a VNF instance.
     ...    Pre-conditions: VNF instance is created 
-    ...    Reference: Clause 5.3.6 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.3.6 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: NFVO is able to receive notifications from VNFM. Update information of a VNF instance is supported for the VNF (as capability in the VNFD)
     ...    Post-Conditions: VNF instance info is updated
diff --git a/SOL003/VNFLifecycleManagement-API/NotificationEndpoint.robot b/SOL003/VNFLifecycleManagement-API/NotificationEndpoint.robot
index 81a032c257ebdf9619fa27626f92664e61ca6d9c..f114036d50c8cd5003fa6eab125a34e14b44021d 100644
--- a/SOL003/VNFLifecycleManagement-API/NotificationEndpoint.robot
+++ b/SOL003/VNFLifecycleManagement-API/NotificationEndpoint.robot
@@ -13,7 +13,7 @@ VNF LCM Operation Occurrence Notification
     ...    Test title: VNF LCM Operation Occurrence Notification
     ...    Test objective: The objective is to test that the POST request triggers VNF LCM Operation Occurrence Notification.
     ...    Pre-conditions: A subscription for VNF LCM Operation Occurrence notifications is available in the VNFM.
-    ...    Reference: Clause 5.4.20.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.20.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -25,7 +25,7 @@ VNF Identifier Creation Notification
     ...    Test title: VNF Identifier Creation Notification
     ...    Test objective: The objective is to test that the POST request triggers VNF Identifier Creation Notification.
     ...    Pre-conditions: A subscription for VNF identifier creation cotification is available in the VNFM.
-    ...    Reference: Clause 5.4.20.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.20.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -37,7 +37,7 @@ VNF Identifier Deletion Notification
     ...    Test title: VNF Identifier Deletion Notification
     ...    Test objective: The objective is to test that the POST request triggers VNF Identifier Deletion Notification.
     ...    Pre-conditions: A subscription for VNF identifier deletion notifications is available in the VNFM.
-    ...    Reference: Clause 5.4.20.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.20.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL003/VNFLifecycleManagement-API/Notifications.robot b/SOL003/VNFLifecycleManagement-API/Notifications.robot
index 6f1a0c072cc4752053aa2b9991820134adf73f5b..f29f871b69b885a64befaa21ec59e909c3421dfb 100644
--- a/SOL003/VNFLifecycleManagement-API/Notifications.robot
+++ b/SOL003/VNFLifecycleManagement-API/Notifications.robot
@@ -13,7 +13,7 @@ VNF LCM Operation Occurrence Start Notification
     ...    Test title: VNF LCM Operation Occurrence Start Notification
     ...    Test objective: The objective is to test the dispatch of VNF LCM Operation Occurrence Start Notification when a new VNF LCM operation is started in the VNFM, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A subscription for VNF LCM Operation Occurrence notifications is available in the VNFM.
-    ...    Reference: Clause 5.4.20.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.20.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -27,7 +27,7 @@ VNF LCM Operation Occurrence Result Notification
     ...    Test title: VNF LCM Operation Occurrence Result Notification
     ...    Test objective: The objective is to test the dispatch of VNF LCM Operation Occurrence Result Notification when a VNF LCM operation is completed in the VNFM, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: An VNF LCM operation is in progress, and a subscription for VNF LCM Operation Occurrence notifications is available in the VNFM.
-    ...    Reference: Clause 5.4.20.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.20.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -41,7 +41,7 @@ VNF Identifier Creation Notification
     ...    Test title: VNF Identifier Creation Notification
     ...    Test objective: The objective is to test the dispatch of VNF Identifier Creation Notification when a new VNF instance resource is created in the VNFM, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A subscription for VNF identifier creation notifications is available in the VNFM.
-    ...    Reference: Clause 5.4.20.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.20.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -54,7 +54,7 @@ VNF Identifier Deletion Notification
     ...    Test title: VNF Identifier Deletion Notification
     ...    Test objective: The objective is to test the dispatch of VNF Identifier Deletion Notification when a VNF instance resource is deleted in the VNFM, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A VNF instance resource is created, and a subscription for VNF identifier creation notifications is available in the VNFM.
-    ...    Reference: Clause 6.4.18.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.18.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL003/VNFLifecycleManagement-API/OperateVNFTask.robot b/SOL003/VNFLifecycleManagement-API/OperateVNFTask.robot
index f3b492c2ea9e3b2eaa29e26856408264db6a7a6d..2daa755bb7ec2d2bea1a24db11688239093ce0c0 100644
--- a/SOL003/VNFLifecycleManagement-API/OperateVNFTask.robot
+++ b/SOL003/VNFLifecycleManagement-API/OperateVNFTask.robot
@@ -14,7 +14,7 @@ POST Operate a vnfInstance
     ...    Test title: POST Operate a vnfInstance
     ...    Test objective: The objective is to test that POST method operate a VNF instance
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -27,7 +27,7 @@ POST Operate a vnfInstance Conflict (Not-Instantiated)
     ...    Test title: POST Operate a vnfInstance Conflict (Not-Instantiated)
     ...    Test objective: The objective is to test that the operation cannot be executed currently, due to a conflict with the state of the VNF instance resource. 
     ...    Pre-conditions: the VNF instance resource is in NOT-INSTANTIATED state
-    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -40,7 +40,7 @@ POST Operate a vnfInstance Not Found
     ...    Test title: POST Operate a vnfInstance Not Found
     ...    Test objective: The objective is to test that the operation cannot be executed currently, because the resource is not existing
     ...    Pre-conditions: the VNF instance resource is in  not existing
-    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -53,7 +53,7 @@ GET Operate VNFInstance - Method not implemented
     ...    Test title: GET Operate a vnfInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.10.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.10.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -65,7 +65,7 @@ PUT Operate VNFInstance - Method not implemented
     ...    Test title: PUT Operate a vnfInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.10.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.10.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -77,7 +77,7 @@ PATCH Operate VNFInstance - Method not implemented
     ...    Test title: PATCH Operate a vnfInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.10.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.10.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -89,12 +89,38 @@ DELETE Operate VNFInstance - Method not implemented
     ...    Test title: DELETE Operate a vnfInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.10.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.10.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE Operate VNF
     Check HTTP Response Status Code Is    405
+
+POST Operate a vnfInstance with permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.9.8
+    ...    Test title: POST Operate a vnfInstance with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method operate a VNF instance with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Operate VNF with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check Operation Occurrence Id existence
+
+POST Operate a vnfInstance with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.9.9
+    ...    Test title: POST Operate a vnfInstance with not permitted authorization scope
+    ...    Test objective: The objective is to test that POST method operate a VNF instance with not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Operate VNF with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
     
 *** Keywords ***
 Check resource existence
diff --git a/SOL003/VNFLifecycleManagement-API/OperateVNFWorkflow.robot b/SOL003/VNFLifecycleManagement-API/OperateVNFWorkflow.robot
index 8927ca37504bb217957b975927d5ba16db2195a3..d6eeed1c68a6688acd3a3f1a85ee3ccf6275295f 100644
--- a/SOL003/VNFLifecycleManagement-API/OperateVNFWorkflow.robot
+++ b/SOL003/VNFLifecycleManagement-API/OperateVNFWorkflow.robot
@@ -18,7 +18,7 @@ Operate a VNF Instance
     ...    Test title: Operate a VNF Instance
     ...    Test objective: The objective is to test the workflow of operational change of a VNF instance.
     ...    Pre-conditions: VNF instance in INSTANTIATED state 
-    ...    Reference: Clause 5.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: change the operational state of a VNF instance is supported for the VNF (as capability in the VNFD)
     ...    Post-Conditions: VNF instance still in INSTANTIATED state and the operational state is changed
diff --git a/SOL003/VNFLifecycleManagement-API/RetryOperationTask.robot b/SOL003/VNFLifecycleManagement-API/RetryOperationTask.robot
index 3dea0a1823e6d824f86d92bc7faec83e5eebcc3d..f84c03dca13f17e7500f6842ee7f3faa2b11b9ee 100644
--- a/SOL003/VNFLifecycleManagement-API/RetryOperationTask.robot
+++ b/SOL003/VNFLifecycleManagement-API/RetryOperationTask.robot
@@ -15,7 +15,7 @@ Post Retry operation task
     ...    Test title: Post Retry operation task
     ...    Test objective: The objective is to test that POST method The POST method initiates retrying a VNF lifecycle operation if the operation is in FAILED_TEMP state
     ...    Pre-conditions: the "VNF LCM operation occurrence" resource is in "FAILED_TEMP" state.
-    ...    Reference: Clause 5.4.14.4.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.14.4.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -29,7 +29,7 @@ Post Retry operation task Conflict (Not-FAILED_TEMP)
     ...    Test title: Post Retry operation task Conflict (Not-FAILED_TEMP)
     ...    Test objective: The objective is to test that the retry operation cannot be executed currently, due to a conflict with the state of the VNF instance resource. (i.e. the VNF instance resource is not in FAILED_TEMP state)
     ...    Pre-conditions: the "VNF LCM operation occurrence" resource is not in "FAILED_TEMP" state.
-    ...    Reference: Clause 5.4.14.4.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.14.4.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -42,7 +42,7 @@ Post Retry operation task Not Found
     ...    Test title: Post Retry operation task Not Found
     ...    Test objective: The objective is to test that the retry operation cannot be executed because the operation is not supported
     ...    Pre-conditions: 
-    ...    Reference: Clause 5.4.14.4.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.14.4.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -55,7 +55,7 @@ GET Retry operation task - Method not implemented
     ...    Test title: GET Retry operation task- Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.14.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.14.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -67,7 +67,7 @@ PUT Retry operation task - Method not implemented
     ...    Test title: PUT Retry operation task- Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.14.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.14.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -79,7 +79,7 @@ PATCH Retry operation task - Method not implemented
     ...    Test title: PATCH Retry operation task- Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.14.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.14.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -91,13 +91,40 @@ DELETE Retry operation task - Method not implemented
     ...    Test title: DELETE Retry operation task- Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.14.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.14.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
     Delete Retry operation
     Check HTTP Response Status Code Is    405
 
+Post Retry operation task with permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.13.8
+    ...    Test title: Post Retry operation task with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method The POST method initiates retrying a VNF lifecycle operation if the operation is in FAILED_TEMP state with permitted authorization scope
+    ...    Pre-conditions: the "VNF LCM operation occurrence" resource is in "FAILED_TEMP" state.
+    ...    Reference: Clause 5.4.14.4.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none 
+    Post Retry operation with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Header Contains    Location
+    Check Individual VNF LCM operation occurrence operationState is    STARTING
+
+Post Retry operation task with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.13.9
+    ...    Test title: Post Retry operation task with not permitted authorization scope
+    ...    Test objective: The objective is to test that POST method The POST method initiates retrying a VNF lifecycle operation if the operation is in FAILED_TEMP state with not permitted authorization scope
+    ...    Pre-conditions: the "VNF LCM operation occurrence" resource is in "FAILED_TEMP" state.
+    ...    Reference: Clause 5.4.14.4.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none 
+    Post Retry operation with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
+
 *** Keywords ***
 Check resource existence
     Set Headers    {"Accept":"${ACCEPT}"} 
diff --git a/SOL003/VNFLifecycleManagement-API/RetryOperationWorkflow.robot b/SOL003/VNFLifecycleManagement-API/RetryOperationWorkflow.robot
index 8573e1993447f05c0a841d610b78eb3f371adc71..0c40c97018130cc021740228dd932bdb6af34d1c 100644
--- a/SOL003/VNFLifecycleManagement-API/RetryOperationWorkflow.robot
+++ b/SOL003/VNFLifecycleManagement-API/RetryOperationWorkflow.robot
@@ -15,7 +15,7 @@ Retry VNF LCM Operation - Successful
     ...    Test title: Retry VNF LCM Operation - Successful
     ...    Test objective: The objective is to test the workflow for a successful Retry VNF LCM Operation and the status notifications
     ...    Pre-conditions: The VNF lifecycle management operation occurrence is in FAILED_TEMP state. NFVO is subscribed to VNF LCM Operation Occurrence notifications 
-    ...    Reference: Clause 5.3.10 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.3.10 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: NFVO is able to receive notifications from VNFM
     ...    Post-Conditions: The VNF lifecycle management operation occurrence is in COMPLETED state
@@ -30,7 +30,7 @@ Retry VNF LCM Operation - Unsuccessful
     ...    Test title: Retry VNF LCM Operation - Unsuccessful
     ...    Test objective: The objective is to test the workflow for an unsuccesful Retry VNF LCM Operation and the status notifications
     ...    Pre-conditions: The VNF lifecycle management operation occurrence is in FAILED_TEMP state. NFVO is subscribed to VNF LCM Operation Occurrence notifications 
-    ...    Reference: Clause 5.3.10 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.3.10 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: NFVO is able to receive notifications from VNFM
     ...    Post-Conditions: The VNF lifecycle management operation occurrence is in FAILED_TEMP state
diff --git a/SOL003/VNFLifecycleManagement-API/RevertToVNFSnapshotTask.robot b/SOL003/VNFLifecycleManagement-API/RevertToVNFSnapshotTask.robot
index d822f3c29cf6d4a3afef95665f8b42f0a1998f8e..8dce54122ad8af9089be4d34d3f2798f5bbccbca 100644
--- a/SOL003/VNFLifecycleManagement-API/RevertToVNFSnapshotTask.robot
+++ b/SOL003/VNFLifecycleManagement-API/RevertToVNFSnapshotTask.robot
@@ -13,7 +13,7 @@ POST Revert to VNF Snapshot Task
     ...    Test title: POST Revert to VNF Snapshot Task
     ...    Test objective: The objective is to test that POST method requests reverting a VNF/VNFC instance to a VNF/VNFC snapshot.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.22.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.22.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: in response header Location shall not be null         
@@ -26,7 +26,7 @@ POST Revert to VNF Snapshot Task - NOT FOUND
     ...    Test title: POST Revert to VNF Snapshot Task - NOT FOUND
     ...    Test objective: The objective is to test that the POST method cannot request reverting to a snapshot if the task is not supported for the VNF instance represented by the parent resource. 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.22.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.22.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: Task is not supported for the VNF instance represented by the parent resource.
     ...    Post-Conditions: none
@@ -39,7 +39,7 @@ POST Revert to VNF Snapshot Task - CONFLICT
     ...    Test title: POST Revert to VNF Snapshot Task - CONFLICT
     ...    Test objective: The objective is to test that the POST method cannot request reverting to a snapshot when the VNF instance is in NOT_INSTANTIATED state. 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.22.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.22.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: VNF instance is in NOT_INSTANTIATED state.
     ...    Post-Conditions: none
@@ -52,7 +52,7 @@ GET Revert to VNF Snapshot Task - Method not implemented
     ...    Test title: GET Revert to VNF Snapshot Task - Method not implemented
     ...    Test objective: The objective is to test that GET method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.22.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.22.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -64,7 +64,7 @@ PUT Revert to VNF Snapshot Task - Method not implemented
     ...    Test title: PUT Revert to VNF Snapshot Task - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.22.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.22.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -76,7 +76,7 @@ PATCH Revert to VNF Snapshot Task - Method not implemented
     ...    Test title: PATCH Revert to VNF Snapshot Task - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.22.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.22.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -88,13 +88,39 @@ DELETE Revert to VNF Snapshot Task - Method not implemented
     ...    Test title: DELETE Revert to sVNF Snapshot Task - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.22.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.22.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
     DELETE Revert to VNF Snapshot Task
     Check HTTP Response Status Code Is    405
 
+POST Revert to VNF Snapshot Task with permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.39.8
+    ...    Test title: POST Revert to VNF Snapshot Task with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method requests reverting a VNF/VNFC instance to a VNF/VNFC snapshot with permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.22.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: in response header Location shall not be null         
+    POST Revert to VNF Snapshot Task with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check HTTP Location Header Contains URI of Created Resource
+
+POST Revert to VNF Snapshot Task with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.39.9
+    ...    Test title: POST Revert to VNF Snapshot Task with not permitted authorization scope
+    ...    Test objective: The objective is to test that POST method requests reverting a VNF/VNFC instance to a VNF/VNFC snapshot with not permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.22.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: in response header Location shall not be null         
+    POST Revert to VNF Snapshot Task with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails 
+
 *** Keywords ***
 Check resource existence
     Set Headers    {"Accept":"${ACCEPT}"}  
diff --git a/SOL003/VNFLifecycleManagement-API/RollBackOperationWorkflow.robot b/SOL003/VNFLifecycleManagement-API/RollBackOperationWorkflow.robot
index 7d12061f7850954b880ce676fd46d959f94a4ae7..d7c5083da56909849a5b7c3bd023a3e155f94220 100644
--- a/SOL003/VNFLifecycleManagement-API/RollBackOperationWorkflow.robot
+++ b/SOL003/VNFLifecycleManagement-API/RollBackOperationWorkflow.robot
@@ -17,7 +17,7 @@ Rollback a VNF LCM Operation - Successful
     ...    Test title: Rollback VNF LCM Operation - Successful
     ...    Test objective: The objective is to test the workflow for a Rolling Back a VNF LCM Operation and the operation is successful
     ...    Pre-conditions: The VNF lifecycle management operation occurrence is in FAILED_TEMP state. NFVO is subscribed to VNF LCM Operation Occurrence notifications 
-    ...    Reference: Clause 5.3.11 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.3.11 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: NFVO is able to receive notifications from VNFM
     ...    Post-Conditions: The VNF lifecycle management operation occurrence is in ROLLED_BACK state
@@ -32,7 +32,7 @@ Rollback VNF LCM Operation - Unsuccessful
     ...    Test title: Rollback VNF LCM Operation - Unsuccessful
     ...    Test objective: The objective is to test the workflow for a Rollback VNF LCM Operation and the operation is not successful
     ...    Pre-conditions: The VNF lifecycle management operation occurrence is in FAILED_TEMP state. NFVO is subscribed to VNF LCM Operation Occurrence notifications 
-    ...    Reference: Clause 5.3.10 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.3.10 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: NFVO is able to receive notifications from VNFM
     ...    Post-Conditions: The VNF lifecycle management operation occurrence is in FAILED_TEMP state
diff --git a/SOL003/VNFLifecycleManagement-API/RollbackOperationTask.robot b/SOL003/VNFLifecycleManagement-API/RollbackOperationTask.robot
index 445bb0a5a96a7859adc8aef47570b2ca1821123d..eeb3a29a0a15a435753c23bf0715a2807be8f009 100644
--- a/SOL003/VNFLifecycleManagement-API/RollbackOperationTask.robot
+++ b/SOL003/VNFLifecycleManagement-API/RollbackOperationTask.robot
@@ -9,12 +9,12 @@ Documentation    This task resource represents the "Rollback operation" operatio
 Suite Setup    Check resource existence
 
 *** Test Cases ***
-Post Rollback operation task  
+Post Rollback operation task
     [Documentation]    Test ID: 7.3.1.14.1
     ...    Test title: Post Rollback operation task
     ...    Test objective: The objective is to test that POST method initiates rollback on a VNF lifecycle operation
     ...    Pre-conditions: the "VNF LCM operation occurrence" resource is in "FAILED_TEMP" state.
-    ...    Reference: Clause 5.4.15.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.15.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -22,13 +22,13 @@ Post Rollback operation task
     Check HTTP Response Status Code Is    202
     Check HTTP Response Header Contains    Location
     Check Individual VNF LCM operation occurrence operationState is    STARTING
-
+    
 POST Rollback operation task Conflict (Not-FAILED_TEMP)
     [Documentation]    Test ID: 7.3.1.14.2
     ...    Test title: POST Rollback operation task Conflict (Not-FAILED_TEMP)
     ...    Test objective: The objective is to test that POST method initiates a rollback on a VNF lifecycle operation 
     ...    Pre-conditions: the "VNF LCM operation occurrence" resource is not in "FAILED_TEMP" state.
-    ...    Reference: Clause 5.4.15.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.15.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -41,7 +41,7 @@ POST Rollback operation task Not Found
     ...    Test title: POST Rollback operation task Not Found
     ...    Test objective: The objective is to test that the retry operation cannot be executed because the operation is not supported
     ...    Pre-conditions: 
-    ...    Reference: Clause 5.4.15.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.15.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -54,7 +54,7 @@ GET Rollback operation task - Method not implemented
     ...    Test title: GET Rollback operation task - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.15.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.15.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -66,7 +66,7 @@ PUT Rollback operation task - Method not implemented
     ...    Test title: PUT Rollback operation task - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.15.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.15.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -78,7 +78,7 @@ PATCH Rollback operation task - Method not implemented
     ...    Test title: PATCH Rollback operation task - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.15.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.15.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -90,13 +90,40 @@ DELETE Rollback operation task - Method not implemented
     ...    Test title: DELETE Rollback operation task - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.15.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.15.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
     Delete Rollback operation
     Check HTTP Response Status Code Is    405
 
+Post Rollback operation task with permitted authorization scope  
+    [Documentation]    Test ID: 7.3.1.14.8
+    ...    Test title: Post Rollback operation task with permitted authorization scope  
+    ...    Test objective: The objective is to test that POST method initiates rollback on a VNF lifecycle operation with permitted authorization scope  
+    ...    Pre-conditions: the "VNF LCM operation occurrence" resource is in "FAILED_TEMP" state.
+    ...    Reference: Clause 5.4.15.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none 
+    Post Rollback operation with permitted authorization scope  
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Header Contains    Location
+    Check Individual VNF LCM operation occurrence operationState is    STARTING
+
+Post Rollback operation task with not permitted authorization scope  
+    [Documentation]    Test ID: 7.3.1.14.9
+    ...    Test title: Post Rollback operation task with not permitted authorization scope  
+    ...    Test objective: The objective is to test that POST method initiates rollback on a VNF lifecycle operation with not permitted authorization scope  
+    ...    Pre-conditions: the "VNF LCM operation occurrence" resource is in "FAILED_TEMP" state.
+    ...    Reference: Clause 5.4.15.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none 
+    Post Rollback operation with not permitted authorization scope  
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
+
 *** Keywords ***
 Check resource existence
     Set Headers    {"Accept":"${ACCEPT}"} 
diff --git a/SOL003/VNFLifecycleManagement-API/ScaleVNFTask.robot b/SOL003/VNFLifecycleManagement-API/ScaleVNFTask.robot
index 8d0776e3991013d708b220b9659224b6e77fa2ac..cfb8a1de2de8cce374d7e953a69379786ea1daea 100644
--- a/SOL003/VNFLifecycleManagement-API/ScaleVNFTask.robot
+++ b/SOL003/VNFLifecycleManagement-API/ScaleVNFTask.robot
@@ -13,11 +13,11 @@ POST Scale a vnfInstance
     ...    Test title: POST Scale a vnfInstance
     ...    Test objective: The objective is to scale a VNF instance
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.5.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.5.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
-    POST Scale vnfInstance  
+    POST Scale vnfInstance
     Check HTTP Response Status Code Is    202
     Check HTTP Response Header Contains    Location
     Check Individual VNF LCM operation occurrence operationState is    STARTING
@@ -27,7 +27,7 @@ POST Scale a vnfInstance Conflict (Not-Instantiated)
     ...    Test title: POST Scale a vnfInstance Conflict (Not-Instantiated)
     ...    Test objective: The objective is to verify that the scale operation cannot be executed 
     ...    Pre-conditions:  VNF instance resource is in NOT-INSTANTIATED state
-    ...    Reference: Clause 5.4.5.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.5.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -40,7 +40,7 @@ POST Scale a vnfInstance Not Found
     ...    Test title: POST Scale a vnfInstance Not Found
     ...    Test objective: The objective is to verify that the operation cannot be executed currently, because the VNF instance resource is not found. 
     ...    Pre-conditions: none  
-    ...    Reference: Clause 5.4.5.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.5.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -53,7 +53,7 @@ GET Scale VNFInstance - Method not implemented
     ...    Test title: GET Scale VNFInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -65,7 +65,7 @@ PUT Scale VNFInstance - Method not implemented
     ...    Test title: PUT Scale VNFInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented
     ...    Pre-conditions: none  
-    ...    Reference: Clause 5.4.5.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.5.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -77,7 +77,7 @@ PATCH Scale VNFInstance - Method not implemented
     ...    Test title: PATCH Scale VNFInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented
     ...    Pre-conditions: none 
-    ...    Reference: Clause 5.4.5.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.5.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -89,13 +89,41 @@ DELETE Scale VNFInstance - Method not implemented
     ...    Test title: DELETE Scale VNFInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented
     ...    Pre-conditions: none  
-    ...    Reference: Clause 5.4.5.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.5.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE Scale vnfInstance
     Check HTTP Response Status Code Is    405
 
+POST Scale a vnfInstance with permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.4.8
+    ...    Test title: POST Scale a vnfInstance with permitted authorization scope
+    ...    Test objective: The objective is to scale a VNF instance with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.5.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none 
+    POST Scale vnfInstance with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Header Contains    Location
+    Check Individual VNF LCM operation occurrence operationState is    STARTING
+
+POST Scale a vnfInstance with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.4.9
+    ...    Test title: POST Scale a vnfInstance with not permitted authorization scope
+    ...    Test objective: The objective is to scale a VNF instance with not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.5.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none 
+    POST Scale vnfInstance with not permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Header Contains    Location
+    Check Individual VNF LCM operation occurrence operationState is    STARTING
+
 *** Keywords ***
 Check resource existence
     Set Headers    {"Accept":"${ACCEPT}"}  
diff --git a/SOL003/VNFLifecycleManagement-API/ScaleVNFToLevelTask.robot b/SOL003/VNFLifecycleManagement-API/ScaleVNFToLevelTask.robot
index 7f2fb029923489514cd0ad7e0d6aa9af148fc725..efced3b58dfefff7ce49ce3ded672d2cbbf3fc55 100644
--- a/SOL003/VNFLifecycleManagement-API/ScaleVNFToLevelTask.robot
+++ b/SOL003/VNFLifecycleManagement-API/ScaleVNFToLevelTask.robot
@@ -12,7 +12,7 @@ POST Scale a vnfInstance to level - with InstantiationLevelId attribute
     ...    Test title: POST Scale a vnfInstance to level
     ...    Test objective: The objective is to scale a VNF instance to a target level.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -26,7 +26,7 @@ POST Scale a vnfInstance to level Conflict (Not-Instantiated)
     ...    Test title: POST Scale a vnfInstance to level Conflict (Not-Instantiated)
     ...    Test objective: The objective is to verify that the scale operation cannot be executed because the resource is not instantiated
     ...    Pre-conditions: VNF instance resource is in NOT-INSTANTIATED state
-    ...    Reference: Clause 5.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -39,7 +39,7 @@ Scale a vnfInstance Not Found
     ...    Test title: Scale a vnfInstance Not Found
     ...    Test objective: The objective is to verify that the operation cannot be executed , because the VNF instance resource cannot be found.
     ...    Pre-conditions: VNF instance resource is in NOT-INSTANTIATED state
-    ...    Reference: Clause 5.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -52,7 +52,7 @@ GET Scale to level VNFInstance - Method not implemented
     ...    Test title: GET Scale to level VNFInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -64,7 +64,7 @@ PUT Scale to level VNFInstance - Method not implemented
     ...    Test title: PUT Scale to level VNFInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented
     ...    Pre-conditions: none  
-    ...    Reference: Clause 5.4.6.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.6.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -76,7 +76,7 @@ PATCH Scale to level VNFInstance - Method not implemented
     ...    Test title: PATCH Scale to level VNFInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.6.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.6.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -88,7 +88,7 @@ DELETE Scale to level VNFInstance - Method not implemented
     ...    Test title: DELETE Scale to level VNFInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.6.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.6.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -100,10 +100,37 @@ POST Scale a vnfInstance to level - with scaleInfo attribute
     ...    Test title: POST Scale a vnfInstance to level with scaleInfo attribute 
     ...    Test objective: The objective is to scale a VNF instance to a target level.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
     POST Scale vnfInstance to level with scaleInfo attribute    
     Check HTTP Response Status Code Is    202
-    Check Operation Occurrence Id existence     
\ No newline at end of file
+    Check Operation Occurrence Id existence
+
+POST Scale a vnfInstance to level - with InstantiationLevelId attribute with permitted authorization scope 
+    [Documentation]    Test ID: 7.3.1.5.9
+    ...    Test title: POST Scale a vnfInstance to level with permitted authorization scope 
+    ...    Test objective: The objective is to scale a VNF instance to a target level with permitted authorization scope .
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Scale vnfInstance to level with InstantiationLevelId attribute with permitted authorization scope 
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Header Contains    Location
+    Check Individual VNF LCM operation occurrence operationState is    STARTING
+
+POST Scale a vnfInstance to level - with InstantiationLevelId attribute with not permitted authorization scope 
+    [Documentation]    Test ID: 7.3.1.5.10
+    ...    Test title: POST Scale a vnfInstance to level with not permitted authorization scope 
+    ...    Test objective: The objective is to scale a VNF instance to a target level with not permitted authorization scope .
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Scale vnfInstance to level with InstantiationLevelId attribute with not permitted authorization scope 
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
\ No newline at end of file
diff --git a/SOL003/VNFLifecycleManagement-API/ScaleVNFToLevelWorkflow.robot b/SOL003/VNFLifecycleManagement-API/ScaleVNFToLevelWorkflow.robot
index c515f53b24b0f0e675bf4c6797798e1f41341279..1635281ac7b69e911c1c3aba201e1fcac00c8bf9 100644
--- a/SOL003/VNFLifecycleManagement-API/ScaleVNFToLevelWorkflow.robot
+++ b/SOL003/VNFLifecycleManagement-API/ScaleVNFToLevelWorkflow.robot
@@ -15,7 +15,7 @@ VNF Instance Scale To Level
     ...    Test title: VNF Instance Scale To Level workflow
     ...    Test objective: The objective is to test the workflow for the scale to level of a VNF instance
     ...    Pre-conditions: VNF instance in INSTANTIATED state . NFVO is subscribed to VNF LCM Operation Occurrence notifications 
-    ...    Reference: Clause 5.4.6 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.6 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  NFVO is able to receive notifications from VNFM. Scale operation is supported for the VNF (as capability in the VNFD)
     ...    Post-Conditions: VNF instance still in INSTANTIATED state and VNF is scaled to the new level
diff --git a/SOL003/VNFLifecycleManagement-API/ScaleVNFWorkflow.robot b/SOL003/VNFLifecycleManagement-API/ScaleVNFWorkflow.robot
index 73897ccd91e2f009c90141c174eca97a5f9fd53c..e18f5b869722280876350b6e57ba5cc39e6af525 100644
--- a/SOL003/VNFLifecycleManagement-API/ScaleVNFWorkflow.robot
+++ b/SOL003/VNFLifecycleManagement-API/ScaleVNFWorkflow.robot
@@ -15,7 +15,7 @@ VNF Instance Scale Out
     ...    Test title: VNF Instance Scale Out workflow
     ...    Test objective: The objective is to test the workflow for the scaling out a VNF instance
     ...    Pre-conditions: VNF instance in INSTANTIATED state (Test ID 5.4.4.1). NFVO is subscribed to VNF LCM Operation Occurrence notifications (Test ID 5.4.20.1)
-    ...    Reference: Clause 5.4.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  NFVO is able to receive notifications from VNFM. Scale operation is supported for the VNF (as capability in the VNFD)
     ...    Post-Conditions: VNF instance still in INSTANTIATED state and VNF is scaled out
diff --git a/SOL003/VNFLifecycleManagement-API/Subscriptions.robot b/SOL003/VNFLifecycleManagement-API/Subscriptions.robot
index 81fabaf040c4042f3449deabd869236b53746050..c8674a4f63b23ae30a5bc3042db2fa82055d2583 100644
--- a/SOL003/VNFLifecycleManagement-API/Subscriptions.robot
+++ b/SOL003/VNFLifecycleManagement-API/Subscriptions.robot
@@ -15,7 +15,7 @@ POST Create a new subscription
     ...    Test title: POST Create a new subscription
     ...    Test objective: The POST method creates a new subscription
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.18.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.18.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: in response header Location shall not be null
@@ -28,7 +28,7 @@ Create a new Subscription - DUPLICATION
     ...    Test title: POST Create a new subscription - DUPLICATION
     ...    Test objective: The objective is to test request to create a duplicate (same callbackurl and filter) subscription
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.18.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.18.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: duplication is supported by SUT
     ...    Post-Conditions: in response header Location shall not be null
@@ -41,7 +41,7 @@ Create a new Subscription - NO-DUPLICATION
     ...    Test title: POST Create a new subscription - NO-DUPLICATION
     ...    Test objective: The objective is to test the request that does not create a duplicate (same callbackurl and filter) subscription
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.18.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.18.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: duplication is not supported by SUT
     ...    Post-Conditions: in response header Location shall not be null
@@ -54,7 +54,7 @@ GET Subscriptions
     ...    Test title: GET Subscriptions
     ...    Test objective: The objective is Get the list of active subscriptions
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -67,7 +67,7 @@ GET Subscription - Filter
     ...    Test title: GET Subscriptions - Filter
     ...    Test objective: The objective is Get the list of active subscriptions using a filter
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -81,7 +81,7 @@ GET subscriptions - Bad Request Invalid attribute-based filtering parameters
     ...    Test title: GET subscriptions - Bad Request Invalid attribute-based filtering parameters
     ...    Test objective: The objective is Get the list of active subscriptions using an invalid filter
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -138,7 +138,7 @@ PUT subscriptions - Method not implemented
     ...    Test title: PUT subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.18.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.18.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -150,7 +150,7 @@ PATCH subscriptions - Method not implemented
     ...    Test title: PATCH subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.18.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.18.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -162,7 +162,7 @@ DELETE subscriptions - Method not implemented
     ...    Test title: DELETE subscriptions - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.18.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.18.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -170,11 +170,11 @@ DELETE subscriptions - Method not implemented
 	Check HTTP Response Status Code Is    405
     
 GET Subscriptions as a Paged Response
-     [Documentation]    Test ID: 7.3.1.17.14
+    [Documentation]    Test ID: 7.3.1.17.14
     ...    Test title: GET Subscriptions as a Paged Response
     ...    Test objective: The objective is Get the list of active subscriptions as a Paged Response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: The VNFM supports response paging for the subscriptions resources
     ...    Post-Conditions: none 
@@ -187,7 +187,7 @@ GET subscriptions - Bad Request Response too Big
     ...    Test title: GET subscriptions - Bad Request Response too Big
     ...    Test objective: The objective is to test that the retrieval of the list of active subscriptions fails because response is too big. The test also checks the JSON schema of the unsuccessful operation HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -213,13 +213,39 @@ GET Subscriptions as a Paged Response with nextpage_opauque_marker parameter
     ...    Test title: GET Subscriptions as a Paged Response with nextpage_opauque_marker parameter 
     ...    Test objective: The objective is to Get the list of active subscriptions as a Paged Response and retrieve the next page using the nextpage_opaque_marker parameter
     ...    Pre-conditions: A request for retrieving subscriptions as a paged response has been successfully issued (Test ID 7.3.1.17.14)
-    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: The VNFM supports response paging for the subscriptions resources
     ...    Post-Conditions: none 
     Get subscriptions with nextpage_opaque_marker parameter 
     Check HTTP Response Status Code Is    200
 
+POST Create a new subscription with permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.17.18
+    ...    Test title: POST Create a new subscription with permitted authorization scope
+    ...    Test objective: The POST method creates a new subscription with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.18.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: in response header Location shall not be null
+    Post Create subscription with permitted authorization scope
+    Check HTTP Response Status Code Is    201
+    Check HTTP Response Body Json Schema Is    Subscription
+
+POST Create a new subscription with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.17.19
+    ...    Test title: POST Create a new subscription with not permitted authorization scope
+    ...    Test objective: The POST method creates a new subscription with not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.18.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: in response header Location shall not be null
+    Post Create subscription with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
+
 *** Keywords ***
 Void
     Log    do nothing
diff --git a/SOL003/VNFLifecycleManagement-API/TerminateVNFTask.robot b/SOL003/VNFLifecycleManagement-API/TerminateVNFTask.robot
index b21a1301c688372fef386f39bf7667fa9a48b8e6..5e765aa31413860612406ee2c2cc69f4fd2cdf92 100644
--- a/SOL003/VNFLifecycleManagement-API/TerminateVNFTask.robot
+++ b/SOL003/VNFLifecycleManagement-API/TerminateVNFTask.robot
@@ -13,7 +13,7 @@ POST Terminate a vnfInstance
     ...    Test title: POST Terminate a vnfInstance
     ...    Test objective: The objective is to test that POST method terminate a VNF instance
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.8.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.8.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -27,7 +27,7 @@ POST Terminate a vnfInstance Conflict (Not-Instantiated)
     ...    Test title: POST Terminate a vnfInstance Conflict (Not-Instantiated)
     ...    Test objective: The objective is to test that the vnf Instance cannot be terminated 
     ...    Pre-conditions:  VNF instance resource is in NOT-INSTANTIATED state
-    ...    Reference: Clause 5.4.8.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.8.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -40,7 +40,7 @@ GET Terminate VNFInstance - Method not implemented
     ...    Test title:  GET Terminate VNFInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.8.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.8.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -52,7 +52,7 @@ PUT Terminate VNFInstance - Method not implemented
     ...    Test title:  PUT Terminate VNFInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.8.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.8.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -64,7 +64,7 @@ PATCH Terminate VNFInstance - Method not implemented
     ...    Test title:  PATCH Terminate VNFInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.8.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.8.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -76,13 +76,40 @@ DELETE Terminate VNFInstance - Method not implemented
     ...    Test title:  DELETE Terminate VNFInstance - Method not implemented
     ...    Test objective: The objective is to verify that the method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.8.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.8.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE Terminate VNF
     Check HTTP Response Status Code Is    405
 
+POST Terminate a vnfInstance with permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.7.7
+    ...    Test title: POST Terminate a vnfInstance with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method terminate a VNF instance with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.8.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Terminate VNF with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Header Contains    Location
+    Check Individual VNF LCM operation occurrence operationState is    STARTING
+
+POST Terminate a vnfInstance with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.7.8
+    ...    Test title: POST Terminate a vnfInstance with not permitted authorization scope
+    ...    Test objective: The objective is to test that POST method terminate a VNF instance with not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.8.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Terminate VNF with not permitted authorization scope  
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
+    
 *** Keywords ***
 Check resource existence
     Set Headers    {"Accept":"${ACCEPT}"}  
diff --git a/SOL003/VNFLifecycleManagement-API/TerminateVNFWorkflow.robot b/SOL003/VNFLifecycleManagement-API/TerminateVNFWorkflow.robot
index d458119a4e5f862aff96ad850b9cb6771af5a11d..7e71c0736819dea563516751dfbac97f78aabbb8 100644
--- a/SOL003/VNFLifecycleManagement-API/TerminateVNFWorkflow.robot
+++ b/SOL003/VNFLifecycleManagement-API/TerminateVNFWorkflow.robot
@@ -15,7 +15,7 @@ Terminate a VNF Instance
     ...    Test title: Terminate a VNF Instance
     ...    Test objective: The objective is to terminate a VNF instance.
     ...    Pre-conditions: VNF instance in INSTANTIATED state 
-    ...    Reference: Clause 5.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: NFVO is able to receive notifications from VNFM. 
     ...    Post-Conditions: VNF instance in NOT_INSTANTIATED state 
diff --git a/SOL003/VNFLifecycleManagement-API/VNFInstances.robot b/SOL003/VNFLifecycleManagement-API/VNFInstances.robot
index 3bb82db575223596a7f7fd87e7ee43a933a3f613..dbe01ed9352e6ac429ab5baf0250ebbffb7dbfe2 100644
--- a/SOL003/VNFLifecycleManagement-API/VNFInstances.robot
+++ b/SOL003/VNFLifecycleManagement-API/VNFInstances.robot
@@ -13,7 +13,7 @@ POST Create a new vnfInstance
     ...    Test title: POST Create a new vnfInstance
     ...    Test objective: The objective is to create a new VNF instance resource
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: VNF instance created
@@ -26,7 +26,7 @@ GET information about multiple VNF instances
     ...    Test title: GET information about multiple VNF instances
     ...    Test objective: The objective is to query information about multiple VNF instances
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -38,8 +38,8 @@ GET information about multiple VNF instances Bad Request Invalid attribute-based
     [Documentation]    Test ID: 7.3.1.1.3
     ...    Test title: GET information about multiple VNF instances Bad Request Invalid attribute-based filtering parameters
     ...    Test objective: The objective is to query information about multiple VNF instances with Invalid attribute-based filtering parameters
-    ...    Pre-conditions:  A VNF is instantiated,  a bad filter selector (filter selectors are listed in Table 5.4.2.3.2-1  - ETSI GS NFV-SOL 003 [1] v4.4.1).
-    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Pre-conditions:  A VNF is instantiated,  a bad filter selector (filter selectors are listed in Table 5.4.2.3.2-1  - ETSI GS NFV-SOL 003 [1] v4.5.1).
+    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -52,8 +52,8 @@ GET information about multiple VNF instances Bad Request Invalid attribute selec
     [Documentation]    Test ID: 7.3.1.1.4
     ...    Test title: GET information about multiple VNF instances Bad Request Invalid attribute selector
     ...    Test objective: The objective is to query information about multiple VNF instances with Invalid attribute selector
-    ...    Pre-conditions:  A VNF is instantiated,  a bad attribute selector (attribute selectors are listed in Table 5.4.2.3.2-1  - ETSI GS NFV-SOL 003 [1] v4.4.1).
-    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Pre-conditions:  A VNF is instantiated,  a bad attribute selector (attribute selectors are listed in Table 5.4.2.3.2-1  - ETSI GS NFV-SOL 003 [1] v4.5.1).
+    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -66,7 +66,7 @@ GET information about multiple VNF instances with "all_fields" attribute selecto
     ...    Test title: GET information about multiple VNF instances with "all_fields" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF instances
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -79,7 +79,7 @@ GET information about multiple VNF instances with "exclude_default" attribute se
     ...    Test title: GET information about multiple VNF instances with "exclude_default" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF instances
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -92,7 +92,7 @@ GET information about multiple VNF instances with "fields" attribute selector
     ...    Test title: GET information about multiple VNF instances with "fields" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF instances
     ...    Pre-conditions: none 
-    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -105,7 +105,7 @@ GET information about multiple VNF instances with "exclude_fields" attribute sel
     ...    Test title: GET information about multiple VNF instances with "exclude_fields" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF instances
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -118,7 +118,7 @@ PUT multiples VNFInstances - Method not implemented
     ...    Test title: PUT multiples VNFInstances - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.2.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.2.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -130,7 +130,7 @@ PATCH multiples VNFInstances - Method not implemented
     ...    Test title: PATCH multiples VNFInstances - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.2.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.2.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -142,7 +142,7 @@ DELETE VNFInstances - Method not implemented
     ...    Test title: DELETE multiples VNFInstances - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none 
-    ...    Reference: Clause 5.4.2.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.2.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -154,7 +154,7 @@ GET information about multiple VNF instances to get Paged Response
     ...    Test title: GET information about multiple VNF instances to get Paged Response
     ...    Test objective: The objective is to query information about multiple VNF instances to get Paged Response.
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: The VNFM supports response paging for the subscriptions resources
     ...    Post-Conditions: none
@@ -167,7 +167,7 @@ GET information about multiple VNF instances as a Paged Response with nextpage_o
     ...    Test title: GET information about multiple VNF instances as a Paged Response with nextpage_opauque_marker parameter 
     ...    Test objective: The objective is to query information about multiple VNF instances as a Paged Response and retrieve the next page using the nextpage_opaque_marker parameter
     ...    Pre-conditions: A request for retrieving multiple VNF instances as a paged response has been successfully issued (Test ID 7.3.1.1.12)
-    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: The VNFM supports response paging for the VNF instance resources
     ...    Post-Conditions: none 
@@ -178,8 +178,8 @@ GET information about multiple VNF instances - Bad Request Response too Big
     [Documentation]    Test ID: 7.3.1.1.13
     ...    Test title: GET information about multiple VNF instances - Bad Request Response too Big
     ...    Test objective: The objective is to query information about multiple VNF instances fails because response is too big. The test also checks the JSON schema of the unsuccessful operation HTTP response.
-    ...    Pre-conditions:  A VNF is instantiated,  a bad attribute selector (attribute selectors are listed in Table 5.4.2.3.2-1  - ETSI GS NFV-SOL 003 [1] v4.4.1).
-    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Pre-conditions:  A VNF is instantiated,  a bad attribute selector (attribute selectors are listed in Table 5.4.2.3.2-1  - ETSI GS NFV-SOL 003 [1] v4.5.1).
+    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -192,7 +192,7 @@ GET information about multiple VNF instances with "exclude_default" and "fields"
     ...    Test title: GET information about multiple VNF instances with "exclude_default" and "fields" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF instances
     ...    Pre-conditions: none 
-    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -205,7 +205,7 @@ POST Create a new vnfInstance - Unprocessable Content
     ...    Test title: POST Create a new vnfInstance - Unprocessable Content
     ...    Test objective: The objective is to test that correct error code is returned when VNF package referenced by the "vnfdId" attribute in the "CreateVnfRequest" structure is not in the "ENABLED" state or does not exist.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: The VNF package referenced by the "vnfdId" attribute in the "CreateVnfRequest" structure is not in the "ENABLED" state or does not exist.
     ...    Post-Conditions: none
@@ -218,10 +218,36 @@ GET information about multiple VNF instances using Filter
     ...    Test title: GET information about multiple VNF instances using Filter
     ...    Test objective: The objective is to query information about multiple VNF instances using filter
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
     GET multiple vnfInstances using filter
     Check HTTP Response Status Code Is    200
-    Check HTTP Response Body Json Schema Is    vnfInstances
\ No newline at end of file
+    Check HTTP Response Body Json Schema Is    vnfInstances
+
+POST Create a new vnfInstance with permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.1.17
+    ...    Test title: POST Create a new vnfInstance with permitted authorization scope
+    ...    Test objective: The objective is to create a new VNF instance resource with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: VNF instance created
+    POST Create a new vnfInstance with permitted authorization scope
+    Check HTTP Response Status Code Is    201
+    Check HTTP Response Body Json Schema Is    vnfInstance
+
+POST Create a new vnfInstance with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.1.18
+    ...    Test title: POST Create a new vnfInstance with not permitted authorization scope
+    ...    Test objective: The objective is to create a new VNF instance resource with not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: VNF instance created
+    POST Create a new vnfInstance with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
\ No newline at end of file
diff --git a/SOL003/VNFLifecycleManagement-API/VNFSelectDeployableModules.robot b/SOL003/VNFLifecycleManagement-API/VNFSelectDeployableModules.robot
new file mode 100644
index 0000000000000000000000000000000000000000..37c1dce8411562a025926df156cbf8486ab0012f
--- /dev/null
+++ b/SOL003/VNFLifecycleManagement-API/VNFSelectDeployableModules.robot
@@ -0,0 +1,98 @@
+*** Settings ***
+Resource          environment/variables.txt
+Resource          VnfLcmMntOperationKeywords.robot
+Library           REST    ${VNFM_SCHEMA}://${VNFM_HOST}:${VNFM_PORT}    ssl_verify=false
+Library           OperatingSystem
+Library           BuiltIn
+Library           Collections
+Library           JSONLibrary
+Library           Process
+
+*** Test Cases ***
+POST Select VNF Deployable Module
+    [Documentation]    Test ID: 7.3.1.43.1
+    ...    Test title: POST Select VNF Deployable Module
+    ...    Test objective: The objective is to select VNF Deployable Module
+    ...    Pre-conditions: The VNF instance resource is in INSTANTIATED state
+    ...    Reference: Clause 5.4.26.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Select VNF Deployable Modules
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Header Contains    Location
+    Check Individual VNF LCM operation occurrence operationState is    STARTING
+
+POST Select VNF Deployable Module Not Found
+    [Documentation]    Test ID: 7.3.1.43.2
+    ...    Test title: POST Select VNF Deployable Module Not Found
+    ...    Test objective: The objective is to test that the POST Select VNF Deployable Module fails when the resource is not present.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.26.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Select VNF Deployable Modules Not Existing
+    Check HTTP Response Status Code Is    404
+    Check HTTP Response Body Json Schema Is    ProblemDetails
+
+POST Select VNF Deployable Module with conflict (Not Instantiated)
+    [Documentation]    Test ID: 7.3.1.43.3
+    ...    Test title: POST Operate a vnfInstance Conflict (Not-Instantiated)
+    ...    Test objective: The objective is to test that the operation fails when there is a conflict with the resource state.
+    ...    Pre-conditions: the VNF instance resource is in NOT-INSTANTIATED state
+    ...    Reference: Clause 5.4.26.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Select VNF Deployable Modules with conflict
+    Check HTTP Response Status Code Is    409
+    Check HTTP Response Body Json Schema Is    ProblemDetails
+
+GET Select VNF Deployable Module - Method not implemented
+    [Documentation]    Test ID: 7.3.1.43.4
+    ...    Test title: GET Select VNF Deployable Module - Method not implemented
+    ...    Test objective: The objective is to verify that the method is not implemented
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.26.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Select VNF Deployable Modules
+    Check HTTP Response Status Code Is    405
+
+PUT Select VNF Deployable Module - Method not implemented
+    [Documentation]    Test ID: 7.3.1.43.5
+    ...    Test title: PUT Select VNF Deployable Module - Method not implemented
+    ...    Test objective: The objective is to test that PUT method is not implemented
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.26.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    PUT Select VNF Deployable Modules
+    Check HTTP Response Status Code Is    405
+
+PATCH Select VNF Deployable Module - Method Not implemented
+    [Documentation]    Test ID: 7.3.1.43.6
+    ...    Test title: PATCH Select VNF Deployable Module - Method Not implemented
+    ...    Test objective: The objective is to test that PATCH method is not implemented
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.26.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    PATCH Select VNF Deployable Modules
+    Check HTTP Response Status Code Is    405
+
+DELETE Select VNF Deployable Module - Method Not implemented
+    [Documentation]    Test ID: 7.3.1.43.7
+    ...    Test title: DELETE Select VNF Deployable Module - Method Not implemented
+    ...    Test objective: The objective is to test that DELETE method is not implemented
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.26.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    DELETE Select VNF Deployable Modules
+    Check HTTP Response Status Code Is    405
\ No newline at end of file
diff --git a/SOL003/VNFLifecycleManagement-API/VNFSnapshots.robot b/SOL003/VNFLifecycleManagement-API/VNFSnapshots.robot
index 031f8b86f2c7e5aa9984185b006b6aad3bac2469..6317e454fb5a9d9535a61fe7f46b7939812aa3c0 100644
--- a/SOL003/VNFLifecycleManagement-API/VNFSnapshots.robot
+++ b/SOL003/VNFLifecycleManagement-API/VNFSnapshots.robot
@@ -7,7 +7,7 @@ POST Create a new VNF Snapshot
     ...    Test title: POST Create a new VNF Snapshot
     ...    Test objective: The objective is to create a new VNF snapshot
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.23.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.23.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: VNF snapshot is created
@@ -21,7 +21,7 @@ GET information about multiple VNF Snapshots
     ...    Test title: GET information about multiple VNF Snapshots
     ...    Test objective: The objective is to get information about multiples VNF snapshots
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -34,7 +34,7 @@ GET information about multiple VNF Snapshots Bad Request Invalid attribute-based
     ...    Test title: GET information about multiple VNF Snapshots Bad Request Invalid attribute-based filtering parameters
     ...    Test objective: The objective is to get information about multiples VNF Snapshots with Invalid attribute-based filtering parameters
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -47,7 +47,7 @@ GET information about multiple VNF Snapshots Bad Request Invalid attribute selec
     ...    Test title: GET information about multiple VNF Snapshots Bad Request Invalid attribute selector
     ...    Test objective: The objective is to get information about multiples VNF Snapshots with Invalid attribute-based filtering parameters
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -60,7 +60,7 @@ GET information about multiple VNF Snapshots with "all_fields" attribute selecto
     ...    Test title: GET information about multiple VNF Snapshots with "all_fields" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF Snapshots
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -73,7 +73,7 @@ GET information about multiple VNF Snapshots with "exclude_default" attribute se
     ...    Test title: GET information about multiple VNF Snapshots with "exclude_default" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF Snapshots
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -86,7 +86,7 @@ GET information about multiple VNF Snapshots with "fields" attribute selector
     ...    Test title: GET information about multiple VNF Snapshots with "fields" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF Snapshots
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -99,7 +99,7 @@ GET information about multiple VNF Snapshots with "exclude_default" and "fields"
     ...    Test title: GET information about multiple VNF Snapshots with "exclude_default" and "fields" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF Snapshots
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -112,7 +112,7 @@ GET information about multiple VNF Snapshots with "exclude_fields" attribute sel
     ...    Test title: GET information about multiple VNF Snapshots with "exclude_fields" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF Snapshots
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -125,7 +125,7 @@ GET VNF Snapshots - Bad Request Response too Big
     ...    Test title: GET VNF Snapshots - Bad Request Response too Big
     ...    Test objective: The objective is test that the retrieval of existing VNF Snapshots list fails because response is too big, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: VNFM does not support paged response.
     ...    Post-Conditions: none 
@@ -138,7 +138,7 @@ GET VNF Snapshots as Paged Response
     ...    Test title: GET VNF Snapshots as Paged Response
     ...    Test objective: The objective is to test that GET method retrieves the list of existing VNF Snapshots as paged response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: VNFM supports paged response.
     ...    Post-Conditions: none    
@@ -151,7 +151,7 @@ PUT VNF Snapshots - Method not implemented
     ...    Test title: PUT VNF Snapshots - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 5.4.23.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.23.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -163,7 +163,7 @@ PATCH VNF Snapshots - Method not implemented
     ...    Test title: PATCH VNF Snapshots - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none 
-    ...    Reference: Clause 5.4.23.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.23.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -175,7 +175,7 @@ DELETE VNF Snapshots - Method not implemented
     ...    Test title: DELETE VNF Snapshots - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none 
-    ...    Reference: Clause 5.4.23.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.23.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: VNF instance not deleted
@@ -187,10 +187,37 @@ GET information about multiple VNF Snapshots using Filter
     ...    Test title: GET information about multiple VNF Snapshots using Filter
     ...    Test objective: The objective is to get information about multiples VNF snapshots using filter
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.23.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
     GET multiple VNF Snapshots using filter
     Check HTTP Response Status Code Is    200
-    Check HTTP Response Body Json Schema Is    VnfSnapshotsInfo
\ No newline at end of file
+    Check HTTP Response Body Json Schema Is    VnfSnapshotsInfo
+
+POST Create a new VNF Snapshot with permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.40.16
+    ...    Test title: POST Create a new VNF Snapshot with permitted authorization scope
+    ...    Test objective: The objective is to create a new VNF snapshot with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.23.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: VNF snapshot is created
+    POST Create a new VNF Snapshot with permitted authorization scope
+    Check HTTP Response Status Code Is    201
+    Check HTTP Response Body Json Schema Is    VnfSnapshotInfo
+    Check HTTP Location Header Contains URI of Created Resource
+
+POST Create a new VNF Snapshot with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.40.17
+    ...    Test title: POST Create a new VNF Snapshot with not permitted authorization scope
+    ...    Test objective: The objective is to create a new VNF snapshot with not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.23.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: VNF snapshot is created
+    POST Create a new VNF Snapshot with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is   ProblemDetails
\ No newline at end of file
diff --git a/SOL003/VNFLifecycleManagement-API/VNFStateSnapshot.robot b/SOL003/VNFLifecycleManagement-API/VNFStateSnapshot.robot
index 670775dae97c9bc9c58208800d46548b9f31db74..a81f3f672702ae49478f4183e36b3e49398c5d2d 100644
--- a/SOL003/VNFLifecycleManagement-API/VNFStateSnapshot.robot
+++ b/SOL003/VNFLifecycleManagement-API/VNFStateSnapshot.robot
@@ -7,7 +7,7 @@ POST VNF State Snapshot - Method not implemented
     ...    Test title: POST VNF State Snapshot - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.25.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.25.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -19,7 +19,7 @@ GET VNF State Snapshot - Complete File
     ...    Test title: GET Information about an individual VNF State Snapshot - Complete File
     ...    Test objective: The objective is to fetch the whole content of a VNF State Snapshot using GET method.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.25.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.25.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -32,7 +32,7 @@ GET VNF State Snapshot - Partial Content
     ...    Test title: GET VNF State Snapshot - Partial Content
     ...    Test objective: The objective is to fetch partial content of a VNF State Snapshot by sending a range request using GET method.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.25.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.25.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: VNFM supports range requests
     ...    Post-Conditions: none
@@ -46,7 +46,7 @@ GET VNF State Snapshot - Range Request Not Supported
     ...    Test title: GET VNF State Snapshot - Range Request Not Supported
     ...    Test objective: The objective is to test that the whole content of a VNF State Snapshot is delivered even with a range request when VNFM does not support range requests.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.25.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.25.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: VNFM does not support range requests
     ...    Post-Conditions: none
@@ -60,7 +60,7 @@ GET VNF State Snapshot - Range Not Satisfiable
     ...    Test title: GET VNF State Snapshot - Range Not Satisfiable
     ...    Test objective: The objective is to test that an error is returned when the byte range passed in the "Range" header does not match any available byte range in the VNF State Snapshot package file.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.25.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.25.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: VNFM supports range requests
     ...    Post-Conditions: none
@@ -72,7 +72,7 @@ GET VNF State Snapshot - Conflict
     ...    Test title: GET VNF State Snapshot - Conflict
     ...    Test objective: The objective is to test that an error is returned when there is a conflict with the state of the VNF snapshot resource.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.25.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.25.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: Typically, this is due to the fact that the VNF snapshot creation process is not completed.
     ...    Post-Conditions: none
@@ -84,7 +84,7 @@ PUT VNF State Snapshot - Method not implemented
     ...    Test title: PUT VNF State Snapshot - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.25.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.25.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: VNF State Snapshot Package not modified
@@ -96,7 +96,7 @@ PATCH VNF State Snapshot - Method Not implemented
     ...    Test title: PATCH VNF State Snapshot
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.25.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.25.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -108,9 +108,35 @@ DELETE VNF State Snapshot - Method Not implemented
     ...    Test title: DELETE VNF State Snapshot - Method Not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.25.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.25.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE VNF State Snapshot
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+GET VNF State Snapshot - Complete File with permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.42.10
+    ...    Test title: GET Information about an individual VNF State Snapshot - Complete File with permitted authorization scope
+    ...    Test objective: The objective is to fetch the whole content of a VNF State Snapshot using GET method with permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.25.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET VNF State Snapshot - Complete with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Content-Type Header Is Set
+
+GET VNF State Snapshot - Complete File with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.42.11
+    ...    Test title: GET Information about an individual VNF State Snapshot - Complete File with not permitted authorization scope
+    ...    Test objective: The objective is to fetch the whole content of a VNF State Snapshot using GET method with not permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.25.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET VNF State Snapshot - Complete with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
\ No newline at end of file
diff --git a/SOL003/VNFLifecycleManagement-API/VnfLcmMntOperationKeywords.robot b/SOL003/VNFLifecycleManagement-API/VnfLcmMntOperationKeywords.robot
index 180d7fa340bcc2efa08593d9a07f2f4ce8841e63..c5ccf660c3ca162552e554310c008720d43ff4aa 100644
--- a/SOL003/VNFLifecycleManagement-API/VnfLcmMntOperationKeywords.robot
+++ b/SOL003/VNFLifecycleManagement-API/VnfLcmMntOperationKeywords.robot
@@ -9,6 +9,8 @@ Library    JSONLibrary
 Library    Collections
 Library    Process
 Library    JSONSchemaLibrary    schemas/
+Library    jwt
+
 #Variables    descriptors/SOL001/VNFD/vnfd_SOL001.yaml
 #Variables    descriptors/SOL006/VNFD/vnfd_SOL006.yaml
 
@@ -17,7 +19,7 @@ Create Sessions
     Start Process  java  -jar  ${MOCK_SERVER_JAR}    -serverPort  ${callback_port}  alias=mockInstance
     Wait For Process  handle=mockInstance  timeout=5s  on_timeout=continue
     Create Mock Session  ${callback_uri}:${callback_port}
-    
+
 Get Vnf Instance 
     [Arguments]    ${vnfInstanceId}
     Set Headers    {"Accept":"${ACCEPT}"}  
@@ -234,7 +236,7 @@ POST Cancel operation task
     Log    Validate Status code
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
-	
+
 POST Cancel operation task with conflict
     Log    Cancel an ongoing VNF lifecycle operation
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
@@ -252,6 +254,28 @@ POST Cancel operation task not existing
     Log    Validate Status code
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
+
+POST Cancel operation task with permitted authorization scope
+    Log    Cancel an ongoing VNF lifecycle operation with permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scopeValue=${OP_OCCS_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Cancel a VNF lifecycle operation
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/cancel    ${CancelMode}
+    Log    Validate Status code
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+POST Cancel operation task with not permitted authorization scope
+    Log    Cancel an ongoing VNF lifecycle operation with not permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scopeValue=${OP_OCCS_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${Authorization_Token}"}
+    Log    Cancel a VNF lifecycle operation
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/cancel    ${CancelMode}
+    Log    Validate Status code
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}   
     
 GET Cancel operation task
     log    Trying to perform a GET. This method should not be implemented
@@ -279,7 +303,7 @@ DELETE Cancel operation task
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/cancel  	 	
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}        
+	Set Global Variable    ${response}    ${outputResponse}    
 
 POST Change External VNF Connectivity
     Log    Trying to change the external connectivity of a VNF instance.
@@ -288,6 +312,30 @@ POST Change External VNF Connectivity
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${body}=    Get File    jsons/changeExtVnfConnectivityRequest.json
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/change_ext_conn    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+POST Change External VNF Connectivity with permitted authorization scope
+    Log    Trying to change the external connectivity of a VNF instance with permitted authorization scope.
+    ${scopeValue}=    Create Dictionary    scopeValue=${CHANGE_EXT_CONN_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${body}=    Get File    jsons/changeExtVnfConnectivityRequest.json
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/change_ext_conn    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}  
+
+POST Change External VNF Connectivity with not permitted authorization scope
+    Log    Trying to change the external connectivity of a VNF instance with not permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${CHANGE_EXT_CONN_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${body}=    Get File    jsons/changeExtVnfConnectivityRequest.json
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/change_ext_conn    ${body}
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}  
 
@@ -317,7 +365,7 @@ DELETE Change External VNF Connectivity
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/change_ext_conn  	 	
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}  
+	Set Global Variable    ${response}    ${outputResponse} 
 	
 POST Change VNF deployment flavour
     Log    Trying to change the deployment flavour of a VNF instance.
@@ -353,6 +401,34 @@ POST Change VNF deployment flavour of not existing VNF
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
 
+POST Change VNF deployment flavour with permitted authorization scope
+    Log    Trying to change the deployment flavour of a VNF instance with permitted authorization scope.
+    ${scopeValue}=    Create Dictionary    scopeValue=${CHANGE_FLAVOUR_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Run Keyword If    ${check_descriptors} == 1    PARSE the Descriptor File
+    ${template}=    Get File    jsons/changeVnfFlavourRequest.json
+    ${body}=        Format String   ${template}     newFlavourId=${Flavour_ID}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/change_flavour    ${body} 
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+POST Change VNF deployment flavour with not permitted authorization scope
+    Log    Trying to change the deployment flavour of a VNF instance with not permitted authorization scope.
+    ${scopeValue}=    Create Dictionary    scopeValue=${CHANGE_FLAVOUR_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Run Keyword If    ${check_descriptors} == 1    PARSE the Descriptor File
+    ${template}=    Get File    jsons/changeVnfFlavourRequest.json
+    ${body}=        Format String   ${template}     newFlavourId=${Flavour_ID}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/change_flavour    ${body} 
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+    
 GET Change VNF deployment flavour
     log    Trying to perform a GET. This method should not be implemented
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
@@ -380,8 +456,8 @@ DELETE Change VNF deployment flavour
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/change_flavour   	 	
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
-	 	
-POST Create a new vnfInstance	
+
+POST Create a new vnfInstance
     Log    Create VNF instance by POST to /vnf_instances
     Set Headers  {"Accept":"${ACCEPT}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
@@ -488,7 +564,7 @@ GET multiple vnfInstances with exclude_fields attribute selector
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances?exclude_fields=${fields_vnfInstance}
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output} 	
-         		     	
+
 PUT VNFInstances
     log    Trying to perform a PUT. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
@@ -514,7 +590,33 @@ DELETE VNFInstances
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Put    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances   
     ${output}=    Output    response
-    Set Suite Variable    ${response}    ${output} 		  
+    Set Suite Variable    ${response}    ${output}
+
+POST Create a new vnfInstance with permitted authorization scope	
+    Log    Create VNF instance by POST to /vnf_instances with permitted authorization scope	
+    ${scopeValue}=    Create Dictionary    scopeValue=${VNF_INSTANCE_INFO_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/createVnfRequest.json
+    ${body}=        Format String   ${template}     vnfdId=${vnfdId}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 	
+
+POST Create a new vnfInstance with not permitted authorization scope	
+    Log    Create VNF instance by POST to /vnf_instances with not permitted authorization scope	
+    ${scopeValue}=    Create Dictionary    scopeValue=${VNF_INSTANCE_INFO_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/createVnfRequest.json
+    ${body}=        Format String   ${template}     vnfdId=${vnfdId}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 	  
     
 POST individual vnfInstance
     log    Trying to perform a POST. This method should not be implemented
@@ -531,9 +633,31 @@ GET individual vnfInstance
     Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId} 		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+GET individual vnfInstance with permitted authorization scope
+    log    Trying to get information about an individual VNF instance with permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scopeValue=${VNF_INSTANCE_INFO_READONLY_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId} 		
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}      
-	
+
+GET individual vnfInstance with not permitted authorization scope
+    log    Trying to get information about an individual VNF instance with not permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scopeValue=${VNF_INSTANCE_INFO_READONLY_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId} 		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}   
+
 PUT individual vnfInstance
     log    Trying to perform a PUT. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
@@ -576,7 +700,7 @@ PATCH individual vnfInstance with conflict
     Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${anotherInstantiatedVnfInstanceId}    ${body}	
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
- 
+
 PATCH individual vnfInstance - Etag mismatch
     log    Trying to modify an individual VNF instance
     Set Headers    {"Accept":"${ACCEPT}"}  
@@ -590,7 +714,6 @@ PATCH individual vnfInstance - Etag mismatch
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
 
-	
 DELETE individual vnfInstance
     log    Trying to delete an individual VNF instance
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
@@ -603,8 +726,9 @@ DELETE individual vnfInstance in INSTANTIATED state
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${instantiatedVnfInstanceId}
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse} 
-POST instantiate individual vnfInstance	
+	Set Global Variable    ${response}    ${outputResponse}
+    
+POST instantiate individual vnfInstance
     Log    Trying to Instantiate a vnf Instance
     Set Headers  {"Accept":"${ACCEPT}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
@@ -613,7 +737,7 @@ POST instantiate individual vnfInstance
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/instantiate    ${body}	
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 	
-	
+
 POST instantiate individual vnfInstance with conflict
     Log    Trying to Instantiate a vnf Instance
     Set Headers  {"Accept":"${ACCEPT}"}  
@@ -649,9 +773,34 @@ DELETE instantiate individual vnfInstance
     log    Trying to perform a GET. This method should not be implemented
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/instantiate 
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+POST instantiate individual vnfInstance with permitted authorization scope
+    Log    Trying to Instantiate a vnf Instance with permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scopeValue=${INSTANTIATE_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${body}=    Get File    jsons/instantiateVnfRequest.json
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/instantiate    ${body}	
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 	
-POST Scale vnfInstance	
+
+POST instantiate individual vnfInstance with not permitted authorization scope
+    Log    Trying to Instantiate a vnf Instance with not permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scopeValue=${INSTANTIATE_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${body}=    Get File    jsons/instantiateVnfRequest.json
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/instantiate    ${body}	
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 	
+
+POST Scale vnfInstance
     Log    Trying to Instantiate a vnf Instance
     Set Headers  {"Accept":"${ACCEPT}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
@@ -660,7 +809,8 @@ POST Scale vnfInstance
     ${body}=        Format String   ${template}     scaletype=${scaletype}    scaleAspectId=${scaleAspectId}
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/scale    ${body}
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse} 
+	Set Global Variable    ${response}    ${outputResponse}
+
 POST Scale vnfInstance with VNF NOT-INSTANTIATED
     Log    Trying to Instantiate a vnf Instance
     Set Headers  {"Accept":"${ACCEPT}"}  
@@ -680,7 +830,31 @@ POST Scale vnfInstance with not existing VNF
     ${body}=        Format String   ${template}     scaletype=${scaletype}    scaleAspectId=${scaleAspectId}
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${notExistingVnfInstanceId}/scale    ${body}
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}   
+	Set Global Variable    ${response}    ${outputResponse}
+POST Scale vnfInstance with permitted authorization scope
+    Log    Trying to Instantiate a vnf Instance with permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scopeValue=${SCALE_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/scaleVnfRequest.json
+    ${body}=        Format String   ${template}     scaletype=${scaletype}    scaleAspectId=${scaleAspectId}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/scale    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+POST Scale vnfInstance with not permitted authorization scope
+    Log    Trying to Instantiate a vnf Instance with not permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scopeValue=${SCALE_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/scaleVnfRequest.json
+    ${body}=        Format String   ${template}     scaletype=${scaletype}    scaleAspectId=${scaleAspectId}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/scale    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
 GET Scale vnfInstance				
     Log    Trying to get a scale a vnf Instance
     Set Headers  {"Accept":"${ACCEPT}"}  
@@ -716,8 +890,9 @@ DELETE Scale vnfInstance
     ${body}=    Get File    jsons/scaleVnfRequest.json
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/scale   
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse} 	
-POST Scale vnfInstance to level with InstantiationLevelId attribute 
+	Set Global Variable    ${response}    ${outputResponse}
+
+POST Scale vnfInstance to level with InstantiationLevelId attribute
     Log    Trying to scale a vnf Instance to level
     Set Headers  {"Accept":"${ACCEPT}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
@@ -727,6 +902,7 @@ POST Scale vnfInstance to level with InstantiationLevelId attribute
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/scale_to_level    ${body}
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
+
 POST Scale vnfInstance to level with scaleInfo attribute 
     Log    Trying to scale a vnf Instance to level
     Set Headers  {"Accept":"${ACCEPT}"}  
@@ -755,8 +931,33 @@ POST Scale vnfInstance to level with not existing VNF
     ${template}=    Get File    jsons/scaleVnfToLevelRequest.json
     ${body}=        Format String   ${template}     instantiationLevelId=${instantiationLevelId}
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${notExistingVnfInstanceId}/scale_to_level    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+POST Scale vnfInstance to level with InstantiationLevelId attribute with permitted authorization scope
+    Log    Trying to scale a vnf Instance to level with permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scopeValue=${SCALE_TO_LEVEL_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/scaleVnfToLevelRequestInstantiationLevelId.json
+    ${body}=        Format String   ${template}     instantiationLevelId=${instantiationLevelId}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/scale_to_level    ${body}
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
+
+POST Scale vnfInstance to level with InstantiationLevelId attribute with not permitted authorization scope
+    Log    Trying to scale a vnf Instance to level with not permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scopeValue=${SCALE_TO_LEVEL_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/scaleVnfToLevelRequestInstantiationLevelId.json
+    ${body}=        Format String   ${template}     instantiationLevelId=${instantiationLevelId}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/scale_to_level    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 	
 GET Scale vnfInstance to level
     log    Trying to perform a GET. This method should not be implemented
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
@@ -805,8 +1006,34 @@ POST Terminate VNF in NOT-INSTANTIATED state
     ${body}=        Format String   ${template}     terminationType=${terminationType}
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${notInstantiatedVnfInstanceId}/terminate    ${body}	
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}		
+	Set Global Variable    ${response}    ${outputResponse}
 
+POST Terminate VNF with permitted authorization scope
+    Log    Trying to terminate a VNF instance with permitted authorization scope.
+    ${scopeValue}=    Create Dictionary    scopeValue=${TERMINATE_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/terminateVnfRequest.json
+    ${body}=        Format String   ${template}     terminationType=${terminationType}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/terminate    ${body}	
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+POST Terminate VNF with not permitted authorization scope
+    Log    Trying to terminate a VNF instance with not permitted authorization scope.
+    ${scopeValue}=    Create Dictionary    scopeValue=${TERMINATE_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/terminateVnfRequest.json
+    ${body}=        Format String   ${template}     terminationType=${terminationType}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/terminate    ${body}	
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+    
 GET Terminate VNF
     log    Trying to perform a GET. This method should not be implemented
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
@@ -833,7 +1060,7 @@ DELETE Terminate VNF
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/terminate 
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}	
+	Set Global Variable    ${response}    ${outputResponse}
 
 POST Heal VNF
     Log    Trying to heal a VNF instance.
@@ -844,8 +1071,8 @@ POST Heal VNF
     ${body}=        Format String   ${template}     healingCause=${healingCause}
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/heal    ${body}		
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}	
-	
+	Set Global Variable    ${response}    ${outputResponse}
+
 POST Heal VNF Not Instantiated
     Log    Trying to heal a VNF instance.
     Set Headers  {"Accept":"${ACCEPT}"}  
@@ -866,7 +1093,33 @@ POST Heal VNF Not Existing
     ${body}=        Format String   ${template}     healingCause=${healingCause}
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${notExistingVnfInstanceId}/heal    ${body}		
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}	
+	Set Global Variable    ${response}    ${outputResponse}
+
+POST Heal VNF with permitted authorization scope
+    Log    Trying to heal a VNF instance with permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${HEAL_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/healVnfRequest.json
+    ${body}=        Format String   ${template}     healingCause=${healingCause}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/heal    ${body}		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+POST Heal VNF with not permitted authorization scope
+    Log    Trying to heal a VNF instance with not permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${HEAL_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/healVnfRequest.json
+    ${body}=        Format String   ${template}     healingCause=${healingCause}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/heal    ${body}		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
 
 GET Heal VNF
     log    Trying to perform a GET. This method should not be implemented
@@ -894,7 +1147,7 @@ DELETE Heal VNF
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/heal 
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}	
+	Set Global Variable    ${response}    ${outputResponse}
 
 POST Operate VNF
     Log    Trying to operate a VNF instance.
@@ -906,7 +1159,7 @@ POST Operate VNF
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/operate    ${body}
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}	
-	
+
 POST Operate VNF with conflict
     Log    Trying to operate a VNF instance.
     Set Headers  {"Accept":"${ACCEPT}"}  
@@ -955,7 +1208,33 @@ DELETE Operate VNF
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/operate 
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}		
+	Set Global Variable    ${response}    ${outputResponse}
+
+POST Operate VNF with permitted authorization scope
+    Log    Trying to operate a VNF instance with permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${OPERATE_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/operateVnfRequest.json
+    ${body}=        Format String   ${template}     changeStateTo=${changeStateTo}    stopType=${stopType}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/operate    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}	
+	
+POST Operate VNF with not permitted authorization scope
+    Log    Trying to operate a VNF instance with not permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${OPERATE_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/operateVnfRequest.json
+    ${body}=        Format String   ${template}     changeStateTo=${changeStateTo}    stopType=${stopType}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/operate    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}	
 	
 Post VNF LCM Operation occurrences
     log    Trying to perform a POST. This method should not be implemented
@@ -971,7 +1250,7 @@ GET VNF LCM Operation occurrences
     Log    Execute Query and validate response
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}	
+	Set Global Variable    ${response}    ${outputResponse}
 Get VNF LCM Operation occurrences with nextpage_opaque_marker parameter
     Log    Get next page of subscriptions
     Set Headers  {"Accept":"${ACCEPT}"}  
@@ -1036,7 +1315,27 @@ Get VNF LCM Operation occurrences with exclude_fields attribute selector
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs?exclude_fields=${fields_vnfLcmOpOcc}
     ${output}=    Output    response
-    Set Suite Variable    ${response}    ${output} 	
+    Set Suite Variable    ${response}    ${output} 
+GET VNF LCM Operation occurrences with permitted authorization scope
+    Log    Query status information about multiple VNF lifecycle management operation occurrences with permitted authorization scope.
+    ${scopeValue}=    Create Dictionary    scopeValue=${OP_OCCS_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Execute Query and validate response
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+GET VNF LCM Operation occurrences with not permitted authorization scope
+    Log    Query status information about multiple VNF lifecycle management operation occurrences with not permitted authorization scope.
+    ${scopeValue}=    Create Dictionary    scopeValue=${OP_OCCS_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Execute Query and validate response
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}	
 PUT VNF LCM Operation occurrences	
     log    Trying to perform a PUT. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
@@ -1072,7 +1371,27 @@ Get Individual VNF LCM Operation occurrences
     Log    Execute Query and validate response
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}	   
+	Set Global Variable    ${response}    ${outputResponse}
+Get Individual VNF LCM Operation occurrences with permitted authorization scope
+    Log    Query status information about multiple VNF lifecycle management operation occurrences with permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    ${scopeValue}=    Create Dictionary    scopeValue=${OP_OCCS_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    Log    Execute Query and validate response
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+Get Individual VNF LCM Operation occurrences with not permitted authorization scope
+    Log    Query status information about multiple VNF lifecycle management operation occurrences with not permitted authorization scope.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    ${scopeValue}=    Create Dictionary    scopeValue=${OP_OCCS_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    Log    Execute Query and validate response
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
 Put multiple VNF instances	
     log    Trying to perform a PUT. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
@@ -1093,14 +1412,16 @@ Delete multiple VNF instances
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}	
+	Set Global Variable    ${response}    ${outputResponse}
+
 Post Retry operation
     Log    Retry a VNF lifecycle operation if that operation has experienced a temporary failure
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Log    Execute Query and validate response
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/retry	
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}	 
+	Set Global Variable    ${response}    ${outputResponse}
+
 Post Retry operation with conflict
     Log    Retry a VNF lifecycle operation if that operation has experienced a temporary failure
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
@@ -1143,14 +1464,32 @@ Delete Retry operation
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/retry	
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}	
+	Set Global Variable    ${response}    ${outputResponse}
+Post Retry operation with permitted authorization scope
+    Log    Retry a VNF lifecycle operation if that operation has experienced a temporary failure with permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scopeValue=${OP_OCCS_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Execute Query and validate response
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/retry	
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+Post Retry operation with not permitted authorization scope
+    Log    Retry a VNF lifecycle operation if that operation has experienced a temporary failure with not permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scopeValue=${OP_OCCS_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Execute Query and validate response
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/retry	
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}		
 Post Rollback operation
     Log    Rollback a VNF lifecycle operation if that operation has experienced a temporary failure
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Log    Execute Query and validate response
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/rollback
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}	
+	Set Global Variable    ${response}    ${outputResponse}
 Post Rollback operation with conflict
     Log    Rollback a VNF lifecycle operation if that operation has experienced a temporary failure
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
@@ -1193,15 +1532,32 @@ Delete Rollback operation
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/rollback	
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}	
+	Set Global Variable    ${response}    ${outputResponse}
+Post Rollback operation with permitted authorization scope
+    Log    Rollback a VNF lifecycle operation if that operation has experienced a temporary failure with permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scopeValue=${OP_OCCS_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Execute Query and validate response
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/rollback
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+Post Rollback operation with not permitted authorization scope
+    Log    Rollback a VNF lifecycle operation if that operation has experienced a temporary failure with not permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scopeValue=${OP_OCCS_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Execute Query and validate response
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/rollback
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
 Post Fail operation
-    Log    mark as Failed a VNF lifecycle operation if that operation has experienced a temporary failure
+    Log    mark as Failed a VNF lifecycle operation if that operation has experienced a temporary failure 
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Log    Execute Query and validate response
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/fail
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}	    
-	
 Post Fail operation with conflict
     Log    mark as Failed a VNF lifecycle operation if that operation has experienced a temporary failure
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
@@ -1215,8 +1571,27 @@ Post Fail operation not existing
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Log    Execute Query and validate response
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${notExistingvnfLcmOpOccId}/fail
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+Post Fail operation with permitted authorization scope
+    Log    mark as Failed a VNF lifecycle operation if that operation has experienced a temporary failure with permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scopeValue=${OP_OCCS_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Execute Query and validate response
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/fail
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}	    
+Post Fail operation with not permitted authorization scope
+    Log    mark as Failed a VNF lifecycle operation if that operation has experienced a temporary failure with not permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scopeValue=${OP_OCCS_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Execute Query and validate response
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/fail
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}	 
 	
 Get Fail operation	
     Log    Trying to perform a GET. This method should not be implemented.
@@ -1246,7 +1621,8 @@ Delete Fail operation
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_lcm_op_occs/${vnfLcmOpOccId}/fail
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}	
+	Set Global Variable    ${response}    ${outputResponse}
+
 Post Create subscription
     Log    Create subscription instance by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions
     Set Headers  {"Accept":"${ACCEPT}"}  
@@ -1265,7 +1641,6 @@ Post Create subscription
 	Log    Verify notification endpoint is tested
 	Verify Mock Expectation    ${notification_request}
 	Clear Requests    ${callback_endpoint}
-    			
 Post Create subscription - DUPLICATION
     Log    Trying to create a subscription with an already created content
     Pass Execution If    ${VNFM_DUPLICATION} == 0    VNFM is not permitting duplication. Skipping the test
@@ -1285,7 +1660,7 @@ Post Create subscription - DUPLICATION
 	Log    Verify notification endpoint is tested
 	Verify Mock Expectation    ${notification_request}
 	Clear Requests    ${callback_endpoint}
-    		
+
 Post Create subscription - NO-DUPLICATION	
     Log    Trying to create a subscription with an already created content
     Pass Execution If    ${VNFM_DUPLICATION} == 1    VNFM permits duplication. Skipping the test
@@ -1369,6 +1744,46 @@ Get subscriptions - invalid filter
 #    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions?exclude_fields=${fields_subscription}
 #    ${output}=    Output    response
 #    Set Suite Variable    ${response}    ${output}     		
+Post Create subscription with permitted authorization scope
+    Log    Create subscription instance by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions with permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scopeValue=${SUBSCRIPTIONS_PERMITTED_SCOPE}  
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/lccnSubscriptionRequest.json
+    ${body}=        Format String   ${template}     callback_uri=${callback_uri}:${callback_port}    callback_endpoint=${callback_endpoint}
+    Log  Creating mock request and response to handle GET operation on notification endpoint
+    &{notification_request}=  Create Mock Request Matcher	GET  ${callback_endpoint}
+    &{notification_response}=  Create Mock Response	status_code=204
+    Log    Issue the subscription request
+    Create Mock Expectation  ${notification_request}  ${notification_response}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions    ${body}    allow_redirects=false
+	${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+	Log    Verify notification endpoint is tested
+	Verify Mock Expectation    ${notification_request}
+	Clear Requests    ${callback_endpoint}
+Post Create subscription with not permitted authorization scope
+    Log    Create subscription instance by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions with not permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scopeValue=${SUBSCRIPTIONS_NOT_PERMITTED_SCOPE}  
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/lccnSubscriptionRequest.json
+    ${body}=        Format String   ${template}     callback_uri=${callback_uri}:${callback_port}    callback_endpoint=${callback_endpoint}
+    Log  Creating mock request and response to handle GET operation on notification endpoint
+    &{notification_request}=  Create Mock Request Matcher	GET  ${callback_endpoint}
+    &{notification_response}=  Create Mock Response	status_code=204
+    Log    Issue the subscription request
+    Create Mock Expectation  ${notification_request}  ${notification_response}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions    ${body}    allow_redirects=false
+	${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+	Log    Verify notification endpoint is tested
+	Verify Mock Expectation    ${notification_request}
+	Clear Requests    ${callback_endpoint}
 PUT subscriptions
     log    Trying to perform a PUT. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
@@ -1392,7 +1807,7 @@ DELETE subscriptions
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions  	   
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}	
+	Set Global Variable    ${response}    ${outputResponse}
 Post Create Individual subscription
     log    Trying to perform a POST. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
@@ -1408,6 +1823,25 @@ Get Individual subscription
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}		
+    
+Get Individual subscription with permitted authorization scope
+    log    Trying to get information about an individual subscription with permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scopeValue=${SUBSCRIPTIONS_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers    {"Accept":"${ACCEPT}"}  
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+Get Individual subscription with not permitted authorization scope
+    log    Trying to get information about an individual subscription with not permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scopeValue=${SUBSCRIPTIONS_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers    {"Accept":"${ACCEPT}"}  
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}				
 Put Individual subscription	
     log    Trying to perform a PUT. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT}"}  
@@ -1427,10 +1861,11 @@ Patch Individual subscription
 Delete Individual subscription
     log    Try to delete an individual subscription
     Set Headers  {"Accept":"${ACCEPT}"}  
-    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${Authorization_Token}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}  	
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
+
 Put Notification subscription
     log    Trying to perform a PUT. This method should not be implemented
     Put    ${callback_endpoint}	
@@ -1684,9 +2119,35 @@ POST Change Current VNF Package Task
     ${template}=    Get File    jsons/changeCurrentVnfPkgRequest.json
     ${body}=        Format String   ${template}     vnfdId=${vnfdId} 
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/change_vnfpkg    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 
+
+POST Change Current VNF Package Task with permitted authorization scope
+    Log    Trying to change current VNF package task with permitted authorization scope.
+    ${scopeValue}=    Create Dictionary    scopeValue=${CHANGE_VNFPKG_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/changeCurrentVnfPkgRequest.json
+    ${body}=        Format String   ${template}     vnfdId=${vnfdId} 
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/change_vnfpkg    ${body}
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}  
 	
+POST Change Current VNF Package Task with not permitted authorization scope
+    Log    Trying to change current VNF package task with not permitted authorization scope.
+    ${scopeValue}=    Create Dictionary    scopeValue=${CHANGE_VNFPKG_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/changeCurrentVnfPkgRequest.json
+    ${body}=        Format String   ${template}     vnfdId=${vnfdId} 
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/change_vnfpkg    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}      
+	
 GET Change Current VNF Package Task
     log    Trying to perform a GET. This method should not be implemented
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
@@ -1713,7 +2174,7 @@ DELETE Change Current VNF Package Task
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/change_vnfpkg 	
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}    
+	Set Global Variable    ${response}    ${outputResponse}
 
 Check HTTP Location Header Contains URI of Created Resource
     ${URI}=    Get Value From Json    ${response['headers']}    $..Location
@@ -1728,8 +2189,8 @@ POST Create VNF Snapshot Task
     ${body}=        Format String   ${template}     vnfSnapshotInfoId=${vnfSnapshotInfoId} 
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/create_snapshot    ${body}
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}  
-	
+	Set Global Variable    ${response}    ${outputResponse}
+
 POST Create VNF Snapshot Task NOT SUPPORTED
     Log    Trying to request a snapshot of a VNF instance for which task resource does not exist
     Set Headers  {"Accept":"${ACCEPT}"}  
@@ -1760,6 +2221,32 @@ POST Create VNF Snapshot Task INVALID IDENTIFIER
     ${template}=    Get File    jsons/CreateVnfSnapshotRequest.json
     ${body}=        Format String   ${template}     vnfSnapshotInfoId=${invalidVnfSnapshotInfoId} 
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/create_snapshot    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+POST Create VNF Snapshot Task with permitted authorization scope
+    Log    Trying to request a snapshot of a VNF instance with permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scopeValue=${CREATE_SNAPSHOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/CreateVnfSnapshotRequest.json
+    ${body}=        Format String   ${template}     vnfSnapshotInfoId=${vnfSnapshotInfoId} 
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/create_snapshot    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+POST Create VNF Snapshot Task with not permitted authorization scope
+    Log    Trying to request a snapshot of a VNF instance with not permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scopeValue=${CREATE_SNAPSHOT_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/CreateVnfSnapshotRequest.json
+    ${body}=        Format String   ${template}     vnfSnapshotInfoId=${vnfSnapshotInfoId} 
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/create_snapshot    ${body}
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}  
 	
@@ -1800,7 +2287,7 @@ POST Revert to VNF Snapshot Task
     ${body}=        Format String   ${template}     vnfSnapshotInfoId=${vnfSnapshotInfoId} 
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/revert_to_snapshot    ${body}
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}  
+	Set Global Variable    ${response}    ${outputResponse}
 	
 POST Revert to VNF Snapshot Task NOT SUPPORTED
     Log    Trying to revert to a snapshot of a VNF instance for which task resource does not exist
@@ -1851,17 +2338,43 @@ DELETE Revert to VNF Snapshot Task
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/revert_to_snapshot 	
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
+
+POST Revert to VNF Snapshot Task with permitted authorization scope
+    Log    Trying to initiate revert to VNF snapshot task with permitted authorization scope.
+    ${scopeValue}=    Create Dictionary    scopeValue=${REVERT_TO_SNAPSHOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/RevertToVnfSnapshotRequest.json
+    ${body}=        Format String   ${template}     vnfSnapshotInfoId=${vnfSnapshotInfoId} 
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/revert_to_snapshot    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+POST Revert to VNF Snapshot Task with not permitted authorization scope
+    Log    Trying to initiate revert to VNF snapshot task with not permitted authorization scope.
+    ${scopeValue}=    Create Dictionary    scopeValue=${REVERT_TO_SNAPSHOT_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/RevertToVnfSnapshotRequest.json
+    ${body}=        Format String   ${template}     vnfSnapshotInfoId=${vnfSnapshotInfoId} 
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/revert_to_snapshot    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}  
 	
-POST Create a new VNF Snapshot	
+POST Create a new VNF Snapshot
     Log    Create VNF snapshot by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots
     Set Headers  {"Accept":"${ACCEPT}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
-    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${template} =    Get File    jsons/CreateVnfSnapshotInfoRequest.json
     ${body}=        Format String   ${template}     vnfSnapshotPkgId=${vnfSnapshotPkgId}
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots    ${body}
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse} 	
+	Set Global Variable    ${response}    ${outputResponse}	 	
 
 GET multiple VNF Snapshots	
     Log    Query VNF The GET method queries information about multiple VNF snapshots.
@@ -1970,7 +2483,33 @@ DELETE VNF Snapshots
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots 	 	
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}  
+	Set Global Variable    ${response}    ${outputResponse}
+
+POST Create a new VNF Snapshot with permitted authorization scope
+    Log    Create VNF snapshot by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots with permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scopeValue=${VNF_SNAPSHOT_INFO_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template} =    Get File    jsons/CreateVnfSnapshotInfoRequest.json
+    ${body}=        Format String   ${template}     vnfSnapshotPkgId=${vnfSnapshotPkgId}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+POST Create a new VNF Snapshot with not permitted authorization scope
+    Log    Create VNF snapshot by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots with not permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scopeValue=${VNF_SNAPSHOT_INFO_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template} =    Get File    jsons/CreateVnfSnapshotInfoRequest.json
+    ${body}=        Format String   ${template}     vnfSnapshotPkgId=${vnfSnapshotPkgId}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 
 
 POST individual VNF Snapshot
     log    Trying to perform a POST. This method should not be implemented
@@ -1985,10 +2524,10 @@ GET individual VNF Snapshot
     log    Trying to get information about an individual VNF snapshot
     Set Headers    {"Accept":"${ACCEPT}"}  
     Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
-    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots/${vnfSnapshotInfoId} 		
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}      
+	Set Global Variable    ${response}    ${outputResponse}
 
 GET individual VNF Snapshot with invalid URI
     log    Trying to get information about an individual VNF snapshot
@@ -2048,15 +2587,37 @@ DELETE individual VNF Snapshot - CONFLICT
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots/${vnfSnapshotInfoId_InUse} 		
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse} 
+	Set Global Variable    ${response}    ${outputResponse}
+
+GET individual VNF Snapshot with permitted authorization scope
+    log    Trying to get information about an individual VNF snapshot with permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scopeValue=${VNF_SNAPSHOT_INFO_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots/${vnfSnapshotInfoId} 		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+GET individual VNF Snapshot with not permitted authorization scope
+    log    Trying to get information about an individual VNF snapshot with not permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scopeValue=${VNF_SNAPSHOT_INFO_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots/${vnfSnapshotInfoId} 		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}  
 	
 Check Postcondition VNF Snapshot Resource Is Deleted
-    Get individual VNF Snapshot
+    GET individual VNF Snapshot
     Integer    response status    404
     Log    VNF Snapshot Resource deleted
     
 Check Postcondition VNF Snapshot Resource Existence
-    Get individual VNF Snapshot
+    GET individual VNF Snapshot
     Integer    response status    200
     Log    VNF Snapshot Resource is not deleted
 
@@ -2075,7 +2636,7 @@ GET VNF State Snapshot - Complete
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots/${vnfSnapshotInfoId}/vnf_state_snapshot 		
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}  
+	Set Global Variable    ${response}    ${outputResponse}
 
 GET VNF State Snapshot - Range Request
     Pass Execution If    ${VNFM_RANGE_OK} == 0    Skipping this test as NFVO is not able to handle partial Requests.
@@ -2104,6 +2665,26 @@ GET VNF State Snapshot - Conflict in State
     Set Headers    {"Accept":"${ACCEPT_OCTET}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots/${vnfSnapshotInfoId_creationIncomplete}/vnf_state_snapshot 		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+GET VNF State Snapshot - Complete with permitted authorization scope
+    log    Trying to fetch the complete contents of an VNF State Snapshot with permitted authorization scope
+    Set Headers    {"Accept":"${ACCEPT_OCTET}"}  
+    ${scopeValue}=    Create Dictionary    scopeValue=${VNF_STATE_SNAPSHOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots/${vnfSnapshotInfoId}/vnf_state_snapshot 		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+GET VNF State Snapshot - Complete with not permitted authorization scope
+    log    Trying to fetch the complete contents of an VNF State Snapshot with not permitted authorization scope
+    Set Headers    {"Accept":"${ACCEPT_OCTET}"}  
+    ${scopeValue}=    Create Dictionary    scopeValue=${VNF_STATE_SNAPSHOT_NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots/${vnfSnapshotInfoId}/vnf_state_snapshot 		
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}  
 
@@ -2131,7 +2712,75 @@ DELETE VNF State Snapshot
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots/${vnfSnapshotInfoId}/vnf_state_snapshot 		
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse} 
+	Set Global Variable    ${response}    ${outputResponse}
+
+POST Select VNF Deployable Modules
+    log    Trying to select deployable modules of VNF instance
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    ${template}=    Get File    jsons/SelectVnfDeployableModulesRequest.json
+    ${body}=    Format String    ${template}
+    Post    ${apiRoot}/vnflcm/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/select_depl_mods    ${body}
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+
+POST Select VNF Deployable Modules Not Existing
+    log    Trying to select deployable modules of VNF instance
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    ${template}=    Get File    jsons/SelectVnfDeployableModulesRequest.json
+    ${body}=    Format String    ${template}
+    Post    ${apiRoot}/vnflcm/${apiMajorVersion}/vnf_instances/${notExistingVnfInstanceId}/select_depl_mods    ${body}
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+
+POST Select VNF Deployable Modules with conflict
+    log    Trying to select deployable modules of VNF instance.
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    ${template}=    Get File    jsons/SelectVnfDeployableModulesRequest.json
+    ${body}=    Format String    ${template}
+    Post    ${apiRoot}/vnflcm/${apiMajorVersion}/vnf_instances/${notInstantiatedVnfInstanceId}/select_depl_mods    ${body}
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+
+
+GET Select VNF Deployable Modules
+    log    Trying to perform a GET. This method should not be implemented
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"} 
+    Get    ${apiRoot}/vnflcm/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/select_depl_mods
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+
+PUT Select VNF Deployable Modules
+    log    Trying to perform a PUT. This method should not be implemented
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    Put    ${apiRoot}/vnflcm/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/select_depl_mods
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+
+PATCH Select VNF Deployable Modules
+    log    Trying to perform a PATCH. This method should not be implemented
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    Patch    ${apiRoot}/vnflcm/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/select_depl_mods
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+
+DELETE Select VNF Deployable Modules
+    log    Trying to perform a DELETE. This method should not be implemented
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    Delete    ${apiRoot}/vnflcm/${apiMajorVersion}/vnf_instances/${vnfInstanceId}/select_depl_mods
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+
 
 Check HTTP Content-Type Header Is Set
     Log    Check Content-Type HTTP Header
@@ -2150,3 +2799,8 @@ Check HTTP Content-Length Header Is Set
     Should Contain    ${response['headers']}    Content-Length
     Should Be Equal As Strings    ${response['headers']['Content-Length']}    ${full_length}
     Log    Header Content-Length is present
+
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded}
\ No newline at end of file
diff --git a/SOL003/VNFLifecycleManagement-API/VnfLcmOperationOccurences.robot b/SOL003/VNFLifecycleManagement-API/VnfLcmOperationOccurences.robot
index df021760f506fef4b97d79eb43d69a0e85b48824..4c543a023427199be69c9d9051f7427d3c9367a9 100644
--- a/SOL003/VNFLifecycleManagement-API/VnfLcmOperationOccurences.robot
+++ b/SOL003/VNFLifecycleManagement-API/VnfLcmOperationOccurences.robot
@@ -11,7 +11,7 @@ POST VNF LCM Operation occurrences - Method not implemented
     ...    Test title: POST VNF LCM Operation occurrences - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.12.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.12.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -23,7 +23,7 @@ GET status information about multiple VNF LCM Operation OCC
     ...    Test title: GET status information about multiple VNF LCM Operation OCC
     ...    Test objective: The objective is to test that GET method retrieve Query status information about multiple VNF lifecycle management operation occurrences.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -36,7 +36,7 @@ GET status information about multiple VNF LCM Operation OCC Bad Request Invalid
     ...    Test title: GET status information about multiple VNF LCM Operation OCC Bad Request Invalid attribute-based filtering parameters
     ...    Test objective: The objective is to test that GET method fail retrieving status information about multiple VNF lifecycle management operation occurrences because attribute is invalid.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -49,7 +49,7 @@ GET status information about multiple VNF LCM Operation OCC Bad Request Invalid
     ...    Test title: GET status information about multiple VNF LCM Operation OCC Bad Request Invalid attribute selector
     ...    Test objective: The objective is to test that GET method fail retrieving status information about multiple VNF lifecycle management operation occurrences because attribute is invalid.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -62,7 +62,7 @@ GET status information about multiple VNF LCM Operation OCC with "all_fields"
     ...    Test title: GET status information about multiple VNF LCM Operation OCC with "all_fields"
     ...    Test objective: The objective is to test that GET method retrieve Query status information about multiple VNF lifecycle management operation occurrences.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -75,7 +75,7 @@ GET status information about multiple VNF LCM Operation OCC with "exlude_default
     ...    Test title: GET status information about multiple VNF LCM Operation OCC with "exclude_default"
     ...    Test objective: The objective is to test that GET method retrieve Query status information about multiple VNF lifecycle management operation occurrences.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -88,7 +88,7 @@ GET status information about multiple VNF LCM Operation OCC with "fields"
     ...    Test title: GET status information about multiple VNF LCM Operation OCC with "fields"
     ...    Test objective: The objective is to test that GET method retrieve Query status information about multiple VNF lifecycle management operation occurrences.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -101,7 +101,7 @@ GET status information about multiple VNF LCM Operation OCC with "exclude_fields
     ...    Test title: GET status information about multiple VNF LCM Operation OCC with "exclude_fields"
     ...    Test objective: The objective is to test that GET method retrieve Query status information about multiple VNF lifecycle management operation occurrences.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -114,7 +114,7 @@ PUT status information about multiple VNF LCM Operation OCC - Method not impleme
     ...    Test title: PUT status information about multiple VNF LCM Operation OCC - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.12.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.12.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -126,7 +126,7 @@ PATCH status information about multiple VNF LCM Operation OCC - Method not imple
     ...    Test title: PATCH status information about multiple VNF LCM Operation OCC - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.12.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.12.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -138,7 +138,7 @@ DELETE status information about multiple VNF LCM Operation OCC - Method not impl
     ...    Test title: DELETE status information about multiple VNF LCM Operation OCC - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.12.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.12.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -150,7 +150,7 @@ GET status information about multiple VNF LCM Operation OCC to get Paged Respons
     ...    Test title: GET status information about multiple VNF LCM Operation OCC to get Paged Response
     ...    Test objective: The objective is to test that GET method retrieve Query status information about multiple VNF lifecycle management operation occurrences to get a Paged Response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: The VNFM supports response paging for the VNF lifecycle management operation occurrences resources
     ...    Post-Conditions: none   
@@ -159,11 +159,11 @@ GET status information about multiple VNF LCM Operation OCC to get Paged Respons
     Check HTTP Response Header Contain Link
 
 GET information about multiple VNF LCM Operation OCC as a Paged Response with nextpage_opauque_marker parameter 
-     [Documentation]    Test ID: 7.3.1.11.12a
+    [Documentation]    Test ID: 7.3.1.11.12a
     ...    Test title: GET information about multiple VNF LCM Operation OCC as a Paged Response with nextpage_opauque_marker parameter 
     ...    Test objective: The objective is to query information about multiple VNF lifecycle management operation occurrences as a Paged Response and retrieve the next page using the nextpage_opaque_marker parameter
     ...    Pre-conditions: A request for retrieving multiple VNF lifecycle management operation occurrences as a paged response has been successfully issued (Test ID 7.3.1.11.12)
-    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: The VNFM supports response paging for the VNF lifecycle management operation occurrences resources
     ...    Post-Conditions: none 
@@ -175,7 +175,7 @@ GET status information about multiple VNF LCM Operation OCC - Bad Request Respon
     ...    Test title: GET status information about multiple VNF LCM Operation OCC - Bad Request Response too Big
     ...    Test objective: The objective is to test that GET method fail retrieving status information about multiple VNF lifecycle management operation occurrences because response is too big. The test also checks the JSON schema of the unsuccessful operation HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -188,10 +188,36 @@ GET status information about multiple VNF LCM Operation OCC with "exclude_defaul
     ...    Test title: GET status information about multiple VNF LCM Operation OCC with "exclude_default" and "fields"
     ...    Test objective: The objective is to test that GET method retrieve Query status information about multiple VNF lifecycle management operation occurrences.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none   
     Get VNF LCM Operation occurrences with exclude_default and fields attribute selector
     Check HTTP Response Status Code Is    202
-    Check HTTP Response Body Json Schema Is    VnfLcmOpOccs
\ No newline at end of file
+    Check HTTP Response Body Json Schema Is    VnfLcmOpOccs
+
+GET status information about multiple VNF LCM Operation OCC with permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.11.15
+    ...    Test title: GET status information about multiple VNF LCM Operation OCC with permitted authorization scope
+    ...    Test objective: The objective is to test that GET method retrieve Query status information about multiple VNF lifecycle management operation occurrences with permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none   
+    GET VNF LCM Operation occurrences with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Body Json Schema Is    VnfLcmOpOccs
+
+GET status information about multiple VNF LCM Operation OCC with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.1.11.16
+    ...    Test title: GET status information about multiple VNF LCM Operation OCC with not permitted authorization scope
+    ...    Test objective: The objective is to test that GET method retrieve Query status information about multiple VNF lifecycle management operation occurrences with not permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none   
+    GET VNF LCM Operation occurrences with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
\ No newline at end of file
diff --git a/SOL003/VNFLifecycleManagement-API/descriptors/SOL001/VNFD/vnfd_SOL001.yaml b/SOL003/VNFLifecycleManagement-API/descriptors/SOL001/VNFD/vnfd_SOL001.yaml
index 603b1887d8a21e38d2c072e1184b780fc2f143dd..250f1c705d7ff857e9b3873effa2f3855661e50d 100644
--- a/SOL003/VNFLifecycleManagement-API/descriptors/SOL001/VNFD/vnfd_SOL001.yaml
+++ b/SOL003/VNFLifecycleManagement-API/descriptors/SOL001/VNFD/vnfd_SOL001.yaml
@@ -1,8 +1,8 @@
-tosca_definitions_version: tosca_simple_yaml_1_2
+tosca_definitions_version: tosca_simple_yaml_1_3
 description: "TST010 reference VNF-B"
 
 imports:
-  - https://forge.etsi.org/rep/nfv/SOL001/raw/v3.3.1/etsi_nfv_sol001_vnfd_types.yaml  
+  - https://forge.etsi.org/rep/nfv/SOL001/raw/v4.4.1/etsi_nfv_sol001_vnfd_types.yaml  
 
 metadata:
   descriptor_id: "VNF-B"
@@ -44,7 +44,7 @@ node_types:
         type: list
         entry_schema:
           type: string
-        default: [ 'etsivnfm:v2.3.1' ]
+        default: [ 'etsivnfm:v4.5.1' ]
     interfaces:
       Vnflcm:
         type: "tosca.interfaces.nfv.Vnflcm"
@@ -162,4 +162,4 @@ topology_template:
           terminate:
             implementation: terminate-example.yaml
           operate:
-            implementation: operate-example.yaml                
\ No newline at end of file
+            implementation: operate-example.yaml                
diff --git a/SOL003/VNFLifecycleManagement-API/environment/variables.txt b/SOL003/VNFLifecycleManagement-API/environment/variables.txt
index 81a2d522085a227207eade2c84e8651beb565ce9..f0f6ae9dc333c5c596db475c2a5389d4967dd7ec 100644
--- a/SOL003/VNFLifecycleManagement-API/environment/variables.txt
+++ b/SOL003/VNFLifecycleManagement-API/environment/variables.txt
@@ -5,11 +5,49 @@ ${VNFM_SCHEMA}    https
 ${ACCEPT}         application/json
 ${ACCEPT_JSON}         application/json
 ${CONTENT_TYPE}    application/json
+${OAUTH_KEY} 
+${OAUTH_ENCRYPTION_ALGORITHM}  HS256
 ${AUTHORIZATION_HEADER}    Authorization
 ${AUTHORIZATION_TOKEN}    Bearer 0b79bab50daca910b000d4f1a2b675d604257e42
 ${AUTH_USAGE}     1
 ${CONTENT_TYPE_PATCH}    application/merge-patch+json
 
+${INSTANTIATE_PERMITTED_SCOPE}  vnflcm:v2:instantiate  
+${SCALE_PERMITTED_SCOPE}    vnflcm:v2:scale
+${SCALE_TO_LEVEL_PERMITTED_SCOPE}   vnflcm:v2:scale_to_level  
+${CHANGE_FLAVOUR_PERMITTED_SCOPE}   vnflcm:v2:change_flavour  
+${TERMINATE_PERMITTED_SCOPE}    vnflcm:v2:terminate  
+${HEAL_PERMITTED_SCOPE}    vnflcm:v2:heal  
+${CHANGE_EXT_CONN_PERMITTED_SCOPE}  vnflcm:v2:change_ext_conn  
+${OPERATE_PERMITTED_SCOPE}  vnflcm:v2:operate  
+${CREATE_SNAPSHOT_PERMITTED_SCOPE}  vnflcm:v2:create_snapshot 
+${REVERT_TO_SNAPSHOT_PERMITTED_SCOPE}   vnflcm:v2:revert_to_snapshot 
+${CHANGE_VNFPKG_PERMITTED_SCOPE}    vnflcm:v2:change_vnfpkg      
+${VNF_INSTANCE_INFO_PERMITTED_SCOPE}    vnflcm:v2:vnf_instance_info  
+${VNF_INSTANCE_INFO_READONLY_PERMITTED_SCOPE}   vnflcm:v2:vnf_instance_info:readonly  
+${OP_OCCS_PERMITTED_SCOPE}  vnflcm:v2:op_occs
+${SUBSCRIPTIONS_PERMITTED_SCOPE}    vnflcm:v2:subscriptions  
+${VNF_SNAPSHOT_INFO_PERMITTED_SCOPE}    vnflcm:v2:vnf_snapshot_info  
+${VNF_STATE_SNAPSHOT_PERMITTED_SCOPE}   vnflcm:v2:vnf_state_snapshot
+
+${INSTANTIATE_NOT_PERMITTED_SCOPE}  vnflcm:v2:instantiate:invalid
+${SCALE_NOT_PERMITTED_SCOPE}    vnflcm:v2:scale:invalid
+${SCALE_TO_LEVEL_NOT_PERMITTED_SCOPE}   vnflcm:v2:scale_to_level:invalid
+${CHANGE_FLAVOUR_NOT_PERMITTED_SCOPE}   vnflcm:v2:change_flavour:invalid
+${TERMINATE_NOT_PERMITTED_SCOPE}    vnflcm:v2:terminate:invalid
+${HEAL_NOT_PERMITTED_SCOPE}    nflcm:v2:heal:invalid
+${CHANGE_EXT_CONN_NOT_PERMITTED_SCOPE}  vnflcm:v2:change_ext_conn:invalid
+${OPERATE_NOT_PERMITTED_SCOPE}  vnflcm:v2:operate:invalid
+${CREATE_SNAPSHOT_NOT_PERMITTED_SCOPE}  vnflcm:v2:create_snapshot:invalid
+${REVERT_TO_SNAPSHOT_NOT_PERMITTED_SCOPE}   vnflcm:v2:revert_to_snapshot:invalid
+${CHANGE_VNFPKG_NOT_PERMITTED_SCOPE}    vnflcm:v2:change_vnfpkg:invalid
+${VNF_INSTANCE_INFO_NOT_PERMITTED_SCOPE}    vnflcm:v2:vnf_instance_info:invalid
+${VNF_INSTANCE_INFO_READONLY_NOT_PERMITTED_SCOPE}   vnflcm:v2:vnf_instance_info:readonly:invalid
+${OP_OCCS_NOT_PERMITTED_SCOPE}  vnflcm:v2:op_occs:invalid
+${SUBSCRIPTIONS_NOT_PERMITTED_SCOPE}    vnflcm:v2:subscriptions:invalid
+${VNF_SNAPSHOT_INFO_NOT_PERMITTED_SCOPE}    vnflcm:v2:vnf_snapshot_info:invalid
+${VNF_STATE_SNAPSHOT_NOT_PERMITTED_SCOPE}   vnflcm:v2:vnf_state_snapshot:invalid
+
 ${apiRoot}        /
 ${apiName}        vnflcm
 ${apiMajorVersion}     v2
diff --git a/SOL003/VNFLifecycleManagement-API/jsons/SelectVnfDeployableModulesRequest.json b/SOL003/VNFLifecycleManagement-API/jsons/SelectVnfDeployableModulesRequest.json
new file mode 100644
index 0000000000000000000000000000000000000000..fa5070c38443fc7ddb8ae94b9e29666dcfaf5a93
--- /dev/null
+++ b/SOL003/VNFLifecycleManagement-API/jsons/SelectVnfDeployableModulesRequest.json
@@ -0,0 +1,10 @@
+{{
+  "selectedDeployableModule": ["string"],
+  "targetScaleLevelInfo": [
+    {
+      "aspectId": "{string}",
+      "scaleLevel": 1
+    }
+  ],
+  "additionalParams": {}
+}}
diff --git a/SOL003/VNFLifecycleManagement-API/jsons/instantiateVnfRequestTargetScaleLevelInfo.json b/SOL003/VNFLifecycleManagement-API/jsons/instantiateVnfRequestTargetScaleLevelInfo.json
index e72a745dcfd034bc619b138883591fd81235cb20..7a117abab12d94282255d5c78f4e1696aae98de6 100644
--- a/SOL003/VNFLifecycleManagement-API/jsons/instantiateVnfRequestTargetScaleLevelInfo.json
+++ b/SOL003/VNFLifecycleManagement-API/jsons/instantiateVnfRequestTargetScaleLevelInfo.json
@@ -4,7 +4,7 @@
         {
             "aspectId": "{aspectId}",
             "vnfdId":  "string",
-            "scaleToLevel": "1"  
+            "scaleLevel": 1  
         }
     ],
     "extVirtualLinks": [
diff --git a/SOL003/VNFLifecycleManagement-API/jsons/scaleVnfToLevelRequestScaleInfo.json b/SOL003/VNFLifecycleManagement-API/jsons/scaleVnfToLevelRequestScaleInfo.json
index 11c31f508a924f98736ef68d74078d1ccf734913..9ad9adb8f132e05071034e92820c5a45344bc0cb 100644
--- a/SOL003/VNFLifecycleManagement-API/jsons/scaleVnfToLevelRequestScaleInfo.json
+++ b/SOL003/VNFLifecycleManagement-API/jsons/scaleVnfToLevelRequestScaleInfo.json
@@ -3,7 +3,7 @@
         {
         "aspectId": "{aspectId}",
         "vnfdId":  "string",
-        "scaleToLevel": "1"
+        "scaleLevel": 1
         }
     ]
 }}
\ No newline at end of file
diff --git a/SOL003/VNFLifecycleManagement-API/schemas/VnfLcmOpOcc.schema.json b/SOL003/VNFLifecycleManagement-API/schemas/VnfLcmOpOcc.schema.json
index 60ac77dbb52541ec7287536097e9566b0e0446fa..70f4b7691529df64fd00e9cc36ecfaaa8acf4135 100644
--- a/SOL003/VNFLifecycleManagement-API/schemas/VnfLcmOpOcc.schema.json
+++ b/SOL003/VNFLifecycleManagement-API/schemas/VnfLcmOpOcc.schema.json
@@ -17,7 +17,8 @@
     "vnfInstanceId",
     "operation",
     "isAutomaticInvocation",
-    "isCancelPending"
+    "isCancelPending",
+    "_links"
   ],
   "properties": {
     "id": {
@@ -70,7 +71,8 @@
         "MODIFY_INFO",
         "CREATE_SNAPSHOT",
         "REVERT_TO_SNAPSHOT",
-        "CHANGE_VNFPKG"
+        "CHANGE_VNFPKG",
+        "SELECT_DEPL_MODS"
       ]
     },
     "isAutomaticInvocation": {
diff --git a/SOL003/VNFLifecycleManagement-API/schemas/VnfLcmOpOccs.schema.json b/SOL003/VNFLifecycleManagement-API/schemas/VnfLcmOpOccs.schema.json
index 17727c4705e082163d3e32a8b18150e52ba7ff1e..29ccb9304cc87c84281d429ca5f53c4d9907bef6 100644
--- a/SOL003/VNFLifecycleManagement-API/schemas/VnfLcmOpOccs.schema.json
+++ b/SOL003/VNFLifecycleManagement-API/schemas/VnfLcmOpOccs.schema.json
@@ -19,7 +19,8 @@
       "vnfInstanceId",
       "operation",
       "isAutomaticInvocation",
-      "isCancelPending"
+      "isCancelPending",
+      "_links"
     ],
     "properties": {
       "id": {
@@ -72,7 +73,8 @@
           "MODIFY_INFO",
           "CREATE_SNAPSHOT",
           "REVERT_TO_SNAPSHOT",
-          "CHANGE_VNFPKG"
+          "CHANGE_VNFPKG",
+          "SELECT_DEPL_MODS"
         ]
       },
       "isAutomaticInvocation": {
diff --git a/SOL003/VNFLifecycleManagement-API/schemas/VnfLcmOperationOccurrenceNotification.schema.json b/SOL003/VNFLifecycleManagement-API/schemas/VnfLcmOperationOccurrenceNotification.schema.json
index 81e024130b069ba8fffaa8ee32fd5b8c93bc6406..4d4b6cf7e56d6672d143e6adc4c483e8cad3bf16 100644
--- a/SOL003/VNFLifecycleManagement-API/schemas/VnfLcmOperationOccurrenceNotification.schema.json
+++ b/SOL003/VNFLifecycleManagement-API/schemas/VnfLcmOperationOccurrenceNotification.schema.json
@@ -596,6 +596,42 @@
         }
       }
     },
+    "affectedCertificates": {
+      "description": "Information about certificate content that were affected during the execution of the lifecycle management  operation, if this notification represents the result of a lifecycle management operation occurrence. Shall be present when using delegation mode, otherwise shall be absent. This attribute shall be supported when delegation mode in certificate management is applicable\n",
+      "type": "array",
+      "items": {
+        "description": "This type provides input information about added, deleted, and modified certificate contents.\n",
+        "type": "object",
+        "required": ["certificateInfoId", "changeType"],
+        "properties": {
+          "certificateInfoId": {
+            "description": "An identifier with the intention of being globally unique.\n",
+            "type": "string"
+          },
+          "certificateBaseProfileId": {
+            "description": "An identifier with the intention of being globally unique.\n",
+            "type": "string"
+          },
+          "securityPolicyId": {
+            "description": "An identifier with the intention of being globally unique.\n",
+            "type": "string"
+          },
+          "cmfInfoId": {
+            "description": "An identifier with the intention of being globally unique.\n",
+            "type": "string"
+          },
+          "certificateContentId": {
+            "description": "An identifier with the intention of being globally unique.\n",
+            "type": "string"
+          },
+          "changeType": {
+            "description": "Signals the type of change.",
+            "type": "string",
+            "enum": ["ADD", "REMOVE", "MODIFY"]
+          }
+        }
+      }
+    },
     "changedExtConnectivity": {
       "description": "Information about changed external connectivity, if this notification represents the result of a lifecycle operation occurrence. Shall be present if the \"notificationStatus\" is set to \"RESULT\", the \"verbosity\" attribute is set to \"FULL\" and the operation has made any changes to the external connectivity of the VNF instance. Shall be absent otherwise. Only information about external VL instances that have been added or modified shall be provided.\n",
       "type": "array",
diff --git a/SOL003/VNFLifecycleManagement-API/schemas/vnfInstance.schema.json b/SOL003/VNFLifecycleManagement-API/schemas/vnfInstance.schema.json
index 23b24a0327aea12712aa9b95d5ff952c8f3ea1a1..1e547f428ef1295e584f519a0355b8880d332765 100644
--- a/SOL003/VNFLifecycleManagement-API/schemas/vnfInstance.schema.json
+++ b/SOL003/VNFLifecycleManagement-API/schemas/vnfInstance.schema.json
@@ -54,7 +54,9 @@
       "additionalProperties": {
         "description": "This type represents parameters to connect to a VIM, a CISM, a CIR or a MCIOP repository for managing the resources of a VNF instance.\nThis structure is used to convey VIM-related, CISM-related, CIR-related, or MCIOP-repository-related parameters over the Or-Vnfm interface. Additional parameters for a VIM, a CISM, a CIR or a MCIOP repository may be configured into the VNFM by means outside the scope of the present document and bound to the identifier of that VIM.\n* NOTE 1:\tIf applicable, this attribute also provides information about the resourceGroupIds\n          that are accessible using a particular set of credentials. See definition of\n          \"resourceGroupId\" in clause 9.5.3.3.\n* NOTE 2:\tOnce the connectivity between VNFM and VIM, CISM, CIR or MCIOP repository is provided\n          through a secure connection over HTTP Secure (HTTP over SSL/TLS), and the connection might also be\n          established through a VPN (for example TLS-based VPN tunnelling) for site-to-site connection, the\n          \"accessInfo\" JSON data structure, and the sensitive data related information (\"username\"/\"password\" as\n          required properties for authentication purpose), will be transmitted as plain text through a TLS tunnel\n          without additional encoding/encryption before transmitting it, making the sensitive data visible to the\n          endpoint. The base64 encoded certificates are only used by the VNFM to verify the authenticity of the\n          interface endpoint of the VIM, CISM, CIR or MCIOP repository.\n \n* NOTE 3:\t ETSI GS NFV-SOL 009 [i.18] specifies the means to configure into the VNFM applicable VIM connection information via the \"NFV-MANO Configuration and Information Management\" interface. \n* NOTE 4:\t  Due to the possibility of configuring such information into the VNFM out-of-band, by means outside the scope of the present document, as well as in-band, by means specified in the present document, care should be taken to avoid unintended conflicts in the VNFM when managing such information.\n",
         "type": "object",
-        "required": ["vimType"],
+        "required": [
+          "vimType"
+        ],
         "properties": {
           "vimId": {
             "description": "An identifier with the intention of being globally unique.\n",
@@ -85,7 +87,9 @@
       "additionalProperties": {
         "description": "This type represents parameters to connect to a VIM, a CISM, a CIR or a MCIOP repository for managing the resources of a VNF instance.\nThis structure is used to convey VIM-related, CISM-related, CIR-related, or MCIOP-repository-related parameters over the Or-Vnfm interface. Additional parameters for a VIM, a CISM, a CIR or a MCIOP repository may be configured into the VNFM by means outside the scope of the present document and bound to the identifier of that VIM.\n* NOTE 1:\tIf applicable, this attribute also provides information about the resourceGroupIds\n          that are accessible using a particular set of credentials. See definition of\n          \"resourceGroupId\" in clause 9.5.3.3.\n* NOTE 2:\tOnce the connectivity between VNFM and VIM, CISM, CIR or MCIOP repository is provided\n          through a secure connection over HTTP Secure (HTTP over SSL/TLS), and the connection might also be\n          established through a VPN (for example TLS-based VPN tunnelling) for site-to-site connection, the\n          \"accessInfo\" JSON data structure, and the sensitive data related information (\"username\"/\"password\" as\n          required properties for authentication purpose), will be transmitted as plain text through a TLS tunnel\n          without additional encoding/encryption before transmitting it, making the sensitive data visible to the\n          endpoint. The base64 encoded certificates are only used by the VNFM to verify the authenticity of the\n          interface endpoint of the VIM, CISM, CIR or MCIOP repository.\n \n* NOTE 3:\t ETSI GS NFV-SOL 009 [i.18] specifies the means to configure into the VNFM applicable VIM connection information via the \"NFV-MANO Configuration and Information Management\" interface. \n* NOTE 4:\t  Due to the possibility of configuring such information into the VNFM out-of-band, by means outside the scope of the present document, as well as in-band, by means specified in the present document, care should be taken to avoid unintended conflicts in the VNFM when managing such information.\n",
         "type": "object",
-        "required": ["vimType"],
+        "required": [
+          "vimType"
+        ],
         "properties": {
           "vimId": {
             "description": "An identifier with the intention of being globally unique.\n",
@@ -116,7 +120,9 @@
       "additionalProperties": {
         "description": "This type represents parameters to connect to a VIM, a CISM, a CIR or a MCIOP repository for managing the resources of a VNF instance.\nThis structure is used to convey VIM-related, CISM-related, CIR-related, or MCIOP-repository-related parameters over the Or-Vnfm interface. Additional parameters for a VIM, a CISM, a CIR or a MCIOP repository may be configured into the VNFM by means outside the scope of the present document and bound to the identifier of that VIM.\n* NOTE 1:\tIf applicable, this attribute also provides information about the resourceGroupIds\n          that are accessible using a particular set of credentials. See definition of\n          \"resourceGroupId\" in clause 9.5.3.3.\n* NOTE 2:\tOnce the connectivity between VNFM and VIM, CISM, CIR or MCIOP repository is provided\n          through a secure connection over HTTP Secure (HTTP over SSL/TLS), and the connection might also be\n          established through a VPN (for example TLS-based VPN tunnelling) for site-to-site connection, the\n          \"accessInfo\" JSON data structure, and the sensitive data related information (\"username\"/\"password\" as\n          required properties for authentication purpose), will be transmitted as plain text through a TLS tunnel\n          without additional encoding/encryption before transmitting it, making the sensitive data visible to the\n          endpoint. The base64 encoded certificates are only used by the VNFM to verify the authenticity of the\n          interface endpoint of the VIM, CISM, CIR or MCIOP repository.\n \n* NOTE 3:\t ETSI GS NFV-SOL 009 [i.18] specifies the means to configure into the VNFM applicable VIM connection information via the \"NFV-MANO Configuration and Information Management\" interface. \n* NOTE 4:\t  Due to the possibility of configuring such information into the VNFM out-of-band, by means outside the scope of the present document, as well as in-band, by means specified in the present document, care should be taken to avoid unintended conflicts in the VNFM when managing such information.\n",
         "type": "object",
-        "required": ["vimType"],
+        "required": [
+          "vimType"
+        ],
         "properties": {
           "vimId": {
             "description": "An identifier with the intention of being globally unique.\n",
@@ -141,15 +147,299 @@
         }
       }
     },
+    "certificateInfo": {
+      "description": "This type provides input information related to certificate and certificate management.\n",
+      "type": "object",
+      "required": [
+        "id"
+      ],
+      "properties": {
+        "id": {
+          "description": "An identifier with the intention of being globally unique.\n",
+          "type": "string"
+        },
+        "certificateConfigurationInfo": {
+          "description": "This type provides input information related to certificate management.\n",
+          "type": "object",
+          "required": [
+            "securityPolicy"
+          ],
+          "properties": {
+            "certificateBaseProfile": {
+              "description": "Information for certificate profile.",
+              "type": "array",
+              "items": {
+                "description": "NOTE: At least one overriding attributes shall be present, otherwise shall be absent.\nThis type provides input information to override certificate base profile for certificate management.\n",
+                "type": "object",
+                "required": [
+                  "id"
+                ],
+                "properties": {
+                  "id": {
+                    "description": "An identifier with the intention of being globally unique.\n",
+                    "type": "string"
+                  },
+                  "issuer": {
+                    "description": "Issuer of certificates. See note.",
+                    "type": "string"
+                  },
+                  "issuerUniqueIdentifier": {
+                    "description": "An identifier with the intention of being globally unique.\n",
+                    "type": "string"
+                  },
+                  "subject": {
+                    "description": "This type provides input information related to the subject of the certificate.\nNOTE: At least one overriding attributes shall be present, otherwise shall be absent.\n",
+                    "type": "object",
+                    "properties": {
+                      "commonName": {
+                        "description": "Information of the certification target subject FQDN. Can be set empty when this certificate is used for encrypted communication using IP address. See note.\n",
+                        "type": "string"
+                      },
+                      "organization": {
+                        "description": "Information of the certification target subject Organization. See note.",
+                        "type": "string"
+                      },
+                      "country": {
+                        "description": "Information of the certification target subject Country. See note.",
+                        "type": "string"
+                      },
+                      "state": {
+                        "description": "Information of the certification target subject State. See note.",
+                        "type": "string"
+                      },
+                      "locality": {
+                        "description": "Information of the certification target subject Locality. See note.",
+                        "type": "string"
+                      },
+                      "emailAddress": {
+                        "description": "Information of the certification contact email address. See note.",
+                        "type": "string"
+                      }
+                    }
+                  },
+                  "subjectUniqueIdentifier": {
+                    "description": "An identifier with the intention of being globally unique.\n",
+                    "type": "string"
+                  },
+                  "basicConstraints": {
+                    "description": "Basic constraints of certificates. See note.",
+                    "type": "string"
+                  },
+                  "issuerAltName": {
+                    "description": "Alternative name of issuer of certificates in this NS. See note.",
+                    "type": "array",
+                    "items": {
+                      "type": "string"
+                    }
+                  },
+                  "subjectAltName": {
+                    "description": "Alternative name of subject of certificates. Shall be present when this certificate is used for encrypted communication using IP address and subjectAltName attribute of CertificateBaseProfile in CertificateDesc of VNFD is empty (see ETSI GS NFV-IFA 011 [14], clause 7.1.19.4). See note.\n",
+                    "type": "array",
+                    "items": {
+                      "type": "string"
+                    }
+                  },
+                  "nameConstraints": {
+                    "description": "Name constraints of certificates. See note.",
+                    "type": "array",
+                    "items": {
+                      "type": "string"
+                    }
+                  }
+                }
+              }
+            },
+            "securityPolicy": {
+              "description": "Information for security policy to be satisfied for certificate.",
+              "type": "array",
+              "items": {
+                "description": "This type provides input information related to security policy for certificate management.\n",
+                "type": "object",
+                "required": [
+                  "id"
+                ],
+                "properties": {
+                  "id": {
+                    "description": "An identifier with the intention of being globally unique.\n",
+                    "type": "string"
+                  },
+                  "maxValidityPeriod": {
+                    "description": "Allowed max validity period for certificates.",
+                    "type": "number"
+                  },
+                  "allowedAlgorithm": {
+                    "description": "Allowed signature algorithm.",
+                    "type": "string"
+                  },
+                  "minimumKeyLength": {
+                    "description": "Minimum key length for certificates.",
+                    "type": "number"
+                  }
+                }
+              }
+            },
+            "delegationSupportedCertificateManagements": {
+              "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+              "type": "object"
+            },
+            "cmfInfo": {
+              "description": "This type provides input information related to CMF for certificate management.\n",
+              "type": "object",
+              "required": [
+                "id",
+                "endPoint",
+                "supportedProtocol"
+              ],
+              "properties": {
+                "id": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                },
+                "endPoint": {
+                  "description": "End point of CMF instance.",
+                  "type": "object",
+                  "properties": {
+                    "ipAddress": {
+                      "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                      "type": "string",
+                      "format": "IP"
+                    },
+                    "link": {
+                      "description": "This type represents a link to a resource using an absolute URI.\n",
+                      "type": "object",
+                      "required": [
+                        "href"
+                      ],
+                      "properties": {
+                        "href": {
+                          "description": "String formatted according to IETF RFC 3986.\n",
+                          "type": "string"
+                        }
+                      }
+                    }
+                  }
+                },
+                "supportedProtocol": {
+                  "description": "Supported protocols by CMF instance.",
+                  "type": "array",
+                  "items": {
+                    "description": "Supported protocol by CMF instance.",
+                    "type": "string",
+                    "enum": [
+                      "CMP",
+                      "CMPv2",
+                      "EST",
+                      "SCEP"
+                    ]
+                  }
+                },
+                "certificateChain": {
+                  "description": "Certificate chain that this CMF provides.",
+                  "type": "array",
+                  "items": {
+                    "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                    "type": "object"
+                  }
+                }
+              }
+            }
+          }
+        },
+        "certificateContents": {
+          "description": "Information for contents of issued certificates. The information contained in this attribute may be updated over time during the VNF LCM, e.g., certificate(s) renewal.\n",
+          "type": "array",
+          "items": {
+            "description": "This type provides input information related to certificate content.\nNOTE: The CertificateDesc data type is defined in clause 7.1.19.2 of ETSI GS NFV IFA 011 [10].\n",
+            "type": "object",
+            "required": [
+              "id",
+              "certificateDescId",
+              "certificateType"
+            ],
+            "properties": {
+              "id": {
+                "description": "An identifier with the intention of being globally unique.\n",
+                "type": "string"
+              },
+              "certificateDescId": {
+                "description": "An identifier that is unique within a VNF descriptor.\n",
+                "type": "string"
+              },
+              "certificateType": {
+                "description": "Type of this certificate.",
+                "type": "string",
+                "enum": [
+                  "VNFCI_CERT",
+                  "VNFOAM_CERT"
+                ]
+              },
+              "supportedCertificateManagements": {
+                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                "type": "object"
+              },
+              "version": {
+                "description": "A version.\n",
+                "type": "string"
+              },
+              "serialNumber": {
+                "description": "Serial number of this certificate.",
+                "type": "integer"
+              },
+              "signatureAlgorithm": {
+                "description": "Algorithm of this certificate's signature.",
+                "type": "string"
+              },
+              "issuer": {
+                "description": "Issuer of this certificate.",
+                "type": "string"
+              },
+              "notBefore": {
+                "description": "Date-time stamp. Representation: String formatted according to IETF RFC 3339.\n",
+                "type": "string",
+                "format": "date-time"
+              },
+              "notAfter": {
+                "description": "Date-time stamp. Representation: String formatted according to IETF RFC 3339.\n",
+                "type": "string",
+                "format": "date-time"
+              },
+              "subject": {
+                "description": "Subject of this certificate.",
+                "type": "string"
+              },
+              "publicKeyAlgorithm": {
+                "description": "Algorithm of this certificate's public key.",
+                "type": "string"
+              },
+              "publicKey": {
+                "description": "Public key of this certificate.",
+                "type": "string"
+              },
+              "certificateExtensions": {
+                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                "type": "object"
+              }
+            }
+          }
+        }
+      }
+    },
     "instantiationState": {
       "description": "The instantiation state of the VNF. Permitted values: - NOT_INSTANTIATED: The VNF instance is terminated or not instantiated. - INSTANTIATED: The VNF instance is instantiated.\n",
       "type": "string",
-      "enum": ["NOT_INSTANTIATED", "INSTANTIATED"]
+      "enum": [
+        "NOT_INSTANTIATED",
+        "INSTANTIATED"
+      ]
     },
     "instantiatedVnfInfo": {
       "description": "Information specific to an instantiated VNF instance. This attribute shall be present if the instantiateState attribute value is INSTANTIATED.\n",
       "type": "object",
-      "required": ["flavourId", "vnfState", "extCpInfo"],
+      "required": [
+        "flavourId",
+        "vnfState",
+        "extCpInfo"
+      ],
       "properties": {
         "flavourId": {
           "description": "An identifier that is unique within a VNF descriptor.\n",
@@ -158,7 +448,10 @@
         "vnfState": {
           "description": "STARTED: The VNF instance is up and running. STOPPED: The VNF instance has been shut down.\n",
           "type": "string",
-          "enum": ["STARTED", "STOPPED"]
+          "enum": [
+            "STARTED",
+            "STOPPED"
+          ]
         },
         "scaleStatus": {
           "description": "Scale status of the VNF, one entry per aspect. Represents for every scaling aspect  how \"big\" the VNF has been scaled w.r.t. that aspect. This attribute shall be present if the VNF supports scaling. See clause B.2 for an explanation of VNF scaling.\n",
@@ -166,7 +459,10 @@
           "items": {
             "description": "This type represents the scale level of a VNF instance related to a scaling aspect.\n",
             "type": "object",
-            "required": ["aspectId", "scaleLevel"],
+            "required": [
+              "aspectId",
+              "scaleLevel"
+            ],
             "properties": {
               "aspectId": {
                 "description": "An identifier that is unique within a VNF descriptor.\n",
@@ -189,7 +485,10 @@
           "items": {
             "description": "This type represents the scale level of a VNF instance related to a scaling aspect.\n",
             "type": "object",
-            "required": ["aspectId", "scaleLevel"],
+            "required": [
+              "aspectId",
+              "scaleLevel"
+            ],
             "properties": {
               "aspectId": {
                 "description": "An identifier that is unique within a VNF descriptor.\n",
@@ -206,6 +505,14 @@
             }
           }
         },
+        "selectedDeployableModule": {
+          "description": "References a currently selected deployable module, as defined in the VNFD, that has  already completed the instantiation of its VNFCs.\n",
+          "type": "array",
+          "items": {
+            "description": "An identifier that is unique within a VNF descriptor.\n",
+            "type": "string"
+          }
+        },
         "extCpInfo": {
           "description": "Information about the external CPs exposed by the VNF instance. When trunking is enabled, the list of entries includes both, external CPs corresponding to parent ports of a trunk, and external CPs associated to sub-ports of a trunk.\n",
           "type": "array",
@@ -213,16 +520,27 @@
           "items": {
             "description": "This type represents information about an external CP of a VNF.\nNOTE 1:\tThe attributes \"associatedVnfcCpId\", \"associatedVipCpId\", \"associatedVirtualCpId\" and \n        \"associatedVnfVirtualLinkId\" are mutually exclusive. Exactly one shall be present.\nNOTE 2:\tAn external CP instance is not associated to a link port in the cases indicated for the \n        “extLinkPorts” attribute in clause 4.4.1.11.\nNOTE 3: Cardinality greater than 1 is only applicable for specific cases where more than one network \n        attachment definition resource is needed to fulfil the connectivity requirements of the external \n        CP, e.g. to build a link redundant mated pair in SR-IOV cases.\nNOTE 4: When more than one netAttDefResourceId is indicated, all shall belong to the same namespace.\n",
             "type": "object",
-            "required": ["id", "cpdId", "cpConfigId", "cpProtocolInfo"],
+            "required": [
+              "id",
+              "cpdId",
+              "cpConfigId",
+              "cpProtocolInfo"
+            ],
             "oneOf": [
               {
-                "required": ["associatedVnfcCpId"]
+                "required": [
+                  "associatedVnfcCpId"
+                ]
               },
               {
-                "required": ["associatedVipCpId"]
+                "required": [
+                  "associatedVipCpId"
+                ]
               },
               {
-                "required": ["associatedVnfVirtualLinkId"]
+                "required": [
+                  "associatedVnfVirtualLinkId"
+                ]
               }
             ],
             "properties": {
@@ -248,30 +566,43 @@
                 "items": {
                   "description": "This type describes the protocol layer(s) that a CP uses together with protocol-related information, like addresses.\nNOTE:\tThis attribute allows to signal the addition of further types of layer and protocol in future versions of the \n      present document in a backwards-compatible way. In the current version of the present document, only IP over \n      Ethernet is supported.\n",
                   "type": "object",
-                  "required": ["layerProtocol"],
+                  "required": [
+                    "layerProtocol"
+                  ],
                   "properties": {
                     "layerProtocol": {
                       "description": "The identifier of layer(s) and protocol(s) associated to the network address information.\nPermitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
                       "type": "string",
-                      "enum": ["IP_OVER_ETHERNET", "IP_FOR_VIRTUAL_CP"]
+                      "enum": [
+                        "IP_OVER_ETHERNET",
+                        "IP_FOR_VIRTUAL_CP"
+                      ]
                     },
                     "ipOverEthernet": {
                       "description": "This type represents information about a network address that has been assigned.\nNOTE 1:\tAt least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2:\tExactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3:\tIf the Cp instance represents a subport in a trunk, segmentationId shall be present. \n        Otherwise it shall not be present.\nNOTE 4:\tDepending on the NFVI networking infrastructure, the segmentationId may indicate the \n        actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the \n        transport header of the packets or it may be an identifier used between the application \n        and the NFVI networking infrastructure to identify the network sub-interface of the trunk \n        port in question. In the latter case the NFVI infrastructure will map this local segmentationId \n        to whatever segmentationId is actually used by the NFVI’s transport technology.\n",
                       "type": "object",
                       "anyOf": [
                         {
-                          "required": ["macAddress"]
+                          "required": [
+                            "macAddress"
+                          ]
                         },
                         {
-                          "required": ["ipAddresses"]
+                          "required": [
+                            "ipAddresses"
+                          ]
                         }
                       ],
                       "oneOf": [
                         {
-                          "required": ["addresses"]
+                          "required": [
+                            "addresses"
+                          ]
                         },
                         {
-                          "required": ["addressRange"]
+                          "required": [
+                            "addressRange"
+                          ]
                         }
                       ],
                       "properties": {
@@ -289,12 +620,17 @@
                           "type": "array",
                           "items": {
                             "type": "object",
-                            "required": ["type"],
+                            "required": [
+                              "type"
+                            ],
                             "properties": {
                               "type": {
                                 "description": "The type of the IP addresses. Permitted values: IPV4, IPV6.\n",
                                 "type": "string",
-                                "enum": ["IPV4", "IPV6"]
+                                "enum": [
+                                  "IPV4",
+                                  "IPV6"
+                                ]
                               },
                               "addresses": {
                                 "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
@@ -312,7 +648,10 @@
                               "addressRange": {
                                 "description": "An IP address range used, e.g. in case of egress connections. See note 2.\n",
                                 "type": "object",
-                                "required": ["minAddress", "maxAddress"],
+                                "required": [
+                                  "minAddress",
+                                  "maxAddress"
+                                ],
                                 "properties": {
                                   "minAddress": {
                                     "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
@@ -338,12 +677,17 @@
                     "virtualCpAddress": {
                       "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
                       "type": "object",
-                      "required": ["type"],
+                      "required": [
+                        "type"
+                      ],
                       "properties": {
                         "type": {
                           "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
                           "type": "string",
-                          "enum": ["IPV4", "IPV6"]
+                          "enum": [
+                            "IPV4",
+                            "IPV6"
+                          ]
                         },
                         "loadBalancerIp": {
                           "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
@@ -390,6 +734,10 @@
                   "description": "An identifier with the intention of being globally unique.\n",
                   "type": "string"
                 }
+              },
+              "certificateContentId": {
+                "description": "An identifier with the intention of being globally unique.\n",
+                "type": "string"
               }
             }
           }
@@ -401,7 +749,10 @@
           "items": {
             "description": "This type provides information related to virtual IP (VIP) CP.\nNOTE 1:\tIt is possible that there is no associated VnfcCp because the VIP CP is available but not associated yet. NOTE 2: If only the value or the presence of this attribute is changed in the \"VipCpInfo\" structure by an LCM operation occurrence, this does not represent a change that requires including a related \"AffectedVipCp\" structure in the VNF LCM operation occurrence notifications or the \"VnfLcmOpOcc\" structure related to this LCM operation occurrence.\n",
             "type": "object",
-            "required": ["cpInstanceId", "cpdId"],
+            "required": [
+              "cpInstanceId",
+              "cpdId"
+            ],
             "properties": {
               "cpInstanceId": {
                 "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
@@ -425,30 +776,43 @@
                 "items": {
                   "description": "This type describes the protocol layer(s) that a CP uses together with protocol-related information, like addresses.\nNOTE:\tThis attribute allows to signal the addition of further types of layer and protocol in future versions of the \n      present document in a backwards-compatible way. In the current version of the present document, only IP over \n      Ethernet is supported.\n",
                   "type": "object",
-                  "required": ["layerProtocol"],
+                  "required": [
+                    "layerProtocol"
+                  ],
                   "properties": {
                     "layerProtocol": {
                       "description": "The identifier of layer(s) and protocol(s) associated to the network address information.\nPermitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
                       "type": "string",
-                      "enum": ["IP_OVER_ETHERNET", "IP_FOR_VIRTUAL_CP"]
+                      "enum": [
+                        "IP_OVER_ETHERNET",
+                        "IP_FOR_VIRTUAL_CP"
+                      ]
                     },
                     "ipOverEthernet": {
                       "description": "This type represents information about a network address that has been assigned.\nNOTE 1:\tAt least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2:\tExactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3:\tIf the Cp instance represents a subport in a trunk, segmentationId shall be present. \n        Otherwise it shall not be present.\nNOTE 4:\tDepending on the NFVI networking infrastructure, the segmentationId may indicate the \n        actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the \n        transport header of the packets or it may be an identifier used between the application \n        and the NFVI networking infrastructure to identify the network sub-interface of the trunk \n        port in question. In the latter case the NFVI infrastructure will map this local segmentationId \n        to whatever segmentationId is actually used by the NFVI’s transport technology.\n",
                       "type": "object",
                       "anyOf": [
                         {
-                          "required": ["macAddress"]
+                          "required": [
+                            "macAddress"
+                          ]
                         },
                         {
-                          "required": ["ipAddresses"]
+                          "required": [
+                            "ipAddresses"
+                          ]
                         }
                       ],
                       "oneOf": [
                         {
-                          "required": ["addresses"]
+                          "required": [
+                            "addresses"
+                          ]
                         },
                         {
-                          "required": ["addressRange"]
+                          "required": [
+                            "addressRange"
+                          ]
                         }
                       ],
                       "properties": {
@@ -466,12 +830,17 @@
                           "type": "array",
                           "items": {
                             "type": "object",
-                            "required": ["type"],
+                            "required": [
+                              "type"
+                            ],
                             "properties": {
                               "type": {
                                 "description": "The type of the IP addresses. Permitted values: IPV4, IPV6.\n",
                                 "type": "string",
-                                "enum": ["IPV4", "IPV6"]
+                                "enum": [
+                                  "IPV4",
+                                  "IPV6"
+                                ]
                               },
                               "addresses": {
                                 "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
@@ -489,7 +858,10 @@
                               "addressRange": {
                                 "description": "An IP address range used, e.g. in case of egress connections. See note 2.\n",
                                 "type": "object",
-                                "required": ["minAddress", "maxAddress"],
+                                "required": [
+                                  "minAddress",
+                                  "maxAddress"
+                                ],
                                 "properties": {
                                   "minAddress": {
                                     "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
@@ -515,12 +887,17 @@
                     "virtualCpAddress": {
                       "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
                       "type": "object",
-                      "required": ["type"],
+                      "required": [
+                        "type"
+                      ],
                       "properties": {
                         "type": {
                           "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
                           "type": "string",
-                          "enum": ["IPV4", "IPV6"]
+                          "enum": [
+                            "IPV4",
+                            "IPV6"
+                          ]
                         },
                         "loadBalancerIp": {
                           "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
@@ -561,7 +938,12 @@
           "items": {
             "description": "This type provides information related to a virtual CP instance of a VNF.\nNOTE: A consumer of the VNF LCM interface can learn the actual VNFC instances implementing the service \n      accessible via the virtual CP instance by querying the \"vnfcResourceInfo\" from the \"InstantiatedVnfInfo\" \n      and filtering by corresponding \"vduIds\" values.\n",
             "type": "object",
-            "required": ["cpInstanceId", "cpdId", "resourceHandle", "vduIds"],
+            "required": [
+              "cpInstanceId",
+              "cpdId",
+              "resourceHandle",
+              "vduIds"
+            ],
             "properties": {
               "cpInstanceId": {
                 "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
@@ -572,7 +954,9 @@
                 "type": "string"
               },
               "resourceHandle": {
-                "required": ["resourceId"],
+                "required": [
+                  "resourceId"
+                ],
                 "type": "object",
                 "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                 "properties": {
@@ -626,30 +1010,43 @@
                 "items": {
                   "description": "This type describes the protocol layer(s) that a CP uses together with protocol-related information, like addresses.\nNOTE:\tThis attribute allows to signal the addition of further types of layer and protocol in future versions of the \n      present document in a backwards-compatible way. In the current version of the present document, only IP over \n      Ethernet is supported.\n",
                   "type": "object",
-                  "required": ["layerProtocol"],
+                  "required": [
+                    "layerProtocol"
+                  ],
                   "properties": {
                     "layerProtocol": {
                       "description": "The identifier of layer(s) and protocol(s) associated to the network address information.\nPermitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
                       "type": "string",
-                      "enum": ["IP_OVER_ETHERNET", "IP_FOR_VIRTUAL_CP"]
+                      "enum": [
+                        "IP_OVER_ETHERNET",
+                        "IP_FOR_VIRTUAL_CP"
+                      ]
                     },
                     "ipOverEthernet": {
                       "description": "This type represents information about a network address that has been assigned.\nNOTE 1:\tAt least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2:\tExactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3:\tIf the Cp instance represents a subport in a trunk, segmentationId shall be present. \n        Otherwise it shall not be present.\nNOTE 4:\tDepending on the NFVI networking infrastructure, the segmentationId may indicate the \n        actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the \n        transport header of the packets or it may be an identifier used between the application \n        and the NFVI networking infrastructure to identify the network sub-interface of the trunk \n        port in question. In the latter case the NFVI infrastructure will map this local segmentationId \n        to whatever segmentationId is actually used by the NFVI’s transport technology.\n",
                       "type": "object",
                       "anyOf": [
                         {
-                          "required": ["macAddress"]
+                          "required": [
+                            "macAddress"
+                          ]
                         },
                         {
-                          "required": ["ipAddresses"]
+                          "required": [
+                            "ipAddresses"
+                          ]
                         }
                       ],
                       "oneOf": [
                         {
-                          "required": ["addresses"]
+                          "required": [
+                            "addresses"
+                          ]
                         },
                         {
-                          "required": ["addressRange"]
+                          "required": [
+                            "addressRange"
+                          ]
                         }
                       ],
                       "properties": {
@@ -667,12 +1064,17 @@
                           "type": "array",
                           "items": {
                             "type": "object",
-                            "required": ["type"],
+                            "required": [
+                              "type"
+                            ],
                             "properties": {
                               "type": {
                                 "description": "The type of the IP addresses. Permitted values: IPV4, IPV6.\n",
                                 "type": "string",
-                                "enum": ["IPV4", "IPV6"]
+                                "enum": [
+                                  "IPV4",
+                                  "IPV6"
+                                ]
                               },
                               "addresses": {
                                 "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
@@ -690,7 +1092,10 @@
                               "addressRange": {
                                 "description": "An IP address range used, e.g. in case of egress connections. See note 2.\n",
                                 "type": "object",
-                                "required": ["minAddress", "maxAddress"],
+                                "required": [
+                                  "minAddress",
+                                  "maxAddress"
+                                ],
                                 "properties": {
                                   "minAddress": {
                                     "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
@@ -716,12 +1121,17 @@
                     "virtualCpAddress": {
                       "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
                       "type": "object",
-                      "required": ["type"],
+                      "required": [
+                        "type"
+                      ],
                       "properties": {
                         "type": {
                           "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
                           "type": "string",
-                          "enum": ["IPV4", "IPV6"]
+                          "enum": [
+                            "IPV4",
+                            "IPV6"
+                          ]
                         },
                         "loadBalancerIp": {
                           "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
@@ -752,7 +1162,9 @@
                 "items": {
                   "description": "This type provides additional service information of the virtual CP instance used to expose properties of the  virtual CP to NFV-MANO.\nNOTE: This attribute shall only be present if additional information is needed to identify the service \n      termination within the VNF, such as for example a URL path information in an HTTP request required \n      to allow a single virtual CP IP address to be used for several HTTP based services that use the \n      same port number.\n",
                   "type": "object",
-                  "required": ["portInfo"],
+                  "required": [
+                    "portInfo"
+                  ],
                   "properties": {
                     "portInfo": {
                       "description": "Service port numbers exposed by the virtual CP instance.\n",
@@ -761,7 +1173,11 @@
                       "items": {
                         "description": "This type describes the service identifying port properties exposed by the virtual CP instance.\n",
                         "type": "object",
-                        "required": ["name", "port", "portConfigurable"],
+                        "required": [
+                          "name",
+                          "port",
+                          "portConfigurable"
+                        ],
                         "properties": {
                           "name": {
                             "description": "The name of the port exposed by the virtual CP instance.\n",
@@ -770,7 +1186,11 @@
                           "protocol": {
                             "description": "The L4 protocol for this port exposed by the virtual CP instance.\nPermitted values: - TCP - UDP - SCTP\n",
                             "type": "string",
-                            "enum": ["TCP", "UDP", "SCTP"]
+                            "enum": [
+                              "TCP",
+                              "UDP",
+                              "SCTP"
+                            ]
                           },
                           "port": {
                             "description": "The L4 port number exposed by the virtual CP instance.\n",
@@ -803,14 +1223,20 @@
           "items": {
             "description": "This type represents information about an external VL.\nNOTE:\tThis attribute reflects the current configuration information that has resulted from merging into this attribute \n      the \"VnfExtCpData\" information which was passed as part of the \"ExtVirtualLinkData\" structure in the input of the \n      most recent VNF LCM operation such as \"InstantiateVnfRequest\", \"ChangeExtVnfConnectivityRequest\", \"ChangeVnfFlavourRequest\" \n      or \"ChangeCurrentVnfPkgRequest\", or in the Grant response. If applying such change results in an empty list of \n      \"currentVnfExtCpData\" structure instances, the affected instance of \"ExtVirtualLinkInfo\" shall be removed from its \n      parent data structure.\n",
             "type": "object",
-            "required": ["id", "resourceHandle", "currentVnfExtCpData"],
+            "required": [
+              "id",
+              "resourceHandle",
+              "currentVnfExtCpData"
+            ],
             "properties": {
               "id": {
                 "description": "An identifier with the intention of being globally unique.\n",
                 "type": "string"
               },
               "resourceHandle": {
-                "required": ["resourceId"],
+                "required": [
+                  "resourceId"
+                ],
                 "type": "object",
                 "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                 "properties": {
@@ -860,14 +1286,19 @@
                 "items": {
                   "description": "This type represents information about a link port of an external VL, i.e. a port providing connectivity for the VNF to  an NS VL.\nNOTE 1:\tThe use cases UC#4 and UC#5 in clause A.4 of ETSI GS NFV-IFA 007 provide examples for such a configuration. NOTE 2:\tThe value of \"trunkResourceId\" is scoped by the value of \"vimConnectionId\" in the \"resourceHandle\" attribute.\n",
                   "type": "object",
-                  "required": ["id", "resourceHandle"],
+                  "required": [
+                    "id",
+                    "resourceHandle"
+                  ],
                   "properties": {
                     "id": {
                       "description": "An identifier with the intention of being globally unique.\n",
                       "type": "string"
                     },
                     "resourceHandle": {
-                      "required": ["resourceId"],
+                      "required": [
+                        "resourceId"
+                      ],
                       "type": "object",
                       "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                       "properties": {
@@ -932,7 +1363,9 @@
                 "items": {
                   "description": "This type represents configuration information for external CPs created. * NOTE 1: \tIn case this identifier refers to a CPD with trunking enabled, the external CP instances created\n            from this CPD will represent ports in a trunk.\n* NOTE 2: \tWithin one VNF instance, all VNFC instances created from a particular VDU have the same external\n            connectivity. Thus, given a particular value of the \"cpdId\" attribute, there shall be one\n            \"cpConfig\" entry for each VNFC instance that has been or can be created from a VDU which includes\n            a CPD identified by the \"cpdId\" attribute. If the cpConfig represents a subport in a trunk,\n            all \"cpConfig\" entries in this list shall have the same segmentationId, which means they are\n            connected to the same set of external VLs via the trunk.\n* NOTE 3: \tThe map entry value shall be set to \"null\" in order to delete a \"VnfExtCpConfig\" entry identified\n            by a particular key value from the map, i.e. for the disconnection of an existing external\n            CP instance addressed by cpInstanceId in the deleted map entry from a particular external\n            virtual link, and deletion of that instance in case it represents a subport. Deleting the\n            last key from the map removes the affected instance of the \"VnfExtCpData\" structure from\n            its parent data structure.\n* NOTE 4:   If, as defined by the input parameters of a \"ChangeVnfFlavour\", \"ChangeExtVnfConnectivity\" or\n            \"ChangeCurrentVnfPkg\" operation or as part of the Grant response for any of these operations, a cpConfig\n            map entry identified by a particular map key value is moved into another \"ExtVirtualLinkData\" or\n            \"VnfExtCpData\" structure, this particular cpConfig map entry may be used by an external CP instance\n            different than the one that has used it before the operation, or by no external CP instance at all.\n            Renaming a CPD identifier during the \"changeCurrentVnfPkg\" operation does not count as moving the related\n            \"cpConfig\" map entries to a new \"extCpData\" structure.\n",
                   "type": "object",
-                  "required": ["cpdId"],
+                  "required": [
+                    "cpdId"
+                  ],
                   "properties": {
                     "cpdId": {
                       "description": "An identifier that is unique within a VNF descriptor.\n",
@@ -945,13 +1378,19 @@
                         "description": "This type represents an externally provided link port, or a network attachment definition resource of secondary container cluster network, or network address information per instance of an external connection point. In the case of VM-based deployment of the VNFC exposing the external CP:\n  1.  In case a link port is provided, the VNFM shall use that link port when connecting the external CP to the\n      external VL.\n  2.  In case a link port is not provided, the VNFM shall create a link port on the external VL and use that link port\n      to connect the external CP to the external VL.\nIn the case of container-based deployment of the VNFC exposing the external CP, the VNFM shall use the network attachment definition resource of secondary container cluster network when connecting the CP to the external VL.\n* NOTE 1: The following conditions apply to the attributes \"linkPortId\" and \"cpProtocolData\" for an external CP\n          instance connected or to be connected to a virtual network not categorized as secondary container cluster network:\n          1) Void.\n          2) At least one of the \"linkPortId\" and \"cpProtocolData\" attributes shall be present for an external CP instance\n          representing a subport that is to be created, or an external CP instance that is to be created by creating the\n          corresponding VNFC or VNF instance during the current or a subsequent LCM operation, or for an existing\n          external CP instance that is to be re-configured or added to a particular external virtual link.\n          3) If the \"linkPortId\" attribute is absent, the VNFM shall create a link port.\n          4) If the \"cpProtocolData\" attribute is absent, the \"linkPortId\" attribute shall be provided referencing a\n          precreated link port, and the VNFM can use means outside the scope of the present document to obtain the\n          pre-configured address information for the connection point from the resource representing the link port.\n          5) If both \"cpProtocolData\" and \"linkportId\" are provided, the NFVO shall ensure that the\n          cpProtocolData can be used with the pre-created link port referenced by \"linkPortId\".\n\n* NOTE 2: The following conditions apply to the attributes “netAttDefResourceId” and “cpProtocolData” for an external CP\n          instance connected or to be connected to a secondary container cluster network:\n          1) The \"netAttDefResourceId\" and \"cpProtocolData\" attributes shall both be absent for the deletion of an\n          existing external CP instance addressed by cpInstanceId.\n          2) The \"netAttDefResourceId\" attribute shall be present and the \"cpProtocolData\" attribute may be present for\n          a to-be-created external CP instance or an existing external CP instance.\n* NOTE 3: Cardinality greater than 1 is only applicable for specific cases where more than one network attachment\n          definition resource is needed to fulfil the connectivity requirements of the external CP, e.g. to build a link\n          redundant mated pair in SR-IOV cases. When more than one netAttDefResourceId is indicated, all shall belong\n          to the same namespace as defined by the corresponding \"netAttDefResourceNamespace\" attribute in the\n          \"NetAttDefResourceData\".\n* NOTE 4: Either linkPortId or netAttDefResourceId may be included, but not both.\n",
                         "anyOf": [
                           {
-                            "required": ["linkPortId"]
+                            "required": [
+                              "linkPortId"
+                            ]
                           },
                           {
-                            "required": ["cpProtocolData"]
+                            "required": [
+                              "cpProtocolData"
+                            ]
                           },
                           {
-                            "required": ["netAttDefResourceId"]
+                            "required": [
+                              "netAttDefResourceId"
+                            ]
                           }
                         ],
                         "type": "object",
@@ -982,7 +1421,9 @@
                             "items": {
                               "description": "This type represents network protocol data. * NOTE:\tThis attribute allows to signal the addition of further types of layer and protocol\n          in future versions of the present document in a backwards-compatible way. In the current\n          version of the present document, only IP over Ethernet is supported.\n",
                               "type": "object",
-                              "required": ["layerProtocol"],
+                              "required": [
+                                "layerProtocol"
+                              ],
                               "properties": {
                                 "layerProtocol": {
                                   "description": "Identifier of layer(s) and protocol(s). Permitted values:\n  - IP_OVER_ETHERNET.\n  - IP_FOR_VIRTUAL_CP\nSee note\n",
@@ -997,21 +1438,31 @@
                                   "type": "object",
                                   "anyOf": [
                                     {
-                                      "required": ["macAddress"]
+                                      "required": [
+                                        "macAddress"
+                                      ]
                                     },
                                     {
-                                      "required": ["ipAddresses"]
+                                      "required": [
+                                        "ipAddresses"
+                                      ]
                                     }
                                   ],
                                   "oneOf": [
                                     {
-                                      "required": ["fixedAddresses"]
+                                      "required": [
+                                        "fixedAddresses"
+                                      ]
                                     },
                                     {
-                                      "required": ["numDynamicAddresses"]
+                                      "required": [
+                                        "numDynamicAddresses"
+                                      ]
                                     },
                                     {
-                                      "required": ["ipAddressRange"]
+                                      "required": [
+                                        "ipAddressRange"
+                                      ]
                                     }
                                   ],
                                   "properties": {
@@ -1023,7 +1474,10 @@
                                     "segmentationType": {
                                       "description": "Specifies the encapsulation type for the traffics coming in and out of the trunk subport. Permitted values: -\tVLAN: the subport uses VLAN as encapsulation type. -\tINHERIT: the subport gets its segmentation type from the network it’s connected to. This attribute may be present for CP instances that represent subports in a trunk and shall be absent otherwise. If this attribute is not present for a subport CP instance, default value VLAN shall be used.\n",
                                       "type": "string",
-                                      "enum": ["VLAN", "INHERIT"]
+                                      "enum": [
+                                        "VLAN",
+                                        "INHERIT"
+                                      ]
                                     },
                                     "segmentationId": {
                                       "description": "Identification of the network segment to which the CP instance connects to. See note 3 and note 4.\n",
@@ -1034,12 +1488,17 @@
                                       "type": "array",
                                       "items": {
                                         "type": "object",
-                                        "required": ["type"],
+                                        "required": [
+                                          "type"
+                                        ],
                                         "properties": {
                                           "type": {
                                             "description": "The type of the IP addresses. Permitted values: IPV4, IPV6.\n",
                                             "type": "string",
-                                            "enum": ["IPV4", "IPV6"]
+                                            "enum": [
+                                              "IPV4",
+                                              "IPV6"
+                                            ]
                                           },
                                           "fixedAddresses": {
                                             "description": "Fixed addresses to assign (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
@@ -1086,12 +1545,17 @@
                                 "virtualCpAddress": {
                                   "description": "This type represents network address data for a virtual CP.\n* NOTE 1: If the container cluster is set up to be able to configure an external load balancer this address will be used,\n          otherwise it will be ignored by the CISM.\n\n* NOTE 2: In case the cluster can configure an external load balancer but no loadBalancerIp is provided the container\n          cluster will assign an IP address.\n",
                                   "type": "object",
-                                  "required": ["type"],
+                                  "required": [
+                                    "type"
+                                  ],
                                   "properties": {
                                     "type": {
                                       "description": "The type of the IP addresses. Permitted values: IPV4, IPV6.\n",
                                       "type": "string",
-                                      "enum": ["IPV4", "IPV6"]
+                                      "enum": [
+                                        "IPV4",
+                                        "IPV6"
+                                      ]
                                     },
                                     "loadBalancerIp": {
                                       "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
@@ -1119,14 +1583,19 @@
                 "items": {
                   "description": "This type contains information related to a network attachment definition resource that provides the  specification of the interface used to connect one or multiple connection points to a secondary container  cluster network.\n",
                   "type": "object",
-                  "required": ["netAttDefResourceInfoId", "netAttDefResource"],
+                  "required": [
+                    "netAttDefResourceInfoId",
+                    "netAttDefResource"
+                  ],
                   "properties": {
                     "netAttDefResourceInfoId": {
                       "description": "An identifier with the intention of being globally unique.\n",
                       "type": "string"
                     },
                     "netAttDefResource": {
-                      "required": ["resourceId"],
+                      "required": [
+                        "resourceId"
+                      ],
                       "type": "object",
                       "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                       "properties": {
@@ -1197,7 +1666,11 @@
           "type": "array",
           "items": {
             "type": "object",
-            "required": ["id", "vnfVirtualLinkDescId", "networkResource"],
+            "required": [
+              "id",
+              "vnfVirtualLinkDescId",
+              "networkResource"
+            ],
             "properties": {
               "id": {
                 "description": "An identifier with the intention of being globally unique.\n",
@@ -1212,7 +1685,9 @@
                 "type": "string"
               },
               "networkResource": {
-                "required": ["resourceId"],
+                "required": [
+                  "resourceId"
+                ],
                 "type": "object",
                 "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                 "properties": {
@@ -1262,14 +1737,19 @@
                 "items": {
                   "description": "This type represents a link port of an internal VL of a VNF.\nNOTE 1: Either cpInstanceId with cpInstanceType set to \"EXT_CP\" or any combination of cpInstanceId\n        with cpInstanceType set to \"VNFC_CP\" and vipCpInstanceId (i.e. one or both of them) shall be \n        present for a VnfLinkPortInfo. In case both cpInstanceId with cpInstanceType set to \"VNFC_CP\" \n        and vipCpInstanceId are present, the two different CP instances share the linkport.\nNOTE 2: Annex A.4 of ETSI GS NFV-IFA 007 provides examples for configurations where both vipCpInstanceId\n        and vnfcCpInstanceId are present (UC#5 and UC#5-b), only vnfcCpInstanceId is present (UC#2), or \n        only vipCpInstanceId is present (UC6 and UC#6-b).\nNOTE 3: The value of \"trunkResourceId\" is scoped by the value of \"vimConnectionId\" in the \"resourceHandle\"\n        attribute.\n",
                   "type": "object",
-                  "required": ["id", "resourceHandle"],
+                  "required": [
+                    "id",
+                    "resourceHandle"
+                  ],
                   "properties": {
                     "id": {
                       "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
                       "type": "string"
                     },
                     "resourceHandle": {
-                      "required": ["resourceId"],
+                      "required": [
+                        "resourceId"
+                      ],
                       "type": "object",
                       "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                       "properties": {
@@ -1320,7 +1800,10 @@
                     "cpInstanceType": {
                       "description": "Type of the CP instance that is identified by cpInstanceId.  Shall be present if \"cpInstanceId\" is present and shall be absent otherwise.\nPermitted values: - VNFC_CP: The link port is connected to a VNFC CP. -\tEXT_CP: The link port is associated to an external CP. See note 1.\n",
                       "type": "string",
-                      "enum": ["VNFC_CP", "EXT_CP"]
+                      "enum": [
+                        "VNFC_CP",
+                        "EXT_CP"
+                      ]
                     },
                     "vipCpInstanceId": {
                       "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
@@ -1339,14 +1822,19 @@
                 "items": {
                   "description": "This type contains information related to a network attachment definition resource that provides the  specification of the interface used to connect one or multiple connection points to a secondary container  cluster network.\n",
                   "type": "object",
-                  "required": ["netAttDefResourceInfoId", "netAttDefResource"],
+                  "required": [
+                    "netAttDefResourceInfoId",
+                    "netAttDefResource"
+                  ],
                   "properties": {
                     "netAttDefResourceInfoId": {
                       "description": "An identifier with the intention of being globally unique.\n",
                       "type": "string"
                     },
                     "netAttDefResource": {
-                      "required": ["resourceId"],
+                      "required": [
+                        "resourceId"
+                      ],
                       "type": "object",
                       "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                       "properties": {
@@ -1421,7 +1909,10 @@
           "type": "array",
           "items": {
             "type": "object",
-            "required": ["id", "performanceMetric"],
+            "required": [
+              "id",
+              "performanceMetric"
+            ],
             "properties": {
               "id": {
                 "description": "An identifier that is unique within a VNF descriptor.\n",
@@ -1452,7 +1943,11 @@
           "items": {
             "description": "This type represents the information on virtualised compute and storage resources used by a VNFC in a VNF instance. Depending on the form of virtualisation container of the VNFC:\n  - For a VNFC based on VM, a reference to the corresponding VirtualCompute shall be provided, and\n  - For a VNFC based on OS container(s), a reference to the Compute MCIO shall be provided. Hence, exposure of\n    information by the VNFM to the NFVO is at the MCIO level.\nIn addition, the references to the storage resources depend on the form of the VNFC:\n  a) For a VNFC based on VM, storage resource identifiers shall refer to VirtualStorage resources, and\n  b) For a VNFC based on OS container(s), storage resource identifiers shall refer to Storage MCIOs.\n\nNOTE 1:\tETSI GS NFV-SOL 001 specifies the structure and format of the VNFD based on \n        TOSCA specifications.\nNOTE 2:\tA VNFC CP is \"connected to\" an external CP if the VNFC CP is connected to an \n        internal VL that exposes an external CP. A VNFC CP is \"exposed as\" an external \n        CP if it is connected directly to an external VL.\nNOTE 3:\tThe information can be omitted because it is already available as part of the \n        external CP information.\nNOTE 4: If only the value or the presence of this attribute is changed in the \"VnfcResourceInfo\"\n        structure by an LCM operation occurrence, this does not represent a change that requires\n        including a related \"AffectedVnfc\" structure in the VNF LCM operation occurrence notifications\n        or the \"VnfLcmOpOcc\" structure related to this LCM operation occurrence.\nNOTE 5: Cardinality greater than 1 is only applicable for specific cases where more than one network attachment\n        definition resource is needed to fulfil the connectivity requirements of the internal CP, e.g. to build a link\n        redundant mated pair in SR-IOV cases.\nNOTE 6: When more than one netAttDefResourceId is indicated, all shall belong to the same namespace.\n",
             "type": "object",
-            "required": ["id", "vduId", "computeResource"],
+            "required": [
+              "id",
+              "vduId",
+              "computeResource"
+            ],
             "properties": {
               "id": {
                 "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
@@ -1467,7 +1962,9 @@
                 "type": "string"
               },
               "computeResource": {
-                "required": ["resourceId"],
+                "required": [
+                  "resourceId"
+                ],
                 "type": "object",
                 "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                 "properties": {
@@ -1532,7 +2029,10 @@
                 "type": "array",
                 "items": {
                   "type": "object",
-                  "required": ["id", "cpdId"],
+                  "required": [
+                    "id",
+                    "cpdId"
+                  ],
                   "properties": {
                     "id": {
                       "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
@@ -1552,30 +2052,43 @@
                       "items": {
                         "description": "This type describes the protocol layer(s) that a CP uses together with protocol-related information, like addresses.\nNOTE:\tThis attribute allows to signal the addition of further types of layer and protocol in future versions of the \n      present document in a backwards-compatible way. In the current version of the present document, only IP over \n      Ethernet is supported.\n",
                         "type": "object",
-                        "required": ["layerProtocol"],
+                        "required": [
+                          "layerProtocol"
+                        ],
                         "properties": {
                           "layerProtocol": {
                             "description": "The identifier of layer(s) and protocol(s) associated to the network address information.\nPermitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
                             "type": "string",
-                            "enum": ["IP_OVER_ETHERNET", "IP_FOR_VIRTUAL_CP"]
+                            "enum": [
+                              "IP_OVER_ETHERNET",
+                              "IP_FOR_VIRTUAL_CP"
+                            ]
                           },
                           "ipOverEthernet": {
                             "description": "This type represents information about a network address that has been assigned.\nNOTE 1:\tAt least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2:\tExactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3:\tIf the Cp instance represents a subport in a trunk, segmentationId shall be present. \n        Otherwise it shall not be present.\nNOTE 4:\tDepending on the NFVI networking infrastructure, the segmentationId may indicate the \n        actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the \n        transport header of the packets or it may be an identifier used between the application \n        and the NFVI networking infrastructure to identify the network sub-interface of the trunk \n        port in question. In the latter case the NFVI infrastructure will map this local segmentationId \n        to whatever segmentationId is actually used by the NFVI’s transport technology.\n",
                             "type": "object",
                             "anyOf": [
                               {
-                                "required": ["macAddress"]
+                                "required": [
+                                  "macAddress"
+                                ]
                               },
                               {
-                                "required": ["ipAddresses"]
+                                "required": [
+                                  "ipAddresses"
+                                ]
                               }
                             ],
                             "oneOf": [
                               {
-                                "required": ["addresses"]
+                                "required": [
+                                  "addresses"
+                                ]
                               },
                               {
-                                "required": ["addressRange"]
+                                "required": [
+                                  "addressRange"
+                                ]
                               }
                             ],
                             "properties": {
@@ -1593,12 +2106,17 @@
                                 "type": "array",
                                 "items": {
                                   "type": "object",
-                                  "required": ["type"],
+                                  "required": [
+                                    "type"
+                                  ],
                                   "properties": {
                                     "type": {
                                       "description": "The type of the IP addresses. Permitted values: IPV4, IPV6.\n",
                                       "type": "string",
-                                      "enum": ["IPV4", "IPV6"]
+                                      "enum": [
+                                        "IPV4",
+                                        "IPV6"
+                                      ]
                                     },
                                     "addresses": {
                                       "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
@@ -1616,7 +2134,10 @@
                                     "addressRange": {
                                       "description": "An IP address range used, e.g. in case of egress connections. See note 2.\n",
                                       "type": "object",
-                                      "required": ["minAddress", "maxAddress"],
+                                      "required": [
+                                        "minAddress",
+                                        "maxAddress"
+                                      ],
                                       "properties": {
                                         "minAddress": {
                                           "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
@@ -1642,12 +2163,17 @@
                           "virtualCpAddress": {
                             "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
                             "type": "object",
-                            "required": ["type"],
+                            "required": [
+                              "type"
+                            ],
                             "properties": {
                               "type": {
                                 "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
                                 "type": "string",
-                                "enum": ["IPV4", "IPV6"]
+                                "enum": [
+                                  "IPV4",
+                                  "IPV6"
+                                ]
                               },
                               "loadBalancerIp": {
                                 "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
@@ -1682,6 +2208,10 @@
                     "metadata": {
                       "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
                       "type": "object"
+                    },
+                    "certificateContentId": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
                     }
                   }
                 }
@@ -1689,6 +2219,10 @@
               "metadata": {
                 "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
                 "type": "object"
+              },
+              "certificateContentId": {
+                "description": "An identifier with the intention of being globally unique.\n",
+                "type": "string"
               }
             }
           }
@@ -1699,7 +2233,11 @@
           "items": {
             "description": "This type represents the information that allows addressing a virtualised resource that is used by an internal VL instance in a VNF instance.\nNote: If only the value or the presence of this attribute is changed in the \"VnfVirtualLinkResourceInfo\"\n      structure by an LCM operation occurrence, this does not represent a change that requires including\n      a related \"AffectedVirtualLink\" structure in the VNF LCM operation occurrence notifications or the\n      \"VnfLcmOpOcc\" structure related to this LCM operation occurrence.\n",
             "type": "object",
-            "required": ["id", "vnfVirtualLinkDescId", "networkResource"],
+            "required": [
+              "id",
+              "vnfVirtualLinkDescId",
+              "networkResource"
+            ],
             "properties": {
               "id": {
                 "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
@@ -1714,7 +2252,9 @@
                 "type": "string"
               },
               "networkResource": {
-                "required": ["resourceId"],
+                "required": [
+                  "resourceId"
+                ],
                 "type": "object",
                 "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                 "properties": {
@@ -1772,14 +2312,19 @@
                 "items": {
                   "description": "This type represents a link port of an internal VL of a VNF.\nNOTE 1: Either cpInstanceId with cpInstanceType set to \"EXT_CP\" or any combination of cpInstanceId\n        with cpInstanceType set to \"VNFC_CP\" and vipCpInstanceId (i.e. one or both of them) shall be \n        present for a VnfLinkPortInfo. In case both cpInstanceId with cpInstanceType set to \"VNFC_CP\" \n        and vipCpInstanceId are present, the two different CP instances share the linkport.\nNOTE 2: Annex A.4 of ETSI GS NFV-IFA 007 provides examples for configurations where both vipCpInstanceId\n        and vnfcCpInstanceId are present (UC#5 and UC#5-b), only vnfcCpInstanceId is present (UC#2), or \n        only vipCpInstanceId is present (UC6 and UC#6-b).\nNOTE 3: The value of \"trunkResourceId\" is scoped by the value of \"vimConnectionId\" in the \"resourceHandle\"\n        attribute.\n",
                   "type": "object",
-                  "required": ["id", "resourceHandle"],
+                  "required": [
+                    "id",
+                    "resourceHandle"
+                  ],
                   "properties": {
                     "id": {
                       "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
                       "type": "string"
                     },
                     "resourceHandle": {
-                      "required": ["resourceId"],
+                      "required": [
+                        "resourceId"
+                      ],
                       "type": "object",
                       "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                       "properties": {
@@ -1830,7 +2375,10 @@
                     "cpInstanceType": {
                       "description": "Type of the CP instance that is identified by cpInstanceId.  Shall be present if \"cpInstanceId\" is present and shall be absent otherwise.\nPermitted values: - VNFC_CP: The link port is connected to a VNFC CP. -\tEXT_CP: The link port is associated to an external CP. See note 1.\n",
                       "type": "string",
-                      "enum": ["VNFC_CP", "EXT_CP"]
+                      "enum": [
+                        "VNFC_CP",
+                        "EXT_CP"
+                      ]
                     },
                     "vipCpInstanceId": {
                       "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
@@ -1856,7 +2404,11 @@
           "items": {
             "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance.\nNote: If only the value or the presence of this attribute is changed in the \"VirtualStorageResourceInfo\"\n      structure by an LCM operation occurrence, this does not represent a change that requires\n      including a related \"AffectedVirtualStorage\" structure in the VNF LCM operation occurrence\n      notifications or the \"VnfLcmOpOcc\" structure related to this LCM operation occurrence.\n",
             "type": "object",
-            "required": ["id", "virtualStorageDescId", "storageResource"],
+            "required": [
+              "id",
+              "virtualStorageDescId",
+              "storageResource"
+            ],
             "properties": {
               "id": {
                 "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
@@ -1871,7 +2423,9 @@
                 "type": "string"
               },
               "storageResource": {
-                "required": ["resourceId"],
+                "required": [
+                  "resourceId"
+                ],
                 "type": "object",
                 "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                 "properties": {
@@ -1970,7 +2524,11 @@
               "mcioType": {
                 "description": "The type of MCIO. Specific values, their semantics and associated MCIO types are defined in clause  5.5.4.9. Additional values are also permitted. See note 1.\n",
                 "type": "string",
-                "enum": ["Deployment", "StatefulSet"]
+                "enum": [
+                  "Deployment",
+                  "StatefulSet",
+                  "DaemonSet"
+                ]
               },
               "desiredInstances": {
                 "description": "Number of desired MCIO instances.\n",
@@ -1980,6 +2538,76 @@
                 "description": "Number of available MCIO instances.\n",
                 "type": "integer"
               },
+              "additionalInfo": {
+                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                "type": "object"
+              },
+              "certificateContentId": {
+                "description": "An identifier with the intention of being globally unique.\n",
+                "type": "string"
+              }
+            }
+          }
+        },
+        "vnfPaasServiceInfo": {
+          "description": "Information on the PaaS Services assigned and used by the VNF instance.\n",
+          "type": "array",
+          "items": {
+            "description": "This type provides input information about a PaaS Service that is used by a VNF instance. The PaasServiceInfo is comprised of various sets of information. Some information comes from the VNFD, other information comes from the PaaS Service assets provided by the NFVO to the VNFM, and other information is provided at runtime information about the usage of the PaaS Service.\n",
+            "type": "object",
+            "required": [
+              "id",
+              "paasServiceId",
+              "paasServiceType",
+              "paasServiceRequestId",
+              "paasServiceHandle"
+            ],
+            "properties": {
+              "id": {
+                "description": "An identifier with the intention of being globally unique.\n",
+                "type": "string"
+              },
+              "paasServiceId": {
+                "description": "An identifier with the intention of being globally unique.\n",
+                "type": "string"
+              },
+              "paasServiceType": {
+                "description": "The type of PaaS Service. The value of this attribute is expected to be matched against values of the registered PaaS Services in the PSR.",
+                "type": "string"
+              },
+              "paasServiceVersion": {
+                "description": "A version.\n",
+                "type": "string"
+              },
+              "paasServiceRequestId": {
+                "description": "An identifier that is unique within a VNF descriptor.\n",
+                "type": "string"
+              },
+              "paasServiceHandle": {
+                "description": "This type provides information enabling the access and use of the PaaS Service by the VNF instance. The type and format of the handle depends on the form that the PaaS Service is formed.\n",
+                "type": "object",
+                "required": [
+                  "id"
+                ],
+                "properties": {
+                  "id": {
+                    "description": "An identifier with the intention of being globally unique.\n",
+                    "type": "string"
+                  },
+                  "interfaceInfo": {
+                    "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                    "type": "object"
+                  },
+                  "accessInfo": {
+                    "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                    "type": "object"
+                  },
+                  "extra": {
+                    "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                    "type": "object"
+                  }
+                }
+              },
               "additionalInfo": {
                 "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
                 "type": "object"
@@ -2000,12 +2628,16 @@
     "_links": {
       "description": "Links to resources related to this resource.\n",
       "type": "object",
-      "required": ["self"],
+      "required": [
+        "self"
+      ],
       "properties": {
         "self": {
           "description": "This type represents a link to a resource using an absolute URI.\n",
           "type": "object",
-          "required": ["href"],
+          "required": [
+            "href"
+          ],
           "properties": {
             "href": {
               "description": "String formatted according to IETF RFC 3986.\n",
@@ -2016,7 +2648,9 @@
         "indicators": {
           "description": "This type represents a link to a resource using an absolute URI.\n",
           "type": "object",
-          "required": ["href"],
+          "required": [
+            "href"
+          ],
           "properties": {
             "href": {
               "description": "String formatted according to IETF RFC 3986.\n",
@@ -2027,7 +2661,9 @@
         "instantiate": {
           "description": "This type represents a link to a resource using an absolute URI.\n",
           "type": "object",
-          "required": ["href"],
+          "required": [
+            "href"
+          ],
           "properties": {
             "href": {
               "description": "String formatted according to IETF RFC 3986.\n",
@@ -2038,7 +2674,9 @@
         "terminate": {
           "description": "This type represents a link to a resource using an absolute URI.\n",
           "type": "object",
-          "required": ["href"],
+          "required": [
+            "href"
+          ],
           "properties": {
             "href": {
               "description": "String formatted according to IETF RFC 3986.\n",
@@ -2049,7 +2687,9 @@
         "scale": {
           "description": "This type represents a link to a resource using an absolute URI.\n",
           "type": "object",
-          "required": ["href"],
+          "required": [
+            "href"
+          ],
           "properties": {
             "href": {
               "description": "String formatted according to IETF RFC 3986.\n",
@@ -2060,7 +2700,9 @@
         "scaleToLevel": {
           "description": "This type represents a link to a resource using an absolute URI.\n",
           "type": "object",
-          "required": ["href"],
+          "required": [
+            "href"
+          ],
           "properties": {
             "href": {
               "description": "String formatted according to IETF RFC 3986.\n",
@@ -2071,7 +2713,9 @@
         "changeFlavour": {
           "description": "This type represents a link to a resource using an absolute URI.\n",
           "type": "object",
-          "required": ["href"],
+          "required": [
+            "href"
+          ],
           "properties": {
             "href": {
               "description": "String formatted according to IETF RFC 3986.\n",
@@ -2082,7 +2726,9 @@
         "heal": {
           "description": "This type represents a link to a resource using an absolute URI.\n",
           "type": "object",
-          "required": ["href"],
+          "required": [
+            "href"
+          ],
           "properties": {
             "href": {
               "description": "String formatted according to IETF RFC 3986.\n",
@@ -2093,7 +2739,9 @@
         "operate": {
           "description": "This type represents a link to a resource using an absolute URI.\n",
           "type": "object",
-          "required": ["href"],
+          "required": [
+            "href"
+          ],
           "properties": {
             "href": {
               "description": "String formatted according to IETF RFC 3986.\n",
@@ -2104,7 +2752,9 @@
         "changeExtConn": {
           "description": "This type represents a link to a resource using an absolute URI.\n",
           "type": "object",
-          "required": ["href"],
+          "required": [
+            "href"
+          ],
           "properties": {
             "href": {
               "description": "String formatted according to IETF RFC 3986.\n",
@@ -2115,7 +2765,9 @@
         "createSnapshot": {
           "description": "This type represents a link to a resource using an absolute URI.\n",
           "type": "object",
-          "required": ["href"],
+          "required": [
+            "href"
+          ],
           "properties": {
             "href": {
               "description": "String formatted according to IETF RFC 3986.\n",
@@ -2126,7 +2778,9 @@
         "revertToSnapshot": {
           "description": "This type represents a link to a resource using an absolute URI.\n",
           "type": "object",
-          "required": ["href"],
+          "required": [
+            "href"
+          ],
           "properties": {
             "href": {
               "description": "String formatted according to IETF RFC 3986.\n",
@@ -2137,7 +2791,9 @@
         "changeCurrentVnfPkg": {
           "description": "This type represents a link to a resource using an absolute URI.\n",
           "type": "object",
-          "required": ["href"],
+          "required": [
+            "href"
+          ],
           "properties": {
             "href": {
               "description": "String formatted according to IETF RFC 3986.\n",
diff --git a/SOL003/VNFLifecycleManagement-API/schemas/vnfInstances.schema.json b/SOL003/VNFLifecycleManagement-API/schemas/vnfInstances.schema.json
index 6abfe683c4dd438024a0e399b70b208e693a8054..4a77983cb489cd236a0519079245c2db86fbc75b 100644
--- a/SOL003/VNFLifecycleManagement-API/schemas/vnfInstances.schema.json
+++ b/SOL003/VNFLifecycleManagement-API/schemas/vnfInstances.schema.json
@@ -56,7 +56,9 @@
         "additionalProperties": {
           "description": "This type represents parameters to connect to a VIM, a CISM, a CIR or a MCIOP repository for managing the resources of a VNF instance.\nThis structure is used to convey VIM-related, CISM-related, CIR-related, or MCIOP-repository-related parameters over the Or-Vnfm interface. Additional parameters for a VIM, a CISM, a CIR or a MCIOP repository may be configured into the VNFM by means outside the scope of the present document and bound to the identifier of that VIM.\n* NOTE 1:\tIf applicable, this attribute also provides information about the resourceGroupIds\n          that are accessible using a particular set of credentials. See definition of\n          \"resourceGroupId\" in clause 9.5.3.3.\n* NOTE 2:\tOnce the connectivity between VNFM and VIM, CISM, CIR or MCIOP repository is provided\n          through a secure connection over HTTP Secure (HTTP over SSL/TLS), and the connection might also be\n          established through a VPN (for example TLS-based VPN tunnelling) for site-to-site connection, the\n          \"accessInfo\" JSON data structure, and the sensitive data related information (\"username\"/\"password\" as\n          required properties for authentication purpose), will be transmitted as plain text through a TLS tunnel\n          without additional encoding/encryption before transmitting it, making the sensitive data visible to the\n          endpoint. The base64 encoded certificates are only used by the VNFM to verify the authenticity of the\n          interface endpoint of the VIM, CISM, CIR or MCIOP repository.\n \n* NOTE 3:\t ETSI GS NFV-SOL 009 [i.18] specifies the means to configure into the VNFM applicable VIM connection information via the \"NFV-MANO Configuration and Information Management\" interface. \n* NOTE 4:\t  Due to the possibility of configuring such information into the VNFM out-of-band, by means outside the scope of the present document, as well as in-band, by means specified in the present document, care should be taken to avoid unintended conflicts in the VNFM when managing such information.\n",
           "type": "object",
-          "required": ["vimType"],
+          "required": [
+            "vimType"
+          ],
           "properties": {
             "vimId": {
               "description": "An identifier with the intention of being globally unique.\n",
@@ -87,7 +89,9 @@
         "additionalProperties": {
           "description": "This type represents parameters to connect to a VIM, a CISM, a CIR or a MCIOP repository for managing the resources of a VNF instance.\nThis structure is used to convey VIM-related, CISM-related, CIR-related, or MCIOP-repository-related parameters over the Or-Vnfm interface. Additional parameters for a VIM, a CISM, a CIR or a MCIOP repository may be configured into the VNFM by means outside the scope of the present document and bound to the identifier of that VIM.\n* NOTE 1:\tIf applicable, this attribute also provides information about the resourceGroupIds\n          that are accessible using a particular set of credentials. See definition of\n          \"resourceGroupId\" in clause 9.5.3.3.\n* NOTE 2:\tOnce the connectivity between VNFM and VIM, CISM, CIR or MCIOP repository is provided\n          through a secure connection over HTTP Secure (HTTP over SSL/TLS), and the connection might also be\n          established through a VPN (for example TLS-based VPN tunnelling) for site-to-site connection, the\n          \"accessInfo\" JSON data structure, and the sensitive data related information (\"username\"/\"password\" as\n          required properties for authentication purpose), will be transmitted as plain text through a TLS tunnel\n          without additional encoding/encryption before transmitting it, making the sensitive data visible to the\n          endpoint. The base64 encoded certificates are only used by the VNFM to verify the authenticity of the\n          interface endpoint of the VIM, CISM, CIR or MCIOP repository.\n \n* NOTE 3:\t ETSI GS NFV-SOL 009 [i.18] specifies the means to configure into the VNFM applicable VIM connection information via the \"NFV-MANO Configuration and Information Management\" interface. \n* NOTE 4:\t  Due to the possibility of configuring such information into the VNFM out-of-band, by means outside the scope of the present document, as well as in-band, by means specified in the present document, care should be taken to avoid unintended conflicts in the VNFM when managing such information.\n",
           "type": "object",
-          "required": ["vimType"],
+          "required": [
+            "vimType"
+          ],
           "properties": {
             "vimId": {
               "description": "An identifier with the intention of being globally unique.\n",
@@ -118,7 +122,9 @@
         "additionalProperties": {
           "description": "This type represents parameters to connect to a VIM, a CISM, a CIR or a MCIOP repository for managing the resources of a VNF instance.\nThis structure is used to convey VIM-related, CISM-related, CIR-related, or MCIOP-repository-related parameters over the Or-Vnfm interface. Additional parameters for a VIM, a CISM, a CIR or a MCIOP repository may be configured into the VNFM by means outside the scope of the present document and bound to the identifier of that VIM.\n* NOTE 1:\tIf applicable, this attribute also provides information about the resourceGroupIds\n          that are accessible using a particular set of credentials. See definition of\n          \"resourceGroupId\" in clause 9.5.3.3.\n* NOTE 2:\tOnce the connectivity between VNFM and VIM, CISM, CIR or MCIOP repository is provided\n          through a secure connection over HTTP Secure (HTTP over SSL/TLS), and the connection might also be\n          established through a VPN (for example TLS-based VPN tunnelling) for site-to-site connection, the\n          \"accessInfo\" JSON data structure, and the sensitive data related information (\"username\"/\"password\" as\n          required properties for authentication purpose), will be transmitted as plain text through a TLS tunnel\n          without additional encoding/encryption before transmitting it, making the sensitive data visible to the\n          endpoint. The base64 encoded certificates are only used by the VNFM to verify the authenticity of the\n          interface endpoint of the VIM, CISM, CIR or MCIOP repository.\n \n* NOTE 3:\t ETSI GS NFV-SOL 009 [i.18] specifies the means to configure into the VNFM applicable VIM connection information via the \"NFV-MANO Configuration and Information Management\" interface. \n* NOTE 4:\t  Due to the possibility of configuring such information into the VNFM out-of-band, by means outside the scope of the present document, as well as in-band, by means specified in the present document, care should be taken to avoid unintended conflicts in the VNFM when managing such information.\n",
           "type": "object",
-          "required": ["vimType"],
+          "required": [
+            "vimType"
+          ],
           "properties": {
             "vimId": {
               "description": "An identifier with the intention of being globally unique.\n",
@@ -143,15 +149,299 @@
           }
         }
       },
+      "certificateInfo": {
+        "description": "This type provides input information related to certificate and certificate management.\n",
+        "type": "object",
+        "required": [
+          "id"
+        ],
+        "properties": {
+          "id": {
+            "description": "An identifier with the intention of being globally unique.\n",
+            "type": "string"
+          },
+          "certificateConfigurationInfo": {
+            "description": "This type provides input information related to certificate management.\n",
+            "type": "object",
+            "required": [
+              "securityPolicy"
+            ],
+            "properties": {
+              "certificateBaseProfile": {
+                "description": "Information for certificate profile.",
+                "type": "array",
+                "items": {
+                  "description": "NOTE: At least one overriding attributes shall be present, otherwise shall be absent.\nThis type provides input information to override certificate base profile for certificate management.\n",
+                  "type": "object",
+                  "required": [
+                    "id"
+                  ],
+                  "properties": {
+                    "id": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "issuer": {
+                      "description": "Issuer of certificates. See note.",
+                      "type": "string"
+                    },
+                    "issuerUniqueIdentifier": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "subject": {
+                      "description": "This type provides input information related to the subject of the certificate.\nNOTE: At least one overriding attributes shall be present, otherwise shall be absent.\n",
+                      "type": "object",
+                      "properties": {
+                        "commonName": {
+                          "description": "Information of the certification target subject FQDN. Can be set empty when this certificate is used for encrypted communication using IP address. See note.\n",
+                          "type": "string"
+                        },
+                        "organization": {
+                          "description": "Information of the certification target subject Organization. See note.",
+                          "type": "string"
+                        },
+                        "country": {
+                          "description": "Information of the certification target subject Country. See note.",
+                          "type": "string"
+                        },
+                        "state": {
+                          "description": "Information of the certification target subject State. See note.",
+                          "type": "string"
+                        },
+                        "locality": {
+                          "description": "Information of the certification target subject Locality. See note.",
+                          "type": "string"
+                        },
+                        "emailAddress": {
+                          "description": "Information of the certification contact email address. See note.",
+                          "type": "string"
+                        }
+                      }
+                    },
+                    "subjectUniqueIdentifier": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "basicConstraints": {
+                      "description": "Basic constraints of certificates. See note.",
+                      "type": "string"
+                    },
+                    "issuerAltName": {
+                      "description": "Alternative name of issuer of certificates in this NS. See note.",
+                      "type": "array",
+                      "items": {
+                        "type": "string"
+                      }
+                    },
+                    "subjectAltName": {
+                      "description": "Alternative name of subject of certificates. Shall be present when this certificate is used for encrypted communication using IP address and subjectAltName attribute of CertificateBaseProfile in CertificateDesc of VNFD is empty (see ETSI GS NFV-IFA 011 [14], clause 7.1.19.4). See note.\n",
+                      "type": "array",
+                      "items": {
+                        "type": "string"
+                      }
+                    },
+                    "nameConstraints": {
+                      "description": "Name constraints of certificates. See note.",
+                      "type": "array",
+                      "items": {
+                        "type": "string"
+                      }
+                    }
+                  }
+                }
+              },
+              "securityPolicy": {
+                "description": "Information for security policy to be satisfied for certificate.",
+                "type": "array",
+                "items": {
+                  "description": "This type provides input information related to security policy for certificate management.\n",
+                  "type": "object",
+                  "required": [
+                    "id"
+                  ],
+                  "properties": {
+                    "id": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "maxValidityPeriod": {
+                      "description": "Allowed max validity period for certificates.",
+                      "type": "number"
+                    },
+                    "allowedAlgorithm": {
+                      "description": "Allowed signature algorithm.",
+                      "type": "string"
+                    },
+                    "minimumKeyLength": {
+                      "description": "Minimum key length for certificates.",
+                      "type": "number"
+                    }
+                  }
+                }
+              },
+              "delegationSupportedCertificateManagements": {
+                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                "type": "object"
+              },
+              "cmfInfo": {
+                "description": "This type provides input information related to CMF for certificate management.\n",
+                "type": "object",
+                "required": [
+                  "id",
+                  "endPoint",
+                  "supportedProtocol"
+                ],
+                "properties": {
+                  "id": {
+                    "description": "An identifier with the intention of being globally unique.\n",
+                    "type": "string"
+                  },
+                  "endPoint": {
+                    "description": "End point of CMF instance.",
+                    "type": "object",
+                    "properties": {
+                      "ipAddress": {
+                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                        "type": "string",
+                        "format": "IP"
+                      },
+                      "link": {
+                        "description": "This type represents a link to a resource using an absolute URI.\n",
+                        "type": "object",
+                        "required": [
+                          "href"
+                        ],
+                        "properties": {
+                          "href": {
+                            "description": "String formatted according to IETF RFC 3986.\n",
+                            "type": "string"
+                          }
+                        }
+                      }
+                    }
+                  },
+                  "supportedProtocol": {
+                    "description": "Supported protocols by CMF instance.",
+                    "type": "array",
+                    "items": {
+                      "description": "Supported protocol by CMF instance.",
+                      "type": "string",
+                      "enum": [
+                        "CMP",
+                        "CMPv2",
+                        "EST",
+                        "SCEP"
+                      ]
+                    }
+                  },
+                  "certificateChain": {
+                    "description": "Certificate chain that this CMF provides.",
+                    "type": "array",
+                    "items": {
+                      "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                      "type": "object"
+                    }
+                  }
+                }
+              }
+            }
+          },
+          "certificateContents": {
+            "description": "Information for contents of issued certificates. The information contained in this attribute may be updated over time during the VNF LCM, e.g., certificate(s) renewal.\n",
+            "type": "array",
+            "items": {
+              "description": "This type provides input information related to certificate content.\nNOTE: The CertificateDesc data type is defined in clause 7.1.19.2 of ETSI GS NFV IFA 011 [10].\n",
+              "type": "object",
+              "required": [
+                "id",
+                "certificateDescId",
+                "certificateType"
+              ],
+              "properties": {
+                "id": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                },
+                "certificateDescId": {
+                  "description": "An identifier that is unique within a VNF descriptor.\n",
+                  "type": "string"
+                },
+                "certificateType": {
+                  "description": "Type of this certificate.",
+                  "type": "string",
+                  "enum": [
+                    "VNFCI_CERT",
+                    "VNFOAM_CERT"
+                  ]
+                },
+                "supportedCertificateManagements": {
+                  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                  "type": "object"
+                },
+                "version": {
+                  "description": "A version.\n",
+                  "type": "string"
+                },
+                "serialNumber": {
+                  "description": "Serial number of this certificate.",
+                  "type": "integer"
+                },
+                "signatureAlgorithm": {
+                  "description": "Algorithm of this certificate's signature.",
+                  "type": "string"
+                },
+                "issuer": {
+                  "description": "Issuer of this certificate.",
+                  "type": "string"
+                },
+                "notBefore": {
+                  "description": "Date-time stamp. Representation: String formatted according to IETF RFC 3339.\n",
+                  "type": "string",
+                  "format": "date-time"
+                },
+                "notAfter": {
+                  "description": "Date-time stamp. Representation: String formatted according to IETF RFC 3339.\n",
+                  "type": "string",
+                  "format": "date-time"
+                },
+                "subject": {
+                  "description": "Subject of this certificate.",
+                  "type": "string"
+                },
+                "publicKeyAlgorithm": {
+                  "description": "Algorithm of this certificate's public key.",
+                  "type": "string"
+                },
+                "publicKey": {
+                  "description": "Public key of this certificate.",
+                  "type": "string"
+                },
+                "certificateExtensions": {
+                  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                  "type": "object"
+                }
+              }
+            }
+          }
+        }
+      },
       "instantiationState": {
         "description": "The instantiation state of the VNF. Permitted values: - NOT_INSTANTIATED: The VNF instance is terminated or not instantiated. - INSTANTIATED: The VNF instance is instantiated.\n",
         "type": "string",
-        "enum": ["NOT_INSTANTIATED", "INSTANTIATED"]
+        "enum": [
+          "NOT_INSTANTIATED",
+          "INSTANTIATED"
+        ]
       },
       "instantiatedVnfInfo": {
         "description": "Information specific to an instantiated VNF instance. This attribute shall be present if the instantiateState attribute value is INSTANTIATED.\n",
         "type": "object",
-        "required": ["flavourId", "vnfState", "extCpInfo"],
+        "required": [
+          "flavourId",
+          "vnfState",
+          "extCpInfo"
+        ],
         "properties": {
           "flavourId": {
             "description": "An identifier that is unique within a VNF descriptor.\n",
@@ -160,7 +450,10 @@
           "vnfState": {
             "description": "STARTED: The VNF instance is up and running. STOPPED: The VNF instance has been shut down.\n",
             "type": "string",
-            "enum": ["STARTED", "STOPPED"]
+            "enum": [
+              "STARTED",
+              "STOPPED"
+            ]
           },
           "scaleStatus": {
             "description": "Scale status of the VNF, one entry per aspect. Represents for every scaling aspect  how \"big\" the VNF has been scaled w.r.t. that aspect. This attribute shall be present if the VNF supports scaling. See clause B.2 for an explanation of VNF scaling.\n",
@@ -168,7 +461,10 @@
             "items": {
               "description": "This type represents the scale level of a VNF instance related to a scaling aspect.\n",
               "type": "object",
-              "required": ["aspectId", "scaleLevel"],
+              "required": [
+                "aspectId",
+                "scaleLevel"
+              ],
               "properties": {
                 "aspectId": {
                   "description": "An identifier that is unique within a VNF descriptor.\n",
@@ -191,7 +487,10 @@
             "items": {
               "description": "This type represents the scale level of a VNF instance related to a scaling aspect.\n",
               "type": "object",
-              "required": ["aspectId", "scaleLevel"],
+              "required": [
+                "aspectId",
+                "scaleLevel"
+              ],
               "properties": {
                 "aspectId": {
                   "description": "An identifier that is unique within a VNF descriptor.\n",
@@ -208,6 +507,14 @@
               }
             }
           },
+          "selectedDeployableModule": {
+            "description": "References a currently selected deployable module, as defined in the VNFD, that has  already completed the instantiation of its VNFCs.\n",
+            "type": "array",
+            "items": {
+              "description": "An identifier that is unique within a VNF descriptor.\n",
+              "type": "string"
+            }
+          },
           "extCpInfo": {
             "description": "Information about the external CPs exposed by the VNF instance. When trunking is enabled, the list of entries includes both, external CPs corresponding to parent ports of a trunk, and external CPs associated to sub-ports of a trunk.\n",
             "type": "array",
@@ -215,16 +522,27 @@
             "items": {
               "description": "This type represents information about an external CP of a VNF.\nNOTE 1:\tThe attributes \"associatedVnfcCpId\", \"associatedVipCpId\", \"associatedVirtualCpId\" and \n        \"associatedVnfVirtualLinkId\" are mutually exclusive. Exactly one shall be present.\nNOTE 2:\tAn external CP instance is not associated to a link port in the cases indicated for the \n        “extLinkPorts” attribute in clause 4.4.1.11.\nNOTE 3: Cardinality greater than 1 is only applicable for specific cases where more than one network \n        attachment definition resource is needed to fulfil the connectivity requirements of the external \n        CP, e.g. to build a link redundant mated pair in SR-IOV cases.\nNOTE 4: When more than one netAttDefResourceId is indicated, all shall belong to the same namespace.\n",
               "type": "object",
-              "required": ["id", "cpdId", "cpConfigId", "cpProtocolInfo"],
+              "required": [
+                "id",
+                "cpdId",
+                "cpConfigId",
+                "cpProtocolInfo"
+              ],
               "oneOf": [
                 {
-                  "required": ["associatedVnfcCpId"]
+                  "required": [
+                    "associatedVnfcCpId"
+                  ]
                 },
                 {
-                  "required": ["associatedVipCpId"]
+                  "required": [
+                    "associatedVipCpId"
+                  ]
                 },
                 {
-                  "required": ["associatedVnfVirtualLinkId"]
+                  "required": [
+                    "associatedVnfVirtualLinkId"
+                  ]
                 }
               ],
               "properties": {
@@ -250,30 +568,43 @@
                   "items": {
                     "description": "This type describes the protocol layer(s) that a CP uses together with protocol-related information, like addresses.\nNOTE:\tThis attribute allows to signal the addition of further types of layer and protocol in future versions of the \n      present document in a backwards-compatible way. In the current version of the present document, only IP over \n      Ethernet is supported.\n",
                     "type": "object",
-                    "required": ["layerProtocol"],
+                    "required": [
+                      "layerProtocol"
+                    ],
                     "properties": {
                       "layerProtocol": {
                         "description": "The identifier of layer(s) and protocol(s) associated to the network address information.\nPermitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
                         "type": "string",
-                        "enum": ["IP_OVER_ETHERNET", "IP_FOR_VIRTUAL_CP"]
+                        "enum": [
+                          "IP_OVER_ETHERNET",
+                          "IP_FOR_VIRTUAL_CP"
+                        ]
                       },
                       "ipOverEthernet": {
                         "description": "This type represents information about a network address that has been assigned.\nNOTE 1:\tAt least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2:\tExactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3:\tIf the Cp instance represents a subport in a trunk, segmentationId shall be present. \n        Otherwise it shall not be present.\nNOTE 4:\tDepending on the NFVI networking infrastructure, the segmentationId may indicate the \n        actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the \n        transport header of the packets or it may be an identifier used between the application \n        and the NFVI networking infrastructure to identify the network sub-interface of the trunk \n        port in question. In the latter case the NFVI infrastructure will map this local segmentationId \n        to whatever segmentationId is actually used by the NFVI’s transport technology.\n",
                         "type": "object",
                         "anyOf": [
                           {
-                            "required": ["macAddress"]
+                            "required": [
+                              "macAddress"
+                            ]
                           },
                           {
-                            "required": ["ipAddresses"]
+                            "required": [
+                              "ipAddresses"
+                            ]
                           }
                         ],
                         "oneOf": [
                           {
-                            "required": ["addresses"]
+                            "required": [
+                              "addresses"
+                            ]
                           },
                           {
-                            "required": ["addressRange"]
+                            "required": [
+                              "addressRange"
+                            ]
                           }
                         ],
                         "properties": {
@@ -291,12 +622,17 @@
                             "type": "array",
                             "items": {
                               "type": "object",
-                              "required": ["type"],
+                              "required": [
+                                "type"
+                              ],
                               "properties": {
                                 "type": {
                                   "description": "The type of the IP addresses. Permitted values: IPV4, IPV6.\n",
                                   "type": "string",
-                                  "enum": ["IPV4", "IPV6"]
+                                  "enum": [
+                                    "IPV4",
+                                    "IPV6"
+                                  ]
                                 },
                                 "addresses": {
                                   "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
@@ -314,7 +650,10 @@
                                 "addressRange": {
                                   "description": "An IP address range used, e.g. in case of egress connections. See note 2.\n",
                                   "type": "object",
-                                  "required": ["minAddress", "maxAddress"],
+                                  "required": [
+                                    "minAddress",
+                                    "maxAddress"
+                                  ],
                                   "properties": {
                                     "minAddress": {
                                       "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
@@ -340,12 +679,17 @@
                       "virtualCpAddress": {
                         "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
                         "type": "object",
-                        "required": ["type"],
+                        "required": [
+                          "type"
+                        ],
                         "properties": {
                           "type": {
                             "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
                             "type": "string",
-                            "enum": ["IPV4", "IPV6"]
+                            "enum": [
+                              "IPV4",
+                              "IPV6"
+                            ]
                           },
                           "loadBalancerIp": {
                             "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
@@ -392,6 +736,10 @@
                     "description": "An identifier with the intention of being globally unique.\n",
                     "type": "string"
                   }
+                },
+                "certificateContentId": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
                 }
               }
             }
@@ -403,7 +751,10 @@
             "items": {
               "description": "This type provides information related to virtual IP (VIP) CP.\nNOTE 1:\tIt is possible that there is no associated VnfcCp because the VIP CP is available but not associated yet. NOTE 2: If only the value or the presence of this attribute is changed in the \"VipCpInfo\" structure by an LCM operation occurrence, this does not represent a change that requires including a related \"AffectedVipCp\" structure in the VNF LCM operation occurrence notifications or the \"VnfLcmOpOcc\" structure related to this LCM operation occurrence.\n",
               "type": "object",
-              "required": ["cpInstanceId", "cpdId"],
+              "required": [
+                "cpInstanceId",
+                "cpdId"
+              ],
               "properties": {
                 "cpInstanceId": {
                   "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
@@ -427,30 +778,43 @@
                   "items": {
                     "description": "This type describes the protocol layer(s) that a CP uses together with protocol-related information, like addresses.\nNOTE:\tThis attribute allows to signal the addition of further types of layer and protocol in future versions of the \n      present document in a backwards-compatible way. In the current version of the present document, only IP over \n      Ethernet is supported.\n",
                     "type": "object",
-                    "required": ["layerProtocol"],
+                    "required": [
+                      "layerProtocol"
+                    ],
                     "properties": {
                       "layerProtocol": {
                         "description": "The identifier of layer(s) and protocol(s) associated to the network address information.\nPermitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
                         "type": "string",
-                        "enum": ["IP_OVER_ETHERNET", "IP_FOR_VIRTUAL_CP"]
+                        "enum": [
+                          "IP_OVER_ETHERNET",
+                          "IP_FOR_VIRTUAL_CP"
+                        ]
                       },
                       "ipOverEthernet": {
                         "description": "This type represents information about a network address that has been assigned.\nNOTE 1:\tAt least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2:\tExactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3:\tIf the Cp instance represents a subport in a trunk, segmentationId shall be present. \n        Otherwise it shall not be present.\nNOTE 4:\tDepending on the NFVI networking infrastructure, the segmentationId may indicate the \n        actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the \n        transport header of the packets or it may be an identifier used between the application \n        and the NFVI networking infrastructure to identify the network sub-interface of the trunk \n        port in question. In the latter case the NFVI infrastructure will map this local segmentationId \n        to whatever segmentationId is actually used by the NFVI’s transport technology.\n",
                         "type": "object",
                         "anyOf": [
                           {
-                            "required": ["macAddress"]
+                            "required": [
+                              "macAddress"
+                            ]
                           },
                           {
-                            "required": ["ipAddresses"]
+                            "required": [
+                              "ipAddresses"
+                            ]
                           }
                         ],
                         "oneOf": [
                           {
-                            "required": ["addresses"]
+                            "required": [
+                              "addresses"
+                            ]
                           },
                           {
-                            "required": ["addressRange"]
+                            "required": [
+                              "addressRange"
+                            ]
                           }
                         ],
                         "properties": {
@@ -468,12 +832,17 @@
                             "type": "array",
                             "items": {
                               "type": "object",
-                              "required": ["type"],
+                              "required": [
+                                "type"
+                              ],
                               "properties": {
                                 "type": {
                                   "description": "The type of the IP addresses. Permitted values: IPV4, IPV6.\n",
                                   "type": "string",
-                                  "enum": ["IPV4", "IPV6"]
+                                  "enum": [
+                                    "IPV4",
+                                    "IPV6"
+                                  ]
                                 },
                                 "addresses": {
                                   "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
@@ -491,7 +860,10 @@
                                 "addressRange": {
                                   "description": "An IP address range used, e.g. in case of egress connections. See note 2.\n",
                                   "type": "object",
-                                  "required": ["minAddress", "maxAddress"],
+                                  "required": [
+                                    "minAddress",
+                                    "maxAddress"
+                                  ],
                                   "properties": {
                                     "minAddress": {
                                       "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
@@ -517,12 +889,17 @@
                       "virtualCpAddress": {
                         "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
                         "type": "object",
-                        "required": ["type"],
+                        "required": [
+                          "type"
+                        ],
                         "properties": {
                           "type": {
                             "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
                             "type": "string",
-                            "enum": ["IPV4", "IPV6"]
+                            "enum": [
+                              "IPV4",
+                              "IPV6"
+                            ]
                           },
                           "loadBalancerIp": {
                             "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
@@ -563,7 +940,12 @@
             "items": {
               "description": "This type provides information related to a virtual CP instance of a VNF.\nNOTE: A consumer of the VNF LCM interface can learn the actual VNFC instances implementing the service \n      accessible via the virtual CP instance by querying the \"vnfcResourceInfo\" from the \"InstantiatedVnfInfo\" \n      and filtering by corresponding \"vduIds\" values.\n",
               "type": "object",
-              "required": ["cpInstanceId", "cpdId", "resourceHandle", "vduIds"],
+              "required": [
+                "cpInstanceId",
+                "cpdId",
+                "resourceHandle",
+                "vduIds"
+              ],
               "properties": {
                 "cpInstanceId": {
                   "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
@@ -574,7 +956,9 @@
                   "type": "string"
                 },
                 "resourceHandle": {
-                  "required": ["resourceId"],
+                  "required": [
+                    "resourceId"
+                  ],
                   "type": "object",
                   "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                   "properties": {
@@ -628,30 +1012,43 @@
                   "items": {
                     "description": "This type describes the protocol layer(s) that a CP uses together with protocol-related information, like addresses.\nNOTE:\tThis attribute allows to signal the addition of further types of layer and protocol in future versions of the \n      present document in a backwards-compatible way. In the current version of the present document, only IP over \n      Ethernet is supported.\n",
                     "type": "object",
-                    "required": ["layerProtocol"],
+                    "required": [
+                      "layerProtocol"
+                    ],
                     "properties": {
                       "layerProtocol": {
                         "description": "The identifier of layer(s) and protocol(s) associated to the network address information.\nPermitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
                         "type": "string",
-                        "enum": ["IP_OVER_ETHERNET", "IP_FOR_VIRTUAL_CP"]
+                        "enum": [
+                          "IP_OVER_ETHERNET",
+                          "IP_FOR_VIRTUAL_CP"
+                        ]
                       },
                       "ipOverEthernet": {
                         "description": "This type represents information about a network address that has been assigned.\nNOTE 1:\tAt least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2:\tExactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3:\tIf the Cp instance represents a subport in a trunk, segmentationId shall be present. \n        Otherwise it shall not be present.\nNOTE 4:\tDepending on the NFVI networking infrastructure, the segmentationId may indicate the \n        actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the \n        transport header of the packets or it may be an identifier used between the application \n        and the NFVI networking infrastructure to identify the network sub-interface of the trunk \n        port in question. In the latter case the NFVI infrastructure will map this local segmentationId \n        to whatever segmentationId is actually used by the NFVI’s transport technology.\n",
                         "type": "object",
                         "anyOf": [
                           {
-                            "required": ["macAddress"]
+                            "required": [
+                              "macAddress"
+                            ]
                           },
                           {
-                            "required": ["ipAddresses"]
+                            "required": [
+                              "ipAddresses"
+                            ]
                           }
                         ],
                         "oneOf": [
                           {
-                            "required": ["addresses"]
+                            "required": [
+                              "addresses"
+                            ]
                           },
                           {
-                            "required": ["addressRange"]
+                            "required": [
+                              "addressRange"
+                            ]
                           }
                         ],
                         "properties": {
@@ -669,12 +1066,17 @@
                             "type": "array",
                             "items": {
                               "type": "object",
-                              "required": ["type"],
+                              "required": [
+                                "type"
+                              ],
                               "properties": {
                                 "type": {
                                   "description": "The type of the IP addresses. Permitted values: IPV4, IPV6.\n",
                                   "type": "string",
-                                  "enum": ["IPV4", "IPV6"]
+                                  "enum": [
+                                    "IPV4",
+                                    "IPV6"
+                                  ]
                                 },
                                 "addresses": {
                                   "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
@@ -692,7 +1094,10 @@
                                 "addressRange": {
                                   "description": "An IP address range used, e.g. in case of egress connections. See note 2.\n",
                                   "type": "object",
-                                  "required": ["minAddress", "maxAddress"],
+                                  "required": [
+                                    "minAddress",
+                                    "maxAddress"
+                                  ],
                                   "properties": {
                                     "minAddress": {
                                       "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
@@ -718,12 +1123,17 @@
                       "virtualCpAddress": {
                         "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
                         "type": "object",
-                        "required": ["type"],
+                        "required": [
+                          "type"
+                        ],
                         "properties": {
                           "type": {
                             "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
                             "type": "string",
-                            "enum": ["IPV4", "IPV6"]
+                            "enum": [
+                              "IPV4",
+                              "IPV6"
+                            ]
                           },
                           "loadBalancerIp": {
                             "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
@@ -754,7 +1164,9 @@
                   "items": {
                     "description": "This type provides additional service information of the virtual CP instance used to expose properties of the  virtual CP to NFV-MANO.\nNOTE: This attribute shall only be present if additional information is needed to identify the service \n      termination within the VNF, such as for example a URL path information in an HTTP request required \n      to allow a single virtual CP IP address to be used for several HTTP based services that use the \n      same port number.\n",
                     "type": "object",
-                    "required": ["portInfo"],
+                    "required": [
+                      "portInfo"
+                    ],
                     "properties": {
                       "portInfo": {
                         "description": "Service port numbers exposed by the virtual CP instance.\n",
@@ -763,7 +1175,11 @@
                         "items": {
                           "description": "This type describes the service identifying port properties exposed by the virtual CP instance.\n",
                           "type": "object",
-                          "required": ["name", "port", "portConfigurable"],
+                          "required": [
+                            "name",
+                            "port",
+                            "portConfigurable"
+                          ],
                           "properties": {
                             "name": {
                               "description": "The name of the port exposed by the virtual CP instance.\n",
@@ -772,7 +1188,11 @@
                             "protocol": {
                               "description": "The L4 protocol for this port exposed by the virtual CP instance.\nPermitted values: - TCP - UDP - SCTP\n",
                               "type": "string",
-                              "enum": ["TCP", "UDP", "SCTP"]
+                              "enum": [
+                                "TCP",
+                                "UDP",
+                                "SCTP"
+                              ]
                             },
                             "port": {
                               "description": "The L4 port number exposed by the virtual CP instance.\n",
@@ -805,14 +1225,20 @@
             "items": {
               "description": "This type represents information about an external VL.\nNOTE:\tThis attribute reflects the current configuration information that has resulted from merging into this attribute \n      the \"VnfExtCpData\" information which was passed as part of the \"ExtVirtualLinkData\" structure in the input of the \n      most recent VNF LCM operation such as \"InstantiateVnfRequest\", \"ChangeExtVnfConnectivityRequest\", \"ChangeVnfFlavourRequest\" \n      or \"ChangeCurrentVnfPkgRequest\", or in the Grant response. If applying such change results in an empty list of \n      \"currentVnfExtCpData\" structure instances, the affected instance of \"ExtVirtualLinkInfo\" shall be removed from its \n      parent data structure.\n",
               "type": "object",
-              "required": ["id", "resourceHandle", "currentVnfExtCpData"],
+              "required": [
+                "id",
+                "resourceHandle",
+                "currentVnfExtCpData"
+              ],
               "properties": {
                 "id": {
                   "description": "An identifier with the intention of being globally unique.\n",
                   "type": "string"
                 },
                 "resourceHandle": {
-                  "required": ["resourceId"],
+                  "required": [
+                    "resourceId"
+                  ],
                   "type": "object",
                   "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                   "properties": {
@@ -862,14 +1288,19 @@
                   "items": {
                     "description": "This type represents information about a link port of an external VL, i.e. a port providing connectivity for the VNF to  an NS VL.\nNOTE 1:\tThe use cases UC#4 and UC#5 in clause A.4 of ETSI GS NFV-IFA 007 provide examples for such a configuration. NOTE 2:\tThe value of \"trunkResourceId\" is scoped by the value of \"vimConnectionId\" in the \"resourceHandle\" attribute.\n",
                     "type": "object",
-                    "required": ["id", "resourceHandle"],
+                    "required": [
+                      "id",
+                      "resourceHandle"
+                    ],
                     "properties": {
                       "id": {
                         "description": "An identifier with the intention of being globally unique.\n",
                         "type": "string"
                       },
                       "resourceHandle": {
-                        "required": ["resourceId"],
+                        "required": [
+                          "resourceId"
+                        ],
                         "type": "object",
                         "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                         "properties": {
@@ -934,7 +1365,9 @@
                   "items": {
                     "description": "This type represents configuration information for external CPs created. * NOTE 1: \tIn case this identifier refers to a CPD with trunking enabled, the external CP instances created\n            from this CPD will represent ports in a trunk.\n* NOTE 2: \tWithin one VNF instance, all VNFC instances created from a particular VDU have the same external\n            connectivity. Thus, given a particular value of the \"cpdId\" attribute, there shall be one\n            \"cpConfig\" entry for each VNFC instance that has been or can be created from a VDU which includes\n            a CPD identified by the \"cpdId\" attribute. If the cpConfig represents a subport in a trunk,\n            all \"cpConfig\" entries in this list shall have the same segmentationId, which means they are\n            connected to the same set of external VLs via the trunk.\n* NOTE 3: \tThe map entry value shall be set to \"null\" in order to delete a \"VnfExtCpConfig\" entry identified\n            by a particular key value from the map, i.e. for the disconnection of an existing external\n            CP instance addressed by cpInstanceId in the deleted map entry from a particular external\n            virtual link, and deletion of that instance in case it represents a subport. Deleting the\n            last key from the map removes the affected instance of the \"VnfExtCpData\" structure from\n            its parent data structure.\n* NOTE 4:   If, as defined by the input parameters of a \"ChangeVnfFlavour\", \"ChangeExtVnfConnectivity\" or\n            \"ChangeCurrentVnfPkg\" operation or as part of the Grant response for any of these operations, a cpConfig\n            map entry identified by a particular map key value is moved into another \"ExtVirtualLinkData\" or\n            \"VnfExtCpData\" structure, this particular cpConfig map entry may be used by an external CP instance\n            different than the one that has used it before the operation, or by no external CP instance at all.\n            Renaming a CPD identifier during the \"changeCurrentVnfPkg\" operation does not count as moving the related\n            \"cpConfig\" map entries to a new \"extCpData\" structure.\n",
                     "type": "object",
-                    "required": ["cpdId"],
+                    "required": [
+                      "cpdId"
+                    ],
                     "properties": {
                       "cpdId": {
                         "description": "An identifier that is unique within a VNF descriptor.\n",
@@ -947,13 +1380,19 @@
                           "description": "This type represents an externally provided link port, or a network attachment definition resource of secondary container cluster network, or network address information per instance of an external connection point. In the case of VM-based deployment of the VNFC exposing the external CP:\n  1.  In case a link port is provided, the VNFM shall use that link port when connecting the external CP to the\n      external VL.\n  2.  In case a link port is not provided, the VNFM shall create a link port on the external VL and use that link port\n      to connect the external CP to the external VL.\nIn the case of container-based deployment of the VNFC exposing the external CP, the VNFM shall use the network attachment definition resource of secondary container cluster network when connecting the CP to the external VL.\n* NOTE 1: The following conditions apply to the attributes \"linkPortId\" and \"cpProtocolData\" for an external CP\n          instance connected or to be connected to a virtual network not categorized as secondary container cluster network:\n          1) Void.\n          2) At least one of the \"linkPortId\" and \"cpProtocolData\" attributes shall be present for an external CP instance\n          representing a subport that is to be created, or an external CP instance that is to be created by creating the\n          corresponding VNFC or VNF instance during the current or a subsequent LCM operation, or for an existing\n          external CP instance that is to be re-configured or added to a particular external virtual link.\n          3) If the \"linkPortId\" attribute is absent, the VNFM shall create a link port.\n          4) If the \"cpProtocolData\" attribute is absent, the \"linkPortId\" attribute shall be provided referencing a\n          precreated link port, and the VNFM can use means outside the scope of the present document to obtain the\n          pre-configured address information for the connection point from the resource representing the link port.\n          5) If both \"cpProtocolData\" and \"linkportId\" are provided, the NFVO shall ensure that the\n          cpProtocolData can be used with the pre-created link port referenced by \"linkPortId\".\n\n* NOTE 2: The following conditions apply to the attributes “netAttDefResourceId” and “cpProtocolData” for an external CP\n          instance connected or to be connected to a secondary container cluster network:\n          1) The \"netAttDefResourceId\" and \"cpProtocolData\" attributes shall both be absent for the deletion of an\n          existing external CP instance addressed by cpInstanceId.\n          2) The \"netAttDefResourceId\" attribute shall be present and the \"cpProtocolData\" attribute may be present for\n          a to-be-created external CP instance or an existing external CP instance.\n* NOTE 3: Cardinality greater than 1 is only applicable for specific cases where more than one network attachment\n          definition resource is needed to fulfil the connectivity requirements of the external CP, e.g. to build a link\n          redundant mated pair in SR-IOV cases. When more than one netAttDefResourceId is indicated, all shall belong\n          to the same namespace as defined by the corresponding \"netAttDefResourceNamespace\" attribute in the\n          \"NetAttDefResourceData\".\n* NOTE 4: Either linkPortId or netAttDefResourceId may be included, but not both.\n",
                           "anyOf": [
                             {
-                              "required": ["linkPortId"]
+                              "required": [
+                                "linkPortId"
+                              ]
                             },
                             {
-                              "required": ["cpProtocolData"]
+                              "required": [
+                                "cpProtocolData"
+                              ]
                             },
                             {
-                              "required": ["netAttDefResourceId"]
+                              "required": [
+                                "netAttDefResourceId"
+                              ]
                             }
                           ],
                           "type": "object",
@@ -984,7 +1423,9 @@
                               "items": {
                                 "description": "This type represents network protocol data. * NOTE:\tThis attribute allows to signal the addition of further types of layer and protocol\n          in future versions of the present document in a backwards-compatible way. In the current\n          version of the present document, only IP over Ethernet is supported.\n",
                                 "type": "object",
-                                "required": ["layerProtocol"],
+                                "required": [
+                                  "layerProtocol"
+                                ],
                                 "properties": {
                                   "layerProtocol": {
                                     "description": "Identifier of layer(s) and protocol(s). Permitted values:\n  - IP_OVER_ETHERNET.\n  - IP_FOR_VIRTUAL_CP\nSee note\n",
@@ -999,21 +1440,31 @@
                                     "type": "object",
                                     "anyOf": [
                                       {
-                                        "required": ["macAddress"]
+                                        "required": [
+                                          "macAddress"
+                                        ]
                                       },
                                       {
-                                        "required": ["ipAddresses"]
+                                        "required": [
+                                          "ipAddresses"
+                                        ]
                                       }
                                     ],
                                     "oneOf": [
                                       {
-                                        "required": ["fixedAddresses"]
+                                        "required": [
+                                          "fixedAddresses"
+                                        ]
                                       },
                                       {
-                                        "required": ["numDynamicAddresses"]
+                                        "required": [
+                                          "numDynamicAddresses"
+                                        ]
                                       },
                                       {
-                                        "required": ["ipAddressRange"]
+                                        "required": [
+                                          "ipAddressRange"
+                                        ]
                                       }
                                     ],
                                     "properties": {
@@ -1025,7 +1476,10 @@
                                       "segmentationType": {
                                         "description": "Specifies the encapsulation type for the traffics coming in and out of the trunk subport. Permitted values: -\tVLAN: the subport uses VLAN as encapsulation type. -\tINHERIT: the subport gets its segmentation type from the network it’s connected to. This attribute may be present for CP instances that represent subports in a trunk and shall be absent otherwise. If this attribute is not present for a subport CP instance, default value VLAN shall be used.\n",
                                         "type": "string",
-                                        "enum": ["VLAN", "INHERIT"]
+                                        "enum": [
+                                          "VLAN",
+                                          "INHERIT"
+                                        ]
                                       },
                                       "segmentationId": {
                                         "description": "Identification of the network segment to which the CP instance connects to. See note 3 and note 4.\n",
@@ -1036,12 +1490,17 @@
                                         "type": "array",
                                         "items": {
                                           "type": "object",
-                                          "required": ["type"],
+                                          "required": [
+                                            "type"
+                                          ],
                                           "properties": {
                                             "type": {
                                               "description": "The type of the IP addresses. Permitted values: IPV4, IPV6.\n",
                                               "type": "string",
-                                              "enum": ["IPV4", "IPV6"]
+                                              "enum": [
+                                                "IPV4",
+                                                "IPV6"
+                                              ]
                                             },
                                             "fixedAddresses": {
                                               "description": "Fixed addresses to assign (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
@@ -1088,12 +1547,17 @@
                                   "virtualCpAddress": {
                                     "description": "This type represents network address data for a virtual CP.\n* NOTE 1: If the container cluster is set up to be able to configure an external load balancer this address will be used,\n          otherwise it will be ignored by the CISM.\n\n* NOTE 2: In case the cluster can configure an external load balancer but no loadBalancerIp is provided the container\n          cluster will assign an IP address.\n",
                                     "type": "object",
-                                    "required": ["type"],
+                                    "required": [
+                                      "type"
+                                    ],
                                     "properties": {
                                       "type": {
                                         "description": "The type of the IP addresses. Permitted values: IPV4, IPV6.\n",
                                         "type": "string",
-                                        "enum": ["IPV4", "IPV6"]
+                                        "enum": [
+                                          "IPV4",
+                                          "IPV6"
+                                        ]
                                       },
                                       "loadBalancerIp": {
                                         "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
@@ -1131,7 +1595,9 @@
                         "type": "string"
                       },
                       "netAttDefResource": {
-                        "required": ["resourceId"],
+                        "required": [
+                          "resourceId"
+                        ],
                         "type": "object",
                         "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                         "properties": {
@@ -1202,7 +1668,11 @@
             "type": "array",
             "items": {
               "type": "object",
-              "required": ["id", "vnfVirtualLinkDescId", "networkResource"],
+              "required": [
+                "id",
+                "vnfVirtualLinkDescId",
+                "networkResource"
+              ],
               "properties": {
                 "id": {
                   "description": "An identifier with the intention of being globally unique.\n",
@@ -1217,7 +1687,9 @@
                   "type": "string"
                 },
                 "networkResource": {
-                  "required": ["resourceId"],
+                  "required": [
+                    "resourceId"
+                  ],
                   "type": "object",
                   "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                   "properties": {
@@ -1267,14 +1739,19 @@
                   "items": {
                     "description": "This type represents a link port of an internal VL of a VNF.\nNOTE 1: Either cpInstanceId with cpInstanceType set to \"EXT_CP\" or any combination of cpInstanceId\n        with cpInstanceType set to \"VNFC_CP\" and vipCpInstanceId (i.e. one or both of them) shall be \n        present for a VnfLinkPortInfo. In case both cpInstanceId with cpInstanceType set to \"VNFC_CP\" \n        and vipCpInstanceId are present, the two different CP instances share the linkport.\nNOTE 2: Annex A.4 of ETSI GS NFV-IFA 007 provides examples for configurations where both vipCpInstanceId\n        and vnfcCpInstanceId are present (UC#5 and UC#5-b), only vnfcCpInstanceId is present (UC#2), or \n        only vipCpInstanceId is present (UC6 and UC#6-b).\nNOTE 3: The value of \"trunkResourceId\" is scoped by the value of \"vimConnectionId\" in the \"resourceHandle\"\n        attribute.\n",
                     "type": "object",
-                    "required": ["id", "resourceHandle"],
+                    "required": [
+                      "id",
+                      "resourceHandle"
+                    ],
                     "properties": {
                       "id": {
                         "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
                         "type": "string"
                       },
                       "resourceHandle": {
-                        "required": ["resourceId"],
+                        "required": [
+                          "resourceId"
+                        ],
                         "type": "object",
                         "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                         "properties": {
@@ -1325,7 +1802,10 @@
                       "cpInstanceType": {
                         "description": "Type of the CP instance that is identified by cpInstanceId.  Shall be present if \"cpInstanceId\" is present and shall be absent otherwise.\nPermitted values: - VNFC_CP: The link port is connected to a VNFC CP. -\tEXT_CP: The link port is associated to an external CP. See note 1.\n",
                         "type": "string",
-                        "enum": ["VNFC_CP", "EXT_CP"]
+                        "enum": [
+                          "VNFC_CP",
+                          "EXT_CP"
+                        ]
                       },
                       "vipCpInstanceId": {
                         "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
@@ -1354,7 +1834,9 @@
                         "type": "string"
                       },
                       "netAttDefResource": {
-                        "required": ["resourceId"],
+                        "required": [
+                          "resourceId"
+                        ],
                         "type": "object",
                         "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                         "properties": {
@@ -1429,7 +1911,10 @@
             "type": "array",
             "items": {
               "type": "object",
-              "required": ["id", "performanceMetric"],
+              "required": [
+                "id",
+                "performanceMetric"
+              ],
               "properties": {
                 "id": {
                   "description": "An identifier that is unique within a VNF descriptor.\n",
@@ -1460,7 +1945,11 @@
             "items": {
               "description": "This type represents the information on virtualised compute and storage resources used by a VNFC in a VNF instance. Depending on the form of virtualisation container of the VNFC:\n  - For a VNFC based on VM, a reference to the corresponding VirtualCompute shall be provided, and\n  - For a VNFC based on OS container(s), a reference to the Compute MCIO shall be provided. Hence, exposure of\n    information by the VNFM to the NFVO is at the MCIO level.\nIn addition, the references to the storage resources depend on the form of the VNFC:\n  a) For a VNFC based on VM, storage resource identifiers shall refer to VirtualStorage resources, and\n  b) For a VNFC based on OS container(s), storage resource identifiers shall refer to Storage MCIOs.\n\nNOTE 1:\tETSI GS NFV-SOL 001 specifies the structure and format of the VNFD based on \n        TOSCA specifications.\nNOTE 2:\tA VNFC CP is \"connected to\" an external CP if the VNFC CP is connected to an \n        internal VL that exposes an external CP. A VNFC CP is \"exposed as\" an external \n        CP if it is connected directly to an external VL.\nNOTE 3:\tThe information can be omitted because it is already available as part of the \n        external CP information.\nNOTE 4: If only the value or the presence of this attribute is changed in the \"VnfcResourceInfo\"\n        structure by an LCM operation occurrence, this does not represent a change that requires\n        including a related \"AffectedVnfc\" structure in the VNF LCM operation occurrence notifications\n        or the \"VnfLcmOpOcc\" structure related to this LCM operation occurrence.\nNOTE 5: Cardinality greater than 1 is only applicable for specific cases where more than one network attachment\n        definition resource is needed to fulfil the connectivity requirements of the internal CP, e.g. to build a link\n        redundant mated pair in SR-IOV cases.\nNOTE 6: When more than one netAttDefResourceId is indicated, all shall belong to the same namespace.\n",
               "type": "object",
-              "required": ["id", "vduId", "computeResource"],
+              "required": [
+                "id",
+                "vduId",
+                "computeResource"
+              ],
               "properties": {
                 "id": {
                   "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
@@ -1475,7 +1964,9 @@
                   "type": "string"
                 },
                 "computeResource": {
-                  "required": ["resourceId"],
+                  "required": [
+                    "resourceId"
+                  ],
                   "type": "object",
                   "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                   "properties": {
@@ -1540,7 +2031,10 @@
                   "type": "array",
                   "items": {
                     "type": "object",
-                    "required": ["id", "cpdId"],
+                    "required": [
+                      "id",
+                      "cpdId"
+                    ],
                     "properties": {
                       "id": {
                         "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
@@ -1560,30 +2054,43 @@
                         "items": {
                           "description": "This type describes the protocol layer(s) that a CP uses together with protocol-related information, like addresses.\nNOTE:\tThis attribute allows to signal the addition of further types of layer and protocol in future versions of the \n      present document in a backwards-compatible way. In the current version of the present document, only IP over \n      Ethernet is supported.\n",
                           "type": "object",
-                          "required": ["layerProtocol"],
+                          "required": [
+                            "layerProtocol"
+                          ],
                           "properties": {
                             "layerProtocol": {
                               "description": "The identifier of layer(s) and protocol(s) associated to the network address information.\nPermitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
                               "type": "string",
-                              "enum": ["IP_OVER_ETHERNET", "IP_FOR_VIRTUAL_CP"]
+                              "enum": [
+                                "IP_OVER_ETHERNET",
+                                "IP_FOR_VIRTUAL_CP"
+                              ]
                             },
                             "ipOverEthernet": {
                               "description": "This type represents information about a network address that has been assigned.\nNOTE 1:\tAt least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2:\tExactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3:\tIf the Cp instance represents a subport in a trunk, segmentationId shall be present. \n        Otherwise it shall not be present.\nNOTE 4:\tDepending on the NFVI networking infrastructure, the segmentationId may indicate the \n        actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the \n        transport header of the packets or it may be an identifier used between the application \n        and the NFVI networking infrastructure to identify the network sub-interface of the trunk \n        port in question. In the latter case the NFVI infrastructure will map this local segmentationId \n        to whatever segmentationId is actually used by the NFVI’s transport technology.\n",
                               "type": "object",
                               "anyOf": [
                                 {
-                                  "required": ["macAddress"]
+                                  "required": [
+                                    "macAddress"
+                                  ]
                                 },
                                 {
-                                  "required": ["ipAddresses"]
+                                  "required": [
+                                    "ipAddresses"
+                                  ]
                                 }
                               ],
                               "oneOf": [
                                 {
-                                  "required": ["addresses"]
+                                  "required": [
+                                    "addresses"
+                                  ]
                                 },
                                 {
-                                  "required": ["addressRange"]
+                                  "required": [
+                                    "addressRange"
+                                  ]
                                 }
                               ],
                               "properties": {
@@ -1601,12 +2108,17 @@
                                   "type": "array",
                                   "items": {
                                     "type": "object",
-                                    "required": ["type"],
+                                    "required": [
+                                      "type"
+                                    ],
                                     "properties": {
                                       "type": {
                                         "description": "The type of the IP addresses. Permitted values: IPV4, IPV6.\n",
                                         "type": "string",
-                                        "enum": ["IPV4", "IPV6"]
+                                        "enum": [
+                                          "IPV4",
+                                          "IPV6"
+                                        ]
                                       },
                                       "addresses": {
                                         "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
@@ -1653,12 +2165,17 @@
                             "virtualCpAddress": {
                               "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
                               "type": "object",
-                              "required": ["type"],
+                              "required": [
+                                "type"
+                              ],
                               "properties": {
                                 "type": {
                                   "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
                                   "type": "string",
-                                  "enum": ["IPV4", "IPV6"]
+                                  "enum": [
+                                    "IPV4",
+                                    "IPV6"
+                                  ]
                                 },
                                 "loadBalancerIp": {
                                   "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
@@ -1693,6 +2210,10 @@
                       "metadata": {
                         "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
                         "type": "object"
+                      },
+                      "certificateContentId": {
+                        "description": "An identifier with the intention of being globally unique.\n",
+                        "type": "string"
                       }
                     }
                   }
@@ -1700,6 +2221,10 @@
                 "metadata": {
                   "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
                   "type": "object"
+                },
+                "certificateContentId": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
                 }
               }
             }
@@ -1710,7 +2235,11 @@
             "items": {
               "description": "This type represents the information that allows addressing a virtualised resource that is used by an internal VL instance in a VNF instance.\nNote: If only the value or the presence of this attribute is changed in the \"VnfVirtualLinkResourceInfo\"\n      structure by an LCM operation occurrence, this does not represent a change that requires including\n      a related \"AffectedVirtualLink\" structure in the VNF LCM operation occurrence notifications or the\n      \"VnfLcmOpOcc\" structure related to this LCM operation occurrence.\n",
               "type": "object",
-              "required": ["id", "vnfVirtualLinkDescId", "networkResource"],
+              "required": [
+                "id",
+                "vnfVirtualLinkDescId",
+                "networkResource"
+              ],
               "properties": {
                 "id": {
                   "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
@@ -1725,7 +2254,9 @@
                   "type": "string"
                 },
                 "networkResource": {
-                  "required": ["resourceId"],
+                  "required": [
+                    "resourceId"
+                  ],
                   "type": "object",
                   "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                   "properties": {
@@ -1783,14 +2314,19 @@
                   "items": {
                     "description": "This type represents a link port of an internal VL of a VNF.\nNOTE 1: Either cpInstanceId with cpInstanceType set to \"EXT_CP\" or any combination of cpInstanceId\n        with cpInstanceType set to \"VNFC_CP\" and vipCpInstanceId (i.e. one or both of them) shall be \n        present for a VnfLinkPortInfo. In case both cpInstanceId with cpInstanceType set to \"VNFC_CP\" \n        and vipCpInstanceId are present, the two different CP instances share the linkport.\nNOTE 2: Annex A.4 of ETSI GS NFV-IFA 007 provides examples for configurations where both vipCpInstanceId\n        and vnfcCpInstanceId are present (UC#5 and UC#5-b), only vnfcCpInstanceId is present (UC#2), or \n        only vipCpInstanceId is present (UC6 and UC#6-b).\nNOTE 3: The value of \"trunkResourceId\" is scoped by the value of \"vimConnectionId\" in the \"resourceHandle\"\n        attribute.\n",
                     "type": "object",
-                    "required": ["id", "resourceHandle"],
+                    "required": [
+                      "id",
+                      "resourceHandle"
+                    ],
                     "properties": {
                       "id": {
                         "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
                         "type": "string"
                       },
                       "resourceHandle": {
-                        "required": ["resourceId"],
+                        "required": [
+                          "resourceId"
+                        ],
                         "type": "object",
                         "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                         "properties": {
@@ -1841,7 +2377,10 @@
                       "cpInstanceType": {
                         "description": "Type of the CP instance that is identified by cpInstanceId.  Shall be present if \"cpInstanceId\" is present and shall be absent otherwise.\nPermitted values: - VNFC_CP: The link port is connected to a VNFC CP. -\tEXT_CP: The link port is associated to an external CP. See note 1.\n",
                         "type": "string",
-                        "enum": ["VNFC_CP", "EXT_CP"]
+                        "enum": [
+                          "VNFC_CP",
+                          "EXT_CP"
+                        ]
                       },
                       "vipCpInstanceId": {
                         "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
@@ -1867,7 +2406,11 @@
             "items": {
               "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance.\nNote: If only the value or the presence of this attribute is changed in the \"VirtualStorageResourceInfo\"\n      structure by an LCM operation occurrence, this does not represent a change that requires\n      including a related \"AffectedVirtualStorage\" structure in the VNF LCM operation occurrence\n      notifications or the \"VnfLcmOpOcc\" structure related to this LCM operation occurrence.\n",
               "type": "object",
-              "required": ["id", "virtualStorageDescId", "storageResource"],
+              "required": [
+                "id",
+                "virtualStorageDescId",
+                "storageResource"
+              ],
               "properties": {
                 "id": {
                   "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
@@ -1882,7 +2425,9 @@
                   "type": "string"
                 },
                 "storageResource": {
-                  "required": ["resourceId"],
+                  "required": [
+                    "resourceId"
+                  ],
                   "type": "object",
                   "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                   "properties": {
@@ -1981,7 +2526,11 @@
                 "mcioType": {
                   "description": "The type of MCIO. Specific values, their semantics and associated MCIO types are defined in clause  5.5.4.9. Additional values are also permitted. See note 1.\n",
                   "type": "string",
-                  "enum": ["Deployment", "StatefulSet"]
+                  "enum": [
+                    "Deployment",
+                    "StatefulSet",
+                    "DaemonSet"
+                  ]
                 },
                 "desiredInstances": {
                   "description": "Number of desired MCIO instances.\n",
@@ -1991,6 +2540,76 @@
                   "description": "Number of available MCIO instances.\n",
                   "type": "integer"
                 },
+                "additionalInfo": {
+                  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                  "type": "object"
+                },
+                "certificateContentId": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+              }
+              }
+            }
+          },
+          "vnfPaasServiceInfo": {
+            "description": "Information on the PaaS Services assigned and used by the VNF instance.\n",
+            "type": "array",
+            "items": {
+              "description": "This type provides input information about a PaaS Service that is used by a VNF instance. The PaasServiceInfo is comprised of various sets of information. Some information comes from the VNFD, other information comes from the PaaS Service assets provided by the NFVO to the VNFM, and other information is provided at runtime information about the usage of the PaaS Service.\n",
+              "type": "object",
+              "required": [
+                "id",
+                "paasServiceId",
+                "paasServiceType",
+                "paasServiceRequestId",
+                "paasServiceHandle"
+              ],
+              "properties": {
+                "id": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                },
+                "paasServiceId": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                },
+                "paasServiceType": {
+                  "description": "The type of PaaS Service. The value of this attribute is expected to be matched against values of the registered PaaS Services in the PSR.",
+                  "type": "string"
+                },
+                "paasServiceVersion": {
+                  "description": "A version.\n",
+                  "type": "string"
+                },
+                "paasServiceRequestId": {
+                  "description": "An identifier that is unique within a VNF descriptor.\n",
+                  "type": "string"
+                },
+                "paasServiceHandle": {
+                  "description": "This type provides information enabling the access and use of the PaaS Service by the VNF instance. The type and format of the handle depends on the form that the PaaS Service is formed.\n",
+                  "type": "object",
+                  "required": [
+                    "id"
+                  ],
+                  "properties": {
+                    "id": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "interfaceInfo": {
+                      "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                      "type": "object"
+                    },
+                    "accessInfo": {
+                      "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                      "type": "object"
+                    },
+                    "extra": {
+                      "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                      "type": "object"
+                    }
+                  }
+                },
                 "additionalInfo": {
                   "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
                   "type": "object"
@@ -2011,12 +2630,16 @@
       "_links": {
         "description": "Links to resources related to this resource.\n",
         "type": "object",
-        "required": ["self"],
+        "required": [
+          "self"
+        ],
         "properties": {
           "self": {
             "description": "This type represents a link to a resource using an absolute URI.\n",
             "type": "object",
-            "required": ["href"],
+            "required": [
+              "href"
+            ],
             "properties": {
               "href": {
                 "description": "String formatted according to IETF RFC 3986.\n",
@@ -2027,7 +2650,9 @@
           "indicators": {
             "description": "This type represents a link to a resource using an absolute URI.\n",
             "type": "object",
-            "required": ["href"],
+            "required": [
+              "href"
+            ],
             "properties": {
               "href": {
                 "description": "String formatted according to IETF RFC 3986.\n",
@@ -2038,7 +2663,9 @@
           "instantiate": {
             "description": "This type represents a link to a resource using an absolute URI.\n",
             "type": "object",
-            "required": ["href"],
+            "required": [
+              "href"
+            ],
             "properties": {
               "href": {
                 "description": "String formatted according to IETF RFC 3986.\n",
@@ -2049,7 +2676,9 @@
           "terminate": {
             "description": "This type represents a link to a resource using an absolute URI.\n",
             "type": "object",
-            "required": ["href"],
+            "required": [
+              "href"
+            ],
             "properties": {
               "href": {
                 "description": "String formatted according to IETF RFC 3986.\n",
@@ -2060,7 +2689,9 @@
           "scale": {
             "description": "This type represents a link to a resource using an absolute URI.\n",
             "type": "object",
-            "required": ["href"],
+            "required": [
+              "href"
+            ],
             "properties": {
               "href": {
                 "description": "String formatted according to IETF RFC 3986.\n",
@@ -2071,7 +2702,9 @@
           "scaleToLevel": {
             "description": "This type represents a link to a resource using an absolute URI.\n",
             "type": "object",
-            "required": ["href"],
+            "required": [
+              "href"
+            ],
             "properties": {
               "href": {
                 "description": "String formatted according to IETF RFC 3986.\n",
@@ -2082,7 +2715,9 @@
           "changeFlavour": {
             "description": "This type represents a link to a resource using an absolute URI.\n",
             "type": "object",
-            "required": ["href"],
+            "required": [
+              "href"
+            ],
             "properties": {
               "href": {
                 "description": "String formatted according to IETF RFC 3986.\n",
@@ -2093,7 +2728,9 @@
           "heal": {
             "description": "This type represents a link to a resource using an absolute URI.\n",
             "type": "object",
-            "required": ["href"],
+            "required": [
+              "href"
+            ],
             "properties": {
               "href": {
                 "description": "String formatted according to IETF RFC 3986.\n",
@@ -2104,7 +2741,9 @@
           "operate": {
             "description": "This type represents a link to a resource using an absolute URI.\n",
             "type": "object",
-            "required": ["href"],
+            "required": [
+              "href"
+            ],
             "properties": {
               "href": {
                 "description": "String formatted according to IETF RFC 3986.\n",
@@ -2115,7 +2754,9 @@
           "changeExtConn": {
             "description": "This type represents a link to a resource using an absolute URI.\n",
             "type": "object",
-            "required": ["href"],
+            "required": [
+              "href"
+            ],
             "properties": {
               "href": {
                 "description": "String formatted according to IETF RFC 3986.\n",
@@ -2126,7 +2767,9 @@
           "createSnapshot": {
             "description": "This type represents a link to a resource using an absolute URI.\n",
             "type": "object",
-            "required": ["href"],
+            "required": [
+              "href"
+            ],
             "properties": {
               "href": {
                 "description": "String formatted according to IETF RFC 3986.\n",
@@ -2137,7 +2780,9 @@
           "revertToSnapshot": {
             "description": "This type represents a link to a resource using an absolute URI.\n",
             "type": "object",
-            "required": ["href"],
+            "required": [
+              "href"
+            ],
             "properties": {
               "href": {
                 "description": "String formatted according to IETF RFC 3986.\n",
@@ -2148,7 +2793,9 @@
           "changeCurrentVnfPkg": {
             "description": "This type represents a link to a resource using an absolute URI.\n",
             "type": "object",
-            "required": ["href"],
+            "required": [
+              "href"
+            ],
             "properties": {
               "href": {
                 "description": "String formatted according to IETF RFC 3986.\n",
@@ -2160,4 +2807,4 @@
       }
     }
   }
-}
+}
\ No newline at end of file
diff --git a/SOL003/VNFLifecycleOperationGranting-API/Grants.robot b/SOL003/VNFLifecycleOperationGranting-API/Grants.robot
index 728c14ef9fd314458504b8686363b50455789e94..577038a2657c633171c0ad3ed494940a64ad116a 100644
--- a/SOL003/VNFLifecycleOperationGranting-API/Grants.robot
+++ b/SOL003/VNFLifecycleOperationGranting-API/Grants.robot
@@ -22,7 +22,7 @@ Requests a grant for a particular VNF lifecycle operation - Synchronous mode
     ...    Test title: Requests a grant for a particular VNF lifecycle operation - Synchronous mode
     ...    Test objective: The objective is to request a grant for a particular VNF lifecycle operation and perform a JSON schema validation on the returned grant data structure
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 9.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO can decide immediately what to respond to a grant request
     ...    Post-Conditions: The grant information is available to the VNFM.
@@ -36,7 +36,7 @@ Requests a grant for a particular VNF lifecycle operation - Asynchronous mode
     ...    Test title: Requests a grant for a particular VNF lifecycle operation - Asynchronous mode
     ...    Test objective: The objective is to request a grant for a particular VNF lifecycle operation and perform a JSON schema validation on the returned grant data structure
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 9.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO can not decide immediately what to respond to a grant request
     ...    Post-Conditions: The grant information is available to the VNFM.
@@ -51,7 +51,7 @@ Requests a grant for a particular VNF lifecycle operation - Forbidden
     ...    Test title: Requests a grant for a particular VNF lifecycle operation - Forbidden 
     ...    Test objective: The objective is to request a grant for a particular VNF lifecycle operation and the grant is rejected
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 9.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -64,7 +64,7 @@ GET Grants - Method not implemented
     ...    Test title: GET Grants - Method not implemented
     ...    Test objective: The objective is to test that GET method is not allowed for Life cycle operation granting 
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 9.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions:   none
@@ -76,7 +76,7 @@ PUT Grants - Method not implemented
     ...    Test title: PUT Grants - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed for Life cycle operation granting 
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.2.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 9.4.2.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -88,7 +88,7 @@ PATCH Grants - Method not implemented
     ...    Test title: PATCH Grants - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed for Life cycle operation granting  
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.2.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 9.4.2.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -100,7 +100,7 @@ DELETE Grants - Method not implemented
     ...    Test title: DELETE Grants - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed for Life cycle operation granting  
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.2.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 9.4.2.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions:  resources are not deleted
@@ -112,7 +112,7 @@ Requests a grant for a particular VNF lifecycle operation - Synchronous mode usi
     ...    Test title: Requests a grant for a particular VNF lifecycle operation - Synchronous mode using instantiationLevelId for Target size 
     ...    Test objective: The objective is to request a grant for a particular VNF lifecycle operation and perform a JSON schema validation on the returned grant data structure
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 9.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO can decide immediately what to respond to a grant request
     ...    Post-Conditions: The grant information is available to the VNFM.
@@ -126,7 +126,7 @@ Requests a grant for a particular VNF lifecycle operation - Synchronous mode usi
     ...    Test title: Requests a grant for a particular VNF lifecycle operation - Synchronous mode using targetScaleLevelInfo for Target size 
     ...    Test objective: The objective is to request a grant for a particular VNF lifecycle operation and perform a JSON schema validation on the returned grant data structure
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 9.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO can decide immediately what to respond to a grant request
     ...    Post-Conditions: The grant information is available to the VNFM.
@@ -140,7 +140,7 @@ Requests a grant for a particular VNF lifecycle operation - Synchronous mode usi
     ...    Test title: Requests a grant for a particular VNF lifecycle operation - Synchronous mode using with attribute addResources for Target size 
     ...    Test objective: The objective is to request a grant for a particular VNF lifecycle operation and perform a JSON schema validation on the returned grant data structure
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 9.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO can decide immediately what to respond to a grant request
     ...    Post-Conditions: The grant information is available to the VNFM.
@@ -149,6 +149,33 @@ Requests a grant for a particular VNF lifecycle operation - Synchronous mode usi
     Check Operation Occurrence Id existence 
     Check HTTP Response Body Json Schema Is    grant
 
+Requests a grant for a particular VNF lifecycle operation - Synchronous mode with permitted authorization scope
+    [Documentation]    Test ID: 7.3.2.1.11
+    ...    Test title: Requests a grant for a particular VNF lifecycle operation - Synchronous mode with permitted authorization scope
+    ...    Test objective: The objective is to request a grant for a particular VNF lifecycle operation and perform a JSON schema validation on the returned grant data structure with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 9.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: The NFVO can decide immediately what to respond to a grant request
+    ...    Post-Conditions: The grant information is available to the VNFM.
+    Send Request Grant Request in Synchronous mode with permitted authorization scope
+    Check HTTP Response Status Code Is    201
+    Check Operation Occurrence Id existence 
+    Check HTTP Response Body Json Schema Is    grant
+
+Requests a grant for a particular VNF lifecycle operation - Synchronous mode with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.2.1.12
+    ...    Test title: Requests a grant for a particular VNF lifecycle operation - Synchronous mode with not permitted authorization scope
+    ...    Test objective: The objective is to request a grant for a particular VNF lifecycle operation and perform a JSON schema validation on the returned grant data structure with not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 9.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: The NFVO can decide immediately what to respond to a grant request
+    ...    Post-Conditions: The grant information is available to the VNFM.
+    Send Request Grant Request in Synchronous mode with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
+
 *** Keywords ***
 Wait for individual grant successful notification
     Wait Until Keyword Succeeds    ${retry}   ${polling}    Get an individual grant - Successful
\ No newline at end of file
diff --git a/SOL003/VNFLifecycleOperationGranting-API/IndividualGrant.robot b/SOL003/VNFLifecycleOperationGranting-API/IndividualGrant.robot
index 2874ee4282c75c56287ca4dbcb6002b859c521f9..4ce3908d470157082e87c5d6461a3a211fd1647c 100644
--- a/SOL003/VNFLifecycleOperationGranting-API/IndividualGrant.robot
+++ b/SOL003/VNFLifecycleOperationGranting-API/IndividualGrant.robot
@@ -18,7 +18,7 @@ POST Individual Grant - Method not implemented
     ...    Test title: POST Individual Grant - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed for Life cycle operation granting  
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.2.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 9.4.2.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -30,7 +30,7 @@ GET an individual grant - Successful
     ...    Test title: GET an individual grant - Successful
     ...    Test objective: The objective is to retrieve a grant for a particular VNF Lifecycle Operation.
     ...    Pre-conditions: The  grant information is available to the NFVO
-    ...    Reference: Clause 9.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 9.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -45,7 +45,7 @@ GET an individual grant - Process ongoing
     ...    Test title: GET an individual grant - Process ongoing
     ...    Test objective: The objective is to retrieve a grant for a particular VNF lifecycle operation when process is ongoing and no grant is available yet.
     ...    Pre-conditions: The process of creating the grant is ongoing, no grant is available yet.
-    ...    Reference: Clause 9.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 9.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -59,7 +59,7 @@ GET an individual grant - grant rejected
     ...    Test title: GET an individual grant - grant rejected
     ...    Test objective: The objective is to retrieve a grant for a particular VNF Lifecycle Operation but error returned because grant has been rejected.
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 9.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -72,7 +72,7 @@ PUT an individual grant - Method not implemented
     ...    Test title: PUT an individual grant - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to for Life cycle operation granting  
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.3.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 9.4.3.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -84,7 +84,7 @@ PATCH an individual grant - Method not implemented
     ...    Test title: PATCH an individual grant - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to for Life cycle operation granting  
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 9.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -96,7 +96,7 @@ DELETE an individual grant - Method not implemented
     ...    Test title: DELETE an individual grant - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to for Life cycle operation granting  
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.3.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 9.4.3.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
diff --git a/SOL003/VNFLifecycleOperationGranting-API/VNFLifecycleOperationGrantingKeywords.robot b/SOL003/VNFLifecycleOperationGranting-API/VNFLifecycleOperationGrantingKeywords.robot
index ab5b2fd723a1e1bc7f1507a3edecb13ad132a378..e0983b57af039c125449f52be6e1bec84dc390fa 100644
--- a/SOL003/VNFLifecycleOperationGranting-API/VNFLifecycleOperationGrantingKeywords.robot
+++ b/SOL003/VNFLifecycleOperationGranting-API/VNFLifecycleOperationGrantingKeywords.robot
@@ -91,6 +91,35 @@ Send Request for a new Grant Forbiden Operation
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/grants    ${body}
     ${body}=    Output    response
     Set Suite Variable    ${response}    ${body}
+
+Send Request Grant Request in Synchronous mode with permitted authorization scope 
+    Log    Request a new Grant for a VNF LCM operation by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/grants with permitted authorization scope 
+    Pass Execution If    ${SYNC_MODE} == 0    The Granting process is asynchronous mode. Skipping the test
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${GRANT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Run Keyword If    ${check_descriptors} == 1    PARSE the Descriptor File
+    ${template}=    Get File    jsons/grantRequest.json
+    ${body}=        Format String   ${template}    vnfInstanceId=${vnfInstanceId}   vnfLcmOpOccId=${vnfLcmOpOccId}    vnfdId=${Descriptor_ID}    flavourId=${Flavour_ID}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/grants    ${body}
+    ${body}=    Output    response
+    Set Suite Variable    ${response}    ${body}
+Send Request Grant Request in Synchronous mode with not permitted authorization scope 
+    Log    Request a new Grant for a VNF LCM operation by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/grants with not permitted authorization scope 
+    Pass Execution If    ${SYNC_MODE} == 0    The Granting process is asynchronous mode. Skipping the test
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${GRANT_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Run Keyword If    ${check_descriptors} == 1    PARSE the Descriptor File
+    ${template}=    Get File    jsons/grantRequest.json
+    ${body}=        Format String   ${template}    vnfInstanceId=${vnfInstanceId}   vnfLcmOpOccId=${vnfLcmOpOccId}    vnfdId=${Descriptor_ID}    flavourId=${Flavour_ID}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/grants    ${body}
+    ${body}=    Output    response
+    Set Suite Variable    ${response}    ${body}
     
 Check HTTP Response Status Code Is
     [Arguments]    ${expected_status}    
@@ -347,4 +376,9 @@ Match the grant Response Attributes with Descriptors
     Run Keyword If  '${descriptorType}'=='SOL006'    List Should Contain Value    ${externalCP_IDs}    ${response['body']['extVirtualLinks'][0]['extCps'][0]['cpdId']}
     Run Keyword If  '${descriptorType}'=='SOL001'    List Should Contain Value    @{CP_IDs}    ${response['body']['extVirtualLinks'][0]['extCps'][0]['cpdId']}
     List Should Contain Value    ${VirtualLink_IDs}    ${response['body']['extManagedVirtualLinkData'][0]['vnfVirtualLinkDescId']}
-    List Should Contain value    ${Compute_IDs}    ${response['body']['vimAssets']['computeResourceFlavours'][0]['vnfdVirtualComputeDescId']}
\ No newline at end of file
+    List Should Contain value    ${Compute_IDs}    ${response['body']['vimAssets']['computeResourceFlavours'][0]['vnfdVirtualComputeDescId']}
+
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded}
\ No newline at end of file
diff --git a/SOL003/VNFLifecycleOperationGranting-API/environment/variables.txt b/SOL003/VNFLifecycleOperationGranting-API/environment/variables.txt
index ec3012e38ae2816d0830f42ed7379d2b66d6c164..bd0340b17cee1e50b98accd43095feb934e09e83 100644
--- a/SOL003/VNFLifecycleOperationGranting-API/environment/variables.txt
+++ b/SOL003/VNFLifecycleOperationGranting-API/environment/variables.txt
@@ -2,7 +2,11 @@
 ${NFVO_HOST}      localhost    # Hostname of the NFVO
 ${NFVO_PORT}      8081    # Listening port of the NFVO
 ${NFVO_SCHEMA}    https
+${OAUTH_ENCRYPTION_ALGORITHM}  HS256
+${OAUTH_KEY}
 ${AUTHORIZATION_HEADER}    Authorization
+${GRANT_PERMITTED_SCOPE}  grant:v1:all
+${GRANT_NOT_PERMITTED_SCOPE}  grant:v1:all:invalid
 ${AUTHORIZATION_TOKEN}    Bearer 0b79bab50daca910b000d4f1a2b675d604257e42
 ${CONTENT_TYPE}    application/json
 ${ACCEPT}         application/json
diff --git a/SOL003/VNFLifecycleOperationGranting-API/schemas/grant.schema.json b/SOL003/VNFLifecycleOperationGranting-API/schemas/grant.schema.json
index 5efcb538b5c5053202d19a8bba7c5b4893de228d..1cf14247e984c9e706c74a60dc351207e9a0e1e3 100644
--- a/SOL003/VNFLifecycleOperationGranting-API/schemas/grant.schema.json
+++ b/SOL003/VNFLifecycleOperationGranting-API/schemas/grant.schema.json
@@ -1,5 +1,5 @@
 {
-  "description": "This type represents a grant.\nNOTE 1: This interface allows to signal the use of multiple VIMs per VNF. The specification\n        for managing the VNF internal VL requirements across multiple VIMs is supported via\n        \"externally-managed internal VLs\" and \"multi-site connectivity services\".\nNOTE 2: Void. NOTE 3: The Grant response allows the NFVO to pass to the VNFM VIM assets related to the VNF \n        package that is identified in the corresponding Grant request. Because only the operations\n        InstantiateVnf, ChangeCurrentVnfPkg and the update of the vnfdId by PATCH can imply changes\n        in the set of VIM assets, the NFVO shall not change this set in any other case. To signal the\n        set of VIM assets, the following applies:\n        a)\tIf the current LCM operation is InstantiateVnf, the NFVO shall send in the Grant response\n        the full set of VIM assets related to the VNF package defined by the vnfdId in the related\n        Grant request.\n        b)\tIf the current LCM operation is ChangeCurrentVnfPkg, the NFVO shall send in the\n        Grant response the full set of VIM assets related to the VNF package defined by the destVnfdId\n        in the related Grant request.\n        c)\tFor any other operation: If the set of VIM assets has changed since the end of the previous\n        granted operation because a PATCH operation has changed the vnfdId between the previous granted\n        operation and the operation to which the current granting exchange relates, the NFVO shall send\n        in the Grant response the full set of VIM assets related to the VNF package defined by the vnfdId\n        in the related Grant request. Otherwise, the NFVO shall either send in the Grant response the full\n        set of VIM assets related to the VNF package defined by the vnfdId in the related Grant request, or\n        shall not send any VIM assets at all.\n        During each LCM operation occurrence other than a \"ChangeCurrentVnfPkg\" operation,\n        the VIM assets that relate to the VNF package identified by the current value of\n        the vnfdId attribute in the \"VnfInstance\" structure shall be used by the\n        VNFM for newly created resources and updated resources.\nNOTE 4: The indication of externally-managed internal VLs is needed in case networks have been\n        pre-configured for use with certain VNFs, for instance to ensure that these networks have\n        certain properties such as security or acceleration features, or to address particular network\n        topologies (e.g., multi-site connectivity). The present document assumes that externally-managed\n        internal VLs are managed by the NFVO and created towards the VIM and WIM.\nNOTE 5: For any VNF lifecycle management operation request that allows to pass \"extVirtualLinks\" and/or\n        \"extManagedVirtualLinks\" parameters, such as InstantiateVnf, ChangeVnfFlavour, ChangeExtVnfConnectivity or\n        ChangeCurrentVnfPackage, the NFVO may provide the \"extVirtualLinks\" and/or \"extManagedVirtualLinks\" attributes\n        in the Grant to override the values passed in these parameters previously in the associated VNF lifecycle\n        management request, if the lifecycle management request has originated from the NFVO itself. The NFVO shall\n        not provide the \"extVirtualLinks\" and/or \"extManagedVirtualLinks\" attributes in the Grant in case the LCM\n        request did not originate from the NFVO itself or the granted LCM operation request does not allow to pass\n        these parameters.\nNOTE 6: The NFVO shall set the value of the attribute by copying the value from the associated \n        GrantRequest.\nNOTE 7: In case of granting an InstantiateVnf request that has originated from the NFVO and that \n        did not contain the \"extVirtualLinks\" attribute, this attribute shall be set by the NFVO. \n        Further in case of granting an InstantiateVnf request that has originated from the NFVO \n        and that did not contain the \"extManagedVirtualLinks\" attribute, this attribute shall be \n        set by the NFVO if there is the need to provide information about externally-managed virtual \n        links.\nNOTE 8: The resulting \"extVirtualLinks\" or \"extManagedVirtualLinks\" information is calculated as follows: \n        In a first step, the information passed in the related LCM operation is applied to the baseline\n        information known from earlier LCM operation executions. In a second step, the information passed\n        in the Grant is applied to the information resulting from the first step.\n",
+  "description": "This type represents a grant.\nNOTE 1: This interface allows to signal the use of multiple VIMs per VNF. The specification\n        for managing the VNF internal VL requirements across multiple VIMs is supported via\n        \"externally-managed internal VLs\" and \"multi-site connectivity services\".\nNOTE 2: Void. NOTE 3: The Grant response allows the NFVO to pass to the VNFM VIM assets related to the VNF \n        package that is identified in the corresponding Grant request. Because only the operations\n        InstantiateVnf, ChangeCurrentVnfPkg and the update of the vnfdId by PATCH can imply changes\n        in the set of VIM assets, the NFVO shall not change this set in any other case. To signal the\n        set of VIM assets, the following applies:\n        a)\tIf the current LCM operation is InstantiateVnf, the NFVO shall send in the Grant response\n        the full set of VIM assets related to the VNF package defined by the vnfdId in the related\n        Grant request.\n        b)\tIf the current LCM operation is ChangeCurrentVnfPkg, the NFVO shall send in the\n        Grant response the full set of VIM assets related to the VNF package defined by the destVnfdId\n        in the related Grant request.\n        c)\tFor any other operation: If the set of VIM assets has changed since the end of the previous\n        granted operation because a PATCH operation has changed the vnfdId between the previous granted\n        operation and the operation to which the current granting exchange relates, the NFVO shall send\n        in the Grant response the full set of VIM assets related to the VNF package defined by the vnfdId\n        in the related Grant request. Otherwise, the NFVO shall either send in the Grant response the full\n        set of VIM assets related to the VNF package defined by the vnfdId in the related Grant request, or\n        shall not send any VIM assets at all.\n        During each LCM operation occurrence other than a \"ChangeCurrentVnfPkg\" operation,\n        the VIM assets that relate to the VNF package identified by the current value of\n        the vnfdId attribute in the \"VnfInstance\" structure shall be used by the\n        VNFM for newly created resources and updated resources.\nNOTE 4: The indication of externally-managed internal VLs is needed in case networks have been\n        pre-configured for use with certain VNFs, for instance to ensure that these networks have\n        certain properties such as security or acceleration features, or to address particular network\n        topologies (e.g., multi-site connectivity). The present document assumes that externally-managed\n        internal VLs are managed by the NFVO and created towards the VIM and WIM.\nNOTE 5: For any VNF lifecycle management operation request that allows to pass \"extVirtualLinks\" and/or\n        \"extManagedVirtualLinks\" parameters, such as InstantiateVnf, ChangeVnfFlavour, ChangeExtVnfConnectivity or\n        ChangeCurrentVnfPackage, the NFVO may provide the \"extVirtualLinks\" and/or \"extManagedVirtualLinks\" attributes\n        in the Grant to override the values passed in these parameters previously in the associated VNF lifecycle\n        management request, if the lifecycle management request has originated from the NFVO itself. The NFVO shall\n        not provide the \"extVirtualLinks\" and/or \"extManagedVirtualLinks\" attributes in the Grant in case the LCM\n        request did not originate from the NFVO itself or the granted LCM operation request does not allow to pass\n        these parameters.\nNOTE 6: The NFVO shall set the value of the attribute by copying the value from the associated \n        GrantRequest.\nNOTE 7: In case of granting an InstantiateVnf request that has originated from the NFVO and that \n        did not contain the \"extVirtualLinks\" attribute, this attribute shall be set by the NFVO. \n        Further in case of granting an InstantiateVnf request that has originated from the NFVO \n        and that did not contain the \"extManagedVirtualLinks\" attribute, this attribute shall be \n        set by the NFVO if there is the need to provide information about externally-managed virtual \n        links.\nNOTE 8: The resulting \"extVirtualLinks\" or \"extManagedVirtualLinks\" information is calculated as follows: \n        In a first step, the information passed in the related LCM operation is applied to the baseline\n        information known from earlier LCM operation executions. In a second step, the information passed\n        in the Grant is applied to the information resulting from the first step.\nNOTE 9: For resources related to ResourceDefinition whose VDU has the attribute \n        isNumOfInstancesClusterBased set to TRUE, only one occurrence of the addResources, or \n        tempResources or removeResources, or updateResources shall be included.\n",
   "type": "object",
   "required": ["id", "vnfInstanceId", "vnfLcmOpOccId", "_links"],
   "properties": {
@@ -16,10 +16,10 @@
       "type": "string"
     },
     "vimConnectionInfo": {
-      "description": "Provides information regarding VIM and/or CISM connections that are approved to be used by the VNFM to allocate resources and provides parameters of these VIM and/or CISM connections. The VNFM shall update the \"vimConnectionInfo\" attribute of the \"VnfInstance\" structure by adding unknown entries received in this attribute. This attribute is not intended for the modification of VimConnectionInfo entries passed earlier; for that, the VnfInfoModificationRequest structure shall be used. This attribute shall only be supported when\n  - all or part of the granted\n  resources are managed by\n  a VIM and VNF-related\n  Resource Management in\n  direct mode is applicable.\n  - all or part of the granted\n  resources are managed by\n  a CISM.\nIn direct mode, this parameter shall be absent if the VIM or CISM information was configured to the VNFM in another way, present otherwise. See note 1.\n",
+      "description": "Provides information regarding VIM and/or CISM connections that are approved to be used by the VNFM to allocate resources and provides parameters of these VIM and/or CISM connections. The VNFM shall update the \"vimConnectionInfo\" attribute of the \"VnfInstance\" structure by adding unknown entries received in this attribute. This attribute is not intended for the modification of VimConnectionInfo entries passed earlier; for that, the VnfInfoModificationRequest structure shall be used. This attribute shall only be supported when\n  - all or part of the granted resources are managed by a VIM and VNF-related\n  Resource Management in direct mode is applicable.\n  - all or part of the granted resources are managed by a CISM.\nIn direct mode, this parameter shall be absent if the VIM or CISM information was configured to the VNFM in another way, present otherwise. See note 1.\n",
       "type": "object",
       "additionalProperties": {
-        "description": "This type represents parameters to connect to a VIM, a CISM, a CIR or a MCIOP repository for managing the resources of a VNF instance.\nThis structure is used to convey VIM-related, CISM-related, CIR-related, or MCIOP-repository-related parameters over the Or-Vnfm interface. Additional parameters for a VIM, a CISM, a CIR or a MCIOP repository may be configured into the VNFM by means outside the scope of the present document and bound to the identifier of that VIM.\n* NOTE 1:\tIf applicable, this attribute also provides information about the resourceGroupIds\n          that are accessible using a particular set of credentials. See definition of\n          \"resourceGroupId\" in clause 9.5.3.3.\n* NOTE 2:\tOnce the connectivity between VNFM and VIM, CISM, CIR or MCIOP repository is provided\n          through a secure connection over HTTP Secure (HTTP over SSL/TLS), and the connection might also be\n          established through a VPN (for example TLS-based VPN tunnelling) for site-to-site connection, the\n          \"accessInfo\" JSON data structure, and the sensitive data related information (\"username\"/\"password\" as\n          required properties for authentication purpose), will be transmitted as plain text through a TLS tunnel\n          without additional encoding/encryption before transmitting it, making the sensitive data visible to the\n          endpoint. The base64 encoded certificates are only used by the VNFM to verify the authenticity of the\n          interface endpoint of the VIM, CISM, CIR or MCIOP repository.\n* NOTE 3:\t ETSI GS NFV-SOL 009 [i.18] specifies the means to configure into the VNFM applicable VIM connection information via the \"NFV-MANO Configuration and Information Management\" interface. \n* NOTE 4:\t  Due to the possibility of configuring such information into the VNFM out-of-band, by means outside the scope of the present document, as well as in-band, by means specified in the present document, care should be taken to avoid unintended conflicts in the VNFM when managing such information.\n",
+        "description": "This type represents parameters to connect to a VIM, a CISM, a CIR or a MCIOP repository for managing the resources of a VNF instance.\nThis structure is used to convey VIM-related, CISM-related, CIR-related, or MCIOP-repository-related parameters over the Or-Vnfm interface. Additional parameters for a VIM, a CISM, a CIR or a MCIOP repository may be configured into the VNFM by means outside the scope of the present document and bound to the identifier of that VIM.\n* NOTE 1:\tIf applicable, this attribute also provides information about the resourceGroupIds\n          that are accessible using a particular set of credentials. See definition of\n          \"resourceGroupId\" in clause 9.5.3.3.\n* NOTE 2:\tOnce the connectivity between VNFM and VIM, CISM, CIR or MCIOP repository is provided\n          through a secure connection over HTTP Secure (HTTP over SSL/TLS), and the connection might also be\n          established through a VPN (for example TLS-based VPN tunnelling) for site-to-site connection, the\n          \"accessInfo\" JSON data structure, and the sensitive data related information (\"username\"/\"password\" as\n          required properties for authentication purpose), will be transmitted as plain text through a TLS tunnel\n          without additional encoding/encryption before transmitting it, making the sensitive data visible to the\n          endpoint. The base64 encoded certificates are only used by the VNFM to verify the authenticity of the\n          interface endpoint of the VIM, CISM, CIR or MCIOP repository.\n* NOTE 3: ETSI GS NFV-SOL 009 specifies the means to configure into the VNFM applicable VIM connection\n          information via the \"NFV-MANO Configuration and Information Management\" interface.\n* NOTE 4: Due to the possibility of configuring such information into the VNFM out-of-band, by means outside the scope of\n          the present document, as well as in-band, by means specified in the present document, care should be taken to\n          avoid unintended conflicts in the VNFM when managing such information.\n",
         "type": "object",
         "required": ["vimType"],
         "properties": {
@@ -28,7 +28,7 @@
             "type": "string"
           },
           "vimType": {
-            "description": "Discriminator for the different types of the VIM information. The value of this attribute determines the structure of the \"interfaceInfo\" and \"accessInfo\" attributes, based on the type of the VIM., CISM, CIR or MCIOP repository. The set of permitted values is expected to change over time as new types or versions of VIMs become available. The ETSI NFV registry of VIM-related information [i.3] provides access to information about VimConnectionInfo definitions for various VIM, CISM, CIR or MCIOP repository types. The structure of the registry is defined in annex C.\n",
+            "description": "Discriminator for the different types of the VIM information. The value of this attribute determines the structure of the \"interfaceInfo\" and \"accessInfo\" attributes, based on the type of the VIM., CISM, CIR or MCIOP repository. The set of permitted values is expected to change over time as new types or versions of VIMs become available. The ETSI NFV registry of VIM-related information provides access to information about VimConnectionInfo definitions for various VIM, CISM, CIR or MCIOP repository types. The structure of the registry is defined in annex C.\n",
             "type": "string"
           },
           "interfaceInfo": {
@@ -50,7 +50,7 @@
       "description": "Provides information regarding a CIR connection that is approved to be used by the VNFM to obtain information about OS container images. It shall be absent in case of rejection or if the CIR information was configured to the VNFM in another way or if the granted resources are not managed by a CISM, present otherwise.\n",
       "type": "object",
       "additionalProperties": {
-        "description": "This type represents parameters to connect to a VIM, a CISM, a CIR or a MCIOP repository for managing the resources of a VNF instance.\nThis structure is used to convey VIM-related, CISM-related, CIR-related, or MCIOP-repository-related parameters over the Or-Vnfm interface. Additional parameters for a VIM, a CISM, a CIR or a MCIOP repository may be configured into the VNFM by means outside the scope of the present document and bound to the identifier of that VIM.\n* NOTE 1:\tIf applicable, this attribute also provides information about the resourceGroupIds\n          that are accessible using a particular set of credentials. See definition of\n          \"resourceGroupId\" in clause 9.5.3.3.\n* NOTE 2:\tOnce the connectivity between VNFM and VIM, CISM, CIR or MCIOP repository is provided\n          through a secure connection over HTTP Secure (HTTP over SSL/TLS), and the connection might also be\n          established through a VPN (for example TLS-based VPN tunnelling) for site-to-site connection, the\n          \"accessInfo\" JSON data structure, and the sensitive data related information (\"username\"/\"password\" as\n          required properties for authentication purpose), will be transmitted as plain text through a TLS tunnel\n          without additional encoding/encryption before transmitting it, making the sensitive data visible to the\n          endpoint. The base64 encoded certificates are only used by the VNFM to verify the authenticity of the\n          interface endpoint of the VIM, CISM, CIR or MCIOP repository.\n",
+        "description": "This type represents parameters to connect to a VIM, a CISM, a CIR or a MCIOP repository for managing the resources of a VNF instance.\nThis structure is used to convey VIM-related, CISM-related, CIR-related, or MCIOP-repository-related parameters over the Or-Vnfm interface. Additional parameters for a VIM, a CISM, a CIR or a MCIOP repository may be configured into the VNFM by means outside the scope of the present document and bound to the identifier of that VIM.\n* NOTE 1:\tIf applicable, this attribute also provides information about the resourceGroupIds\n          that are accessible using a particular set of credentials. See definition of\n          \"resourceGroupId\" in clause 9.5.3.3.\n* NOTE 2:\tOnce the connectivity between VNFM and VIM, CISM, CIR or MCIOP repository is provided\n          through a secure connection over HTTP Secure (HTTP over SSL/TLS), and the connection might also be\n          established through a VPN (for example TLS-based VPN tunnelling) for site-to-site connection, the\n          \"accessInfo\" JSON data structure, and the sensitive data related information (\"username\"/\"password\" as\n          required properties for authentication purpose), will be transmitted as plain text through a TLS tunnel\n          without additional encoding/encryption before transmitting it, making the sensitive data visible to the\n          endpoint. The base64 encoded certificates are only used by the VNFM to verify the authenticity of the\n          interface endpoint of the VIM, CISM, CIR or MCIOP repository.\n* NOTE 3: ETSI GS NFV-SOL 009 specifies the means to configure into the VNFM applicable VIM connection\n          information via the \"NFV-MANO Configuration and Information Management\" interface.\n* NOTE 4: Due to the possibility of configuring such information into the VNFM out-of-band, by means outside the scope of\n          the present document, as well as in-band, by means specified in the present document, care should be taken to\n          avoid unintended conflicts in the VNFM when managing such information.\n",
         "type": "object",
         "required": ["vimType"],
         "properties": {
@@ -59,7 +59,7 @@
             "type": "string"
           },
           "vimType": {
-            "description": "Discriminator for the different types of the VIM information. The value of this attribute determines the structure of the \"interfaceInfo\" and \"accessInfo\" attributes, based on the type of the VIM., CISM, CIR or MCIOP repository. The set of permitted values is expected to change over time as new types or versions of VIMs become available. The ETSI NFV registry of VIM-related information [i.3] provides access to information about VimConnectionInfo definitions for various VIM, CISM, CIR or MCIOP repository types. The structure of the registry is defined in annex C.\n",
+            "description": "Discriminator for the different types of the VIM information. The value of this attribute determines the structure of the \"interfaceInfo\" and \"accessInfo\" attributes, based on the type of the VIM., CISM, CIR or MCIOP repository. The set of permitted values is expected to change over time as new types or versions of VIMs become available. The ETSI NFV registry of VIM-related information provides access to information about VimConnectionInfo definitions for various VIM, CISM, CIR or MCIOP repository types. The structure of the registry is defined in annex C.\n",
             "type": "string"
           },
           "interfaceInfo": {
@@ -81,7 +81,7 @@
       "description": "Provides information regarding a MCIOP repository. It shall be absent in case of rejection or if the MCIOP repository information was configured to the VNFM in another way or if the granted resources are not managed by a CISM, present otherwise.\n",
       "type": "object",
       "additionalProperties": {
-        "description": "This type represents parameters to connect to a VIM, a CISM, a CIR or a MCIOP repository for managing the resources of a VNF instance.\nThis structure is used to convey VIM-related, CISM-related, CIR-related, or MCIOP-repository-related parameters over the Or-Vnfm interface. Additional parameters for a VIM, a CISM, a CIR or a MCIOP repository may be configured into the VNFM by means outside the scope of the present document and bound to the identifier of that VIM.\n* NOTE 1:\tIf applicable, this attribute also provides information about the resourceGroupIds\n          that are accessible using a particular set of credentials. See definition of\n          \"resourceGroupId\" in clause 9.5.3.3.\n* NOTE 2:\tOnce the connectivity between VNFM and VIM, CISM, CIR or MCIOP repository is provided\n          through a secure connection over HTTP Secure (HTTP over SSL/TLS), and the connection might also be\n          established through a VPN (for example TLS-based VPN tunnelling) for site-to-site connection, the\n          \"accessInfo\" JSON data structure, and the sensitive data related information (\"username\"/\"password\" as\n          required properties for authentication purpose), will be transmitted as plain text through a TLS tunnel\n          without additional encoding/encryption before transmitting it, making the sensitive data visible to the\n          endpoint. The base64 encoded certificates are only used by the VNFM to verify the authenticity of the\n          interface endpoint of the VIM, CISM, CIR or MCIOP repository.\n",
+        "description": "This type represents parameters to connect to a VIM, a CISM, a CIR or a MCIOP repository for managing the resources of a VNF instance.\nThis structure is used to convey VIM-related, CISM-related, CIR-related, or MCIOP-repository-related parameters over the Or-Vnfm interface. Additional parameters for a VIM, a CISM, a CIR or a MCIOP repository may be configured into the VNFM by means outside the scope of the present document and bound to the identifier of that VIM.\n* NOTE 1:\tIf applicable, this attribute also provides information about the resourceGroupIds\n          that are accessible using a particular set of credentials. See definition of\n          \"resourceGroupId\" in clause 9.5.3.3.\n* NOTE 2:\tOnce the connectivity between VNFM and VIM, CISM, CIR or MCIOP repository is provided\n          through a secure connection over HTTP Secure (HTTP over SSL/TLS), and the connection might also be\n          established through a VPN (for example TLS-based VPN tunnelling) for site-to-site connection, the\n          \"accessInfo\" JSON data structure, and the sensitive data related information (\"username\"/\"password\" as\n          required properties for authentication purpose), will be transmitted as plain text through a TLS tunnel\n          without additional encoding/encryption before transmitting it, making the sensitive data visible to the\n          endpoint. The base64 encoded certificates are only used by the VNFM to verify the authenticity of the\n          interface endpoint of the VIM, CISM, CIR or MCIOP repository.\n* NOTE 3: ETSI GS NFV-SOL 009 specifies the means to configure into the VNFM applicable VIM connection\n          information via the \"NFV-MANO Configuration and Information Management\" interface.\n* NOTE 4: Due to the possibility of configuring such information into the VNFM out-of-band, by means outside the scope of\n          the present document, as well as in-band, by means specified in the present document, care should be taken to\n          avoid unintended conflicts in the VNFM when managing such information.\n",
         "type": "object",
         "required": ["vimType"],
         "properties": {
@@ -90,7 +90,7 @@
             "type": "string"
           },
           "vimType": {
-            "description": "Discriminator for the different types of the VIM information. The value of this attribute determines the structure of the \"interfaceInfo\" and \"accessInfo\" attributes, based on the type of the VIM., CISM, CIR or MCIOP repository. The set of permitted values is expected to change over time as new types or versions of VIMs become available. The ETSI NFV registry of VIM-related information [i.3] provides access to information about VimConnectionInfo definitions for various VIM, CISM, CIR or MCIOP repository types. The structure of the registry is defined in annex C.\n",
+            "description": "Discriminator for the different types of the VIM information. The value of this attribute determines the structure of the \"interfaceInfo\" and \"accessInfo\" attributes, based on the type of the VIM., CISM, CIR or MCIOP repository. The set of permitted values is expected to change over time as new types or versions of VIMs become available. The ETSI NFV registry of VIM-related information provides access to information about VimConnectionInfo definitions for various VIM, CISM, CIR or MCIOP repository types. The structure of the registry is defined in annex C.\n",
             "type": "string"
           },
           "interfaceInfo": {
@@ -155,10 +155,10 @@
       }
     },
     "addResources": {
-      "description": "List of resources that are approved to be added, with one entry per resource. Shall be set when resources are approved to be added and  shall contain the same set of resources requested to be added in the  related GrantRequest.\n",
+      "description": "List of resources that are approved to be added, with one entry per resource. See note 9. Shall be set when resources are approved to be added and  shall contain the same set of resources requested to be added in the  related GrantRequest.\n",
       "type": "array",
       "items": {
-        "description": "This type contains information about a Compute, storage or network resource whose addition/update/deletion was granted.\n",
+        "description": "This type contains information about a Compute, storage or network resource whose addition/update/deletion was granted. It enables also referencing to a PaaS Service request definition which has been granted.\n",
         "type": "object",
         "required": ["resourceDefinitionId"],
         "properties": {
@@ -202,10 +202,10 @@
       }
     },
     "tempResources": {
-      "description": "List of resources that are approved to be temporarily instantiated during the runtime of the lifecycle operation, with one entry per resource. Shall be set when resources are approved to be temporarily  instantiated and shall contain the same set of resources requested to  be temporarily instantiated in the related GrantRequest.\n",
+      "description": "List of resources that are approved to be temporarily instantiated during the runtime of the lifecycle operation, with one entry per resource. See note 9. Shall be set when resources are approved to be temporarily  instantiated and shall contain the same set of resources requested to  be temporarily instantiated in the related GrantRequest.\n",
       "type": "array",
       "items": {
-        "description": "This type contains information about a Compute, storage or network resource whose addition/update/deletion was granted.\n",
+        "description": "This type contains information about a Compute, storage or network resource whose addition/update/deletion was granted. It enables also referencing to a PaaS Service request definition which has been granted.\n",
         "type": "object",
         "required": ["resourceDefinitionId"],
         "properties": {
@@ -249,10 +249,10 @@
       }
     },
     "removeResources": {
-      "description": "List of resources that are approved to be removed, with one entry per resource. Shall be set when resources are approved to be removed and shall contain the same set of resources requested to be removed  in the related GrantRequest.\n",
+      "description": "List of resources that are approved to be removed, with one entry per resource. See note 9. Shall be set when resources are approved to be removed and shall contain the same set of resources requested to be removed  in the related GrantRequest.\n",
       "type": "array",
       "items": {
-        "description": "This type contains information about a Compute, storage or network resource whose addition/update/deletion was granted.\n",
+        "description": "This type contains information about a Compute, storage or network resource whose addition/update/deletion was granted. It enables also referencing to a PaaS Service request definition which has been granted.\n",
         "type": "object",
         "required": ["resourceDefinitionId"],
         "properties": {
@@ -296,10 +296,10 @@
       }
     },
     "updateResources": {
-      "description": "List of resources that are approved to be modified, with one entry per resource. Shall be set when resources are approved to be updated and shall contain the same set of resources requested to be updated  in the related GrantRequest.\n",
+      "description": "List of resources that are approved to be modified, with one entry per resource. See note 9. Shall be set when resources are approved to be updated and shall contain the same set of resources requested to be updated  in the related GrantRequest.\n",
       "type": "array",
       "items": {
-        "description": "This type contains information about a Compute, storage or network resource whose addition/update/deletion was granted.\n",
+        "description": "This type contains information about a Compute, storage or network resource whose addition/update/deletion was granted. It enables also referencing to a PaaS Service request definition which has been granted.\n",
         "type": "object",
         "required": ["resourceDefinitionId"],
         "properties": {
@@ -377,7 +377,7 @@
           "description": "Mappings between software images defined in the VNFD and software images managed in the VIM.\n",
           "type": "array",
           "items": {
-            "description": "This type contains a mapping between a software image definition the VNFD and the corresponding software image managed by the NFVO in the VIM or CIR which is needed during compute resource instantiation.\nNOTE: For an OS container image, the value of this attribute is a string concatenating the name and tag of the\n      image in the CIR separated by a colon ':' with no spaces, e.g. “dbImage:001”.\n",
+            "description": "This type contains a mapping between a software image definition the VNFD and the corresponding software image managed by the NFVO in the VIM or CIR which is needed during compute resource instantiation.\nNOTE: For an OS container image, the value of this attribute is a string concatenating the name and tag of the\n      image in the CIR separated by a colon ':' with no spaces, e.g. ΓÇ£dbImage:001ΓÇ¥.\n",
             "type": "object",
             "required": ["vnfdSoftwareImageId", "vimSoftwareImageId"],
             "properties": {
@@ -468,11 +468,65 @@
         }
       }
     },
+    "paasAssets": {
+      "description": "Information about PaaS Services assigned to the VNF and that are managed in the PSM by the NFVO.\n",
+      "type": "array",
+      "items": {
+        "type": "object",
+        "required": [
+          "paasServiceType",
+          "paasServiceId",
+          "paasServiceRequestId",
+          "paasServiceHandle"
+        ],
+        "properties": {
+          "paasServiceType": {
+            "description": "A string defined in IETF RFC 8259.\n",
+            "type": "string"
+          },
+          "paasServiceId": {
+            "description": "An identifier with the intention of being globally unique.\n",
+            "type": "string"
+          },
+          "paasServiceVersion": {
+            "description": "A version.\n",
+            "type": "string"
+          },
+          "paasServiceRequestId": {
+            "description": "An identifier that is unique within a VNF descriptor.\n",
+            "type": "string"
+          },
+          "PaasServiceHandle": {
+            "description": "This type provides information enabling the access and use of the PaaS Service by the VNF instance. The type and format of the handle depends on the form that the PaaS Service is formed.\n",
+            "type": "object",
+            "required": ["id"],
+            "properties": {
+              "id": {
+                "description": "An identifier with the intention of being globally unique.\n",
+                "type": "string"
+              },
+              "interfaceInfo": {
+                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                "type": "object"
+              },
+              "accessInfo": {
+                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                "type": "object"
+              },
+              "extra": {
+                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                "type": "object"
+              }
+            }
+          }
+        }
+      }
+    },
     "extVirtualLinks": {
       "description": "Information about external VLs to connect the VNF to. See notes 5, 7 and 8. If this attribute  is present according to note 5 or note 7, it need not contain those entries that are unchanged  compared to the entries that were passed in the LCM operation which is related to this granting exchange.\n",
       "type": "array",
       "items": {
-        "description": "This type represents an external VL.\n* NOTE 1:\tA link port is not needed for an external CP instance that exposes a VIP CP in the following cases:\n          1)  For a VIP CP directly exposed as an external CP:\n              1.1)  No dedicated IP address is allocated as VIP address, as indicated in the VNFD.\n              1.2)  A dedicated IP address is allocated as VIP address, but the NFVO indicates that no port is needed\n                    (createExtLinkPort in VnfExtCpConfig set to false).\n          2)  For a VIP CP exposed as an external CP via a floating IP address:\n              2.1)  No dedicated IP address is allocated as VIP address, as indicated in the VNFD, and the VNFC CP\n                    associated to the VIP CP is also exposed via a floating IP address.\n          3)  For a VIRTUAL CP exposed as an external CP.\n          4)  For a VNFC CP exposed as an external CP in a secondary container cluster external network or a\n              secondary container cluster internal network.\n\n* NOTE 2: An example of the network attachment definition resource when the container infrastructure service\n          management is a Kubernetes® instance is a network attachment definition (NAD).\n",
+        "description": "This type represents an external VL.\n* NOTE 1:\tA link port is not needed for an external CP instance that exposes a  CP in the following cases:\n          1)  For a VIP CP directly exposed as an external CP:\n              1.1)  No dedicated IP address is allocated as VIP address, as indicated in the VNFD.\n              1.2)  A dedicated IP address is allocated as VIP address, but the NFVO indicates that no port is needed\n                    (createExtLinkPort in VnfExtCpConfig set to false).\n          2)  For a VIP CP exposed as an external CP via a floating IP address:\n              2.1)  No dedicated IP address is allocated as VIP address, as indicated in the VNFD, and the VNFC CP\n                    associated to the VIP CP is also exposed via a floating IP address.\n          3)  For a VIRTUAL CP exposed as an external CP.\n          4)  For a VNFC CP exposed as an external CP in a secondary container cluster external network or a\n              secondary container cluster internal network.\n\n* NOTE 2: An example of the network attachment definition resource when the container infrastructure service\n          management is a Kubernetes® instance is a network attachment definition (NAD).\n",
         "type": "object",
         "required": ["id", "resourceId", "extCps"],
         "properties": {
@@ -496,7 +550,7 @@
             "description": "External CPs of the VNF to be connected to this external VL. Entries in the list of external CP data that are unchanged need not be supplied if the ExtVirtualLinkData structure is part of a request or response that modifies the external connectivity.\n",
             "type": "array",
             "items": {
-              "description": "This type represents configuration information for external CPs created. * NOTE 1: \tIn case this identifier refers to a CPD with trunking enabled, the external CP instances created\n            from this CPD will represent ports in a trunk.\n* NOTE 2: \tWithin one VNF instance, all VNFC instances created from a particular VDU have the same external\n            connectivity. Thus, given a particular value of the \"cpdId\" attribute, there shall be one\n            \"cpConfig\" entry for each VNFC instance that has been or can be created from a VDU which includes\n            a CPD identified by the \"cpdId\" attribute. If the cpConfig represents a subport in a trunk,\n            all \"cpConfig\" entries in this list shall have the same segmentationId, which means they are\n            connected to the same set of external VLs via the trunk.\n* NOTE 3: \tThe map entry value shall be set to \"null\" in order to delete a \"VnfExtCpConfig\" entry identified\n            by a particular key value from the map, i.e. for the disconnection of an existing external\n            CP instance addressed by cpInstanceId in the deleted map entry from a particular external\n            virtual link, and deletion of that instance in case it represents a subport. Deleting the\n            last key from the map removes the affected instance of the \"VnfExtCpData\" structure from\n            its parent data structure.\n* NOTE 4:   If, as defined by the input parameters of a \"ChangeVnfFlavour\", \"ChangeExtVnfConnectivity\" or\n            \"ChangeCurrentVnfPkg\" operation or as part of the Grant response for any of these operations, a cpConfig\n            map entry identified by a particular map key value is moved into another \"ExtVirtualLinkData\" or\n            \"VnfExtCpData\" structure, this particular cpConfig map entry may be used by an external CP instance\n            different than the one that has used it before the operation, or by no external CP instance at all.\n            Renaming a CPD identifier during the \"changeCurrentVnfPkg\" operation does not count as moving the related\n            \"cpConfig\" map entries to a new \"extCpData\" structure.\n",
+              "description": "This type represents configuration information for external CPs created. * NOTE 1: \tIn case this identifier refers to a CPD with trunking enabled, the external CP instances created\n            from this CPD will represent ports in a trunk.\n* NOTE 2: \tWithin one VNF instance, all VNFC instances created from a particular VDU have the same external\n            connectivity. Thus, given a particular value of the \"cpdId\" attribute, there shall be one\n            \"cpConfig\" entry for each VNFC instance that has been or can be created from a VDU which includes\n            a CPD identified by the \"cpdId\" attribute. If the cpConfig represents a subport in a trunk,\n            all \"cpConfig\" entries in this list shall have the same segmentationId, which means they are\n            connected to the same set of external VLs via the trunk.\n* NOTE 3: \tThe map entry value shall be set to \"null\" in order to delete a \"VnfExtCpConfig\" entry identified\n            by a particular key value from the map, i.e. for the disconnection of an existing external\n            CP instance addressed by cpInstanceId in the deleted map entry from a particular external\n            virtual link, and deletion of that instance in case it represents a subport. Deleting the\n            last key from the map removes the affected instance of the \"VnfExtCpData\" structure from\n            its parent data structure.\n* NOTE 4:   If, as defined by the input parameters of a \"ChangeVnfFlavour\", \"ChangeExtVnfConnectivity\" or\n            \"ChangeCurrentVnfPkg\" operation or as part of the Grant response for any of these operations, a cpConfig\n            map entry identified by a particular map key value is moved into another \"ExtVirtualLinkData\" or\n            \"VnfExtCpData\" structure, this particular cpConfig map entry may be used by an external CP instance\n            different than the one that has used it before the operation, or by no external CP instance at all.\n            Renaming a CPD identifier during the \"changeCurrentVnfPkg\" operation does not count as moving the related\n            \"cpConfig\" map entries to a new \"extCpData\" structure.\n* NOTE 5:   Subports need not be used for containerized VNFCs. The application container can send and receive IP \n            packets with any VLAN tag as long as the network interface to connect to the secondary container cluster \n            network has been configured appropriately. Thus, no individual cpConfig, except the one representing the \n            trunk, need be modelled to allow traffic tagged with a particular VLAN through the connection point.\n* NOTE 6:   In the case that the cloud native template included in the MCIOP describes the set of VNFC instances, for \n            containerized VNFCs individual connection points need not be configured for each VNFC instance. It is only \n            required to configure one cpConfig per cpdId, not per VNFC instance. The case of using, for a scalable VDU, a \n            cloud native template in the MCIOP that describes one single VNFC instance is not specified in the present \n            document version.\n",
               "type": "object",
               "required": ["cpdId"],
               "properties": {
@@ -505,10 +559,10 @@
                   "type": "string"
                 },
                 "cpConfig": {
-                  "description": "Map of instance data that need to be configured on the CP instances created from the respective CPD. The key of the map which identifies the individual VnfExtCpConfig entries is of type \"IdentifierInVnf\" and is managed by the NFVO. The entries shall be applied by the VNFM according to the rules of JSON Merge Patch (see IETF RFC 7396). See notes 2, 3 and 4.\n",
+                  "description": "Map of instance data that need to be configured on the CP instances created from the respective CPD. The key of the map which identifies the individual VnfExtCpConfig entries is of type \"IdentifierInVnf\" and is managed by the NFVO. The entries shall be applied by the VNFM according to the rules of JSON Merge Patch (see IETF RFC 7396). See notes 2, 3, 4, 5, 6.\n",
                   "type": "object",
                   "additionalProperties": {
-                    "description": "This type represents an externally provided link port, or a network attachment definition resource of secondary container cluster network, or network address information per instance of an external connection point. In the case of VM-based deployment of the VNFC exposing the external CP:\n  1.  In case a link port is provided, the VNFM shall use that link port when connecting the external CP to the\n      external VL.\n  2.  In case a link port is not provided, the VNFM shall create a link port on the external VL and use that link port\n      to connect the external CP to the external VL.\nIn the case of container-based deployment of the VNFC exposing the external CP, the VNFM shall use the network attachment definition resource of secondary container cluster network when connecting the CP to the external VL.\n* NOTE 1: The following conditions apply to the attributes \"linkPortId\" and \"cpProtocolData\" for an external CP\n          instance connected or to be connected to a virtual network not categorized as secondary container cluster network:\n          1) Void.\n          2) At least one of the \"linkPortId\" and \"cpProtocolData\" attributes shall be present for an external CP instance\n          representing a subport that is to be created, or an external CP instance that is to be created by creating the\n          corresponding VNFC or VNF instance during the current or a subsequent LCM operation, or for an existing\n          external CP instance that is to be re-configured or added to a particular external virtual link.\n          3) If the \"linkPortId\" attribute is absent, the VNFM shall create a link port.\n          4) If the \"cpProtocolData\" attribute is absent, the \"linkPortId\" attribute shall be provided referencing a\n          precreated link port, and the VNFM can use means outside the scope of the present document to obtain the\n          pre-configured address information for the connection point from the resource representing the link port.\n          5) If both \"cpProtocolData\" and \"linkportId\" are provided, the NFVO shall ensure that the\n          cpProtocolData can be used with the pre-created link port referenced by \"linkPortId\".\n\n* NOTE 2: The following conditions apply to the attributes “netAttDefResourceId” and “cpProtocolData” for an external CP\n          instance connected or to be connected to a secondary container cluster network:\n          1) The \"netAttDefResourceId\" and \"cpProtocolData\" attributes shall both be absent for the deletion of an\n          existing external CP instance addressed by cpInstanceId.\n          2) The \"netAttDefResourceId\" attribute shall be present and the \"cpProtocolData\" attribute may be present for\n          a to-be-created external CP instance or an existing external CP instance.\n* NOTE 3: Cardinality greater than 1 is only applicable for specific cases where more than one network attachment\n          definition resource is needed to fulfil the connectivity requirements of the external CP, e.g. to build a link\n          redundant mated pair in SR-IOV cases. When more than one netAttDefResourceId is indicated, all shall belong\n          to the same namespace as defined by the corresponding \"netAttDefResourceNamespace\" attribute in the\n          \"NetAttDefResourceData\".\n* NOTE 4: Either linkPortId or netAttDefResourceId may be included, but not both.\n",
+                    "description": "This type represents an externally provided link port, or a network attachment definition resource of secondary container cluster network, or network address information per instance of an external connection point. In the case of VM-based deployment of the VNFC exposing the external CP:\n  1.  In case a link port is provided, the VNFM shall use that link port when connecting the external CP to the\n      external VL.\n  2.  In case a link port is not provided, the VNFM shall create a link port on the external VL and use that link port\n      to connect the external CP to the external VL.\nIn the case of container-based deployment of the VNFC exposing the external CP, the VNFM shall use the network attachment definition resource of secondary container cluster network when connecting the CP to the external VL.\n* NOTE 1: The following conditions apply to the attributes \"linkPortId\" and \"cpProtocolData\" for an external CP\n          instance connected or to be connected to a virtual network not categorized as secondary container cluster network:\n          1) Void.\n          2) At least one of the \"linkPortId\" and \"cpProtocolData\" attributes shall be present for an external CP instance\n          representing a subport that is to be created, or an external CP instance that is to be created by creating the\n          corresponding VNFC or VNF instance during the current or a subsequent LCM operation, or for an existing\n          external CP instance that is to be re-configured or added to a particular external virtual link.\n          3) If the \"linkPortId\" attribute is absent, the VNFM shall create a link port.\n          4) If the \"cpProtocolData\" attribute is absent, the \"linkPortId\" attribute shall be provided referencing a\n          precreated link port, and the VNFM can use means outside the scope of the present document to obtain the\n          pre-configured address information for the connection point from the resource representing the link port.\n          5) If both \"cpProtocolData\" and \"linkportId\" are provided, the NFVO shall ensure that the\n          cpProtocolData can be used with the pre-created link port referenced by \"linkPortId\".\n* NOTE 2: The following conditions apply to the attributes ΓÇ£netAttDefResourceIdΓÇ¥ and ΓÇ£cpProtocolDataΓÇ¥ for an external CP\n          instance connected or to be connected to a secondary container cluster network:\n          1) Void.\n          2) The \"netAttDefResourceId\" attribute shall be present and the \"cpProtocolData\" attribute may be present for\n          a to-be-created external CP instance or an existing external CP instance.\n* NOTE 3: Cardinality greater than 1 is only applicable for specific cases where more than one network attachment\n          definition resource is needed to fulfil the connectivity requirements of the external CP, e.g. to build a link\n          redundant mated pair in SR-IOV cases. When more than one netAttDefResourceId is indicated, all shall belong\n          to the same namespace as defined by the corresponding \"containerNamespace\" attribute in the \"resourceHandle\" a attribute in the\n          \"NetAttDefResourceData\".\n* NOTE 4: Either linkPortId or netAttDefResourceId may be included, but not both.\n",
                     "anyOf": [
                       {
                         "required": ["linkPortId"]
@@ -535,7 +589,7 @@
                         "type": "boolean"
                       },
                       "netAttDefResourceId": {
-                        "description": "Identifier of the “NetAttDefResourceData” structure that provides the specification of the interface to attach the external CP to a secondary container cluster network. It is only applicable if the external CP is connected or to be connected to a secondary container cluster network. It shall not be present if the external CP is related to a virtual network not categorized as secondary container cluster network. See notes 2, 3 and 4.\n",
+                        "description": "Identifier of the ΓÇ£NetAttDefResourceDataΓÇ¥ structure that provides the specification of the interface to attach the external CP to a secondary container cluster network. It is only applicable if the external CP is connected or to be connected to a secondary container cluster network. It shall not be present if the external CP is related to a virtual network not categorized as secondary container cluster network. See notes 2, 3 and 4.\n",
                         "type": "array",
                         "items": {
                           "description": "An identifier with the intention of being globally unique.\n",
@@ -553,10 +607,13 @@
                             "layerProtocol": {
                               "description": "Identifier of layer(s) and protocol(s). Permitted values:\n  - IP_OVER_ETHERNET.\n  - IP_FOR_VIRTUAL_CP\nSee note\n",
                               "type": "string",
-                              "enum": ["IP_OVER_ETHERNET", "IP_FOR_VIRTUAL_CP"]
+                              "enum": [
+                                "IP_OVER_ETHERNET",
+                                "IP_FOR_VIRTUAL_CP"
+                              ]
                             },
                             "ipOverEthernet": {
-                              "description": "This type represents network address data for IP over Ethernet. * NOTE 1:\tAt least one of \"macAddress\" or \"ipAddresses\" shall be present. * NOTE 2:\tExactly one of \"fixedAddresses\", \"numDynamicAddresses\" or \"ipAddressRange\" shall be present. * NOTE 3:\tIf the CP instance represents a subport in a trunk, segmentationId shall be present.\n          Otherwise it shall not be present.\n* NOTE 4:\tDepending on the NFVI networking infrastructure, the segmentationId may indicate the actual\n          network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header\n          of the packets or it may be an identifier used between the application and the NFVI networking\n          infrastructure to identify the network sub-interface of the trunk port in question. In the latter\n          case the NFVI infrastructure will map this local segmentationId to whatever segmentationId is\n          actually used by the NFVI’s transport technology.\n",
+                              "description": "This type represents network address data for IP over Ethernet. * NOTE 1:\tAt least one of \"macAddress\" or \"ipAddresses\" shall be present. * NOTE 2:\tExactly one of \"fixedAddresses\", \"numDynamicAddresses\" or \"ipAddressRange\" shall be present. * NOTE 3:\tIf the CP instance represents a subport in a trunk, segmentationId shall be present.\n          Otherwise it shall not be present.\n* NOTE 4:\tDepending on the NFVI networking infrastructure, the segmentationId may indicate the actual\n          network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header\n          of the packets or it may be an identifier used between the application and the NFVI networking\n          infrastructure to identify the network sub-interface of the trunk port in question. In the latter\n          case the NFVI infrastructure will map this local segmentationId to whatever segmentationId is\n          actually used by the NFVI's transport technology.\n",
                               "type": "object",
                               "anyOf": [
                                 {
@@ -566,17 +623,6 @@
                                   "required": ["ipAddresses"]
                                 }
                               ],
-                              "oneOf": [
-                                {
-                                  "required": ["fixedAddresses"]
-                                },
-                                {
-                                  "required": ["numDynamicAddresses"]
-                                },
-                                {
-                                  "required": ["ipAddressRange"]
-                                }
-                              ],
                               "properties": {
                                 "macAddress": {
                                   "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
@@ -584,7 +630,7 @@
                                   "format": "MAC"
                                 },
                                 "segmentationType": {
-                                  "description": "Specifies the encapsulation type for the traffics coming in and out of the trunk subport. Permitted values: -\tVLAN: the subport uses VLAN as encapsulation type. -\tINHERIT: the subport gets its segmentation type from the network it’s connected to. This attribute may be present for CP instances that represent subports in a trunk and shall be absent otherwise. If this attribute is not present for a subport CP instance, default value VLAN shall be used.\n",
+                                  "description": "Specifies the encapsulation type for the traffics coming in and out of the trunk subport. Permitted values:\n  -\tVLAN: the subport uses VLAN as encapsulation type.\n  -\tINHERIT: the subport gets its segmentation type from the network it's connected to.\nThis attribute may be present for CP instances that represent subports in a trunk and shall be absent otherwise. If this attribute is not present for a subport CP instance, default value VLAN shall be used.\n",
                                   "type": "string",
                                   "enum": ["VLAN", "INHERIT"]
                                 },
@@ -598,6 +644,17 @@
                                   "items": {
                                     "type": "object",
                                     "required": ["type"],
+                                    "oneOf": [
+                                      {
+                                        "required": ["fixedAddresses"]
+                                      },
+                                      {
+                                        "required": ["numDynamicAddresses"]
+                                      },
+                                      {
+                                        "required": ["addressRange"]
+                                      }
+                                    ],
                                     "properties": {
                                       "type": {
                                         "description": "The type of the IP addresses. Permitted values: IPV4, IPV6.\n",
@@ -647,7 +704,7 @@
                               }
                             },
                             "virtualCpAddress": {
-                              "description": "This type represents network address data for a virtual CP.\n* NOTE 1: If the container cluster is set up to be able to configure an external load balancer this address will be used,\n          otherwise it will be ignored by the CISM.\n\n* NOTE 2: In case the cluster can configure an external load balancer but no loadBalancerIp is provided the container\n          cluster will assign an IP address.\n",
+                              "description": "This type represents network address data for a virtual CP.\n* NOTE 1: If the container cluster is set up to be able to configure an external load balancer this address will be used,\n          otherwise it will be ignored by the CISM.\n* NOTE 2: In case the cluster can configure an external load balancer but no loadBalancerIp is provided the container\n          cluster will assign an IP address.\n* NOTE 3: The attribute is only relevant if the virtual CP is instantiated in a cluster that supports configuration of IP\n          address pools for virtual CPs. Otherwise it shall be ignored. MetalLB is an example of a solution for\n          Kubernetes® that supports configuration of address pools for load balancer services.\n* NOTE 4: The loadBalancerIp and the addressPoolName attributes shall not be present at the same time.\n",
                               "type": "object",
                               "required": ["type"],
                               "properties": {
@@ -660,6 +717,10 @@
                                   "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
                                   "type": "string",
                                   "format": "IP"
+                                },
+                                "addressPoolName": {
+                                  "description": "Name of an address pool from which the container cluster will assign an IP address to the virtual CP. See notes 3 and 4.\n",
+                                  "type": "string"
                                 }
                               }
                             }
@@ -687,7 +748,7 @@
                 "resourceHandle": {
                   "required": ["resourceId"],
                   "type": "object",
-                  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
+                  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                   "properties": {
                     "vimConnectionId": {
                       "description": "An identifier with the intention of being globally unique.\n",
@@ -751,7 +812,7 @@
                 "resourceHandle": {
                   "required": ["resourceId"],
                   "type": "object",
-                  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
+                  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                   "properties": {
                     "vimConnectionId": {
                       "description": "An identifier with the intention of being globally unique.\n",
@@ -803,7 +864,7 @@
       "description": "Information about internal VLs that are managed by other entities than the VNFM. See notes 4, 5, 7 and 8.\n",
       "type": "array",
       "items": {
-        "description": "This type represents an externally-managed internal VL.\n* NOTE 1: It is only applicable if the externally-managed VL is realized by a secondary container cluster network. It shall\n          not be present otherwise.\n* NOTE 2: A link port is not needed for a VNFC internal connection point connected to a secondary container cluster\n          network.\n* NOTE 3: An example of the network attachment definition resource when the container infrastructure service\n          management is a Kubernetes® instance is a Network Attachment Definition (NAD).\n",
+        "description": "This type represents an externally-managed internal VL.\n* NOTE 1: It is only applicable if the externally-managed VL is realized by a secondary container cluster network. It shall\n          not be present otherwise.\n* NOTE 2: A link port is not needed for a VNFC internal connection point connected to a secondary container cluster\n          network.\n* NOTE 3: An example of the network attachment definition resource when the container infrastructure service\n          management is a Kubernetes® instance is a network attachment definition (NAD).\n* NOTE 4: In the case that the cloud native template included in the MCIOP describes the set of VNFC instances, an \n          instance of intCp need not be included for each VNFC instance as all instances would contain the same \n          information. It is sufficient to include one intCp for the related CPD. The case of using, for a scalable VDU, a \n          cloud native template in the MCIOP that describes one single VNFC instance is not specified in the present \n          document version\n",
         "type": "object",
         "required": ["id", "vnfVirtualLinkDescId", "resourceId"],
         "properties": {
@@ -842,7 +903,7 @@
                 "resourceHandle": {
                   "required": ["resourceId"],
                   "type": "object",
-                  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
+                  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                   "properties": {
                     "vimConnectionId": {
                       "description": "An identifier with the intention of being globally unique.\n",
@@ -888,10 +949,10 @@
             }
           },
           "intCp": {
-            "description": "Internal CPs of the VNF to be connected to this externally-managed VL. See note 1.\n",
+            "description": "Internal CPs of the VNF to be connected to this externally-managed VL. See note 1 and 4.\n",
             "type": "array",
             "items": {
-              "description": "This type represents input information related to one or more VNF internal CP instances created based on the same CPD.\nNOTE: Cardinality greater than 1 is only applicable for specific cases where more than one network attachment\n      definition resource is needed to fulfil the connectivity requirements of the VNF internal CP, e.g. to build a link\n      redundant mated pair in SR-IOV cases. When more than one netAttDefResourceId is indicated, all shall\n      belong to the same namespace as defined by the corresponding \"netAttDefResourceNamespace\" attribute\n      in the \"NetAttDefResourceData\".\n",
+              "description": "This type represents input information related to one or more VNF internal CP instances created based on the same CPD.\nNOTE: Cardinality greater than 1 is only applicable for specific cases where more than one network attachment\n      definition resource is needed to fulfil the connectivity requirements of the VNF internal CP, e.g. to build a link\n      redundant mated pair in SR-IOV cases. When more than one netAttDefResourceId is indicated, all shall\n      belong to the same namespace as defined by the corresponding \"containerNamespace\" attribute in the \"resourceHandle\" attribute\n      in the \"NetAttDefResourceData\".\n",
               "type": "object",
               "required": ["cpdId", "netAttDefResourceId"],
               "properties": {
@@ -900,7 +961,7 @@
                   "type": "string"
                 },
                 "netAttDefResourceId": {
-                  "description": "Identifiers of the “NetAttDefResourceData” structure that provides the specification of the interface to attach the VNF internal CP created from the CPD identified by cpdId to a secondary container cluster network. See note.\n",
+                  "description": "Identifiers of the ΓÇ£NetAttDefResourceDataΓÇ¥ structure that provides the specification of the interface to attach the VNF internal CP created from the CPD identified by cpdId to a secondary container cluster network. See note.\n",
                   "type": "array",
                   "items": {
                     "description": "An identifier with the intention of being globally unique.\n",
@@ -925,7 +986,7 @@
                 "resourceHandle": {
                   "required": ["resourceId"],
                   "type": "object",
-                  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
+                  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n* NOTE 1: The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or CISM or the resource \n          provider and can be used as information that complements the ResourceHandle. This value set is different from \n          the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2). When the container \n          infrastructure service management is a Kubernetes® instance the vimLevelResourceType is the type of \n          resource, as would correspond to the 'kind' field if the resource is declared in its own Kubernetes® manifest, \n          e.g.: Pod, PersistentVolumeClaim, NetworkAttachmentDefinition.\n* NOTE 2: When the container infrastructure service management is a Kubernetes® instance the resourceId shall be \n          populated in the following way:\n          - For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide \n          per resource type.\n          - For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, \n          i.e. the value of the 'claimName' field in the Kubernetes® manifest, or a compound name built by \n          Kubernetes® if the persistent volume claim is defined inline in another template instead of in its own \n          manifest.\n          - For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of \n          the 'metadata.name' field in Kubernetes® manifest.\n",
                   "properties": {
                     "vimConnectionId": {
                       "description": "An identifier with the intention of being globally unique.\n",
diff --git a/SOL003/VNFPackageManagement-API/IndividualSubscription.robot b/SOL003/VNFPackageManagement-API/IndividualSubscription.robot
index b7f2dab38cf0e660dd0b916812fdb39329249fa9..b863bb6732ec8deba72647912a11729f4a265b56 100644
--- a/SOL003/VNFPackageManagement-API/IndividualSubscription.robot
+++ b/SOL003/VNFPackageManagement-API/IndividualSubscription.robot
@@ -12,7 +12,7 @@ GET Individual VNF Package Subscription
     ...    Test title: GET Individual VNF Package Subscription
     ...    Test objective: The objective is to test the retrieval of individual VNF package subscription and perform a JSON schema and content validation of the returned subscription data structure
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 10.4.8.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.8.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -27,7 +27,7 @@ GET Individual VNF Package Subscription with invalid resource identifier
     ...    Test title: GET Individual VNF Package Subscription with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of an individual VNF package subscription fails when using an invalid resource identifier
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 10.4.8.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.8.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -39,7 +39,7 @@ DELETE Individual VNF Package Subscription with invalid resource identifier
     ...    Test title: DELETE Individual VNF Package Subscription with invalid resource identifier
     ...    Test objective: The objective is to test that the deletion of an individual VNF package subscription fails when using an invalid resource identifier
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 10.4.8.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.8.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -51,7 +51,7 @@ POST Individual VNF Package Subscription - Method not implemented
     ...    Test title: POST Individual VNF Package Subscription - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new VNF Package Subscription
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.8.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.8.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -63,7 +63,7 @@ PUT Individual VNF Package Subscription - Method not implemented
     ...    Test title: PUT Individual VNF Package Subscription - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to update an existing VNF Package subscription
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 10.4.8.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.8.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -75,7 +75,7 @@ PATCH Individual VNF Package Subscription - Method not implemented
     ...    Test title: PATCH Individual VNF Package Subscription - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to modify an existing VNF Package subscription
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 10.4.8.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.8.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -87,10 +87,38 @@ DELETE Individual VNF Package Subscription
     ...    Test title: DELETE Individual VNF Package Subscription
     ...    Test objective: The objective is to test the deletion of an individual VNF package subscription
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 10.4.8.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.8.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The VNF Package Subscription is not available anymore in the NFVO      
     Send Delete request for individual VNF Package Subscription
     Check HTTP Response Status Code Is    204
-    Check Postcondition VNF Package Subscription is Deleted
\ No newline at end of file
+    Check Postcondition VNF Package Subscription is Deleted
+
+GET Individual VNF Package Subscription with permitted authorization scope
+    [Documentation]    Test ID: 7.3.3.7.8
+    ...    Test title: GET Individual VNF Package Subscription with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of individual VNF package subscription and perform a JSON schema and content validation of the returned subscription data structure with permitted authorization scope
+    ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
+    ...    Reference: Clause 10.4.8.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Individual VNF Package Subscription with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   PkgmSubscription
+    Check HTTP Response Body Subscription Identifier matches the requested Subscription
+    Check HTTP Response Body of Individual Subscription content against VNF Descriptor
+
+GET Individual VNF Package Subscription with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.3.7.9
+    ...    Test title: GET Individual VNF Package Subscription with not permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of individual VNF package subscription and perform a JSON schema and content validation of the returned subscription data structure with not permitted authorization scope
+    ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
+    ...    Reference: Clause 10.4.8.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Individual VNF Package Subscription with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is   ProblemDetails
diff --git a/SOL003/VNFPackageManagement-API/IndividualVNFPackage.robot b/SOL003/VNFPackageManagement-API/IndividualVNFPackage.robot
index 2e49d3afcaf9291c81d12e1f68a94d49f5f3931e..9bc2b8218712e7ae8226b67d9c92de39fd786883 100644
--- a/SOL003/VNFPackageManagement-API/IndividualVNFPackage.robot
+++ b/SOL003/VNFPackageManagement-API/IndividualVNFPackage.robot
@@ -12,7 +12,7 @@ GET Individual VNF Package
     ...    Test title: GET Individual VNF Package
     ...    Test objective: The objective is to test the retrieval of an individual VNF package information perform a JSON schema validation of the collected data structure
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -27,7 +27,7 @@ GET Individual VNF Package with invalid resource identifier
     ...    Test title: GET Individual VNF Package with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of an individual VNF package fails when using an invalid resource identifier
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -40,7 +40,7 @@ POST Individual VNF Package - Method not implemented
     ...    Test title: POST Individual VNF Package - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create new VNF Package
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.3.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.3.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -52,7 +52,7 @@ PUT Individual VNF Package - Method not implemented
     ...    Test title: PUT Individual VNF Package - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify a VNF Package
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.3.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.3.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -64,7 +64,7 @@ PATCH Individual VNF Package - Method not implemented
     ...    Test title: PATCH Individual VNF Package - Method not implemented
     ...    Test objective: The objective is to test that PATCH  method is not allowed to update a VNF Package
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -76,7 +76,7 @@ DELETE Individual VNF Package - Method not implemented
     ...    Test title: DELETE Individual VNF Package - Method not implemented
     ...    Test objective: The objective is to test that DELETE  method is not allowed to delete a VNF Package
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.3.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.3.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -88,7 +88,7 @@ GET Individual OnBoarded VNF Package
     ...    Test title: GET Individual OnBoarded VNF Package
     ...    Test objective: The objective is to test the retrieval of an individual OnBoarded VNF package information perform a JSON schema validation of the collected data structure
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -102,7 +102,7 @@ GET Individual OnBoarded VNF Package with invalid resource identifier
     ...    Test title: GET Individual OnBoarded VNF Package with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of an individual OnBoarded VNF package fails when using an invalid resource identifier
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -115,7 +115,7 @@ POST Individual OnBoarded VNF Package - Method not implemented
     ...    Test title: POST Individual OnBoarded VNF Package - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create new OnBoarded VNF Package
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.3.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.3.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -127,7 +127,7 @@ PUT Individual OnBoarded VNF Package - Method not implemented
     ...    Test title: PUT Individual OnBoarded VNF Package - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify a VNF Package
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.3.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.3.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -139,7 +139,7 @@ PATCH Individual OnBoarded VNF Package - Method not implemented
     ...    Test title: PATCH Individual OnBoarded VNF Package - Method not implemented
     ...    Test objective: The objective is to test that PATCH  method is not allowed to update a VNF Package
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -151,9 +151,37 @@ DELETE Individual OnBoarded VNF Package - Method not implemented
     ...    Test title: DELETE Individual OnBoarded VNF Package - Method not implemented
     ...    Test objective: The objective is to test that DELETE  method is not allowed to delete a VNF Package
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.3.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.3.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send DELETE Request for individual OnBoarded VNF Package
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+GET Individual VNF Package with permitted authorization scope
+    [Documentation]    Test ID: 7.3.3.2.13
+    ...    Test title: GET Individual VNF Package with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of an individual VNF package information perform a JSON schema validation of the collected data structure with permitted authorization scope
+    ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
+    ...    Reference: Clause 10.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual VNF Package with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   vnfPkgInfo
+    Check HTTP Response Body vnfPkgInfo Identifier matches the requested VNF Package
+    Check HTTP Response Body of Individual VNF Package content against VNF Descriptor
+
+GET Individual VNF Package with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.3.2.14
+    ...    Test title: GET Individual VNF Package with not permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of an individual VNF package information perform a JSON schema validation of the collected data structure with not permitted authorization scope
+    ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
+    ...    Reference: Clause 10.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual VNF Package with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is   ProblemDetails
diff --git a/SOL003/VNFPackageManagement-API/IndividualVNFPackageArtifacts.robot b/SOL003/VNFPackageManagement-API/IndividualVNFPackageArtifacts.robot
index f9b79963ab13a1802bc4482d507d40618f6025c5..67e72dedb5b1393e6ca200546e79c1f41f3d93e1 100644
--- a/SOL003/VNFPackageManagement-API/IndividualVNFPackageArtifacts.robot
+++ b/SOL003/VNFPackageManagement-API/IndividualVNFPackageArtifacts.robot
@@ -11,7 +11,7 @@ GET Individual VNF Package Artifact
     ...    Test title: GET Individual VNF Package Artifact
     ...    Test objective: The objective is to test the retrieval of an individual VNF package artifact
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -23,7 +23,7 @@ GET Individual VNF Package Artifact in octet stream format
     ...    Test title: GET Individual VNF Package Artifact in octet stream format
     ...    Test objective: The objective is to test the retrieval of an individual VNF package artifact when the NFVO cannot determine the artifact content type. The test performs a validation that the returned artifcat in is octet-stream format 
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO cannot determine the content type of the artifact
     ...    Post-Conditions: none
@@ -36,7 +36,7 @@ GET Individual VNF Package Artifact with Range Request and NFVO supporting Range
     ...    Test title: GET Individual VNF Package Artifact with Range Request and NFVO supporting Range Requests
     ...    Test objective: The objective is to test the retrieval of an individual VNF package artifact when using a range request to return single range of bytes from the file, with the NFVO supporting it. The test also perform a validation that returned content matches the issued range
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports range requests to return single range of bytes from the VNF package artifact
     ...    Post-Conditions: none
@@ -50,7 +50,7 @@ GET Individual VNF Package Artifact with Range Request and NFVO not supporting R
     ...    Test title: GET Individual VNF Package Artifact with Range Request and NFVO not supporting Range Requests
     ...    Test objective: The objective is to test that the retrieval of an individual VNF package artifact, when using a range request to return single range of bytes from the file and the NFVO not supporting it, returns the full VNF Package artifact.
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO does not support range requests to return single range of bytes from the VNF package artifact
     ...    Post-Conditions: none    
@@ -62,7 +62,7 @@ GET Individual VNF Package Artifact with invalid Range Request
     ...    Test title: GET Individual VNF Package Artifact with invalid Range Request
     ...    Test objective: The objective is to test that the retrieval of an individual VNF package artifact fails when using a range request that does not match any available byte range in the file.
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports range requests to return single range of bytes from the VNF package artifact
     ...    Post-Conditions: none      
@@ -74,7 +74,7 @@ GET Individual VNF Package Artifact with invalid resource identifier
     ...    Test title: GET Individual VNF Package Artifact with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of an individual VNF package artifact fails when using an invalid resource identifier
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -87,7 +87,7 @@ GET Individual VNF Package Artifact with conflict due to onboarding state
     ...    Test title: GET Individual VNF Package Artifact with conflict due to onboarding state
     ...    Test objective: The objective is to test that the retrieval of an individual VNF package artifact fails due to a conflict when the VNF Package is not in onboarding state ONBOARDED in the NFVO. The test also performs a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: The onboarding state of the VNF package for which the content is requested is different from ONBOARDED.
-    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -100,7 +100,7 @@ POST Individual VNF Package Artifact - Method not implemented
     ...    Test title: POST Individual VNF Package Artifact - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create new VNF Package artifact
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -112,7 +112,7 @@ PUT Individual VNF Package Artifact - Method not implemented
     ...    Test title: PUT Individual VNF Package Artifact - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify a VNF Package artifact
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.6.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -124,7 +124,7 @@ PATCH Individual VNF Package Artifact - Method not implemented
     ...    Test title: PATCH Individual VNF Package Artifact - Method not implemented
     ...    Test objective: The objective is to test that PATCH  method is not allowed to update a VNF Package artifact
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.6.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -136,7 +136,7 @@ DELETE Individual VNF Package Artifact - Method not implemented
     ...    Test title: DELETE Individual VNF Package Artifact - Method not implemented
     ...    Test objective: The objective is to test that DELETE  method is not allowed to delete a VNF Package artifact
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.6.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -148,7 +148,7 @@ GET Individual OnBoarded VNF Package Artifact
     ...    Test title: GET Individual OnBoarded VNF Package Artifact
     ...    Test objective: The objective is to test the retrieval of an individual OnBoarded VNF package artifact
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -160,7 +160,7 @@ GET Individual OnBoarded VNF Package Artifact in octet stream format
     ...    Test title: GET Individual OnBoarded VNF Package Artifact in octet stream format
     ...    Test objective: The objective is to test the retrieval of an individual OnBoarded VNF package artifact when the NFVO cannot determine the artifact content type. The test performs a validation that the returned artifcat in is octet-stream format 
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO cannot determine the content type of the artifact
     ...    Post-Conditions: none
@@ -173,7 +173,7 @@ GET Individual OnBoarded VNF Package Artifact with Range Request and NFVO suppor
     ...    Test title: GET Individual OnBoarded VNF Package Artifact with Range Request and NFVO supporting Range Requests
     ...    Test objective: The objective is to test the retrieval of an individual OnBoarded VNF package artifact when using a range request to return single range of bytes from the file, with the NFVO supporting it. The test also perform a validation that returned content matches the issued range
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports range requests to return single range of bytes from the VNF package artifact
     ...    Post-Conditions: none
@@ -187,7 +187,7 @@ GET Individual OnBoarded VNF Package Artifact with Range Request and NFVO not su
     ...    Test title: GET Individual OnBoarded VNF Package Artifact with Range Request and NFVO not supporting Range Requests
     ...    Test objective: The objective is to test that the retrieval of an individual OnBoarded VNF package artifact, when using a range request to return single range of bytes from the file and the NFVO not supporting it, returns the full VNF Package artifact.
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO does not support range requests to return single range of bytes from the VNF package artifact
     ...    Post-Conditions: none    
@@ -199,7 +199,7 @@ GET Individual OnBoarded VNF Package Artifact with invalid Range Request
     ...    Test title: GET Individual OnBoarded VNF Package Artifact with invalid Range Request
     ...    Test objective: The objective is to test that the retrieval of an individual OnBoarded VNF package artifact fails when using a range request that does not match any available byte range in the file.
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports range requests to return single range of bytes from the VNF package artifact
     ...    Post-Conditions: none      
@@ -211,7 +211,7 @@ GET Individual OnBoarded VNF Package Artifact with invalid resource identifier
     ...    Test title: GET Individual OnBoarded VNF Package Artifact with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of an individual OnBoarded VNF package artifact fails when using an invalid resource identifier
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -224,7 +224,7 @@ GET Individual OnBoarded VNF Package Artifact with conflict due to onboarding st
     ...    Test title: GET Individual OnBoarded VNF Package Artifact with conflict due to onboarding state
     ...    Test objective: The objective is to test that the retrieval of an individual OnBoarded VNF package artifact fails due to a conflict when the VNF Package is not in onboarding state ONBOARDED in the NFVO. The test also performs a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: The onboarding state of the VNF package for which the content is requested is different from ONBOARDED.
-    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -237,7 +237,7 @@ POST Individual OnBoarded VNF Package Artifact - Method not implemented
     ...    Test title: POST Individual OnBoarded VNF Package Artifact - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create new VNF Package artifact
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -249,7 +249,7 @@ PUT Individual OnBoarded VNF Package Artifact - Method not implemented
     ...    Test title: PUT Individual OnBoarded VNF Package Artifact - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify a VNF Package artifact
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.6.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -261,7 +261,7 @@ PATCH Individual OnBoarded VNF Package Artifact - Method not implemented
     ...    Test title: PATCH Individual OnBoarded VNF Package Artifact - Method not implemented
     ...    Test objective: The objective is to test that PATCH  method is not allowed to update a VNF Package artifact
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.6.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -273,7 +273,7 @@ DELETE Individual OnBoarded VNF Package Artifact - Method not implemented
     ...    Test title: DELETE Individual OnBoarded VNF Package Artifact - Method not implemented
     ...    Test objective: The objective is to test that DELETE  method is not allowed to delete a VNF Package artifact
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.6.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -285,7 +285,7 @@ GET Individual VNF Package Artifact with security information
     ...    Test title: GET Individual VNF Package Artifact with security information
     ...    Test objective: The objective is to test the retrieval of an individual VNF package artifact shall include in the ZIP archive the security information when requested with "include_signature" parameter 
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO cannot determine the content type of the artifact
     ...    Post-Conditions: none
@@ -298,7 +298,7 @@ GET Individual OnBoarded VNF Package Artifact with security information
     ...    Test title: GET Individual OnBoarded VNF Package Artifact with security information
     ...    Test objective: The objective is to test the retrieval of an individual OnBoarded VNF package artifact shall include in the ZIP archive the security information when requested with "include_signature" parameter 
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO cannot determine the content type of the artifact
     ...    Post-Conditions: none
@@ -311,7 +311,7 @@ GET Individual VNF Package Artifact with encrypted artifact
     ...    Test title: GET Individual VNF Package Artifact with encrypted artifact
     ...    Test objective: The objective is to test the retrieval of an individual VNF package artifact shall include an encrypted artifact 
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO cannot determine the content type of the artifact
     ...    Post-Conditions: none
@@ -324,7 +324,7 @@ GET Individual OnBoarded VNF Package Artifact with encrypted artifact
     ...    Test title: GET Individual OnBoarded VNF Package Artifact with encrypted artifact
     ...    Test objective: The objective is to test the retrieval of an individual OnBoarded VNF package artifact shall include an encrypted artifact 
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO cannot determine the content type of the artifact
     ...    Post-Conditions: none
@@ -337,7 +337,7 @@ GET Individual VNF Package Artifact - Not Acceptable
     ...    Test title: GET Individual VNF Package Artifact with invalid Range Request
     ...    Test objective: The objective is to test that the retrieval of an individual VNF package artifact fails when related request contained an "Accept" header not compatible with the Content type "application/zip" but the "include_signatures" flag was provided
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none      
@@ -350,10 +350,35 @@ GET Individual OnBoarded VNF Package Artifact - Not Acceptable
     ...    Test title: GET Individual OnBoarded VNF Package Artifact with invalid Range Request
     ...    Test objective: The objective is to test that the retrieval of an individual OnBoarded VNF package artifact fails when related request contained an "Accept" header not compatible with the Content type "application/zip" but the "include_signatures" flag was provided
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none      
     GET Individual OnBoarded VNF Package Artifact with incompatable header
     Check HTTP Response Status Code Is    406
-    Check HTTP Response Body Json Schema Is   ProblemDetails
\ No newline at end of file
+    Check HTTP Response Body Json Schema Is   ProblemDetails
+
+GET Individual VNF Package Artifact with permitted authorization scope
+    [Documentation]    Test ID: 7.3.3.5.29
+    ...    Test title: GET Individual VNF Package Artifact with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of an individual VNF package artifact with permitted authorization scope
+    ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
+    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual VNF Package Artifact with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+
+GET Individual VNF Package Artifact with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.3.5.30
+    ...    Test title: GET Individual VNF Package Artifact with not permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of an individual VNF package artifact with not permitted authorization scope
+    ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
+    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual VNF Package Artifact with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is   ProblemDetails
diff --git a/SOL003/VNFPackageManagement-API/ManifestInIndividualVNFPackage.robot b/SOL003/VNFPackageManagement-API/ManifestInIndividualVNFPackage.robot
index 8a0ce02dfdbba4f077c417f7dea4bd876ac58276..69802af7e16b7c9074611c9f17f308f270789b0e 100644
--- a/SOL003/VNFPackageManagement-API/ManifestInIndividualVNFPackage.robot
+++ b/SOL003/VNFPackageManagement-API/ManifestInIndividualVNFPackage.robot
@@ -11,7 +11,7 @@ Get Manifest in Individual VNF Package
     ...    Test title: Get Manifest in Individual VNF Package
     ...    Test objective: The objective is to test that the Get request read the content of manifest within a NVF Package and perform a validation that returned content is in plain text format
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.4a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -24,7 +24,7 @@ Get Manifest in Individual VNF Package with security information
     ...    Test title: Get Manifest in Individual VNF Package with security information
     ...    Test objective: The objective is to test the retrieval of manifest for an individual VNF package shall also security certificates when requested with "include_signature" parameter, and perform a validation that returned content is in Zip format
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.4a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -37,7 +37,7 @@ Get Manifest in Individual VNF Package - Not acceptable
     ...    Test title: Get Manifest in Individual VNF Package - Not acceptable
     ...    Test objective: The objective is to test that retriveal of the of manifest for an individual VNF package fails when request contained an "Accept" header not compatible with the Content type "application/zip" but the "include_signatures" flag was provided, and perform a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.4a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -50,7 +50,7 @@ Get Manifest in Individual VNF Package - Conflict
     ...    Test title: Get Manifest in Individual VNF Package - Conflict
     ...    Test objective: The objective is to test that the retrieval of the manifest for an individual VNF package fails due to a conflict when the VNF Package is not in onboarding state ONBOARDED in the NFVO. The test also performs a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: The onboarding state of the VNF package for which the VNFD is requested is different from ONBOARDED.
-    ...    Reference: Clause 10.4.4a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -63,7 +63,7 @@ POST Manifest in Individual VNF Package - Method not implemented
     ...    Test title: POST Manifest in Individual VNF Package - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create new resource
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.4a.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4a.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -75,7 +75,7 @@ PUT Manifest in Individual VNF Package - Method not implemented
     ...    Test title: PUT Manifest in Individual VNF Package - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify resource
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.4a.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4a.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -87,7 +87,7 @@ PATCH Manifest in Individual VNF Package - Method not implemented
     ...    Test title: PATCH Manifest in Individual VNF Package - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update resource
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.4a.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4a.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -99,7 +99,7 @@ DELETE Manifest in Individual VNF Package - Method not implemented
     ...    Test title: DELETE Manifest in Individual VNF Package - Method not implemented
     ...    Test objective: The objective is to test that DELETE  method is not allowed to delete resource
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.4a.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4a.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: Resource is not deleted by the failed operation
@@ -112,7 +112,7 @@ Get Manifest in Individual OnBoarded VNF Package
     ...    Test title: Get Manifest in Individual OnBoarded VNF Package
     ...    Test objective: The objective is to test that the Get request read the content of manifest within a OnBoarded NVF Package and perform a validation that returned content is in plain text format
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.4a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -125,7 +125,7 @@ Get Manifest in Individual OnBoarded VNF Package with security information
     ...    Test title: Get Manifest in Individual OnBoarded VNF Package with security information
     ...    Test objective: The objective is to test the retrieval of manifest for an individual OnBoarded VNF package shall also security certificates when requested with "include_signature" parameter, and perform a validation that returned content is in Zip format
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.4a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -138,7 +138,7 @@ Get Manifest in Individual OnBoarded VNF Package - Not acceptable
     ...    Test title: Get Manifest in Individual OnBoarded VNF Package - Not acceptable
     ...    Test objective: The objective is to test that retriveal of the of manifest for an individual OnBoarded VNF package fails when request contained an "Accept" header not compatible with the Content type "application/zip" but the "include_signatures" flag was provided, and perform a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.4a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -151,7 +151,7 @@ Get Manifest in Individual OnBoarded VNF Package - Conflict
     ...    Test title: Get Manifest in Individual OnBoarded VNF Package - Conflict
     ...    Test objective: The objective is to test that the retrieval of the manifest for an individual OnBoarded VNF package fails due to a conflict when the VNF Package is not in onboarding state ONBOARDED in the NFVO. The test also performs a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: The onboarding state of the VNF package for which the VNFD is requested is different from ONBOARDED.
-    ...    Reference: Clause 10.4.4a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -164,7 +164,7 @@ POST Manifest in Individual OnBoarded VNF Package - Method not implemented
     ...    Test title: POST Manifest in Individual OnBoarded VNF Package - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create new resource
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.4a.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4a.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -176,7 +176,7 @@ PUT Manifest in Individual OnBoarded VNF Package - Method not implemented
     ...    Test title: PUT Manifest in Individual OnBoarded VNF Package - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify resource
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.4a.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4a.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -188,7 +188,7 @@ PATCH Manifest in Individual OnBoarded VNF Package - Method not implemented
     ...    Test title: PATCH Manifest in Individual OnBoarded VNF Package - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update resource
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.4a.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4a.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -200,9 +200,35 @@ DELETE Manifest in Individual OnBoarded VNF Package - Method not implemented
     ...    Test title: DELETE Manifest in Individual OnBoarded VNF Package - Method not implemented
     ...    Test objective: The objective is to test that DELETE  method is not allowed to delete resource
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.4a.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4a.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: Resource is not deleted by the failed operation
     Send DELETE Request for Manifest in individual OnBoarded VNF Package
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+Get Manifest in Individual VNF Package with permitted authorization scope 
+    [Documentation]    Test ID: 7.3.3.10.17
+    ...    Test title: Get Manifest in Individual VNF Package with permitted authorization scope 
+    ...    Test objective: The objective is to test that the Get request read the content of manifest within a NVF Package and perform a validation that returned content is in plain text format with permitted authorization scope 
+    ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
+    ...    Reference: Clause 10.4.4a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Manifest in Individual VNF Package with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Header Content-Type Is    text/plain
+
+Get Manifest in Individual VNF Package with not permitted authorization scope 
+    [Documentation]    Test ID: 7.3.3.10.18
+    ...    Test title: Get Manifest in Individual VNF Package with not permitted authorization scope 
+    ...    Test objective: The objective is to test that the Get request read the content of manifest within a NVF Package and perform a validation that returned content is in plain text format with not permitted authorization scope 
+    ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
+    ...    Reference: Clause 10.4.4a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Manifest in Individual VNF Package with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is   ProblemDetails
diff --git a/SOL003/VNFPackageManagement-API/NotificationEndpoint.robot b/SOL003/VNFPackageManagement-API/NotificationEndpoint.robot
index b67da1c0cd872b87d5d1cabdb8b315fd7a9e37aa..045ef4e8728531e818d5b4a24934ca151704dcc2 100644
--- a/SOL003/VNFPackageManagement-API/NotificationEndpoint.robot
+++ b/SOL003/VNFPackageManagement-API/NotificationEndpoint.robot
@@ -13,7 +13,7 @@ VNF Package Onboarding Notification
     ...    Test title: VNF Package Onboarding Notification
     ...    Test objective: The objective is to test that the POST request triggers VNF Package Onboarding notification.
     ...    Pre-conditions: A VNF package subscription for onboarding notifications is available in the NFVO.
-    ...    Reference: Clause 10.4.9.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.9.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -25,7 +25,7 @@ VNF Package Change Notification
     ...    Test title: VNF Package Change Notification
     ...    Test objective: The objective is to test that the POST request triggers VNF Package Change notification.
     ...    Pre-conditions: A VNF package subscription for change notifications is available in the NFVO.
-    ...    Reference: Clause 10.4.9.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.9.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL003/VNFPackageManagement-API/Notifications.robot b/SOL003/VNFPackageManagement-API/Notifications.robot
index ace680f433a198ba2ba35d3660d940b671e94420..7246889df633f186d239b074b0885273637fa6a9 100644
--- a/SOL003/VNFPackageManagement-API/Notifications.robot
+++ b/SOL003/VNFPackageManagement-API/Notifications.robot
@@ -16,7 +16,7 @@ VNF Package Onboarding Notification
     ...    Test title: VNF Package Onboarding Notification
     ...    Test objective: The objective is to test the dispatch of VNF Package Onboarding notification when the VNF package onboarding operation is successfully completed, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A VNF package subscription for onboarding notifications is available in the NFVO.
-    ...    Reference: Clause 10.4.9.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.9.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -29,7 +29,7 @@ VNF Package Operational State Change Notification
     ...    Test title: VNF Package Operational State Change Notification
     ...    Test objective: The objective is to test the dispatch of VNF Package Change notification when the VNF package operational state is modified, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A VNF package subscription for change notifications is available in the NFVO.
-    ...    Reference: Clause 10.4.9.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.9.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -43,7 +43,7 @@ VNF Package Deletion Notification
     ...    Test title: VNF Package Deletion Notification
     ...    Test objective: The objective is to test the dispatch of VNF Package Change notification when the VNF package is deleted on the NFVO, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A VNF package subscription for change notifications is available in the NFVO.
-    ...    Reference: Clause 10.4.9.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.9.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL003/VNFPackageManagement-API/Subscriptions.robot b/SOL003/VNFPackageManagement-API/Subscriptions.robot
index f535764d36815dee751d06426ce1e3172d6dc69a..d2934d6e65a199872ee798366099fd8d9c416708 100644
--- a/SOL003/VNFPackageManagement-API/Subscriptions.robot
+++ b/SOL003/VNFPackageManagement-API/Subscriptions.robot
@@ -16,7 +16,7 @@ Get All VNF Package Subscriptions
     ...    Test title: GET all VNF Package Subscriptions
     ...    Test objective: The objective is to test the retrieval of all VNF package subscriptions and perform a JSON schema validation of the returned subscriptions data structure
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 10.4.7.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.7.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -29,13 +29,13 @@ Get VNF Package Subscriptions with attribute-based filter
     ...    Test title: Get VNF Package Subscriptions with attribute-based filter
     ...    Test objective: The objective is to test the retrieval of VNF package subscriptions using attribute-based filter, perform a JSON schema validation of the collected data structure, and verify that the retrieved information matches the issued attribute-based filters 
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 10.4.7.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.7.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     Get VNF Package Subscriptions with attribute-based filters
     Check HTTP Response Status Code Is    200
-    Check HTTP Response Body Json Schema Is    PkgmSubscription
+    Check HTTP Response Body Json Schema Is    PkgmSubscriptions
     Check HTTP Response Body Subscriptions Match the requested Attribute-Based Filter
 
 Get VNF Package Subscriptions with invalid attribute-based filter
@@ -43,7 +43,7 @@ Get VNF Package Subscriptions with invalid attribute-based filter
     ...    Test title: Get VNF Package Subscriptions with attribute-based filters
     ...    Test objective: The objective is to test that the retrieval of VNF package subscriptions fails when using invalid attribute-based filters, and perform the JSON schema validation of the failed operation HTTP response. 
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 10.4.7.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.7.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -56,7 +56,7 @@ GET VNF Package Subscription with invalid resource endpoint
     ...    Test title: GET VNF Package Subscription with invalid resource endpoint
     ...    Test objective: The objective is to test that the retrieval of all VNF package subscriptions fails when using invalid resource endpoint.
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 10.4.7.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.7.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -69,7 +69,7 @@ Create new VNF Package subscription
     ...    Test title: Create new VNF Package subscription
     ...    Test objective: The objective is to test the creation of a new VNF package subscription and perform a JSON schema and content validation of the returned subscription data structure
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.7.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.7.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The VNF package subscription is successfully set and it matches the issued subscription    
@@ -86,7 +86,7 @@ Create duplicated VNF Package subscription with NFVO not creating duplicated sub
     ...    Test title: Create duplicated VNF Package subscription with NFVO not creating duplicated subscriptions
     ...    Test objective: The objective is to test the attempt of a creation of a duplicated VNF package subscription and check that no new subscription is created by the NFVO and a link to the original subscription is returned
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 10.4.7.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.7.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO does not support the creation of duplicated subscriptions
     ...    Post-Conditions: The existing VNF package subscription returned is available in the NFVO
@@ -102,7 +102,7 @@ Create duplicated VNF Package subscription with NFVO creating duplicated subscri
     ...    Test title: Create duplicated VNF Package subscription with NFVO creating duplicated subscriptions
     ...    Test objective: The objective is to test the creation of a duplicated VNF package subscription and perform a JSON schema and content validation of the returned duplicated subscription data structure
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 10.4.7.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.7.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports the creation of duplicated subscriptions
     ...    Post-Conditions: The duplicated VNF package subscription is successfully set and it matches the issued subscription
@@ -117,7 +117,7 @@ PUT VNF Package Subscriptions - Method not implemented
     ...    Test title: PUT VNF Package Subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify VNF package subscriptions
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 10.4.7.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.7.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -129,7 +129,7 @@ PATCH VNF Package Subscriptions - Method not implemented
     ...    Test title: PATCH VNF Package Subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update VNF package subscriptions
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 10.4.7.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.7.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -141,7 +141,7 @@ DELETE VNF Package Subscriptions - Method not implemented
     ...    Test title: DELETE VNF Package Subscriptions - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete VNF package subscriptions
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 10.4.7.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.7.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -153,7 +153,7 @@ Get All VNF Package Subscriptions as Paged Response
     ...    Test title: GET all VNF Package Subscriptions as Paged Response
     ...    Test objective: The objective is to test the retrieval of all VNF package subscriptions as Paged Response.
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 10.4.7.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.7.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The VNFM supports response paging for the subscription resources
     ...    Post-Conditions: none    
@@ -166,7 +166,7 @@ GET All VNF Package Subscriptions as a Paged Response with nextpage_opauque_mark
     ...    Test title: GET All VNF Package Subscriptions as a Paged Response with nextpage_opauque_marker parameter   
     ...    Test objective: The objective is to query information about all VNF package subscriptions as a Paged Response and retrieve the next page using the nextpage_opaque_marker parameter
     ...    Pre-conditions: A request for retrieving all VNF package subscriptions as a paged response has been successfully issued (Test ID 7.3.3.6.11)
-    ...    Reference: Clause 10.4.7.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.7.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The VNFM supports response paging for the subscription resources
     ...    Post-Conditions: none 
@@ -178,7 +178,7 @@ Get VNF Package Subscriptions - Bad Request Response too Big
     ...    Test title: Get VNF Package Subscriptions - Bad Request Response too Big
     ...    Test objective: The objective is to test that the retrieval of VNF package subscriptions fails because reponse is too big, and perform the JSON schema validation of the failed operation HTTP response. 
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 10.4.7.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.7.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -191,10 +191,38 @@ Get VNF Package Subscriptions - Unprocessable Content
     ...    Test title: Get VNF Package Subscriptions - Unprocessable Content
     ...    Test objective: The objective is to test that content type of the message content is supported and the message content of a request contains syntactically correct data but the data cannot be processed., and perform the JSON schema validation of the failed operation HTTP response. 
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 10.4.7.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.7.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     Get all VNF Package Subscriptions
     Check HTTP Response Status Code Is    422
+    Check HTTP Response Body Json Schema Is   ProblemDetails
+
+Create new VNF Package subscription with permitted authorization scope
+    [Documentation]    Test ID: 7.3.3.6.14
+    ...    Test title: Create new VNF Package subscription with permitted authorization scope
+    ...    Test objective: The objective is to test the creation of a new VNF package subscription and perform a JSON schema and content validation of the returned subscription data structure with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 10.4.7.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: The VNF package subscription is successfully set and it matches the issued subscription    
+    Send Post Request for VNF Package Subscription with permitted authorization scope
+    Check HTTP Response Status Code Is    201
+    Check HTTP Response Body Json Schema Is    PkgmSubscription
+    Check HTTP Response Body PkgmSubscription Attributes Values Match the Issued Subscription
+    Check Postcondition VNF Package Subscription Is Set
+
+Create new VNF Package subscription with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.3.6.15
+    ...    Test title: Create new VNF Package subscription with not permitted authorization scope
+    ...    Test objective: The objective is to test the creation of a new VNF package subscription and perform a JSON schema and content validation of the returned subscription data structure with not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 10.4.7.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: The VNF package subscription is successfully set and it matches the issued subscription    
+    Send Post Request for VNF Package Subscription with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
     Check HTTP Response Body Json Schema Is   ProblemDetails
\ No newline at end of file
diff --git a/SOL003/VNFPackageManagement-API/VNFDInIndividualVNFPackage.robot b/SOL003/VNFPackageManagement-API/VNFDInIndividualVNFPackage.robot
index 10a6003b8a1188349748a1692346cb38d14cceeb..532e4948263a66625f52239df05e289e16868e56 100644
--- a/SOL003/VNFPackageManagement-API/VNFDInIndividualVNFPackage.robot
+++ b/SOL003/VNFPackageManagement-API/VNFDInIndividualVNFPackage.robot
@@ -11,7 +11,7 @@ Get single file VNFD in Individual VNF Package in Plain Format
     ...    Test title: Get single file VNFD in Individual VNF Package in Plain Format
     ...    Test objective: The objective is to test the retrieval of the VNFD in plain format for an individual VNF package and perform a validation that returned content is in plain format
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The VNFD is implemented as a single file
     ...    Post-Conditions: none
@@ -24,7 +24,7 @@ Get VNFD in Individual VNF Package in Zip Format
     ...    Test title: Get VNFD in Individual VNF Package in Zip Format
     ...    Test objective: The objective is to test the retrieval of the VNFD in zip format for an individual VNF package and perform a validation that returned content is in zip format
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -37,7 +37,7 @@ Get single file VNFD in Individual VNF Package in Plain or Zip Format
     ...    Test title: Get single file VNFD in Individual VNF Package in Plain or Zip Format
     ...    Test objective: The objective is to test the retrieval of the single file VNFD for an individual VNF package when requesting Plain or Zip format to NFVO by including both formats in the request, and perform a validation that returned content is in Plain or Zip format
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The VNFD is implemented as a single file
     ...    Post-Conditions: none
@@ -50,7 +50,7 @@ Get multi file VNFD in Individual VNF Package in Plain or Zip Format
     ...    Test title: Get multi file VNFD in Individual VNF Package in Plain or Zip Format
     ...    Test objective: The objective is to test the retrieval of the multi file VNFD for an individual VNF package when requesting Plain or Zip format to NFVO by including both formats in the request, and perform a validation that returned content is in Zip format
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The VNFD is implemented as a multi file
     ...    Post-Conditions: none
@@ -74,7 +74,7 @@ Get VNFD in Individual VNF Package with invalid resource identifier
     ...    Test title: Get VNFD in Individual VNF Package with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of the VNFD for an individual VNF package content fails when using an invalid resource identifier
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -86,7 +86,7 @@ Get VNFD in Individual VNF Package Content with conflict due to onboarding state
     ...    Test title: Get VNFD in Individual VNF Package Content with conflict due to onboarding state
     ...    Test objective: The objective is to test that the retrieval of the VNFD for an individual VNF package content fails due to a conflict when the VNF Package is not in onboarding state ONBOARDED in the NFVO. The test also performs a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: The onboarding state of the VNF package for which the VNFD is requested is different from ONBOARDED.
-    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -99,7 +99,7 @@ POST VNFD in Individual VNF Package Content - Method not implemented
     ...    Test title: POST VNFD in Individual VNF Package Content - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create new VNFD
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.4.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -111,7 +111,7 @@ PUT VNFD in Individual VNF Package Content - Method not implemented
     ...    Test title: PUT VNFD in Individual VNF Package Content - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify a VNFD
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.4.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -123,7 +123,7 @@ PATCH VNFD in Individual VNF Package Content - Method not implemented
     ...    Test title: PATCH VNFD in Individual VNF Package Content - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update a VNFD
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.4.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -135,7 +135,7 @@ DELETE VNFD in Individual VNF Package Content - Method not implemented
     ...    Test title: DELETE VNFD in Individual VNF Package Content - Method not implemented
     ...    Test objective: The objective is to test that DELETE  method is not allowed to delete a VNFD
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.4.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -147,7 +147,7 @@ Get single file VNFD in Individual OnBoarded VNF Package in Plain Format
     ...    Test title: Get single file VNFD in Individual OnBoarded VNF Package in Plain Format
     ...    Test objective: The objective is to test the retrieval of the VNFD in plain format for an individual OnBoarded VNF package and perform a validation that returned content is in plain format
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The VNFD is implemented as a single file
     ...    Post-Conditions: none
@@ -160,7 +160,7 @@ Get VNFD in Individual OnBoarded VNF Package in Zip Format
     ...    Test title: Get VNFD in Individual OnBoarded VNF Package in Zip Format
     ...    Test objective: The objective is to test the retrieval of the VNFD in zip format for an individual OnBoarded VNF package and perform a validation that returned content is in zip format
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -173,7 +173,7 @@ Get single file VNFD in Individual OnBoarded VNF Package in Plain or Zip Format
     ...    Test title: Get single file VNFD in Individual OnBoarded VNF Package in Plain or Zip Format
     ...    Test objective: The objective is to test the retrieval of the single file VNFD for an individual OnBoarded VNF package when requesting Plain or Zip format to NFVO by including both formats in the request, and perform a validation that returned content is in Plain or Zip format
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The VNFD is implemented as a single file
     ...    Post-Conditions: none
@@ -186,7 +186,7 @@ Get multi file VNFD in Individual OnBoarded VNF Package in Plain or Zip Format
     ...    Test title: Get multi file VNFD in Individual OnBoarded VNF Package in Plain or Zip Format
     ...    Test objective: The objective is to test the retrieval of the multi file VNFD for an individual OnBoarded VNF package when requesting Plain or Zip format to NFVO by including both formats in the request, and perform a validation that returned content is in Zip format
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The VNFD is implemented as a multi file
     ...    Post-Conditions: none
@@ -210,7 +210,7 @@ Get VNFD in Individual OnBoarded VNF Package with invalid resource identifier
     ...    Test title: Get VNFD in Individual OnBoarded VNF Package with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of the VNFD for an individual OnBoarded VNF package content fails when using an invalid resource identifier
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -222,7 +222,7 @@ Get VNFD in Individual OnBoarded VNF Package Content with conflict due to onboar
     ...    Test title: Get VNFD in Individual OnBoarded VNF Package Content with conflict due to onboarding state
     ...    Test objective: The objective is to test that the retrieval of the VNFD for an individual OnBoarded VNF package content fails due to a conflict when the VNF Package is not in onboarding state ONBOARDED in the NFVO. The test also performs a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: The onboarding state of the VNF package for which the VNFD is requested is different from ONBOARDED.
-    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -235,7 +235,7 @@ POST VNFD in Individual OnBoarded VNF Package Content - Method not implemented
     ...    Test title: POST VNFD in Individual OnBoarded VNF Package Content - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create new VNFD
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.4.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -247,7 +247,7 @@ PUT VNFD in Individual OnBoarded VNF Package Content - Method not implemented
     ...    Test title: PUT VNFD in Individual OnBoarded VNF Package Content - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify a VNFD
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.4.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -259,7 +259,7 @@ PATCH VNFD in Individual OnBoarded VNF Package Content - Method not implemented
     ...    Test title: PATCH VNFD in Individual OnBoarded VNF Package Content - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update a VNFD
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.4.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -271,7 +271,7 @@ DELETE VNFD in Individual OnBoarded VNF Package Content - Method not implemented
     ...    Test title: DELETE VNFD in Individual OnBoarded VNF Package Content - Method not implemented
     ...    Test objective: The objective is to test that DELETE  method is not allowed to delete a VNFD
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.4.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -283,7 +283,7 @@ Get multi file VNFD in Individual VNF Package with security information
     ...    Test title: Get multi file VNFD in Individual VNF Package with security information
     ...    Test objective: The objective is to test the retrieval of the multi file VNFD for an individual VNF package shall include in the ZIP archive the security information when requested with "include_signature" parameter, and perform a validation that returned content is in Zip format
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The VNFD is implemented as a multi file
     ...    Post-Conditions: none
@@ -296,7 +296,7 @@ Get multi file VNFD in Individual OnBoarded VNF Package with security informatio
     ...    Test title: Get multi file VNFD in Individual OnBoarded VNF Package with security information
     ...    Test objective: The objective is to test the retrieval of the multi file VNFD for an individual OnBoarded VNF package shall include in the ZIP archive the security information when requested with "include_signature" parameter, and perform a validation that returned content is in Zip format
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The VNFD is implemented as a multi file
     ...    Post-Conditions: none
@@ -304,6 +304,32 @@ Get multi file VNFD in Individual OnBoarded VNF Package with security informatio
     Check HTTP Response Status Code Is    200
     Check HTTP Response Header Content-Type Is    application/zip
 
+Get single file VNFD in Individual VNF Package in Plain Format with permitted authorization scope 
+    [Documentation]    Test ID: 7.3.3.4.25
+    ...    Test title: Get single file VNFD in Individual VNF Package in Plain Format with permitted authorization scope 
+    ...    Test objective: The objective is to test the retrieval of the VNFD in plain format for an individual VNF package and perform a validation that returned content is in plain format with permitted authorization scope 
+    ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
+    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: The VNFD is implemented as a single file
+    ...    Post-Conditions: none
+    Get single file VNFD in Individual VNF Package in Plain Format with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Header Content-Type Is    text/plain
+
+Get single file VNFD in Individual VNF Package in Plain Format with not permitted authorization scope 
+    [Documentation]    Test ID: 7.3.3.4.26
+    ...    Test title: Get single file VNFD in Individual VNF Package in Plain Format with not permitted authorization scope 
+    ...    Test objective: The objective is to test the retrieval of the VNFD in plain format for an individual VNF package and perform a validation that returned content is in plain format with not permitted authorization scope 
+    ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
+    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: The VNFD is implemented as a single file
+    ...    Post-Conditions: none
+    Get single file VNFD in Individual VNF Package in Plain Format with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is   ProblemDetails
+
 *** Keywords ***
 Void
     log    do nothing
diff --git a/SOL003/VNFPackageManagement-API/VNFPackageArtifacts.robot b/SOL003/VNFPackageManagement-API/VNFPackageArtifacts.robot
index 92f574334e0c858393e8aa3ccaddaa5fcdf2177c..b221a9b0c982e8603bb197a9af3d98981548d772 100644
--- a/SOL003/VNFPackageManagement-API/VNFPackageArtifacts.robot
+++ b/SOL003/VNFPackageManagement-API/VNFPackageArtifacts.robot
@@ -11,7 +11,7 @@ Get VNF Package Artifact
     ...    Test title: Get VNF Package Artifact
     ...    Test objective: The objective is to test that the GET request read the whole content of the archive containing the artifact files successfully, and perform a validation that returned content is in Zip format
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -24,7 +24,7 @@ Get VNF Package Artifact with "exclude_all_mano_artifacts" parameter
     ...    Test title: Get VNF Package Artifact with "exclude_all_mano_artifacts" parameter
     ...    Test objective: The objective is to test that the GET request read the whole content of the archive containing the artifact files successfully and it doesnot contain additional MANO artifacts  when requested with "exclude_all_mano_artifacts" parameter
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -37,7 +37,7 @@ Get VNF Package Artifact with "exclude_all_non_mano_artifacts" parameter
     ...    Test title: Get VNF Package Artifact with "exclude_all_non_mano_artifacts" parameter
     ...    Test objective: The objective is to test that the GET request read the whole content of the archive containing the artifact files successfully and it doesnot contain non-MANO Artifacts when requested with "exclude_all_non_mano_artifacts" parameter
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -50,7 +50,7 @@ Get VNF Package Artifact with "select_non_mano_artifact_sets" parameter
     ...    Test title: Get VNF Package Artifact with "select_non_mano_artifact_sets" parameter
     ...    Test objective: The objective is to test that the GET request read the whole content of the archive containing the artifact files successfully and also contain non_MANO artifacts set when requested with "select_non_mano_artifact_sets" parameter
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -63,7 +63,7 @@ Get VNF Package Artifact with "include_signatures" parameter
     ...    Test title: Get VNF Package Artifact with "include_signatures" parameter
     ...    Test objective: The objective is to test that the GET request read the whole content of the archive containing the artifact files successfully and also contain security certificates when requested with "include_signature" parameter, and perform a validation that returned content is in Zip format
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -76,7 +76,7 @@ Get VNF Package Artifact with Range Request and NFVO supporting Range Requests
     ...    Test title: Get VNF Package Artifact with Range Request and NFVO supporting Range Requests
     ...    Test objective: The objective is to test the GET request read the whole content of the archive containing the artifact files successfully when using a range request to return single range of bytes from the file, with the NFVO supporting it. The test also perform a validation that returned content matches the issued range
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports range requests to return single range of bytes from the VNF package artifact
     ...    Post-Conditions: none
@@ -90,7 +90,7 @@ Get VNF Package Artifact with invalid URI parameters "exclude_all_non_mano_artif
     ...    Test title: Get VNF Package Artifact with invalid URI parameters "exclude_all_non_mano_artifacts", "select_non_mano_artifact_sets"
     ...    Test objective: The objective is to test that the GET request to read the whole content of the archive containing the artifact files fails when both "exclude_all_non_mano_artifacts" and "select_non_mano_artifact_sets" are present in request
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -103,7 +103,7 @@ Get VNF Package Artifact with invalid URI parameters "exclude_all_non_mano_artif
     ...    Test title: Get VNF Package Artifact with invalid URI parameters "exclude_all_non_mano_artifacts", "exclude_all_mano_artifactss"
     ...    Test objective: The objective is to test that the GET request to read the whole content of the archive containing the artifact files fails when both "exclude_all_non_mano_artifacts" and "exclude_all_mano_artifacts" are present in request
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -116,7 +116,7 @@ Get VNF Package Artifact with invalid URI parameters undifend select_non_mano_ar
     ...    Test title: Get VNF Package Artifact with invalid URI parameters undefined select_non_mano_artifact_sets
     ...    Test objective: The objective is to test that the GET request to read the whole content of the archive containing the artifact files fails when one or more value provided in "select_non_mano_artifact_sets" are not provided in Manifest.
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -129,7 +129,7 @@ Get VNF Package Artifact with conflict due to onboarding state
     ...    Test title: Get VNF Package Artifact with conflict due to onboarding state
     ...    Test objective: The objective is to test that the GET request to read the whole content of the archive containing the artifact files fails due to a conflict when the VNF Package is not in onboarding state ONBOARDED in the NFVO. The test also performs a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: The onboarding state of the VNF package for which the content is requested is different from ONBOARDED.
-    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -142,7 +142,7 @@ GET VNF Package Artifact with invalid Range Request
     ...    Test title: GET VNF Package Artifact with invalid Range Request
     ...    Test objective: The objective is to test that the GET request to read the whole content of the archive containing the artifact files fails when using a range request that does not match any available byte range in the file.
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports range requests to return single range of bytes from the VNF package artifact
     ...    Post-Conditions: none      
@@ -154,7 +154,7 @@ POST VNF Package Artifact - Method not implemented
     ...    Test title: POST VNF Package Artifact - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create new VNF Package artifact
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.5a.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -166,7 +166,7 @@ PUT VNF Package Artifact - Method not implemented
     ...    Test title: PUT VNF Package Artifact - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify a VNF Package artifact
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5a.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -178,7 +178,7 @@ PATCH VNF Package Artifact - Method not implemented
     ...    Test title: PATCH VNF Package Artifact - Method not implemented
     ...    Test objective: The objective is to test that PATCH  method is not allowed to update a VNF Package artifact
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5a.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -190,7 +190,7 @@ DELETE VNF Package Artifact - Method not implemented
     ...    Test title: DELETE VNF Package Artifact - Method not implemented
     ...    Test objective: The objective is to test that DELETE  method is not allowed to delete a VNF Package artifact
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.6.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -202,7 +202,7 @@ Get OnBoarded VNF Package Artifact
     ...    Test title: Get OnBoarded VNF Package Artifact
     ...    Test objective: The objective is to test that the GET request read the whole content of the archive containing the OnBoarded VNF Package Artifact files successfully, and perform a validation that returned content is in Zip format
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -215,7 +215,7 @@ Get OnBoarded VNF Package Artifact with "exclude_all_mano_artifacts" parameter
     ...    Test title: Get OnBoarded VNF Package Artifact with "exclude_all_mano_artifacts" parameter
     ...    Test objective: The objective is to test that the GET request read the whole content of the archive containing the OnBoarded VNF Package Artifact files successfully and it doesnot contain additional MANO artifacts  when requested with "exclude_all_mano_artifacts" parameter
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -228,7 +228,7 @@ Get OnBoarded VNF Package Artifact with "exclude_all_non_mano_artifacts" paramet
     ...    Test title: Get OnBoarded VNF Package Artifact with "exclude_all_non_mano_artifacts" parameter
     ...    Test objective: The objective is to test that the GET request read the whole content of the archive containing the OnBoarded VNF Package artifact files successfully and it doesnot contain non-MANO Artifacts when requested with "exclude_all_non_mano_artifacts" parameter
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -241,7 +241,7 @@ Get OnBoarded VNF Package Artifact with "select_non_mano_artifact_sets" paramete
     ...    Test title: Get OnBoarded VNF Package Artifact with "select_non_mano_artifact_sets" parameter
     ...    Test objective: The objective is to test that the GET request read the whole content of the archive containing the OnBoarded VNF Package artifact files successfully and also contain non_MANO artifacts set when requested with "select_non_mano_artifact_sets" parameter
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -254,7 +254,7 @@ Get OnBoarded VNF Package Artifact with "include_signatures" parameter
     ...    Test title: Get OnBoarded VNF Package Artifact with "include_signatures" parameter
     ...    Test objective: The objective is to test that the GET request read the whole content of the archive containing the OnBoarded VNF Package artifact files successfully and also contain security certificates when requested with "include_signature" parameter, and perform a validation that returned content is in Zip format
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -267,7 +267,7 @@ Get OnBoarded VNF Package Artifact with Range Request and NFVO supporting Range
     ...    Test title: Get OnBoarded VNF Package Artifact with Range Request and NFVO supporting Range Requests
     ...    Test objective: The objective is to test the GET request read the whole content of the archive containing the OnBoarded VNF Package artifact files successfully when using a range request to return single range of bytes from the file, with the NFVO supporting it. The test also perform a validation that returned content matches the issued range
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports range requests to return single range of bytes from the VNF package artifact
     ...    Post-Conditions: none
@@ -281,7 +281,7 @@ Get OnBoarded VNF Package Artifact with invalid URI parameters "exclude_all_non_
     ...    Test title: Get OnBoarded VNF Package Artifact with invalid URI parameters "exclude_all_non_mano_artifacts", "select_non_mano_artifact_sets"
     ...    Test objective: The objective is to test that the GET request to read the whole content of the archive containing the OnBoarded VNF Package artifact files fails when both "exclude_all_non_mano_artifacts" and "select_non_mano_artifact_sets" are present in request
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -294,7 +294,7 @@ Get OnBoarded VNF Package Artifact with invalid URI parameters "exclude_all_non_
     ...    Test title: Get OnBoarded VNF Package Artifact with invalid URI parameters "exclude_all_non_mano_artifacts", "exclude_all_mano_artifactss"
     ...    Test objective: The objective is to test that the GET request to read the whole content of the archive containing the OnBoarded VNF Package artifact files fails when both "exclude_all_non_mano_artifacts" and "exclude_all_mano_artifacts" are present in request
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -307,7 +307,7 @@ Get OnBoarded VNF Package Artifact with invalid URI parameters undifend select_n
     ...    Test title: Get OnBoarded VNF Package Artifact with invalid URI parameters undefined select_non_mano_artifact_sets
     ...    Test objective: The objective is to test that the GET request to read the whole content of the archive containing the OnBoarded VNF Package artifact files fails when one or more value provided in "select_non_mano_artifact_sets" are not provided in Manifest.
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -320,7 +320,7 @@ Get OnBoarded VNF Package Artifact with conflict due to onboarding state
     ...    Test title: Get OnBoarded VNF Package Artifact with conflict due to onboarding state
     ...    Test objective: The objective is to test that the GET request to read the whole content of the archive containing the OnBoarded VNF Package artifact files fails due to a conflict when the VNF Package is not in onboarding state ONBOARDED in the NFVO. The test also performs a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: The onboarding state of the VNF package for which the content is requested is different from ONBOARDED.
-    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -333,7 +333,7 @@ GET OnBoarded VNF Package Artifact with invalid Range Request
     ...    Test title: GET OnBoarded VNF Package Artifact with invalid Range Request
     ...    Test objective: The objective is to test that the GET request to read the whole content of the archive containing the OnBoarded VNF Package artifact files fails when using a range request that does not match any available byte range in the file.
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports range requests to return single range of bytes from the VNF package artifact
     ...    Post-Conditions: none      
@@ -345,7 +345,7 @@ POST OnBoarded VNF Package Artifact - Method not implemented
     ...    Test title: POST OnBoarded VNF Package Artifact - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create new VNF Package artifact
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.5a.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -357,7 +357,7 @@ PUT OnBoarded VNF Package Artifact - Method not implemented
     ...    Test title: PUT OnBoarded VNF Package Artifact - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify a VNF Package artifact
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5a.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -369,7 +369,7 @@ PATCH OnBoarded VNF Package Artifact - Method not implemented
     ...    Test title: PATCH OnBoarded VNF Package Artifact - Method not implemented
     ...    Test objective: The objective is to test that PATCH  method is not allowed to update a VNF Package artifact
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5a.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -381,7 +381,7 @@ DELETE OnBoarded VNF Package Artifact - Method not implemented
     ...    Test title: DELETE OnBoarded VNF Package Artifact - Method not implemented
     ...    Test objective: The objective is to test that DELETE  method is not allowed to delete a VNF Package artifact
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.6.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.6.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -393,7 +393,7 @@ Get VNF Package Artifact with "include_external_artifacts" parameter
     ...    Test title: Get VNF Package Artifact with "include_external_artifacts" parameter
     ...    Test objective: The objective is to test that GET request reads the whole content of the archive containing the external artifacts successfully when requested with "include_external_artifacts" parameter
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -406,10 +406,36 @@ Get OnBoarded VNF Package Artifact with "include_external_artifacts" parameter
     ...    Test title: Get OnBoarded VNF Package Artifact with "include_external_artifacts" parameter
     ...    Test objective: The objective is to test that the GET request read the whole content of the archive containing the external OnBoarded VNF Package Artifacts successfully when requested with "include_external_artifacts" parameter
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     Get Artifact in OnBoarded VNF Package with include_external_artifacts parameter
     Check HTTP Response Status Code Is    200
-    Check HTTP Response Header Content-Type Is    application/zip
\ No newline at end of file
+    Check HTTP Response Header Content-Type Is    application/zip
+
+Get VNF Package Artifact with permitted authorization scope
+    [Documentation]    Test ID: 7.3.3.11.32
+    ...    Test title: Get VNF Package Artifact with permitted authorization scope
+    ...    Test objective: The objective is to test that the GET request read the whole content of the archive containing the artifact files successfully, and perform a validation that returned content is in Zip format with permitted authorization scope
+    ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
+    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Artifact in VNF Package with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Header Content-Type Is    application/zip
+
+Get VNF Package Artifact with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.3.11.33
+    ...    Test title: Get VNF Package Artifact with not permitted authorization scope
+    ...    Test objective: The objective is to test that the GET request read the whole content of the archive containing the artifact files successfully, and perform a validation that returned content is in Zip format with not permitted authorization scope
+    ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
+    ...    Reference: Clause 10.4.5a.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Artifact in VNF Package with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is   ProblemDetails
\ No newline at end of file
diff --git a/SOL003/VNFPackageManagement-API/VNFPackageContent.robot b/SOL003/VNFPackageManagement-API/VNFPackageContent.robot
index 566df1d035ceef15c38054c3ae02c9d98cef53a4..6b07244a8e0e2a1cc55a0eb73e6f027aac9971f0 100644
--- a/SOL003/VNFPackageManagement-API/VNFPackageContent.robot
+++ b/SOL003/VNFPackageManagement-API/VNFPackageContent.robot
@@ -11,7 +11,7 @@ GET Individual VNF Package Content
     ...    Test title: GET Individual VNF Package Content
     ...    Test objective: The objective is to test the retrieval of an individual VNF package content and perform a validation that returned content is in zip format
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -24,7 +24,7 @@ GET Individual VNF Package Content with Range Request and NFVO supporting Range
     ...    Test title: GET Individual VNF Package Content with Range Request and NFVO supporting Range Requests
     ...    Test objective: The objective is to test the retrieval of an individual VNF package content when using a range request to return single range of bytes from the file, with the NFVO supporting it. The test also perform a validation that returned content matches the issued range
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports range requests to return single range of bytes from the VNF package file
     ...    Post-Conditions: none
@@ -39,7 +39,7 @@ GET Individual VNF Package Content with Range Request and NFVO not supporting Ra
     ...    Test title: GET Individual VNF Package Content with Range Request and NFVO not supporting Range Requests
     ...    Test objective: The objective is to test that the retrieval of an individual VNF package content, when using a range request to return single range of bytes from the file and the NFVO not supporting it, returns the full VNF Package file.
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO does not support range requests to return single range of bytes from the VNF package file
     ...    Post-Conditions: none    
@@ -52,7 +52,7 @@ GET Individual VNF Package Content with invalid Range Request
     ...    Test title: GET Individual VNF Package Content with invalid Range Request
     ...    Test objective: The objective is to test that the retrieval of an individual VNF package content fails when using a range request that does not match any available byte range in the file.
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports range requests to return single range of bytes from the VNF package file
     ...    Post-Conditions: none      
@@ -64,7 +64,7 @@ GET Individual VNF Package Content with invalid resource identifier
     ...    Test title: GET Individual VNF Package Content with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of an individual VNF package content fails when using an invalid resource identifier
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -77,7 +77,7 @@ GET Individual VNF Package Content with conflict due to onboarding state
     ...    Test title: GET Individual VNF Package Content with conflict due to onboarding state
     ...    Test objective: The objective is to test that the retrieval of an individual VNF package content fails due to a conflict when the VNF Package is not in onboarding state ONBOARDED in the NFVO. The test also performs a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: The onboarding state of the VNF package for which the content is requested is different from ONBOARDED.
-    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -90,7 +90,7 @@ POST Individual VNF Package Content - Method not implemented
     ...    Test title: POST Individual VNF Package Content - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create new VNF Package content
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.3.5.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.3.5.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -102,7 +102,7 @@ PUT Individual VNF Package Content - Method not implemented
     ...    Test title: PUT Individual VNF Package Content - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify a VNF Package content
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.3.5.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.3.5.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -114,7 +114,7 @@ PATCH Individual VNF Package Content - Method not implemented
     ...    Test title: PATCH Individual VNF Package Content - Method not implemented
     ...    Test objective: The objective is to test that PATCH  method is not allowed to update a VNF Package content
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.3.5.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.3.5.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -126,7 +126,7 @@ DELETE Individual VNF Package Content - Method not implemented
     ...    Test title: DELETE Individual VNF Package Content - Method not implemented
     ...    Test objective: The objective is to test that DELETE  method is not allowed to delete a VNF Package content
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.3.5.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.3.5.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -138,7 +138,7 @@ GET Individual OnBoarded VNF Package Content
     ...    Test title: GET Individual OnBoarded VNF Package Content
     ...    Test objective: The objective is to test the retrieval of an individual OnBoarded VNF package content and perform a validation that returned content is in zip format
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -151,7 +151,7 @@ GET Individual OnBoarded VNF Package Content with Range Request and NFVO support
     ...    Test title: GET Individual OnBoarded VNF Package Content with Range Request and NFVO supporting Range Requests
     ...    Test objective: The objective is to test the retrieval of an individual OnBoarded VNF package content when using a range request to return single range of bytes from the file, with the NFVO supporting it. The test also perform a validation that returned content matches the issued range
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports range requests to return single range of bytes from the VNF package file
     ...    Post-Conditions: none
@@ -166,7 +166,7 @@ GET Individual OnBoarded VNF Package Content with Range Request and NFVO not sup
     ...    Test title: GET Individual OnBoarded VNF Package Content with Range Request and NFVO not supporting Range Requests
     ...    Test objective: The objective is to test that the retrieval of an individual OnBoarded VNF package content, when using a range request to return single range of bytes from the file and the NFVO not supporting it, returns the full VNF Package file.
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO does not support range requests to return single range of bytes from the VNF package file
     ...    Post-Conditions: none    
@@ -179,7 +179,7 @@ GET Individual OnBoarded VNF Package Content with invalid Range Request
     ...    Test title: GET Individual OnBoarded VNF Package Content with invalid Range Request
     ...    Test objective: The objective is to test that the retrieval of an individual OnBoarded VNF package content fails when using a range request that does not match any available byte range in the file.
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports range requests to return single range of bytes from the VNF package file
     ...    Post-Conditions: none      
@@ -191,7 +191,7 @@ GET Individual OnBoarded VNF Package Content with invalid resource identifier
     ...    Test title: GET Individual OnBoarded VNF Package Content with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of an individual OnBoarded VNF package content fails when using an invalid resource identifier
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -203,7 +203,7 @@ GET Individual OnBoarded VNF Package Content with conflict due to onboarding sta
     ...    Test title: GET Individual OnBoarded VNF Package Content with conflict due to onboarding state
     ...    Test objective: The objective is to test that the retrieval of an individual VNF package content fails due to a conflict when the VNF Package is not in onboarding state ONBOARDED in the NFVO. The test also performs a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: The onboarding state of the VNF package for which the content is requested is different from ONBOARDED.
-    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -216,7 +216,7 @@ POST Individual OnBoarded VNF Package Content - Method not implemented
     ...    Test title: POST Individual OnBoarded VNF Package Content - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create new VNF Package content
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.3.5.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.3.5.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -228,7 +228,7 @@ PUT Individual OnBoarded VNF Package Content - Method not implemented
     ...    Test title: PUT Individual OnBoarded VNF Package Content - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify a VNF Package content
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.3.5.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.3.5.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -240,7 +240,7 @@ PATCH Individual OnBoarded VNF Package Content - Method not implemented
     ...    Test title: PATCH Individual OnBoarded VNF Package Content - Method not implemented
     ...    Test objective: The objective is to test that PATCH  method is not allowed to update a VNF Package content
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.3.5.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.3.5.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -252,9 +252,35 @@ DELETE Individual OnBoarded VNF Package Content - Method not implemented
     ...    Test title: DELETE Individual OnBoarded VNF Package Content - Method not implemented
     ...    Test objective: The objective is to test that DELETE  method is not allowed to delete a VNF Package content
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.3.5.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.3.5.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send DELETE Request for individual OnBoarded VNF Package
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+GET Individual VNF Package Content with permitted authorization scope
+    [Documentation]    Test ID: 7.3.3.3.21
+    ...    Test title: GET Individual VNF Package Content with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of an individual VNF package content and perform a validation that returned content is in zip format
+    ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
+    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual VNF Package Content with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Header Content-Type Is    application/zip
+
+GET Individual VNF Package Content with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.3.3.22
+    ...    Test title: GET Individual VNF Package Content with not permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of an individual VNF package content and perform a validation that returned content is in zip format with not permitted authorization scope
+    ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
+    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual VNF Package Content with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is   ProblemDetails
diff --git a/SOL003/VNFPackageManagement-API/VNFPackageManagementKeywords.robot b/SOL003/VNFPackageManagement-API/VNFPackageManagementKeywords.robot
index f599728f3ea154a47c866330d97f883ed867885a..642d058f0df0a3886d00ea16f54b1d578ae174ad 100644
--- a/SOL003/VNFPackageManagement-API/VNFPackageManagementKeywords.robot
+++ b/SOL003/VNFPackageManagement-API/VNFPackageManagementKeywords.robot
@@ -175,6 +175,26 @@ GET all VNF Packages with invalid resource endpoint
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+Get all VNF Packages with permitted authorization scope 
+    Log    Trying to get all VNF Packages present in the NFVO Catalogue with permitted authorization scope 
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${VNF_PACKAGE_INFO_READONLY_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}   
+
+Get all VNF Packages with not permitted authorization scope 
+    Log    Trying to get all VNF Packages present in the NFVO Catalogue with not permitted authorization scope 
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${VNF_PACKAGE_INFO_READONLY_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}   
+
 Send POST Request for all VNF Packages
     Log    Trying to perform a POST (method should not be implemented)
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
@@ -228,6 +248,26 @@ GET Individual VNF Package with invalid resource identifier
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+GET Individual VNF Package with permitted authorization scope 
+    Log    Trying to get a VNF Package present in the NFVO Catalogue with permitted authorization scope 
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${VNF_PACKAGE_INFO_READONLY_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${vnfPackageId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+GET Individual VNF Package with not permitted authorization scope 
+    Log    Trying to get a VNF Package present in the NFVO Catalogue with not permitted authorization scope 
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${VNF_PACKAGE_INFO_READONLY_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${vnfPackageId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
 Send POST Request for individual VNF Package
     Log    Trying to perform a POST (method should not be implemented)
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
@@ -333,6 +373,26 @@ GET Content for VNF Package in onboarding state different from ONBOARDED
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+GET Individual VNF Package Content with permitted authorization scope 
+    Log    Trying to get a VNF Package Content with permitted authorization scope 
+    Set Headers    {"Accept": "${ACCEPT_ZIP}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${PACKAGE_CONTENT_READONLY_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${vnfPackageId}/package_content
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+GET Individual VNF Package Content with not permitted authorization scope 
+    Log    Trying to get a VNF Package Content with not permitted authorization scope 
+    Set Headers    {"Accept": "${ACCEPT_ZIP}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${PACKAGE_CONTENT_READONLY_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${vnfPackageId}/package_content
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
 Send POST Request for individual VNF Package Content
     Log    Trying to perform a POST (method should not be implemented)
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
@@ -442,6 +502,46 @@ Send Post Request for Duplicated VNF Package Subscription
 	Verify Mock Expectation   ${notification_request}
 	Clear Requests    ${callback_endpoint}
 
+Send Post Request for VNF Package Subscription with permitted authorization scope 
+    Log    Trying to create a new subscription with permitted authorization scope 
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${template}=    Get File    jsons/subscriptions.json
+    ${body}=        Format String   ${template}    callback_uri=${callback_uri}    callback_port=${callback_port}    callback_uri=${callback_endpoint} 
+    ${scopeValue}=    Create Dictionary    scopeValue=${SUBSCRIPTIONS_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log  Creating mock request and response to handle GET operation on notification endpoint
+    &{notification_request}=  Create Mock Request Matcher	GET  ${callback_endpoint}
+    &{notification_response}=  Create Mock Response	status_code=204
+    Log    Issue the subscription request
+    Create Mock Expectation  ${notification_request}  ${notification_response}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions    ${body}    allow_redirects=false
+	${output}=    Output    response
+	Set Global Variable    ${response}    ${output}
+	Verify Mock Expectation   ${notification_request}
+	Clear Requests    ${callback_endpoint}
+
+Send Post Request for VNF Package Subscription with not permitted authorization scope 
+    Log    Trying to create a new subscription with not permitted authorization scope 
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${template}=    Get File    jsons/subscriptions.json
+    ${body}=        Format String   ${template}    callback_uri=${callback_uri}    callback_port=${callback_port}    callback_uri=${callback_endpoint} 
+    ${scopeValue}=    Create Dictionary    scopeValue=${SUBSCRIPTIONS_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log  Creating mock request and response to handle GET operation on notification endpoint
+    &{notification_request}=  Create Mock Request Matcher	GET  ${callback_endpoint}
+    &{notification_response}=  Create Mock Response	status_code=204
+    Log    Issue the subscription request
+    Create Mock Expectation  ${notification_request}  ${notification_response}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions    ${body}    allow_redirects=false
+	${output}=    Output    response
+	Set Global Variable    ${response}    ${output}
+	Verify Mock Expectation   ${notification_request}
+	Clear Requests    ${callback_endpoint}
+
 Send Put Request for VNF Package Subscriptions
     Log    Trying to perform a PUT. This method should not be implemented
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
@@ -528,6 +628,26 @@ Get VNFD in Individual VNF Package Content with conflict due to onboarding state
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${onboardingStateVnfPkgId}/vnfd
     ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Get single file VNFD in Individual VNF Package in Plain Format with permitted authorization scope  
+    Log    Trying to get a VNFD from a given VNF Package present in the NFVO Catalogue with permitted authorization scope 
+    Set Headers    {"Accept": "${ACCEPT_PLAIN}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${VNFD_READONLY_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${vnfPkgPlainVNFD}/vnfd
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output} 
+
+Get single file VNFD in Individual VNF Package in Plain Format with not permitted authorization scope 
+    Log    Trying to get a VNFD from a given VNF Package present in the NFVO Catalogue with not permitted authorization scope 
+    Set Headers    {"Accept": "${ACCEPT_PLAIN}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${VNFD_READONLY_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${vnfPkgPlainVNFD}/vnfd
+    ${output}=    Output    response
     Set Suite Variable    ${response}    ${output} 
 
 Send POST Request for VNFD in individual VNF Package
@@ -721,6 +841,26 @@ GET individual VNF Package Subscription with invalid resource identifier
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+Get Individual VNF Package Subscription with permitted authorization scope
+    Log    Trying to get a single subscription identified by subscriptionId with permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${SUBSCRIPTIONS_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Get Individual VNF Package Subscription with not permitted authorization scope
+    Log    Trying to get a single subscription identified by subscriptionId with not permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${SUBSCRIPTIONS_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
 Send Delete request for individual VNF Package Subscription
     Log    Trying to perform a DELETE on a subscriptionId
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
@@ -1232,6 +1372,24 @@ GET Individual OnBoarded VNF Package Artifact with incompatable header
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/onboarded_vnf_packages/${vndId}/artifacts/${artifactPath}/include_signatures
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
+
+GET Individual VNF Package Artifact with permitted authorization scope
+    Log    Trying to get a VNF Package Artifact with permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scopeValue=${ARTIFACT_READONLY_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${vnfPackageId}/artifacts/${artifactPath}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+GET Individual VNF Package Artifact with not permitted authorization scope
+    Log    Trying to get a VNF Package Artifact with not permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scopeValue=${ARTIFACT_READONLY_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${vnfPackageId}/artifacts/${artifactPath}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
     
 Get Manifest in Individual VNF Package
     Log    Trying to get content of manifest file from a given VNF Package present in the NFVO Catalogue
@@ -1258,6 +1416,26 @@ Get Manifest in Individual VNF Package with conflict due to onboarding state
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${onboardingStateVnfPkgId}/manifest
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
+
+Get Manifest in Individual VNF Package with permitted authorization scope 
+    Log    Trying to get content of manifest file from a given VNF Package present in the NFVO Catalogue with permitted authorization scope 
+    Set Headers    {"Accept": "${ACCEPT_ZIP}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${MANIFEST_READONLY_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${vnfPackageId}/manifest
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Get Manifest in Individual VNF Package with not permitted authorization scope 
+    Log    Trying to get content of manifest file from a given VNF Package present in the NFVO Catalogue with not permitted authorization scope 
+    Set Headers    {"Accept": "${ACCEPT_ZIP}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${MANIFEST_READONLY_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${vnfPackageId}/manifest
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
     
 Send POST Request for Manifest in individual VNF Package
     Log    Trying to perform a POST. This method should not be implemented
@@ -1566,6 +1744,26 @@ GET OnBoarded VNF Package Artifact with invalid Range Request
     Unset Headers  ["Range"]
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
+
+Get Artifact in VNF Package with permitted authorization scope 
+    Log    Trying to get Artifact in VNF Package with permitted authorization scope 
+    Set Headers    {"Accept": "${ACCEPT_ZIP}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${BULK_ARTIFACTS_READONLY_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${vnfPackageId}/artifacts
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Get Artifact in VNF Package with not permitted authorization scope 
+    Log    Trying to get Artifact in VNF Package with not permitted authorization scope 
+    Set Headers    {"Accept": "${ACCEPT_ZIP}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${BULK_ARTIFACTS_READONLY_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${vnfPackageId}/artifacts
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
     
 Send POST Request for OnBoarded VNF Package Artifact
     Log    Trying to perform a POST (method should not be implemented)
@@ -1774,4 +1972,9 @@ Match the VNF subscription Response Attributes with Descriptors
     Should Be Equal As Strings    ${response['body']['filter']['vnfProductsFromProviders'][0]['vnfProvider']}    ${Provider}
     Should Be Equal As Strings    ${response['body']['filter']['vnfProductsFromProviders'][0]['vnfProducts'][0]['vnfProductName']}    ${Product_Name}
     Should Be Equal As Strings    ${response['body']['filter']['vnfProductsFromProviders'][0]['vnfProducts']['versions'][0]['vnfSoftwareVersion']}    ${Software_Version}
-    Should Be Equal As Strings    ${response['body']['filter']['vnfProductsFromProviders'][0]['vnfProducts']['versions'][0]['vnfdVersion']}    ${Descriptor_Version}
\ No newline at end of file
+    Should Be Equal As Strings    ${response['body']['filter']['vnfProductsFromProviders'][0]['vnfProducts']['versions'][0]['vnfdVersion']}    ${Descriptor_Version}
+
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded}
\ No newline at end of file
diff --git a/SOL003/VNFPackageManagement-API/VNFPackages.robot b/SOL003/VNFPackageManagement-API/VNFPackages.robot
index 15e311358e33b40cbd2305669572bb09bcfd03e3..55745e04420f58cf2f9ccd2f400f156ff0090893 100644
--- a/SOL003/VNFPackageManagement-API/VNFPackages.robot
+++ b/SOL003/VNFPackageManagement-API/VNFPackages.robot
@@ -11,7 +11,7 @@ GET all VNF Packages
     ...    Test title: GET all VNF Packages
     ...    Test objective: The objective is to test the retrieval of all the available VNF packages information and perform a JSON schema and content validation of the collected data structure
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -27,7 +27,7 @@ GET VNF Packages with attribute-based filter
     ...    Test title: GET VNF Packages with attribute-based filter
     ...    Test objective: The objective is to test the retrieval of VNF packages using attribute-based filter, perform a JSON schema validation of the collected jobs data structure, and verify that the retrieved information matches the issued attribute-based filter
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -41,7 +41,7 @@ GET VNF Packages with invalid attribute-based filter
     ...    Test title: GET VNF Packages with invalid attribute-based filter
     ...    Test objective: The objective is to test that the retrieval of VNF packages fails when using invalid attribute-based filter, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -54,7 +54,7 @@ GET VNF Packages with "all_fields" attribute selector
     ...    Test title: GET VNF Packages with "all_fields" attribute selector
     ...    Test objective: The objective is to test the retrieval of VNF packages with "all_fields" attribute selector, perform a JSON schema validation of the collected data structure, and verify that the retrieved information matches the issued "all_fileds" selector
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -68,7 +68,7 @@ GET VNF Packages with "exclude_default" attribute selector
     ...    Test title: GET VNF Packages with exclude_default attribute selector
     ...    Test objective: The objective is to test the retrieval of VNF packages with "exclude_default" attribute selector, perform a JSON schema validation of the collected data structure, and verify that the retrieved information matches the issued "exclude_default" selector
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none        
@@ -82,7 +82,7 @@ GET VNF Packages with "fields" attribute selector
     ...    Test title: GET VNF Packages with fields attribute selector
     ...    Test objective: The objective is to test the retrieval of VNF packages with "fields" attribute selector, perform a JSON schema validation of the collected data structure, and verify that the retrieved information matches the issued "fields" selector
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The VNFM supports the use of fields attribute selector
     ...    Post-Conditions: none
@@ -96,7 +96,7 @@ GET VNF Packages with "exclude_fields" attribute selector
     ...    Test title: GET VNF Packages with exclude_fields attribute selector
     ...    Test objective: The objective is to test the retrieval of VNF packages with "exclude_fields" attribute selector, perform a JSON schema validation of the collected data structure, and verify that the retrieved information matches the issued "exclude_fields" selector
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The VNFM supports the use of exclude_fields attribute selector
     ...    Post-Conditions: none
@@ -110,7 +110,7 @@ GET all VNF Packages with invalid resource endpoint
     ...    Test title: GET VNF Packages with invalid resource endpoint
     ...    Test objective: The objective is to test that the retrieval of VNF packages fails when using invalid resource endpoint
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -122,7 +122,7 @@ POST all VNF Packages - Method not implemented
     ...    Test title: POST all VNF Packages - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create new VNF Packages
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -134,7 +134,7 @@ PUT all VNF Packages - Method not implemented
     ...    Test title: PUT all VNF Packages - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify existing VNF Packages
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.2.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.2.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -146,7 +146,7 @@ PATCH all VNF Packages - Method not implemented
     ...    Test title: PATCH all VNF Packages - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update existing VNF Packages
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.2.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.2.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -158,7 +158,7 @@ DELETE all VNF Packages - Method not implemented
     ...    Test title: DELETE all VNF Packages - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete existing VNF Packages
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.2.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.2.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -170,7 +170,7 @@ GET all VNF Packages as a Paged Response
     ...    Test title: GET all VNF Packages as a Paged Response
     ...    Test objective: The objective is to test the retrieval of all the available VNF packages information as a Paged Response.
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The VNFM supports response paging for the VNF package resources
     ...    Post-Conditions: none
@@ -183,7 +183,7 @@ GET all VNF Packages as a Paged Response with nextpage_opauque_marker parameter
     ...    Test title: GET all VNF Packages as a Paged Response with nextpage_opauque_marker parameter   
     ...    Test objective: The objective is to query information about all VNF packages as a Paged Response and retrieve the next page using the nextpage_opaque_marker parameter
     ...    Pre-conditions: A request for retrieving all VNF packages as a paged response has been successfully issued (Test ID 7.3.3.1.13)
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The VNFM supports response paging for the VNF package resources
     ...    Post-Conditions: none 
@@ -196,7 +196,7 @@ GET VNF Packages - Bad Request Response too Big
     ...    Test title: GET VNF Packages - Bad Request Response too Big
     ...    Test objective: The objective is to test that the retrieval of VNF packages fails because response is too big, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -209,7 +209,7 @@ GET all OnBoarded VNF Packages
     ...    Test title: GET all OnBoarded VNF Packages
     ...    Test objective: The objective is to test the retrieval of all the available onboarded VNF packages information and perform a JSON schema and content validation of the collected data structure
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -225,7 +225,7 @@ GET OnBoarded VNF Packages with attribute-based filter
     ...    Test title: GET OnBoarded VNF Packages with attribute-based filter
     ...    Test objective: The objective is to test the retrieval of OnBoarded VNF packages using attribute-based filter, perform a JSON schema validation of the collected jobs data structure, and verify that the retrieved information matches the issued attribute-based filter
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -239,7 +239,7 @@ GET OnBoarded VNF Packages with invalid attribute-based filter
     ...    Test title: GET OnBoarded VNF Packages with invalid attribute-based filter
     ...    Test objective: The objective is to test that the retrieval of OnBoarded VNF packages fails when using invalid attribute-based filter, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -252,7 +252,7 @@ GET OnBoarded VNF Packages with "all_fields" attribute selector
     ...    Test title: GET OnBoarded VNF Packages with "all_fields" attribute selector
     ...    Test objective: The objective is to test the retrieval of OnBoarded VNF packages with "all_fields" attribute selector, perform a JSON schema validation of the collected data structure, and verify that the retrieved information matches the issued "all_fileds" selector
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 4.3.3.2.1, 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 4.3.3.2.1, 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -266,7 +266,7 @@ GET OnBoarded VNF Packages with "exclude_default" attribute selector
     ...    Test title: GET OnBoarded VNF Packages with exclude_default attribute selector
     ...    Test objective: The objective is to test the retrieval of OnBoarded VNF packages with "exclude_default" attribute selector, perform a JSON schema validation of the collected data structure, and verify that the retrieved information matches the issued "exclude_default" selector
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 4.3.3.2.1, 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 4.3.3.2.1, 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none        
@@ -280,7 +280,7 @@ GET OnBoarded VNF Packages with "fields" attribute selector
     ...    Test title: GET OnBoarded VNF Packages with fields attribute selector
     ...    Test objective: The objective is to test the retrieval of OnBoarded VNF packages with "fields" attribute selector, perform a JSON schema validation of the collected data structure, and verify that the retrieved information matches the issued "fields" selector
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 4.3.3.2.1, 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 4.3.3.2.1, 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The VNFM supports the use of fields attribute selector
     ...    Post-Conditions: none
@@ -294,7 +294,7 @@ GET OnBoarded VNF Packages with "exclude_fields" attribute selector
     ...    Test title: GET OnBoarded VNF Packages with exclude_fields attribute selector
     ...    Test objective: The objective is to test the retrieval of OnBoarded VNF packages with "exclude_fields" attribute selector, perform a JSON schema validation of the collected data structure, and verify that the retrieved information matches the issued "exclude_fields" selector
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 4.3.3.2.1, 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 4.3.3.2.1, 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The VNFM supports the use of exclude_fields attribute selector
     ...    Post-Conditions: none
@@ -308,7 +308,7 @@ GET all OnBoarded VNF Packages with invalid resource endpoint
     ...    Test title: GET OnBoarded VNF Packages with invalid resource endpoint
     ...    Test objective: The objective is to test that the retrieval of OnBoarded VNF packages fails when using invalid resource endpoint
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -320,7 +320,7 @@ POST all OnBoarded VNF Packages - Method not implemented
     ...    Test title: POST all OnBoarded VNF Packages - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create new OnBoarded VNF Packages
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -332,7 +332,7 @@ PUT all OnBoarded VNF Packages - Method not implemented
     ...    Test title: PUT all OnBoarded VNF Packages - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify existing OnBoarded VNF Packages
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.2.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.2.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -344,7 +344,7 @@ PATCH all OnBoarded VNF Packages - Method not implemented
     ...    Test title: PATCH all OnBoarded VNF Packages - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update existing OnBoarded VNF Packages
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.2.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.2.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -356,7 +356,7 @@ DELETE all OnBoarded VNF Packages - Method not implemented
     ...    Test title: DELETE all OnBoarded VNF Packages - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete existing OnBoarded VNF Packages
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.2.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.2.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -368,7 +368,7 @@ GET all OnBoarded VNF Packages as a Paged Response
     ...    Test title: GET all OnBoarded VNF Packages as a Paged Response
     ...    Test objective: The objective is to test the retrieval of all the available OnBoarded VNF packages information as a Paged Response.
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The VNFM supports response paging for the VNF package resources
     ...    Post-Conditions: none
@@ -381,7 +381,7 @@ GET all OnBoarded VNF Packages as a Paged Response with nextpage_opauque_marker
     ...    Test title: GET all OnBoarded VNF Packages as a Paged Response with nextpage_opauque_marker parameter   
     ...    Test objective: The objective is to query information about all onBoarded VNF packages as a Paged Response and retrieve the next page using the nextpage_opaque_marker parameter
     ...    Pre-conditions: A request for retrieving all onBoarded VNF packages as a paged response has been successfully issued (Test ID 7.3.3.1.27)
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The VNFM supports response paging for the VNF package resources
     ...    Post-Conditions: none 
@@ -394,7 +394,7 @@ GET OnBoarded VNF Packages - Bad Request Response too Big
     ...    Test title: GET OnBoarded VNF Packages - Bad Request Response too Big
     ...    Test objective: The objective is to test that the retrieval of OnBoarded VNF packages fails because response is too big, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -407,7 +407,7 @@ GET VNF Packages with "fields" and "exclude_default" attribute selector
     ...    Test title: GET VNF Packages with fields and exclude_default attribute selector
     ...    Test objective: The objective is to test the retrieval of VNF packages with "fields" and "exclude_default" attribute selector, perform a JSON schema validation of the collected data structure, and verify that the retrieved information matches the issued "fields" selector
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The VNFM supports the use of fields attribute selector
     ...    Post-Conditions: none
@@ -421,11 +421,39 @@ GET OnBoarded VNF Packages with "fields" and "exclude_default" attribute selecto
     ...    Test title: GET OnBoarded VNF Packages with fields and exclude_default attribute selector
     ...    Test objective: The objective is to test the retrieval of OnBoarded VNF packages with "fields" and "exclude_default" attribute selector, perform a JSON schema validation of the collected data structure, and verify that the retrieved information matches the issued "fields" selector
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 4.3.3.2.1, 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 4.3.3.2.1, 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The VNFM supports the use of fields attribute selector
     ...    Post-Conditions: none
     GET OnBoarded VNF Packages with fields and exclude_default attribute selector
     Check HTTP Response Status Code Is    200
     Check HTTP Response Body Json Schema Is   vnfPkgsInfo
-    Check HTTP Response Body vnfPkgsInfo Matches the requested fields selector
\ No newline at end of file
+    Check HTTP Response Body vnfPkgsInfo Matches the requested fields selector
+
+GET all VNF Packages with permitted authorization scope
+    [Documentation]    Test ID: 7.3.3.1.31
+    ...    Test title: GET all VNF Packages with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of all the available VNF packages information and perform a JSON schema and content validation of the collected data structure with permitted authorization scope
+    ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get all VNF Packages with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   vnfPkgsInfo
+    Check HTTP Response Body Does Not Contain softwareImages
+    Check HTTP Response Body Does Not Contain additionalArtifacts
+    Check HTTP Response Body Does Not Contain userDefinedData 
+
+GET all VNF Packages with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.3.1.32
+    ...    Test title: GET all VNF Packages with not permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of all the available VNF packages information and perform a JSON schema and content validation of the collected data structure with not permitted authorization scope
+    ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get all VNF Packages with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
\ No newline at end of file
diff --git a/SOL003/VNFPackageManagement-API/descriptors/SOL001/VNFD/vnfd_SOL001.yaml b/SOL003/VNFPackageManagement-API/descriptors/SOL001/VNFD/vnfd_SOL001.yaml
index 1d38787320b38741c3919deb05effb540437c773..a43587c63fefb1b556bf8c2cba3409fbe899f6fa 100644
--- a/SOL003/VNFPackageManagement-API/descriptors/SOL001/VNFD/vnfd_SOL001.yaml
+++ b/SOL003/VNFPackageManagement-API/descriptors/SOL001/VNFD/vnfd_SOL001.yaml
@@ -1,8 +1,8 @@
-tosca_definitions_version: tosca_simple_yaml_1_2
+tosca_definitions_version: tosca_simple_yaml_1_3
 description: "TST010 reference VNF-B"
 
 imports:
-  - https://forge.etsi.org/rep/nfv/SOL001/raw/v3.3.1/etsi_nfv_sol001_vnfd_types.yaml  
+  - https://forge.etsi.org/rep/nfv/SOL001/raw/v4.4.1/etsi_nfv_sol001_vnfd_types.yaml  
 
 metadata:
   descriptor_id: "VNF-B"
@@ -44,7 +44,7 @@ node_types:
         type: list
         entry_schema:
           type: string
-        default: [ 'etsivnfm:v2.3.1' ]
+        default: [ 'etsivnfm:v4.5.1' ]
     interfaces:
       Vnflcm:
         type: "tosca.interfaces.nfv.Vnflcm"
@@ -162,4 +162,4 @@ topology_template:
           terminate:
             implementation: terminate-example.yaml
           operate:
-            implementation: operate-example.yaml                
\ No newline at end of file
+            implementation: operate-example.yaml                
diff --git a/SOL003/VNFPackageManagement-API/environment/variables.txt b/SOL003/VNFPackageManagement-API/environment/variables.txt
index 0741289f7b87b2779a3458d6b3be55331c1126d9..9e598c296a3f555de44be4d7e0b20558ddd5a64e 100644
--- a/SOL003/VNFPackageManagement-API/environment/variables.txt
+++ b/SOL003/VNFPackageManagement-API/environment/variables.txt
@@ -2,7 +2,28 @@
 ${NFVO_HOST}      localhost    # Hostname of the NFVO
 ${NFVO_PORT}      8081    # Listening port of the NFVO
 ${NFVO_SCHEMA}    https
+
+${OAUTH_ENCRYPTION_ALGORITHM}  HS256
 ${AUTHORIZATION_HEADER}    Authorization
+${OAUTH_KEY}
+
+${VNF_PACKAGE_INFO_READONLY_PERMITTED_SCOPE}    vnfpkgm:v1:vnf_package_info:readonly              
+${VNFD_READONLY_PERMITTED_SCOPE}    vnfpkgm:v1:vnfd:readonly      
+${MANIFEST_READONLY_PERMITTED_SCOPE}    vnfpkgm:v1:manifest:readonly
+${PACKAGE_CONTENT_READONLY_PERMITTED_SCOPE}    vnfpkgm:v1:package_content:readonly   
+${BULK_ARTIFACTS_READONLY_PERMITTED_SCOPE}    vnfpkgm:v1:bulk_artifacts:readonly  
+${ARTIFACT_READONLY_PERMITTED_SCOPE}    vnfpkgm:v1:artifact:readonly  
+${SUBSCRIPTIONS_PERMITTED_SCOPE}    vnfpkgm:v1:subscriptions
+
+${VNF_PACKAGE_INFO_READONLY_NOT_PERMITTED_SCOPE}    vnfpkgm:v1:vnf_package_info:readonly:invalid
+${VNFD_READONLY_NOT_PERMITTED_SCOPE}    vnfpkgm:v1:vnfd:readonly:invalid
+${MANIFEST_READONLY_NOT_PERMITTED_SCOPE}    vnfpkgm:v1:manifest:readonly:invalid
+${PACKAGE_CONTENT_READONLY_NOT_PERMITTED_SCOPE}    vnfpkgm:v1:package_content:readonly:invalid
+${BULK_ARTIFACTS_READONLY_NOT_PERMITTED_SCOPE}    vnfpkgm:v1:bulk_artifacts:readonly:invalid
+${ARTIFACT_READONLY_NOT_PERMITTED_SCOPE}    vnfpkgm:v1:artifact:readonly:invalid
+${SUBSCRIPTIONS_NOT_PERMITTED_SCOPE}    vnfpkgm:v1:subscriptions:invalid
+${ALL_READONLY_NOT_PERMITTED_SCOPE}    vnfpkgm:v1:all:readonly:invalid
+
 ${AUTHORIZATION_TOKEN}    Bearer 0b79bab50daca910b000d4f1a2b675d604257e42
 ${ACCEPT_JSON}    application/json
 ${AUTH_USAGE}     1
diff --git a/SOL003/VNFPerformanceManagement-API/IndividualPmJob.robot b/SOL003/VNFPerformanceManagement-API/IndividualPmJob.robot
index 0f1f8bed0ab7b38cdfece7ffa86bedc509cfeb6c..274cc81a8632022d5504dcb2ad091ab5b72438e5 100644
--- a/SOL003/VNFPerformanceManagement-API/IndividualPmJob.robot
+++ b/SOL003/VNFPerformanceManagement-API/IndividualPmJob.robot
@@ -7,7 +7,7 @@ Library           REST    ${VNFM_SCHEMA}://${VNFM_HOST}:${VNFM_PORT}    ssl_veri
 Library           String
 Library           MockServerLibrary
 Library           Process
-
+Library           jwt
 Suite Setup       Create Sessions
 Suite Teardown    Terminate All Processes    kill=true
 
@@ -17,7 +17,7 @@ GET individual VNF Performance Job
     ...    Test title: Get individual VNF Performance Job
     ...    Test objective: The objective is to test the retrieval of an individual VNF performance monitoring job and perform a JSON schema and content validation of the collected job data structure
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNFM.
-    ...    Reference: Clause 6.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -32,7 +32,7 @@ GET individual VNF Performance Job with invalid resource identifier
     ...    Test title: Get individual VNF Performance Job with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of an individual VNF performance monitoring job fails when using an invalid resource identifier, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNFM.
-    ...    Reference: Clause 6.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -45,7 +45,7 @@ DELETE Individual VNF Performance Job
     ...    Test title: Delete Individual VNF Performance Job
     ...    Test objective: The objective is to test the deletion of an individual VNF performance monitoring job
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNFM.
-    ...    Reference: Clause 6.4.3.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.3.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: The VNF Performance Job is no more available in the VNFM    
@@ -58,7 +58,7 @@ DELETE Individual VNF Performance Job with invalid resource identifier
     ...    Test title: Delete individual VNF Performance Job with invalid resource identifier
     ...    Test objective: The objective is to test that the deletion of an individual VNF performance monitoring job fails when using an invalid resource identifier
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNFM.
-    ...    Reference: Clause 6.4.3.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.3.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -71,7 +71,7 @@ POST Individual VNF Performance Job - Method not implemented
     ...    Test title: POST Individual VNF Performance Job - method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new VNF Performance Monitoring Job
     ...    Pre-conditions: A VNF instance is instantiated
-    ...    Reference: Clause 6.4.3.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.3.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -83,7 +83,7 @@ PUT Individual VNF Performance Job - Method not implemented
     ...    Test title: PUT Individual VNF Performance Job - method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to update an existing VNF Performance Monitoring Job
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNFM.
-    ...    Reference: Clause 6.4.3.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.3.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -95,7 +95,7 @@ PATCH Individual VNF Performance Job
     ...    Test title: PATCH Individual VNF Performance Job
     ...    Test objective: The objective is to test that PATCH method allows to modify individual performace management job
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNFM.
-    ...    Reference: Clause 6.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: 
@@ -109,7 +109,7 @@ PATCH Individual VNF Performance Job - Precondition failed
     ...    Test title: PATCH Individual VNF Performance Job - Precondition failed
     ...    Test objective: The objective is to attempt to Modify an individual alarm resource, where the precondition was not met.
     ...    Pre-conditions:  A VNF instance is instantiated. One or more VNF performance jobs are set in the VNFM.
-    ...    Reference: Clause 6.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions:  The VNF Performance Job is not modified by the operation
@@ -123,7 +123,7 @@ PATCH Individual VNF Performance Job - Unprocessable Content
     ...    Test title: PATCH Individual VNF Performance Job - Unprocessable Content
     ...    Test objective: The objective is to test that PATCH method cannot modify an exsisting individual PM job resource when a request contains syntactically correct data but the data cannot be processed.
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNFM.
-    ...    Reference: Clause 6.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -131,7 +131,34 @@ PATCH Individual VNF Performance Job - Unprocessable Content
     Check HTTP Response Status Code Is    422
     Check HTTP Response Body Json Schema Is    ProblemDetails
     
-    
+GET individual VNF Performance Job with permitted authorization scope
+    [Documentation]    Test ID: 7.3.4.2.10
+    ...    Test title: Get individual VNF Performance Job with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of an individual VNF performance monitoring job and perform a JSON schema and content validation of the collected job data structure
+    ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNFM.
+    ...    Reference: Clause 6.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET individual VNF Performance Job with permitted authorization scope
+    Check HTTP Response Header Contains ETag and Last-Modified
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   PmJob
+    Check HTTP Response Body Pm Job Identifier matches the requested Pm Job
+
+GET individual VNF Performance Job with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.4.2.11
+    ...    Test title: Get individual VNF Performance Job with not permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of an individual VNF performance monitoring job and perform a JSON schema and content validation of the collected job data structure
+    ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNFM.
+    ...    Reference: Clause 6.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET individual VNF Performance Job with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is   ProblemDetails
+
 *** Keywords ***
 Create Sessions
     Start Process  java  -jar  ${MOCK_SERVER_JAR}    -serverPort  ${callback_port}  alias=mockInstance
@@ -227,6 +254,26 @@ Send Patch request for individual VNF Performance Job with unprocessable content
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+GET individual VNF Performance Job with permitted authorization scope
+    Log    Trying to get a Pm Job present in the NFVO Catalogue with permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${PM_JOBS_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs/${pmJobId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+GET individual VNF Performance Job with not permitted authorization scope
+    Log    Trying to get a Pm Job present in the NFVO Catalogue with not permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${PM_JOBS_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs/${pmJobId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
 Check Postcondition VNF Performance Job is not Created
     Log    Trying to get a new Pm Job
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
@@ -279,4 +326,9 @@ Check HTTP Response Header Contains ETag and Last-Modified
     Log    ${response['headers']}
     Should Contain    ${response['headers']}    Etag
     Should Contain    ${response['headers']}    Last-Modified
-    Log    Etag and Last-Modified Headers are present
\ No newline at end of file
+    Log    Etag and Last-Modified Headers are present
+
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded}
\ No newline at end of file
diff --git a/SOL003/VNFPerformanceManagement-API/IndividualReport.robot b/SOL003/VNFPerformanceManagement-API/IndividualReport.robot
index 57ca4fdcbae5bd29dff1b4a792154aa9f4ac0ab7..d97782ce5569fe6701845b7b985d39237eca5985 100644
--- a/SOL003/VNFPerformanceManagement-API/IndividualReport.robot
+++ b/SOL003/VNFPerformanceManagement-API/IndividualReport.robot
@@ -4,14 +4,14 @@ Resource          environment/variables.txt    # Generic Parameters
 Library           JSONLibrary
 Library           REST    ${VNFM_SCHEMA}://${VNFM_HOST}:${VNFM_PORT}    ssl_verify=false
 Library           String
-
+Library           jwt
 *** Test Cases ***
 Get Individual Performance Report
     [Documentation]    Test ID: 7.3.4.3.1
     ...    Test title: Get Individual Performance Report
     ...    Test objective: The objective is to test the retrieval of an individual VNF performance report associated to a monitoring job and perform a JSON schema validation of the collected report data structure
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance reports are set for a monitoring job in the VNFM.
-    ...    Reference: Clause 6.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -24,7 +24,7 @@ Get Individual Performance Report with invalid resource endpoint
     ...    Test title: Get Individual Performance Report with invalid resource endpoint
     ...    Test objective:  The objective is to test that the retrieval of an individual VNF performance report associated to a monitoring job fails when using an invalid resource endpoint 
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance reports are set for a monitoring job in the VNFM.
-    ...    Reference: Clause 6.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -37,7 +37,7 @@ POST Individual Performance Report - Method not implemented
     ...    Test title: POST Individual Performance Report - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new VNF performance report within a monitoring job
     ...    Pre-conditions: A VNF instance is instantiated.
-    ...    Reference: Clause 6.4.4.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.4.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -49,7 +49,7 @@ PUT Individual Performance Report - Method not implemented
     ...    Test title: PUT Individual Performance Report - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to update an existing VNF performance report within a monitoring job
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance reports are set for a monitoring job in the VNFM.
-    ...    Reference: Clause 6.4.4.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.4.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -61,7 +61,7 @@ PATCH Individual Performance Report - Method not implemented
     ...    Test title: PATCH Individual Performance Report - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to modify an existing VNF performance report within a monitoring job
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance reports are set for a monitoring job in the VNFM.
-    ...    Reference: Clause 6.4.4.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.4.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -73,13 +73,39 @@ DELETE Individual Performance Report - Method not implemented
     ...    Test title: DELETE Individual Performance Report - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete an existing VNF performance report within a monitoring job
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance reports are set for a monitoring job in the VNFM.
-    ...    Reference: Clause 6.4.4.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.4.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
     Send Delete request for Individual Performance Report
     Check HTTP Response Status Code Is    405
 
+Get Individual Performance Report with permitted authorization scope
+    [Documentation]    Test ID: 7.3.4.3.7
+    ...    Test title: Get Individual Performance Report with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of an individual VNF performance report associated to a monitoring job and perform a JSON schema validation of the collected report data structure with permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance reports are set for a monitoring job in the VNFM.
+    ...    Reference: Clause 6.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Individual Performance Report with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   PerformanceReport
+
+Get Individual Performance Report with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.4.3.8
+    ...    Test title: Get Individual Performance Report with not permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of an individual VNF performance report associated to a monitoring job and perform a JSON schema validation of the collected report data structure with not permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance reports are set for a monitoring job in the VNFM.
+    ...    Reference: Clause 6.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Individual Performance Report with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is   ProblemDetails
+
 *** Keywords ***
 Get Individual Performance Report
     Log    Trying to get a performance report present in the VNFM
@@ -131,6 +157,26 @@ Send Delete request for Individual Performance Report
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+Get Individual Performance Report with permitted authorization scope
+    Log    Trying to get a performance report present in the VNFM with permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${PM_JOBS_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs/${pmJobId}/reports/${reportId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Get Individual Performance Report with not permitted authorization scope
+    Log    Trying to get a performance report present in the VNFM with not permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${PM_JOBS_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs/${pmJobId}/reports/${reportId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+    
 Check HTTP Response Status Code Is
     [Arguments]    ${expected_status}
     ${status}=    Convert To Integer    ${expected_status}    
@@ -150,3 +196,7 @@ Check HTTP Response Body Json Schema Is
     Validate Json    ${schema}    ${response['body']}
     Log    Json Schema Validation OK
 
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded}
\ No newline at end of file
diff --git a/SOL003/VNFPerformanceManagement-API/IndividualThreshold.robot b/SOL003/VNFPerformanceManagement-API/IndividualThreshold.robot
index 85ef306834913363145ea67169c729ffadc518be..b698c802d3d2f1112bcc079257b97f1fa65a2a50 100644
--- a/SOL003/VNFPerformanceManagement-API/IndividualThreshold.robot
+++ b/SOL003/VNFPerformanceManagement-API/IndividualThreshold.robot
@@ -7,7 +7,7 @@ Library           OperatingSystem
 Library           String
 Library           Process
 Library           MockServerLibrary
-
+Library           jwt
 Suite Setup       Create Sessions
 Suite Teardown    Terminate All Processes    kill=true
 
@@ -17,11 +17,11 @@ GET Individual Threshold
     ...    Test title: GET Individual Threshold
     ...    Test objective: The objective is to test the retrieval of an individual VNF performance threshold and perform a JSON schema and content validation of the collected threshold data structure
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
-    ...    Reference: Clause 6.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
-    GET individual VNF Performance Threshold
+    GET Individual VNF Performance Threshold
     Check HTTP Response Status Code Is    200
     Check HTTP Response Header Contains ETag and Last-Modified
     Check HTTP Response Body Json Schema Is   Threshold
@@ -32,7 +32,7 @@ GET Individual Threshold with invalid resource identifier
     ...    Test title: GET Individual Threshold with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of an individual VNF performance threshold fails when using an invalid resource identifier
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNFM.
-    ...    Reference: Clause 6.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -45,7 +45,7 @@ DELETE Individual Threshold
     ...    Test title: DELETE Individual Threshold
     ...    Test objective: The objective is to test the deletion of an individual VNF performance threshold
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
-    ...    Reference: Clause 6.4.6.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.6.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: The VNF Performance Threshold is not available anymore in the VNFM    
@@ -58,7 +58,7 @@ DELETE Individual Threshold with invalid resource identifier
     ...    Test title: DELETE Individual Threshold with invalid resource identifier
     ...    Test objective: The objective is to test the deletion of an individual VNF performance threshold
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
-    ...    Reference: Clause 6.4.6.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.6.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -71,7 +71,7 @@ POST Individual Threshold - Method not implemented
     ...    Test title: POST Individual Threshold - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new VNF Performance Threshold
     ...    Pre-conditions: A VNF instance is instantiated
-    ...    Reference: Clause 6.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.6.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -83,7 +83,7 @@ PUT Individual Threshold - Method not implemented
     ...    Test title: PUT Individual Threshold - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to update an existing VNF Performance threshold
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
-    ...    Reference: Clause 6.4.6.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.6.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -95,7 +95,7 @@ PATCH Individual Threshold
     ...    Test title: PATCH Individual Threshold
     ...    Test objective: The objective is to test that PATCH method allows to modify an Individual threshold resource.
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
-    ...    Reference: Clause 6.4.6.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.6.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: 
@@ -109,7 +109,7 @@ PATCH Individual Threshold - Precondition failed
     ...    Test title: PATCH Individual Threshold - Preconition failed
     ...    Test objective: The objective is to attempt to modify an individual threshold resource, where the precondition was not met.
     ...    Pre-conditions:  A VNF instance is instantiated. One or more VNF performance jobs are set in the VNFM.
-    ...    Reference: Clause 6.4.6.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.6.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions:  none
@@ -122,7 +122,7 @@ PATCH Individual Threshold - Unprocessible Entity
     ...    Test title: PATCH Individual Threshold - Unprocessible Entity 
     ...    Test objective: The objective is to test that PATCH method cannot modify an individual threshold resource when a request contains syntactically correct data but the data cannot be processed.
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
-    ...    Reference: Clause 6.4.6.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.6.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -130,6 +130,33 @@ PATCH Individual Threshold - Unprocessible Entity
     Check HTTP Response Status Code Is    422
     Check HTTP Response Body Json Schema Is    ProblemDetails
 
+GET Individual Threshold with permitted authorization scope
+    [Documentation]    Test ID: 7.3.4.5.10
+    ...    Test title: GET Individual Threshold with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of an individual VNF performance threshold and perform a JSON schema and content validation of the collected threshold data structure
+    ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
+    ...    Reference: Clause 6.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual VNF Performance Threshold with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Header Contains ETag and Last-Modified
+    Check HTTP Response Body Json Schema Is   Threshold
+    Check HTTP Response Body Threshold Identifier matches the requested Threshold
+
+GET Individual Threshold with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.4.5.11
+    ...    Test title: GET Individual Threshold with not permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of an individual VNF performance threshold and perform a JSON schema and content validation of the collected threshold data structure with not permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
+    ...    Reference: Clause 6.4.6.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual VNF Performance Threshold with not permitted authorization scope
+    Check HTTP Response Status Code Is   403
+    Check HTTP Response Body Json Schema Is   ProblemDetails
 
 *** Keywords ***
 Create Sessions
@@ -226,9 +253,29 @@ Send Patch request for individual VNF Performance Threshold with unprocessable c
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+GET Individual VNF Performance Threshold with permitted authorization scope
+    Log    Trying to get a Threhsold present in the VNFM with permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${THRESHOLDS_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/thresholds/${thresholdId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+GET Individual VNF Performance Threshold with not permitted authorization scope
+    Log    Trying to get a Threhsold present in the VNFM with not permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${THRESHOLDS_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/thresholds/${thresholdId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
 Check Postcondition VNF Performance Threshold is Unmodified (Implicit)
     Log    Check postconidtion threshold not modified
-    GET individual VNF Performance Threshold
+    GET Individual VNF Performance Threshold with permitted authorization scope
     Log    Check Response matches original VNF Threshold
     ${threshold}=    evaluate    json.loads('''${response['body']}''')    json
     Should Be Equal    ${origresponse['body']['id']}    ${threshold.id}
@@ -236,7 +283,7 @@ Check Postcondition VNF Performance Threshold is Unmodified (Implicit)
 
 Check Postcondition VNF Performance Threshold is Deleted
     Log    Check Postcondition Threshold is deleted
-    GET individual VNF Performance Threshold
+    GET Individual VNF Performance Threshold with permitted authorization scope
     Check HTTP Response Status Code Is    404
     
 Check HTTP Response Body Threshold Identifier matches the requested Threshold
@@ -269,3 +316,8 @@ Check HTTP Response Header Contains ETag and Last-Modified
     Should Contain    ${response['headers']}    Etag
     Should Contain    ${response['headers']}    Last-Modified
     Log    Etag and Last-Modified Headers are present    
+
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded}
\ No newline at end of file
diff --git a/SOL003/VNFPerformanceManagement-API/NotificationEndpoint.robot b/SOL003/VNFPerformanceManagement-API/NotificationEndpoint.robot
index a72911e36314c63e4c1e9ff019c5ea88aba1380a..d8ecc1828912d56254b0eaaa966e7fe90f1ae9ec 100644
--- a/SOL003/VNFPerformanceManagement-API/NotificationEndpoint.robot
+++ b/SOL003/VNFPerformanceManagement-API/NotificationEndpoint.robot
@@ -13,7 +13,7 @@ Performance Information Available Notification
     ...    Test title: Performance Information Available Notification
     ...    Test objective: The objective is to test that the POST request triggers Performance Information Available Notification.
     ...    Pre-conditions: A VNF performance job is created, and a subscription for performance information available notification is available in the VNFM.
-    ...    Reference: Clause 6.4.9.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.9.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -25,7 +25,7 @@ Threshold Crossed Notification
     ...    Test title: Threshold Crossed Notification
     ...    Test objective: The objective is to test that the POST request triggers Threshold Crossed Notification
     ...    Pre-conditions: A VNF performance job is created, and a subscription for threshold crossed notification is available in the VNFM.
-    ...    Reference: Clause 6.4.9.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.9.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL003/VNFPerformanceManagement-API/Notifications.robot b/SOL003/VNFPerformanceManagement-API/Notifications.robot
index 5f5a3d398e624e7b46c2b9ea196ca672498445c2..e5e6f26c3139e64637b3f92286f6acb54bc1c162 100644
--- a/SOL003/VNFPerformanceManagement-API/Notifications.robot
+++ b/SOL003/VNFPerformanceManagement-API/Notifications.robot
@@ -16,7 +16,7 @@ VNF Performance Information Availability Notification
     ...    Test title: VNF Performance Information Availability Notification
     ...    Test objective: The objective is to test the dispatch of VNF Performance Information Availability Notification when new VNF performance information is available in the NFVO, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A VNF performance job is created, and a subscription for information availability notifications is available in the VNFM.
-    ...    Reference: Clause 6.4.9.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.9.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -29,7 +29,7 @@ VNF Threshold Crossed Notification
     ...    Test title: VNF Threshold Crossed Notification
     ...    Test objective: The objective is to test the dispatch of VNF Threshold Crossed Notification when a previously set VNF performance metric threshold is crossed, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A VNF performance job is created, and a threshold subscription is available in the VNFM.
-    ...    Reference: Clause 6.4.9.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.9.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL003/VNFPerformanceManagement-API/PMJobs.robot b/SOL003/VNFPerformanceManagement-API/PMJobs.robot
index eb92ae2bc4b3d20be62a0dbdd96100730bc36ac1..8eebbd4b3a696074bbe24b9f92d5c68b78105066 100644
--- a/SOL003/VNFPerformanceManagement-API/PMJobs.robot
+++ b/SOL003/VNFPerformanceManagement-API/PMJobs.robot
@@ -7,7 +7,7 @@ Library           String
 Library           REST    ${VNFM_SCHEMA}://${VNFM_HOST}:${VNFM_PORT}    ssl_verify=false
 Library           MockServerLibrary
 Library           Process
-
+Library           jwt
 Suite Setup       Create Sessions
 Suite Teardown    Terminate All Processes    kill=true
 
@@ -18,7 +18,7 @@ GET all VNF Performance Monitoring Jobs
     ...    Test title: GET all VNF Performance Monitoring Jobs
     ...    Test objective: The objective is to test the retrieval of all the available VNF performance monitoring jobs and perform a JSON schema and content validation of the collected jobs data structure
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
-    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -32,7 +32,7 @@ GET VNF Performance Monitoring Jobs with attribute-based filter
     ...    Test title: GET all VNF Performance Monitoring Jobs with attribute-based filter
     ...    Test objective: The objective is to test the retrieval of VNF performance monitoring jobs using attribute-based filter, perform a JSON schema validation of the collected jobs data structure, and verify that the retrieved information matches the issued attribute-based filter
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
-    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -46,7 +46,7 @@ GET all VNF Performance Monitoring Jobs with all_fields attribute selector
     ...    Test title: GET all VNF Performance Monitoring Jobs with all_fields attribute selector
     ...    Test objective: The objective is to test the retrieval of all VNF performance monitoring jobs all_fields attribute selector, perform a JSON schema validation of the collected jobs data structure, and verify that the retrieved information matches the issued all_fileds selector
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
-    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -60,7 +60,7 @@ GET all VNF Performance Monitoring Jobs with exclude_default attribute selector
     ...    Test title: GET all VNF Performance Monitoring Jobs with exclude_default attribute selector
     ...    Test objective: The objective is to test the retrieval of all VNF performance monitoring jobs exclude_default attribute selector, perform a JSON schema validation of the collected jobs data structure, and verify that the retrieved information matches the issued exclude_default selector
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
-    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -74,7 +74,7 @@ GET all VNF Performance Monitoring Jobs with fields attribute selector
     ...    Test title: GET all VNF Performance Monitoring Jobs with fields attribute selector
     ...    Test objective: The objective is to test the retrieval of all VNF performance monitoring jobs fields attribute selector, perform a JSON schema validation of the collected jobs data structure, and verify that the retrieved information matches the issued fields selector
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
-    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: The VNFM supports the use of exclude_fields attribute selector
     ...    Post-Conditions: none
@@ -88,7 +88,7 @@ GET all VNF Performance Monitoring Jobs with exclude_fields attribute selector
     ...    Test title: GET all VNF Performance Monitoring Jobs with exclude_fields attribute selector
     ...    Test objective: The objective is to test the retrieval of all VNF performance monitoring jobs exclude_fields attribute selector, perform a JSON schema validation of the collected jobs data structure, and verify that the retrieved information matches the issued exclude_fields selector
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
-    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: The VNFM supports the use of exclude_fields attribute selector
     ...    Post-Conditions: none
@@ -102,7 +102,7 @@ GET VNF Performance Monitoring Jobs with invalid attribute-based filter
     ...    Test title: GET VNF Performance Monitoring Jobs with invalid attribute-based filter
     ...    Test objective: The objective is to test that the retrieval of VNF performance monitoring jobs fails when using invalid attribute-based filter, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
-    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -115,7 +115,7 @@ GET VNF Performance Monitoring Jobs with invalid resource endpoint
     ...    Test title: GET VNF Performance Monitoring Jobs with invalid resource endpoint
     ...    Test objective: The objective is to test that the retrieval of VNF performance monitoring jobs fails when using invalid resource endpoint
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
-    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -127,7 +127,7 @@ Create new VNF Performance Monitoring Job
     ...    Test title:  Create a new VNF Performance Monitoring Job
     ...    Test objective: The objective is to test the creation of a new VNF performance monitoring job and perform the JSON schema validation of the returned job data structure
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
-    ...    Reference: Clause 6.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: The VNF Performance Job is successfully created on the VNFM
@@ -141,7 +141,7 @@ PUT all VNF Performance Monitoring Jobs - Method not implemented
     ...    Test title: PUT all VNF Performance Monitoring Jobs - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify VNF Performance Monitoring Jobs
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
-    ...    Reference: Clause 6.4.2.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.2.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -153,7 +153,7 @@ PATCH all VNF Performance Monitoring Jobs - (Method not implemented)
     ...    Test title: PATCH all VNF Performance Monitoring Jobs - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update VNF Performance Monitoring Jobs
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
-    ...    Reference: Clause 6.4.2.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.2.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -165,7 +165,7 @@ DELETE all VNF Performance Monitoring Jobs - Method not implemented
     ...    Test title: DELETE all VNF Performance Monitoring Jobs - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to update VNF Performance Monitoring Jobs
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
-    ...    Reference: Clause 6.4.2.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.2.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VE
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -178,7 +178,7 @@ GET all VNF Performance Monitoring Jobs as Paged Response
     ...    Test title: GET all VNF Performance Monitoring Jobs as Paged Response
     ...    Test objective: The objective is to test the retrieval of all the available VNF performance monitoring jobs as Paged Response.
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
-    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: The VNFM supports response paging for the VNF performance jobs resources
     ...    Post-Conditions: none
@@ -191,7 +191,7 @@ GET all VNF Performance Monitoring Jobs as Paged Response with nextpage_opauque_
     ...    Test title: GET all VNF Performance Monitoring Jobs as Paged Response with nextpage_opauque_marker parameter 
     ...    Test objective: The objective is to query information about all the available VNF performance monitoring jobs as a Paged Response and retrieve the next page using the nextpage_opaque_marker parameter
     ...    Pre-conditions: A request for retrieving the available VNF performance monitoring jobs as a paged response has been successfully issued (Test ID 7.3.4.1.13)
-    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: The VNFM supports response paging for the VNF performance jobs resources
     ...    Post-Conditions: none 
@@ -203,7 +203,7 @@ GET VNF Performance Monitoring Jobs - Bad Request Response too Big
     ...    Test title: GET VNF Performance Monitoring Jobs - Bad Request Response too Big
     ...    Test objective: The objective is to test that the retrieval of VNF performance monitoring jobs fails because response is too big, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
-    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -216,7 +216,7 @@ GET all VNF Performance Monitoring Jobs with fields and exclude_default attribut
     ...    Test title: GET all VNF Performance Monitoring Jobs with fields and exclude_default attribute selector
     ...    Test objective: The objective is to test the retrieval of all VNF performance monitoring jobs fields and exclude_default attribute selector, perform a JSON schema validation of the collected jobs data structure, and verify that the retrieved information matches the issued fields selector
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
-    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: The VNFM supports the use of fields and exclude_fields attribute selector
     ...    Post-Conditions: none
@@ -230,13 +230,40 @@ POST Create new VNF Performance Monitoring Job - Unprocessable Content
     ...    Test title: POST Create new VNF Performance Monitoring Job - Unprocessable Content
     ...    Test objective:  The objective is to test the creation of a new VNF performance monitoring job fails when a request contains syntactically correct data but the data cannot be processed.
     ...    Pre-conditions: none
-    ...    Reference: clause 6.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: clause 6.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
     Send Post Request for VNF Performance Monitoring Job with unprocessable content
     Check HTTP Response Status Code Is    422
-    Check HTTP Response Body Json Schema Is    ProblemDetails 
+    Check HTTP Response Body Json Schema Is    ProblemDetails
+
+GET all VNF Performance Monitoring Jobs with permitted authorization scope
+    [Documentation]    Test ID: 7.3.4.1.17
+    ...    Test title: GET all VNF Performance Monitoring Jobs with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of all the available VNF performance monitoring jobs and perform a JSON schema and content validation of the collected jobs data structure with permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
+    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET all VNF Performance Monitoring Jobs with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   PmJobs
+    Check HTTP Response Body Does Not Contain reports
+
+GET all VNF Performance Monitoring Jobs with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.4.1.18
+    ...    Test title: GET all VNF Performance Monitoring Jobs with not permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of all the available VNF performance monitoring jobs and perform a JSON schema and content validation of the collected jobs data structure with not permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance jobs are set in the VNF.
+    ...    Reference: Clause 6.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET all VNF Performance Monitoring Jobs with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
 
 *** Keywords ***
 Create Sessions
@@ -381,6 +408,26 @@ Send DELETE Request for all VNF Performance Monitoring Jobs
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+GET all VNF Performance Monitoring Jobs with permitted authorization scope
+    Log    Trying to get all PM Jobs present in the VNFM with permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${PM_JOBS_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+GET all VNF Performance Monitoring Jobs with not permitted authorization scope
+    Log    Trying to get all PM Jobs present in the VNFM with not permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${PM_JOBS_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
 Check Postcondition VNF Performance Monitoring Jobs Exist
     Log    Checking that Pm Job still exists
     GET all VNF Performance Monitoring Jobs
@@ -481,4 +528,9 @@ Send Post Request for VNF Performance Monitoring Job with unprocessable content
     ${body}=        Format String   ${template}     objectInstanceIds=${objectInstanceIds}    callback_uri=${unreachable_callback_uri}:${callback_port}
     POST    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs    ${body}
     ${output}=    Output    response
-    Set Suite Variable    ${response}    ${output}
\ No newline at end of file
+    Set Suite Variable    ${response}    ${output}
+
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded}
\ No newline at end of file
diff --git a/SOL003/VNFPerformanceManagement-API/Thresholds.robot b/SOL003/VNFPerformanceManagement-API/Thresholds.robot
index 860f1025fee3b7cc03347cbcd2f8f9ea5fde8b1e..595acf62f7b164cfe7cf41cdf8845712cfe60389 100644
--- a/SOL003/VNFPerformanceManagement-API/Thresholds.robot
+++ b/SOL003/VNFPerformanceManagement-API/Thresholds.robot
@@ -7,7 +7,7 @@ Library           REST    ${VNFM_SCHEMA}://${VNFM_HOST}:${VNFM_PORT}    ssl_veri
 Library           OperatingSystem
 Library           Process
 Library           MockServerLibrary
-
+Library           jwt
 Suite Setup       Create Sessions
 Suite Teardown    Terminate All Processes    kill=true
 
@@ -17,7 +17,7 @@ GET All Performance Thresholds
     ...    Test title: GET All Performance Thresholds
     ...    Test objective: The objective is to test the retrieval of all the available VNF performance thresholds and perform a JSON schema validation of the collected thresholds data structure
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
-    ...    Reference: Clause 6.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -30,7 +30,7 @@ GET Performance Thresholds with attribute-based filter
     ...    Test title: GET Performance Thresholds with attribute-based filter
     ...    Test objective: The objective is to test the retrieval of all the available VNF performance thresholds when using attribute-based filters, perform a JSON schema validation of the collected thresholds data structure, and verify that the retrieved information matches the issued attribute-based filter
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
-    ...    Reference: Clause 6.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -44,7 +44,7 @@ GET Performance Thresholds with invalid attribute-based filter
     ...    Test title: GET Performance Thresholds with invalid attribute-based filter
     ...    Test objective: The objective is to test that the retrieval of VNF performance thresholds fails when using invalid attribute-based filter, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
-    ...    Reference: Clause 6.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -56,7 +56,7 @@ GET Performance Thresholds with invalid resource endpoint
     ...    Test title: GET Performance Thresholds with invalid resource endpoint
     ...    Test objective: The objective is to test that the retrieval of VNF performance thresholds fails when using invalid resource endpoint, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
-    ...    Reference: Clause 6.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -69,7 +69,7 @@ Create new Performance Threshold
     ...    Test title:  Create new Performance Threshold
     ...    Test objective: The objective is to test the creation of a new VNF performance threshold and perform the JSON schema validation of the returned threshold data structure
     ...    Pre-conditions: A VNF instance is instantiated.
-    ...    Reference: Clause 6.4.5.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.5.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: The VNF Performance Threshold is successfully created on the VNFM
@@ -84,7 +84,7 @@ PUT Performance Thresholds - Method not implemented
     ...    Test title: PUT Performance Thresholds - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify VNF Performance Thresholds
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNF.
-    ...    Reference: Clause 6.4.5.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.5.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -96,7 +96,7 @@ PATCH Performance Thresholds - Method not implemented
     ...    Test title: PATCH Performance Thresholds - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to modify VNF Performance Thresholds
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
-    ...    Reference: Clause 6.4.5.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.5.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -108,7 +108,7 @@ DELETE Performance Thresholds - Method not implemented
     ...    Test title: DELETE Performance Thresholds - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to update VNF Performance Thresholds
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
-    ...    Reference: Clause 6.4.5.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.5.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: The VNF performance thresholds are not deleted by the failed operation
@@ -121,7 +121,7 @@ GET All Performance Thresholds as Paged Response
     ...    Test title: GET All Performance Thresholds as Paged Response
     ...    Test objective: The objective is to test the retrieval of all the available VNF performance thresholds as a Paged Response.
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
-    ...    Reference: Clause 6.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -134,7 +134,7 @@ GET Performance Thresholds - Bad Request Response too Big
     ...    Test title: GET Performance Thresholds - Bad Request Response too Big
     ...    Test objective: The objective is to test that the retrieval of VNF performance thresholds fails because response is too big, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
-    ...    Reference: Clause 6.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -147,13 +147,39 @@ POST create new Performance Threshold - Unprocessable Content
     ...    Test title:  POST create new Performance Threshold - Unprocessable Content
     ...    Test objective: The objective is to test that creation of new VNF performance threshold fails when a request contains syntactically correct data but the data cannot be processed.
     ...    Pre-conditions: A VNF instance is instantiated.
-    ...    Reference: Clause 6.4.5.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 6.4.5.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
     Send Post Request Create new Performance Threshold with unprocessable content
     Check HTTP Response Status Code Is    422
     Check HTTP Response Body Json Schema Is   ProblemDetails
+
+GET All Performance Thresholds with permitted authorization scope
+    [Documentation]    Test ID: 7.3.4.4.12
+    ...    Test title: GET All Performance Thresholds with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of all the available VNF performance thresholds and perform a JSON schema validation of the collected thresholds data structure with permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
+    ...    Reference: Clause 6.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET all Performance Thresholds with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   Thresholds
+
+GET All Performance Thresholds with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.4.4.13
+    ...    Test title: GET All Performance Thresholds with not permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of all the available VNF performance thresholds and perform a JSON schema validation of the collected thresholds data structure with not permitted authorization scope
+    ...    Pre-conditions: A VNF instance is instantiated. One or more VNF performance thresholds are set in the VNFM.
+    ...    Reference: Clause 6.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET all Performance Thresholds with not permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   Thresholds
     
 *** Keywords ***
 Create Sessions
@@ -247,6 +273,26 @@ Send DELETE Request for all Performance Thresholds
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+GET all Performance Thresholds with permitted authorization scope
+    Log    Trying to get all thresholds present in the VNFM with permitted authorization scope     
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${THRESHOLDS_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/thresholds
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+GET all Performance Thresholds with not permitted authorization scope
+    Log    Trying to get all thresholds present in the VNFM with not permitted authorization scope    
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${THRESHOLDS_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/thresholds
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
 Check Postcondition Thresholds Exist
     Log    Checking that Thresholds still exists
     GET all Performance Thresholds
@@ -288,3 +334,7 @@ Check LINK in Header
     ${linkURL}=    Get Value From Json    ${response['headers']}    $..Link
     Should Not Be Empty    ${linkURL}
 
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded}
\ No newline at end of file
diff --git a/SOL003/VNFPerformanceManagement-API/environment/variables.txt b/SOL003/VNFPerformanceManagement-API/environment/variables.txt
index 576c93a629c6415d35f5c006db03945ac44ab736..a6358213e2d6f5cfef0d33341f2b9b4dd7d55a0d 100644
--- a/SOL003/VNFPerformanceManagement-API/environment/variables.txt
+++ b/SOL003/VNFPerformanceManagement-API/environment/variables.txt
@@ -3,10 +3,15 @@ ${VNFM_HOST}      localhost    # Hostname of the VNFM
 ${VNFM_PORT}      8080    # Listening port of the VNFM
 ${VNFM_SCHEMA}    https
 
-
+${OAUTH_KEY} 
+${OAUTH_ENCRYPTION_ALGORITHM}  HS256
 ${AUTHORIZATION_HEADER}    Authorization
-${AUTHORIZATION_TOKEN}    Bearer 0b79bab50daca910b000d4f1a2b675d604257e42
+${PM_JOBS_PERMITTED_SCOPE}    vnfpm:v1:pm_jobs
+${PM_JOBS_NOT_PERMITTED_SCOPE}    vnfpm:v1:pm_jobs:invalid
+${THRESHOLDS_PERMITTED_SCOPE}    vnfpm:v1:thresholds
+${THRESHOLDS_NOT_PERMITTED_SCOPE}    vnfpm:v1:thresholds:invalid
 
+${AUTHORIZATION_TOKEN}    Bearer 0b79bab50daca910b000d4f1a2b675d604257e42
 ${CONTENT_TYPE_JSON}    application/json
 ${CONTENT_TYPE_PATCH}    application/merge-patch+json
 ${ACCEPT_JSON}    application/json
diff --git a/SOL003/VNFSnapshotPackageManagement-API/IndividualVNFSnapshotPackage.robot b/SOL003/VNFSnapshotPackageManagement-API/IndividualVNFSnapshotPackage.robot
index 0fdcedc30796680edbf1e9ce8be7e38150b904fd..4bacf523e0683c80ee3d6403e6cdd2df1a2268c3 100644
--- a/SOL003/VNFSnapshotPackageManagement-API/IndividualVNFSnapshotPackage.robot
+++ b/SOL003/VNFSnapshotPackageManagement-API/IndividualVNFSnapshotPackage.robot
@@ -7,7 +7,7 @@ POST Individual VNF Snapshot Package - Method not implemented
     ...    Test title: POST Individual VNF Snapshot Package - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.3.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.3.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -19,7 +19,7 @@ GET Information about an individual VNF Snapshot Package - SUCCESSFUL
     ...    Test title: GET Information about an individual VNF Snapshot Package - SUCCESSFUL
     ...    Test objective: The objective is to query information about a VNF Snapshot Package resource
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -32,7 +32,7 @@ GET Information about an individual VNF Snapshot Package - NOT FOUND
     ...    Test title: GET Information about an individual VNF Snapshot Package - NOT FOUND
     ...    Test objective: The objective is to test that the retrieval of individual VNF Snapshot Package fails when using an invalid resource identifier.
     ...    Pre-conditions: At least one individual VNF Snapshot Package is available in the NFV-MANO.
-    ...    Reference: Clause 12.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -45,7 +45,7 @@ PUT Individual VNF Snapshot Package - Method not implemented
     ...    Test title: PUT Individual VNF Snapshot Package - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.3.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.3.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: VNF Snapshot Package not modified
@@ -57,7 +57,7 @@ PATCH Individual VNF Snapshot Package - Method Not implemented
     ...    Test title: PATCH Individual VNF Snapshot Package
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: VNF Snapshot Package modified
@@ -69,9 +69,35 @@ DELETE Individual VNF Snapshot Package - Method Not implemented
     ...    Test title: DELETE Individual VNF Snapshot Package - Method Not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.3.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.3.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: VNF Snapshot Package deleted
     DELETE individual VNF Snapshot Package
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+GET Information about an individual VNF Snapshot Package - SUCCESSFUL with permitted authorization scope
+    [Documentation]    Test ID: 7.3.8.3.7
+    ...    Test title: GET Information about an individual VNF Snapshot Package - SUCCESSFUL with permitted authorization scope
+    ...    Test objective: The objective is to query information about a VNF Snapshot Package resource
+    ...    Pre-conditions: none
+    ...    Reference: Clause 12.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET individual VNF Snapshot Package with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    VnfSnapshotPkgInfo
+
+GET Information about an individual VNF Snapshot Package with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.8.3.8
+    ...    Test title: GET Information about an individual VNF Snapshot Package with not permitted authorization scope
+    ...    Test objective: The objective is to query information about a VNF Snapshot Package resource
+    ...    Pre-conditions: none
+    ...    Reference: Clause 12.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET individual VNF Snapshot Package with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is   ProblemDetails
\ No newline at end of file
diff --git a/SOL003/VNFSnapshotPackageManagement-API/IndividualVNFSnapshotPackageArtifact.robot b/SOL003/VNFSnapshotPackageManagement-API/IndividualVNFSnapshotPackageArtifact.robot
index 9c4b8bfc70741f78edd50a8ca4604629b6c9f641..7e1b637fd4d42e28273a7bd21d280dac157107aa 100644
--- a/SOL003/VNFSnapshotPackageManagement-API/IndividualVNFSnapshotPackageArtifact.robot
+++ b/SOL003/VNFSnapshotPackageManagement-API/IndividualVNFSnapshotPackageArtifact.robot
@@ -7,7 +7,7 @@ POST Individual VNF Snapshot Package Artifact - Method not implemented
     ...    Test title: POST Individual VNF Snapshot Package Artifact - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.5.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.5.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO 
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -19,7 +19,7 @@ GET Individual VNF Snapshot Package Artifact - Complete File
     ...    Test title: GET Information about an individual VNF Snapshot Package - Complete File
     ...    Test objective: The objective is to fetch the whole content of a VNF snapshot package using GET method.
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -32,7 +32,7 @@ GET Individual VNF Snapshot Package Artifact - Partial Content
     ...    Test title: GET Individual VNF Snapshot Package Artifact - Partial Content
     ...    Test objective: The objective is to fetch partial content of a VNF snapshot package by sending a range request using GET method.
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: NFVO supports range requests
     ...    Post-Conditions: none
@@ -47,7 +47,7 @@ GET Individual VNF Snapshot Package Artifact - Range Request Not Supported
     ...    Test title: GET Information about an individual VNF Snapshot Package - Range Request Not Supported
     ...    Test objective: The objective is to test that the whole content of a VNF snapshot package is delivered even with a range request when NFVO does not support range requests.
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: NFVO does not support range requests
     ...    Post-Conditions: none
@@ -60,7 +60,7 @@ GET Individual VNF Snapshot Package Artifact - Range Not Satisfiable
     ...    Test title: GET Information about an individual VNF Snapshot Package - Range Not Satisfiable
     ...    Test objective: The objective is to test that an error is returned when the byte range passed in the "Range" header does not match any available byte range in the VNF snapshot package file.
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: NFVO supports range requests
     ...    Post-Conditions: none
@@ -72,7 +72,7 @@ GET Individual VNF Snapshot Package Artifact - Conflict
     ...    Test title: GET Information about an individual VNF Snapshot Package - Conflict
     ...    Test objective: The objective is to test that an error is returned when the "state" of the VNF snapshot package has a value different from "AVAILABLE".
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The "state" of the VNF snapshot package has a value different from "AVAILABLE".
     ...    Post-Conditions: none
@@ -84,7 +84,7 @@ PUT Individual VNF Snapshot Package Artifact - Method not implemented
     ...    Test title: PUT Individual VNF Snapshot Package Artifact - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.5.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.5.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: VNF Snapshot Package not modified
@@ -96,7 +96,7 @@ PATCH Individual VNF Snapshot Package Artifact - Method Not implemented
     ...    Test title: PATCH Individual VNF Snapshot Package Artifact
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.5.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.5.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -108,9 +108,35 @@ DELETE Individual VNF Snapshot Package Artifact - Method Not implemented
     ...    Test title: DELETE Individual VNF Snapshot Package Artifact - Method Not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.5.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.5.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE Individual VNF Snapshot Package Artifact
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+GET Individual VNF Snapshot Package Artifact - Complete File with permitted authorization scope
+    [Documentation]    Test ID: 7.3.8.5.10
+    ...    Test title: GET Information about an individual VNF Snapshot Package - Complete File with permitted authorization scope
+    ...    Test objective: The objective is to fetch the whole content of a VNF snapshot package using GET method with permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 12.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual VNF Snapshot Package Artifact - Complete with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Content-Type Header Is Set For Package Artifact
+
+GET Individual VNF Snapshot Package Artifact - Complete File with not permitted authorization scope
+    [Documentation]    Test ID: 7.3.8.5.11
+    ...    Test title: GET Information about an individual VNF Snapshot Package - Complete File with not permitted authorization scope
+    ...    Test objective: The objective is to fetch the whole content of a VNF snapshot package using GET method with not permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 12.4.5.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual VNF Snapshot Package Artifact - Complete with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is   ProblemDetails
\ No newline at end of file
diff --git a/SOL003/VNFSnapshotPackageManagement-API/VNFSnapshotPackageContent.robot b/SOL003/VNFSnapshotPackageManagement-API/VNFSnapshotPackageContent.robot
index 0b9d7b1d56e4a30b938dc53a26f55352e5610bb0..5a04bbd15df3c819a01fe4608250586f5f75bce6 100644
--- a/SOL003/VNFSnapshotPackageManagement-API/VNFSnapshotPackageContent.robot
+++ b/SOL003/VNFSnapshotPackageManagement-API/VNFSnapshotPackageContent.robot
@@ -7,7 +7,7 @@ POST VNF Snapshot Package Content - Method not implemented
     ...    Test title: POST VNF Snapshot Package Content - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.4.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.4.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -19,7 +19,7 @@ GET VNF Snapshot Package Content - Complete File
     ...    Test title: GET Information about an individual VNF Snapshot Package - Complete File
     ...    Test objective: The objective is to fetch the whole content of a VNF snapshot package using GET method.
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -32,7 +32,7 @@ GET VNF Snapshot Package Content - Partial Content
     ...    Test title: GET VNF Snapshot Package Content - Partial Content
     ...    Test objective: The objective is to fetch partial content of a VNF snapshot package by sending a range request using GET method.
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: NFVO supports range requests
     ...    Post-Conditions: none
@@ -47,7 +47,7 @@ GET VNF Snapshot Package Content - Range Request Not Supported
     ...    Test title: GET Information about an individual VNF Snapshot Package - Range Request Not Supported
     ...    Test objective: The objective is to test that the whole content of a VNF snapshot package is delivered even with a range request when NFVO does not support range requests.
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: NFVO does not support range requests
     ...    Post-Conditions: none
@@ -60,7 +60,7 @@ GET VNF Snapshot Package Content - Range Not Satisfiable
     ...    Test title: GET Information about an individual VNF Snapshot Package - Range Not Satisfiable
     ...    Test objective: The objective is to test that an error is returned when the byte range passed in the "Range" header does not match any available byte range in the VNF snapshot package file.
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: NFVO supports range requests
     ...    Post-Conditions: none
@@ -72,7 +72,7 @@ GET VNF Snapshot Package Content - Conflict
     ...    Test title: GET Information about an individual VNF Snapshot Package - Conflict
     ...    Test objective: The objective is to test that an error is returned when the "state" of the VNF snapshot package has a value different from "AVAILABLE".
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.4.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The "state" of the VNF snapshot package has a value different from "AVAILABLE".
     ...    Post-Conditions: none
@@ -84,7 +84,7 @@ PUT VNF Snapshot Package Content - Method not implemented
     ...    Test title: PUT VNF Snapshot Package Content - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.4.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.4.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: VNF Snapshot Package not modified
@@ -96,7 +96,7 @@ PATCH VNF Snapshot Package Content - Method Not implemented
     ...    Test title: PATCH VNF Snapshot Package Content
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.4.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.4.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -108,7 +108,7 @@ DELETE VNF Snapshot Package Content - Method Not implemented
     ...    Test title: DELETE VNF Snapshot Package Content - Method Not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.4.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.4.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
diff --git a/SOL003/VNFSnapshotPackageManagement-API/VNFSnapshotPackages.robot b/SOL003/VNFSnapshotPackageManagement-API/VNFSnapshotPackages.robot
index 6c3f2c1c4a44d32fc1d8d6c79ed24e9652df5bdd..0cd1588a9594a6d31071fab9d3d6aabdece79548 100644
--- a/SOL003/VNFSnapshotPackageManagement-API/VNFSnapshotPackages.robot
+++ b/SOL003/VNFSnapshotPackageManagement-API/VNFSnapshotPackages.robot
@@ -7,7 +7,7 @@ POST VNF Snapshot Packages - Method not implemented
     ...    Test title: POST VNF Snapshot Packages - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -19,7 +19,7 @@ GET information about multiple VNF Snapshot Packages
     ...    Test title: GET information about multiple VNF Snapshot Packages
     ...    Test objective: The objective is to get information about multiples VNF Snapshot Packages
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -32,7 +32,7 @@ GET information about multiple VNF Snapshot Packages Bad Request Invalid attribu
     ...    Test title: GET information about multiple VNF Snapshot Packages Bad Request Invalid attribute-based filtering parameters
     ...    Test objective: The objective is to get information about multiples VNF Snapshot Packages with Invalid attribute-based filtering parameters
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -45,7 +45,7 @@ GET information about multiple VNF Snapshot Packages Bad Request Invalid attribu
     ...    Test title: GET information about multiple VNF Snapshot Packages Bad Request Invalid attribute selector
     ...    Test objective: The objective is to get information about multiples VNF Snapshot Packages with Invalid attribute-based filtering parameters
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -58,7 +58,7 @@ GET information about multiple VNF Snapshot Packages with "all_fields" attribute
     ...    Test title: GET information about multiple VNF Snapshot Packages with "all_fields" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF Snapshot Packages
     ...    Pre-conditions:  none
-    ...    Reference: Clause 12.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -71,7 +71,7 @@ GET information about multiple VNF Snapshot Packages with "exclude_default" attr
     ...    Test title: GET information about multiple VNF Snapshot Packages with "exclude_default" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF Snapshot Packages
     ...    Pre-conditions:  none
-    ...    Reference: Clause 12.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -84,7 +84,7 @@ GET information about multiple VNF Snapshot Packages with "fields" attribute sel
     ...    Test title: GET information about multiple VNF Snapshot Packages with "fields" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF Snapshot Packages
     ...    Pre-conditions:  none
-    ...    Reference: Clause 12.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -97,7 +97,7 @@ GET information about multiple VNF Snapshot Packages with "exclude_default" and
     ...    Test title: GET information about multiple VNF Snapshot Packages with "exclude_default" and "fields" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF Snapshot Packages
     ...    Pre-conditions:  none
-    ...    Reference: Clause 12.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -110,7 +110,7 @@ GET information about multiple VNF Snapshot Packages with "exclude_fields" attri
     ...    Test title: GET information about multiple VNF Snapshot Packages with "exclude_fields" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF Snapshot Packages
     ...    Pre-conditions:  none
-    ...    Reference: Clause 12.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -123,7 +123,7 @@ GET VNF Snapshot Packages - Bad Request Response too Big
     ...    Test title: GET VNF Snapshot Packages - Bad Request Response too Big
     ...    Test objective: The objective is test that the retrieval of existing VNF Snapshot Packages list fails because response is too big, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: NFVO does not support paged response.
     ...    Post-Conditions: none 
@@ -136,7 +136,7 @@ GET VNF Snapshot Packages as Paged Response
     ...    Test title: GET VNF Snapshot Packages as Paged Response
     ...    Test objective: The objective is to test that GET method retrieves the list of existing VNF Snapshot Packages as paged response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: NFVO supports paged response.
     ...    Post-Conditions: none    
@@ -149,7 +149,7 @@ PUT VNF Snapshot Packages - Method not implemented
     ...    Test title: PUT VNF Snapshot Packages - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 12.4.2.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.2.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -161,7 +161,7 @@ PATCH VNF Snapshot Packages - Method not implemented
     ...    Test title: PATCH VNF Snapshot Packages - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none 
-    ...    Reference: Clause 12.4.2.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.2.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -173,7 +173,7 @@ DELETE VNF Snapshot Packages - Method not implemented
     ...    Test title: DELETE VNF Snapshot Packages - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none 
-    ...    Reference: Clause 12.4.2.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.2.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: VNF snapshot package is not deleted
@@ -185,10 +185,36 @@ GET information about multiple VNF Snapshot Packages using filter
     ...    Test title: GET information about multiple VNF Snapshot Packages using filter
     ...    Test objective: The objective is to get information about multiples VNF Snapshot Packages using filter
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 12.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     GET multiple VNF Snapshot Packages using filter
     Check HTTP Response Status Code Is    200
     Check HTTP Response Body Json Schema Is    VnfSnapshotPkgInfos
+
+GET information about multiple VNF Snapshot Packages with permitted authorization scope 
+    [Documentation]    Test ID: 7.3.8.2.16
+    ...    Test title: GET information about multiple VNF Snapshot Packages with permitted authorization scope 
+    ...    Test objective: The objective is to get information about multiples VNF Snapshot Packages with permitted authorization scope 
+    ...    Pre-conditions: none
+    ...    Reference: Clause 12.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET multiple VNF Snapshot Packages with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    VnfSnapshotPkgInfos
+
+GET information about multiple VNF Snapshot Packages with not permitted authorization scope 
+    [Documentation]    Test ID: 7.3.8.2.17
+    ...    Test title: GET information about multiple VNF Snapshot Packages with not permitted authorization scope 
+    ...    Test objective: The objective is to get information about multiples VNF Snapshot Packages with not permitted authorization scope 
+    ...    Pre-conditions: none
+    ...    Reference: Clause 12.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET multiple VNF Snapshot Packages with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
\ No newline at end of file
diff --git a/SOL003/VNFSnapshotPackageManagement-API/VnfSnapshotPackageManagementKeywords.robot b/SOL003/VNFSnapshotPackageManagement-API/VnfSnapshotPackageManagementKeywords.robot
index cc739c3af381d61d6f81e2aa2d69ccbce5ccb74b..7c5317040b0307573fc9dfcf6bcb33e0b7aff96e 100644
--- a/SOL003/VNFSnapshotPackageManagement-API/VnfSnapshotPackageManagementKeywords.robot
+++ b/SOL003/VNFSnapshotPackageManagement-API/VnfSnapshotPackageManagementKeywords.robot
@@ -4,6 +4,7 @@ Library     REST    ${NFVO_SCHEMA}://${NFVO_HOST}:${NFVO_PORT}     ssl_verify=fa
 Library     DependencyLibrary
 Library     JSONLibrary
 Library     JSONSchemaLibrary    schemas/
+Library     String
 
 *** Keywords ***
 POST API Version
@@ -173,7 +174,29 @@ GET multiple VNF Snapshot Packages with exclude_fields attribute selector
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages?exclude_fields=${fields}
     ${output}=    Output    response
-    Set Suite Variable    ${response}    ${output} 	
+    Set Suite Variable    ${response}    ${output}
+
+GET multiple VNF Snapshot Packages with permitted authorization scope 
+    Log    Query VNF The GET method queries information about multiple VNF Snapshot Packages with permitted authorization scope .
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${VNF_SNAPSHOT_PACKAGES_READONLY_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages 
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 		
+
+GET multiple VNF Snapshot Packages with not permitted authorization scope 
+    Log    Query VNF The GET method queries information about multiple VNF Snapshot Packages with not permitted authorization scope .
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${VNF_SNAPSHOT_PACKAGES_READONLY_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages 
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 		
 
 GET VNF Snapshot Packages without Paging support
     Run Keyword If    ${PAGING_SUPPORTED} == 0    GET multiple VNF Snapshot Packages
@@ -234,7 +257,29 @@ GET individual VNF Snapshot Package with invalid URI
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages/${invalidVnfSnapshotPkgId} 		
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}      
-	
+
+GET individual VNF Snapshot Package with permitted authorization scope
+    log    Trying to get information about an individual VNF Snapshot Package with permitted authorization scope
+    Set Headers    {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${VNF_SNAPSHOT_PACKAGES_READONLY_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages/${vnfSnapshotPkgId} 		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}      
+
+GET individual VNF Snapshot Package with not permitted authorization scope
+    log    Trying to get information about an individual VNF Snapshot Package with not permitted authorization scope
+    Set Headers    {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${VNF_SNAPSHOT_PACKAGES_READONLY_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages/${vnfSnapshotPkgId} 		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}      
+
 PUT individual VNF Snapshot Package
     log    Trying to perform a PUT. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT_JSON}"}  
@@ -396,6 +441,26 @@ GET Individual VNF Snapshot Package Artifact - Not Available
     Set Headers    {"Accept":"${ACCEPT_OCTET}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages/${vnfSnapshotPkgId_notInAvailableState}/artifacts/${artifactPath} 		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+GET Individual VNF Snapshot Package Artifact - Complete with permitted authorization scope
+    log    Trying to fetch the complete contents of an individual VNF Snapshot Package artifact with permitted authorization scope
+    Set Headers    {"Accept":"${ACCEPT_OCTET}"}  
+    ${scopeValue}=    Create Dictionary    scopeValue=${VNF_ARTIFACTS_READONLY_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages/${vnfSnapshotPkgId}/artifacts/${artifactPath} 		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}  
+    
+GET Individual VNF Snapshot Package Artifact - Complete with not permitted authorization scope
+    log    Trying to fetch the complete contents of an individual VNF Snapshot Package artifact with not permitted authorization scope
+    Set Headers    {"Accept":"${ACCEPT_OCTET}"}  
+    ${scopeValue}=    Create Dictionary    scopeValue=${VNF_ARTIFACTS_READONLY_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages/${vnfSnapshotPkgId}/artifacts/${artifactPath} 		
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}  
 
@@ -431,3 +496,8 @@ Check HTTP Content-Type Header Is Set For Package Artifact
     Should Be Equal As Strings    ${response['headers']['Content-Type']}    ${CONTENT_TYPE_OCTET} 
     Log    Content type validated
 
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded}
+
diff --git a/SOL003/VNFSnapshotPackageManagement-API/environment/variables.txt b/SOL003/VNFSnapshotPackageManagement-API/environment/variables.txt
index cd9af8eccdc74cdb16104af17495e9a31076158a..f4fabd7e393a8b67635434cec3348716d7b980a9 100644
--- a/SOL003/VNFSnapshotPackageManagement-API/environment/variables.txt
+++ b/SOL003/VNFSnapshotPackageManagement-API/environment/variables.txt
@@ -2,8 +2,22 @@
 ${NFVO_HOST}      localhost    # Hostname of the NFVO
 ${NFVO_PORT}      8081    # Listening port of the NFVO
 ${NFVO_SCHEMA}    https
+
+${OAUTH_KEY}
+${OAUTH_ENCRYPTION_ALGORITHM}  HS256
 ${AUTHORIZATION_HEADER}    Authorization
 ${AUTHORIZATION_TOKEN}    Bearer 0b79bab50daca910b000d4f1a2b675d604257e42
+
+${VNF_SNAPSHOT_PACKAGES_READONLY_PERMITTED_SCOPE}   vnfsnapshotpkgm:v1:vnf_snapshot_packages:readonly
+${VNF_PACKAGE_CONTENT_READONLY_PERMITTED_SCOPE}    vnfsnapshotpkgm:v1:package_content:readonly
+${VNF_ARTIFACTS_READONLY_PERMITTED_SCOPE}   vnfsnapshotpkgm:v1:artifacts:readonly
+${VNF_SNAPSHOTPKGM_ALL_READONLY_PERMITTED_SCOPE}    vnfsnapshotpkgm:v1:all:readonly
+
+${VNF_SNAPSHOT_PACKAGES_READONLY_NOT_PERMITTED_SCOPE}   vnfsnapshotpkgm:v1:vnf_snapshot_packages:readonly:invalid
+${VNF_PACKAGE_CONTENT_READONLY_NOT_PERMITTED_SCOPE}    vnfsnapshotpkgm:v1:package_content:readonly:invalid
+${VNF_ARTIFACTS_READONLY_NOT_PERMITTED_SCOPE}   vnfsnapshotpkgm:v1:artifacts:readonly:invalid
+${VNF_SNAPSHOTPKGM_ALL_READONLY_NOT_PERMITTED_SCOPE}    vnfsnapshotpkgm:v1:all:readonly:invalid
+
 ${ACCEPT_JSON}    application/json
 ${AUTH_USAGE}     1
 ${CONTENT_TYPE_JSON}    application/json
diff --git a/SOL003/VirtualisedResourcesQuotaAvailableNotification-API/IndividualSubscription.robot b/SOL003/VirtualisedResourcesQuotaAvailableNotification-API/IndividualSubscription.robot
index 3f81fd02a30f66c269679d5ad13c886f4afc09f1..5ee7b53287c6d88203ab958ab2901f3298955b5e 100644
--- a/SOL003/VirtualisedResourcesQuotaAvailableNotification-API/IndividualSubscription.robot
+++ b/SOL003/VirtualisedResourcesQuotaAvailableNotification-API/IndividualSubscription.robot
@@ -15,7 +15,7 @@ Create new Virtualised Resources Quota Available Notification individual subscri
     ...    Test title: Create new Virtualised Resources Quota Available Notification individual subscription - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new Virtualised Resources Quota Available Notification individual subscription instance on VNF 
     ...    Pre-conditions: A VNF instance is instantiated
-    ...    Reference: Clause 11.4.3.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 11.4.3.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -27,7 +27,7 @@ Get Information about an individual subscription
     ...    Test title: Get Information about an individual subscription
     ...    Test objective: The objective is to read an individual Virtualised Resources Quota Available Notification subscription subscribed by the client and perform a JSON schema and content validation of the returned individual subscription data structure 
     ...    Pre-conditions: The subscription with the given id exists
-    ...    Reference: Clause 11.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 11.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none 
     ...    Post-Conditions: none
@@ -40,7 +40,7 @@ PUT an individual subscription - Method not implemented
     ...    Test title: PUT an individual subscription - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to update a existing Virtualised Resources Quota Available Notification individual subscription instance on VNF 
     ...    Pre-conditions: A VNF instance is instantiated
-    ...    Reference: Clause 11.4.3.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 11.4.3.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -52,7 +52,7 @@ PATCH an individual subscription - Method not implemented
     ...    Test title: PATCH an individual subscription - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to modify a existing Virtualised Resources Quota Available Notification individual subscription instance on VNF 
     ...    Pre-conditions: A VNF instance is instantiated
-    ...    Reference: Clause 11.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 11.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -64,7 +64,7 @@ DELETE an individual subscription
     ...    Test title: DELETE an individual subscription
     ...    Test objective: The objective is to test that Delete method is allowed to remove a existing Virtualised Resources Quota Available Notification individual subscription instance on VNF  
     ...    Pre-conditions: The subscription with the given id exists
-    ...    Reference: Clause 11.4.3.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 11.4.3.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -77,10 +77,36 @@ Get Information about an individual subscription - Not Found
     ...    Test title: Get Information about an individual subscription - Not Found
     ...    Test objective: The objective is to test that the retrieval of an individual Virtualised Resources Quota Available Notification subscription subscribed by the client fils when resource is not present 
     ...    Pre-conditions: The subscription with the given id does not exists
-    ...    Reference: Clause 11.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 11.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none 
     ...    Post-Conditions: none
     Get Virtualised Resources Quota Available Notification individual subscription
     Check HTTP Response Status Code Is    404
+    Check HTTP Response Body Json Schema Is    ProblemDetails
+
+Get Information about an individual subscription with permitted authorization scope 
+    [Documentation]    Test ID: 7.3.7.2.7
+    ...    Test title: Get Information about an individual subscription with permitted authorization scope 
+    ...    Test objective: The objective is to read an individual Virtualised Resources Quota Available Notification subscription subscribed by the client and perform a JSON schema and content validation of the returned individual subscription data structure with permitted authorization scope  
+    ...    Pre-conditions: The subscription with the given id exists
+    ...    Reference: Clause 11.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none 
+    ...    Post-Conditions: none
+    Get Virtualised Resources Quota Available Notification individual subscription with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    VrQuotaAvailSubscription
+
+Get Information about an individual subscription with not permitted authorization scope 
+    [Documentation]    Test ID: 7.3.7.2.8
+    ...    Test title: Get Information about an individual subscription with not permitted authorization scope 
+    ...    Test objective: The objective is to read an individual Virtualised Resources Quota Available Notification subscription subscribed by the client and perform a JSON schema and content validation of the returned individual subscription data structure with not permitted authorization scope 
+    ...    Pre-conditions: The subscription with the given id exists
+    ...    Reference: Clause 11.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none 
+    ...    Post-Conditions: none
+    Get Virtualised Resources Quota Available Notification individual subscription with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
     Check HTTP Response Body Json Schema Is    ProblemDetails
\ No newline at end of file
diff --git a/SOL003/VirtualisedResourcesQuotaAvailableNotification-API/NotificationEndpoint.robot b/SOL003/VirtualisedResourcesQuotaAvailableNotification-API/NotificationEndpoint.robot
index 1b072bbf9e8571cb6ec2fa64bb57c1ff2138fbbb..6e7b4dc206989d1b9e25854a5964d34006f4b312 100644
--- a/SOL003/VirtualisedResourcesQuotaAvailableNotification-API/NotificationEndpoint.robot
+++ b/SOL003/VirtualisedResourcesQuotaAvailableNotification-API/NotificationEndpoint.robot
@@ -13,7 +13,7 @@ Vr Quota Availibility Notification
     ...    Test title: Vr Quota Availibility Notification
     ...    Test objective: The objective is to test that Vr Quota Availibility Notification is delivered with success to the notification consumer
     ...    Pre-conditions: The VNF has subscribed to the Vr Quota Availibility resource
-    ...    Reference: Clause 11.4.4.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 11.4.4.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions:  none
diff --git a/SOL003/VirtualisedResourcesQuotaAvailableNotification-API/Notifications.robot b/SOL003/VirtualisedResourcesQuotaAvailableNotification-API/Notifications.robot
index b405cca894a14ebb3b0b19d6d6d735a8c3ac4d41..a9468e3772695ba6653bac3bcb9b85e260bc3fc1 100644
--- a/SOL003/VirtualisedResourcesQuotaAvailableNotification-API/Notifications.robot
+++ b/SOL003/VirtualisedResourcesQuotaAvailableNotification-API/Notifications.robot
@@ -13,7 +13,7 @@ Virtualised Resource Quota Available Notification
     ...    Test title: Virtualised Resource Quota Available Notification
     ...    Test objective: The objective is to test the dispatch of Virtualised Resource Quota Available Notification, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A subscription for Virtualised Resource Quota Available Notification is available in the VNFM.
-    ...    Reference: Clause 11.4.4.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 11.4.4.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL003/VirtualisedResourcesQuotaAvailableNotification-API/Subscriptions.robot b/SOL003/VirtualisedResourcesQuotaAvailableNotification-API/Subscriptions.robot
index c8c47165135b46f8d06377c1dcc316fbc966cacd..3ba5185ccfe03a7a9f6216fa348fd1f8cdafdf70 100644
--- a/SOL003/VirtualisedResourcesQuotaAvailableNotification-API/Subscriptions.robot
+++ b/SOL003/VirtualisedResourcesQuotaAvailableNotification-API/Subscriptions.robot
@@ -15,7 +15,7 @@ Create new Virtualised Resources Quota Available Notification subscription
     ...    Test title: Create new Virtualised Resources Quota Available Notification subscription
     ...    Test objective: The objective is to create a new Virtualised Resources Quota Available Notification subscription and perform a JSON schema and content validation of the returned subscription data structure 
     ...    Pre-conditions: no subscription with the same filter and callback Uri exists
-    ...    Reference: Clause 11.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 11.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -29,7 +29,7 @@ Create new Virtualised Resources Quota Available Notification subscription - DUP
     ...    Test title: Create new Virtualised Resources Quota Available Notification subscription - DUPLICATION
     ...    Test objective: The objective is to create a new Virtualised Resources Quota Available Notification subscription and perform a JSON schema and content validation of the returned duplicated subscription data structure
     ...    Pre-conditions: subscription with the same filter and callback Uri exists
-    ...    Reference: Clause 11.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 11.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: the VNFM allows creating a subscription resource if another subscription resource with the same filter and callbackUri already exists
     ...    Post-Conditions: none
@@ -43,7 +43,7 @@ Create new Virtualised Resources Quota Available Notification subscription - NO-
     ...    Test title: Create new Virtualised Resources Quota Available Notification subscription - NO-DUPLICATION
     ...    Test objective: The objective is to create a nduplicated Virtualised Resources Quota Available Notification subscription and verify that the VNF does not allow duplication
     ...    Pre-conditions: subscription with the same filter and callback Uri exists
-    ...    Reference: Clause 11.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 11.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: the VNFM decides to not create a duplicate subscription resource 
     ...    Post-Conditions: none
@@ -56,7 +56,7 @@ GET Virtualised Resources Quota Available Notification Subscriptions
     ...    Test title: GET Virtualised Resources Quota Available Notification Subscriptions 
     ...    Test objective: The objective is to retrieve the list of active Virtualised Resources Quota Available Notification subscriptions and perform a JSON schema and content validation of the returned  subscriptions data structure
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -69,7 +69,7 @@ GET Virtualised Resources Quota Available Notification Subscriptions with attrib
     ...    Test title: GET Virtualised Resources Quota Available Notification Subscriptions with attribute-based Filter
     ...    Test objective: The objective is to retrieve the list of active Virtualised Resources Quota Available Notification subscriptions and perform a JSON schema and content validation of the returned subscriptions data structure, and verify that the retrieved information matches the issued attribute-based filters
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -82,7 +82,7 @@ GET Virtualised Resources Quota Available Notification subscriptions - Bad Reque
     ...    Test title: GET Virtualised Resources Quota Available Notification subscriptions - Bad Request Invalid attribute-based filtering parameters
     ...    Test objective: The objective is to retrieve the list of active Virtualised Resources Quota Available Notification subscriptions with invalid attribute-based filtering parameters, and verify that problem details are returned 
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none 
     ...    Post-Conditions: none
@@ -95,7 +95,7 @@ PUT Virtualised Resources Quota Available Notification subscriptions - Method no
     ...    Test title: PUT Virtualised Resources Quota Available Notification subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to update existing Virtualised Resources Quota Available Notification subscriptions instance on VNF 
     ...    Pre-conditions: A VNF instance is instantiated
-    ...    Reference: Clause 11.4.2.3.3 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 11.4.2.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -107,7 +107,7 @@ PATCH Virtualised Resources Quota Available Notification subscriptions - Method
     ...    Test title: PATCH Virtualised Resources Quota Available Notification subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to modify Virtualised Resources Quota Available Notification subscriptions instance on VNF 
     ...    Pre-conditions: A VNF instance is instantiated
-    ...    Reference: Clause 11.4.2.3.4 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 11.4.2.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -119,7 +119,7 @@ DELETE Virtualised Resources Quota Available Notification subscriptions - Method
     ...    Test title: DELETE Virtualised Resources Quota Available Notification subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to delete Virtualised Resources Quota Available Notification subscriptions instance on VNF 
     ...    Pre-conditions: A VNF instance is instantiated
-    ...    Reference: Clause 11.4.2.3.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 11.4.2.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -131,7 +131,7 @@ GET Virtualised Resources Quota Available Notification Subscriptions as Paged Re
     ...    Test title: GET Virtualised Resources Quota Available Notification Subscriptions as Paged Response 
     ...    Test objective: The objective is to retrieve the list of active Virtualised Resources Quota Available Notification subscriptions as a Paged Response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability:  The VNFM supports response paging for the subscription resources
     ...    Post-Conditions: none
@@ -144,7 +144,7 @@ GET Virtualised Resources Quota Available Notification Subscriptions as Paged Re
     ...    Test title: GET Virtualised Resources Quota Available Notification Subscriptions as Paged Response with nextpage_opauque_marker parameter    
     ...    Test objective: The objective is to query the list of active Virtualised Resources Quota Available Notification subscriptions as a Paged Response and retrieve the next page using the nextpage_opaque_marker parameter
     ...    Pre-conditions: A request for retrieving the list of active Virtualised Resources Quota Available Notification subscriptions as a paged response has been successfully issued (Test ID 7.3.7.1.10)
-    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: The VNFM supports response paging for the subscription resources
     ...    Post-Conditions: none 
@@ -156,7 +156,7 @@ GET Virtualised Resources Quota Available Notification subscriptions - Bad Reque
     ...    Test title: GET Virtualised Resources Quota Available Notification subscriptions - Bad Request Response too Big
     ...    Test objective: The objective is to test that the retrieval of active Virtualised Resources Quota Available Notification subscriptions list fails because response is too big, and verify that problem details are returned 
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none 
     ...    Post-Conditions: none
@@ -169,10 +169,37 @@ Create new Virtualised Resources Quota Available Notification Subscription - Unp
     ...    Test title: Create new Virtualised Resources Quota Available Notification Subscription - Unprocessable Content
     ...    Test objective: The objective is to test that content type of the message content is supported and the message content of a request contains syntactically correct data but the data cannot be processed.
     ...    re-conditions: none
-    ...    Reference: Clause 11.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Reference: Clause 11.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none
     Send Post request for new Virtualised Resources Quota Available Notification subscription
     Check HTTP Response Status Code Is    422
     Check HTTP Response Body Json Schema Is  ProblemDetails
+
+Create new Virtualised Resources Quota Available Notification subscription with permitted authorization scope 
+    [Documentation]    Test ID: 7.3.7.1.13
+    ...    Test title: Create new Virtualised Resources Quota Available Notification subscription with permitted authorization scope 
+    ...    Test objective: The objective is to create a new Virtualised Resources Quota Available Notification subscription and perform a JSON schema and content validation of the returned subscription data structure with permitted authorization scope 
+    ...    Pre-conditions: no subscription with the same filter and callback Uri exists
+    ...    Reference: Clause 11.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Send Post request for new Virtualised Resources Quota Available Notification subscription with permitted authorization scope
+    Check HTTP Response Status Code Is    201
+    Check HTTP Response Header Contains    Location
+    Check HTTP Response Body Json Schema Is    VrQuotaAvailSubscription
+
+Create new Virtualised Resources Quota Available Notification subscription with not permitted authorization scope 
+    [Documentation]    Test ID: 7.3.7.1.14
+    ...    Test title: Create new Virtualised Resources Quota Available Notification subscription with not permitted authorization scope 
+    ...    Test objective: The objective is to create a new Virtualised Resources Quota Available Notification subscription and perform a JSON schema and content validation of the returned subscription data structure with not permitted authorization scope 
+    ...    Pre-conditions: no subscription with the same filter and callback Uri exists
+    ...    Reference: Clause 11.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Send Post request for new Virtualised Resources Quota Available Notification subscription with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
\ No newline at end of file
diff --git a/SOL003/VirtualisedResourcesQuotaAvailableNotification-API/VRQANOperationKeywords.robot b/SOL003/VirtualisedResourcesQuotaAvailableNotification-API/VRQANOperationKeywords.robot
index be74e412eff15c26edeac5177c751db0f49564d4..929c8c0097b8d36404f23862b4e610438077dcdb 100644
--- a/SOL003/VirtualisedResourcesQuotaAvailableNotification-API/VRQANOperationKeywords.robot
+++ b/SOL003/VirtualisedResourcesQuotaAvailableNotification-API/VRQANOperationKeywords.robot
@@ -82,7 +82,27 @@ Get Virtualised Resources Quota Available Notification individual subscription
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
     ${outputResponse}=    Output    response 
     Set Global Variable    ${response}    ${outputResponse}
-      
+
+Get Virtualised Resources Quota Available Notification individual subscription with permitted authorization scope 
+    log    Trying to get information about an individual subscription with permitted authorization scope 
+    Set Headers    {"Accept":"${ACCEPT}"}  
+    ${scopeValue}=    Create Dictionary    scopeValue=${VRQAN_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
+    ${outputResponse}=    Output    response 
+    Set Global Variable    ${response}    ${outputResponse}
+
+Get Virtualised Resources Quota Available Notification individual subscription with not permitted authorization scope 
+    log    Trying to get information about an individual subscription with not permitted authorization scope 
+    Set Headers    {"Accept":"${ACCEPT}"}  
+    ${scopeValue}=    Create Dictionary    scopeValue=${VRQAN_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
+    ${outputResponse}=    Output    response 
+    Set Global Variable    ${response}    ${outputResponse}
+
 Delete Virtualised Resources Quota Available Notification individual subscription
     log    Try to delete an individual subscription
     Set Headers  {"Accept":"${ACCEPT}"}  
@@ -146,6 +166,46 @@ Send Post request for new Virtualised Resources Quota Available Notification sub
 	Set Global Variable    ${response}    ${outputResponse}
 	Verify Mock Expectation   ${notification_request}
 	Clear Requests    ${callback_endpoint}
+
+Send Post request for new Virtualised Resources Quota Available Notification subscription with permitted authorization scope 
+    Log    Create subscription instance by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions with permitted authorization scope 
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${VRQAN_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/vrQuotaAvailSubscriptionRequest.json
+    ${body}=        Format String   ${template}    callback_uri=${callback_uri}:${callback_port}    callback_subscribe=${callback_subscribe}
+    Log  Creating mock request and response to handle GET operation on notification endpoint
+    &{notification_request}=  Create Mock Request Matcher	GET  ${callback_endpoint}
+    &{notification_response}=  Create Mock Response	status_code=204
+    Log    Issue the subscription request
+    Create Mock Expectation  ${notification_request}  ${notification_response}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions    ${body}    allow_redirects=false
+	${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+	Verify Mock Expectation   ${notification_request}
+	Clear Requests    ${callback_endpoint}
+
+Send Post request for new Virtualised Resources Quota Available Notification subscription with not permitted authorization scope 
+    Log    Create subscription instance by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions with not permitted authorization scope 
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scopeValue=${VRQAN_NOT_PERMITTED_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/vrQuotaAvailSubscriptionRequest.json
+    ${body}=        Format String   ${template}    callback_uri=${callback_uri}:${callback_port}    callback_subscribe=${callback_subscribe}
+    Log  Creating mock request and response to handle GET operation on notification endpoint
+    &{notification_request}=  Create Mock Request Matcher	GET  ${callback_endpoint}
+    &{notification_response}=  Create Mock Response	status_code=204
+    Log    Issue the subscription request
+    Create Mock Expectation  ${notification_request}  ${notification_response}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions    ${body}    allow_redirects=false
+	${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+	Verify Mock Expectation   ${notification_request}
+	Clear Requests    ${callback_endpoint}
     
 GET Virtualised Resources Quota Available Notification Subscriptions
     Log    Get the list of active subscriptions
@@ -218,6 +278,9 @@ Check HTTP Response Header Contain Link
     ${linkHeaderUri}=    Get Regexp Matches    ${linkURL}    (?<=\<)(.*?)(?=\>)
     ${length}=    Get Length    ${linkHeaderUri}	
     Should Be Equal As Integers	${length}	0
-    Set Global Variable    ${nextPageUri}    ${linkHeaderUri[0]} 
+    Set Global Variable    ${nextPageUri}    ${linkHeaderUri[0]}
 
-      
\ No newline at end of file
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded}
\ No newline at end of file
diff --git a/SOL003/VirtualisedResourcesQuotaAvailableNotification-API/environment/variables.txt b/SOL003/VirtualisedResourcesQuotaAvailableNotification-API/environment/variables.txt
index 98902db86aa6673575b137b6836862711e59a53c..738742a729b9b7d367ceb6266dd8dc76183fa165 100644
--- a/SOL003/VirtualisedResourcesQuotaAvailableNotification-API/environment/variables.txt
+++ b/SOL003/VirtualisedResourcesQuotaAvailableNotification-API/environment/variables.txt
@@ -2,8 +2,14 @@
 ${NFVO_HOST}      localhost    # Hostname of the NFVO
 ${NFVO_PORT}      8081    # Listening port of the NFVO
 ${NFVO_SCHEMA}    https
+${OAUTH_ENCRYPTION_ALGORITHM}  HS256
+${OAUTH_KEY}
 ${AUTHORIZATION_HEADER}    Authorization
 ${AUTHORIZATION_TOKEN}    Bearer 0b79bab50daca910b000d4f1a2b675d604257e42
+
+${VRQAN_PERMITTED_SCOPE}  vrqan:v1:all    
+${VRQAN_NOT_PERMITTED_SCOPE}  vrqan:v1:all:invalid
+
 ${CONTENT_TYPE}    application/json
 ${AUTH_USAGE}     1
 ${ACCEPT}         application/json
diff --git a/SOL005/NFVICapacityInformation-API/CapacityThresholds.robot b/SOL005/NFVICapacityInformation-API/CapacityThresholds.robot
index 9584b54d384f8689bc98645b7bd1e43174d0eb5c..ce554660d5b2e6a91ff5fc32729c8908c7f2581a 100644
--- a/SOL005/NFVICapacityInformation-API/CapacityThresholds.robot
+++ b/SOL005/NFVICapacityInformation-API/CapacityThresholds.robot
@@ -7,7 +7,7 @@ POST Create Capacity Threshold
     ...    Test title: POST Create Capacity Threshold
     ...    Test objective: The objective is to test that POST method creates a Capacity  Threshold
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -21,7 +21,7 @@ POST Create Capacity Threshold - Unprocessible Content
     ...    Test title: POST Create Capacity Threshold - Unprocessible Content
     ...    Test objective: The objective is to test that POST method creates a Capacity  Threshold
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -34,7 +34,7 @@ GET Capacity Thresholds
     ...    Test title: GET Capacity Thresholds
     ...    Test objective: The objective is to GET Capacity Thresholds objects
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -47,7 +47,7 @@ GET Capacity Thresholds - Filter
     ...    Test title: GET Capacity Thresholds - Filter
     ...    Test objective: The objective is to GET Capacity Thresholds objects using filter
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -60,7 +60,7 @@ GET Capacity Thresholds Bad Request Invalid attribute-based filtering parameters
     ...    Test title: GET Capacity Thresholds Bad Request Invalid attribute-based filtering parameters
     ...    Test objective: The objective is to get information about Capacity Thresholds with Invalid attribute-based filtering parameters
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -73,7 +73,7 @@ GET Capacity Thresholds - Bad Request Response too Big
     ...    Test title: GET Capacity Thresholds - Bad Request Response too Big
     ...    Test objective: The objective is test that the retrieval of existing Capacity Thresholds list fails because response is too big, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: NFVO does not support paged response.
     ...    Post-Conditions: none 
@@ -86,7 +86,7 @@ GET Capacity Thresholds as Paged Response
     ...    Test title: GET Capacity Thresholds as Paged Response
     ...    Test objective: The objective is to test that GET method retrieves the list of existing Capacity Thresholds as paged response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: NFVO supports paged response.
     ...    Post-Conditions: none    
@@ -99,7 +99,7 @@ PUT Capacity Thresholds - Method not implemented
     ...    Test title: PUT Capacity Thresholds - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 10.4.4.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.4.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -111,7 +111,7 @@ PATCH Capacity Thresholds - Method not implemented
     ...    Test title: PATCH Capacity Thresholds - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none 
-    ...    Reference: Clause 10.4.4.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.4.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -123,9 +123,34 @@ DELETE Capacity Thresholds - Method not implemented
     ...    Test title: DELETE Capacity Thresholds - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none 
-    ...    Reference: Clause 10.4.4.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.4.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE Capacity Thresholds
     Check HTTP Response Status Code Is    405
+
+GET Capacity Thresholds with permitted authorization scope
+    [Documentation]    Test ID: 5.3.6.5.11
+    ...    Test title: GET Capacity Thresholds with permitted authorization scope
+    ...    Test objective: The objective is to GET Capacity Thresholds objects with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Capacity Thresholds with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    CapacityThresholds
+
+GET Capacity Thresholds with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.6.5.12
+    ...    Test title: GET Capacity Thresholds with not permitted authorization scope
+    ...    Test objective: The objective is to test that GET Capacity Thresholds objects fails when using not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 10.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Capacity Thresholds with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/NFVICapacityInformation-API/IndividualCapacityThreshold.robot b/SOL005/NFVICapacityInformation-API/IndividualCapacityThreshold.robot
index 3c6051eaf124aae1d306a4c83c6b9e987281478d..b5436c6d123ee685865c82b7c0892849f375e10a 100644
--- a/SOL005/NFVICapacityInformation-API/IndividualCapacityThreshold.robot
+++ b/SOL005/NFVICapacityInformation-API/IndividualCapacityThreshold.robot
@@ -7,7 +7,7 @@ POST Individual Capacity Threshold
     ...    Test title: POST Individual Capacity Threshold
     ...    Test objective: The objective is to test that POST method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.5.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.5.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -19,7 +19,7 @@ GET Individual Capacity Thresholds
     ...    Test title: GET Capacity Thresholds
     ...    Test objective: The objective is to test that GET method reads information about Individual Capacity Threshold
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -32,7 +32,7 @@ GET Individual Capacity Thresholds - NOT FOUND
     ...    Test title: GET Capacity Thresholds - NOT FOUND
     ...    Test objective: The objective is to test that GET method returns an error when using and invalid URI
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -45,7 +45,7 @@ PUT Individual Capacity Threshold - Method not implemented
     ...    Test title: PUT Capacity Thresholds - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 10.4.5.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.5.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -57,7 +57,7 @@ PATCH Individual Capacity Threshold - Success
     ...    Test title: PATCH Individual Capacity Threshold - Success
     ...    Test objective: The objective is to test that PATCH method successfully modifies an individual Capacity Threshold resource
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.5.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.5.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: Capacity Threshold modified
@@ -70,7 +70,7 @@ PATCH Individual Capacity Threshold - Precondition Failed
     ...    Test title: PATCH Individual Capacity Threshold - Precondition Failed
     ...    Test objective: The objective is to that the modification of individual Capacity Threshold fails because precondition given in an HTTP request header is not fulfilled due to an ETag mismatch.
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.5.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.5.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -83,7 +83,7 @@ PATCH Individual Capacity Threshold - Precondition Failed HTTP Conditional Reque
     ...    Test title: PATCH Individual Capacity Threshold - Precondition Failed HTTP Conditional Request Not Supported
     ...    Test objective: The objective is to that the modification of individual Capacity Threshold fails because the API Producer does not support "Last-Modified" and "ETag" HTTP Headers
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.5.3.4, 4.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.5.3.4, 4.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: API Producer does not support "Last-Modified" and "ETag" HTTP Headers
     ...    Post-Conditions: none
@@ -96,7 +96,7 @@ PATCH Individual Capacity Threshold - Unprocessable Content
     ...    Test title: PATCH Individual Capacity Threshold - Unprocessable Content
     ...    Test objective: The objective is to that the modification of individual Capacity Threshold fails because callbackUri provided in the request body is unreachable.
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.5.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.5.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -109,10 +109,35 @@ DELETE Individual Capacity Threshold
     ...    Test title: DELETE Individual Capacity Threshold
     ...    Test objective: The objective is to delete an Individual Capacity Threshold
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.5.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.5.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: Capacity threshold is deleted
     DELETE Individual Capacity Threshold
     Check HTTP Response Status Code Is    204
     Check Postcondition resource is deleted
+
+GET Individual Capacity Thresholds with permitted authorization scope  
+    [Documentation]    Test ID: 5.3.6.4.9
+    ...    Test title: GET Capacity Thresholds with permitted authorization scope  
+    ...    Test objective: The objective is to test that GET method reads information about Individual Capacity Threshold with permitted authorization scope  
+    ...    Pre-conditions: none
+    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual Capacity Threshold with permitted authorization scope  
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    CapacityThresholds
+
+GET Individual Capacity Thresholds with not permitted authorization scope  
+    [Documentation]    Test ID: 5.3.6.4.10
+    ...    Test title: GET Capacity Thresholds with not permitted authorization scope  
+    ...    Test objective: The objective is to test that GET method fails to read information about Individual Capacity Threshold when using not permitted authorization scope  
+    ...    Pre-conditions: none
+    ...    Reference: Clause 10.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual Capacity Threshold with not permitted authorization scope  
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/NFVICapacityInformation-API/IndividualVIMsNFVICapacityInformation.robot b/SOL005/NFVICapacityInformation-API/IndividualVIMsNFVICapacityInformation.robot
index 68e2fdf49445fe31dad0d6f8ba6d4cb41c123980..b3b2c3c13eb714266998e5e3c5cb0480ce9b5dde 100644
--- a/SOL005/NFVICapacityInformation-API/IndividualVIMsNFVICapacityInformation.robot
+++ b/SOL005/NFVICapacityInformation-API/IndividualVIMsNFVICapacityInformation.robot
@@ -7,7 +7,7 @@ POST Individual VIMs NFVI Capacity Information - Method not implemented
     ...    Test title: POST Individual VIMs NFVI Capacity Information - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.3.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.3.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -19,7 +19,7 @@ GET Information about an Individual VIMs NFVI Capacity Information
     ...    Test title: GET Information about an Individual VIMs NFVI Capacity Information
     ...    Test objective: The objective is to retrieve information about Individual VIMs NFVI Capacity Information
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -32,7 +32,7 @@ GET Information about an Individual VIMs NFVI Capacity Information using filter
     ...    Test title: GET Information about an Individual VIMs NFVI Capacity Information using filter query parameter
     ...    Test objective: The objective is to retrieve information about Individual VIMs NFVI Capacity Information using filter query parameter
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -45,7 +45,7 @@ GET Information about an Individual VIMs NFVI Capacity Information - NOT FOUND
     ...    Test title: GET Information about an Individual VIMs NFVI Capacity Information - NOT FOUND
     ...    Test objective: The objective is to test that the retrieval of Individual VIMs NFVI Capacity Information fails when using an invalid resource identifier.
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -58,7 +58,7 @@ PUT Individual VIMs NFVI Capacity Information - Method not implemented
     ...    Test title: PUT Individual VIMs NFVI Capacity Information - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.3.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.3.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: VNF Snapshot Package not modified
@@ -70,7 +70,7 @@ PATCH Individual VIMs NFVI Capacity Information - Method Not implemented
     ...    Test title: PATCH Individual VIMs NFVI Capacity Information
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: VNF Snapshot Package modified
@@ -82,9 +82,34 @@ DELETE Individual VIMs NFVI Capacity Information - Method Not implemented
     ...    Test title: DELETE Individual VIMs NFVI Capacity Information - Method Not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: VNF Snapshot Package deleted
     DELETE Individual VIMs NFVI Capacity Information
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+GET Information about an Individual VIMs NFVI Capacity Information with permitted authorization scope
+    [Documentation]    Test ID: 5.3.6.3.8
+    ...    Test title: GET Information about an Individual VIMs NFVI Capacity Information with permitted authorization scope
+    ...    Test objective: The objective is to retrieve information about Individual VIMs NFVI Capacity Information with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 10.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual VIMs NFVI Capacity Information with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    NfviCapacityInfo
+
+GET Information about an Individual VIMs NFVI Capacity Information with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.6.3.9
+    ...    Test title: GET Information about an Individual VIMs NFVI Capacity Information with not permitted authorization scope
+    ...    Test objective: The objective is to test that retrieve information about Individual VIMs NFVI Capacity Information fails when using not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 10.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual VIMs NFVI Capacity Information with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/NFVICapacityInformation-API/NFVICapacityInformation.robot b/SOL005/NFVICapacityInformation-API/NFVICapacityInformation.robot
index 649dea4b748b72da6693c2a9d6ef27ce31a0ab3e..7b6a58aeddcb7bd4e098ad0bda4dc91841907c69 100644
--- a/SOL005/NFVICapacityInformation-API/NFVICapacityInformation.robot
+++ b/SOL005/NFVICapacityInformation-API/NFVICapacityInformation.robot
@@ -7,7 +7,7 @@ POST NFVI Capacity Information - Method not implemented
     ...    Test title: POST NFVI Capacity Information - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -19,7 +19,7 @@ GET NFVI Capacity Information
     ...    Test title: GET NFVI Capacity Information
     ...    Test objective: The objective is to GET NFVI Capacity Information objects
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -32,7 +32,7 @@ GET NFVI Capacity Information - Filter
     ...    Test title: GET NFVI Capacity Information - Filter
     ...    Test objective: The objective is to GET NFVI Capacity Information objects using filter
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -45,7 +45,7 @@ GET NFVI Capacity Information Bad Request Invalid attribute-based filtering para
     ...    Test title: GET NFVI Capacity Information Bad Request Invalid attribute-based filtering parameters
     ...    Test objective: The objective is to get information about NFVI Capacity Information with Invalid attribute-based filtering parameters
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -58,7 +58,7 @@ GET NFVI Capacity Information Bad Request Invalid attribute selector
     ...    Test title: GET NFVI Capacity Information Bad Request Invalid attribute selector
     ...    Test objective: The objective is to get information about NFVI Capacity Information with Invalid attribute selector
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -71,7 +71,7 @@ GET NFVI Capacity Information with "all_fields" attribute selector
     ...    Test title: GET NFVI Capacity Information with "all_fields" attribute selector
     ...    Test objective: The objective is to query NFVI Capacity Information with "all_fields" attribute selector
     ...    Pre-conditions:  none
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -84,7 +84,7 @@ GET NFVI Capacity Information with "exclude_default" attribute selector
     ...    Test title: GET NFVI Capacity Information with "exclude_default" attribute selector
     ...    Test objective: The objective is to query NFVI Capacity Information with "exclude_default" attribute selector
     ...    Pre-conditions:  none
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -97,7 +97,7 @@ GET NFVI Capacity Information with "fields" attribute selector
     ...    Test title: GET NFVI Capacity Information with "fields" attribute selector
     ...    Test objective: The objective is to query NFVI Capacity Information with "fields" attribute selector
     ...    Pre-conditions:  none
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -110,7 +110,7 @@ GET NFVI Capacity Information with "exclude_default" and "fields" attribute sele
     ...    Test title: GET NFVI Capacity Information with "exclude_default" and "fields" attribute selector
     ...    Test objective: The objective is to query NFVI Capacity Information with "exclude_default" and "fields" attribute selector
     ...    Pre-conditions:  none
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -123,7 +123,7 @@ GET NFVI Capacity Information with "exclude_fields" attribute selector
     ...    Test title: GET NFVI Capacity Information with "exclude_fields" attribute selector
     ...    Test objective: The objective is to query NFVI Capacity Information with "exclude_fields" attribute selector
     ...    Pre-conditions:  none
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -136,7 +136,7 @@ GET NFVI Capacity Information - Bad Request Response too Big
     ...    Test title: GET NFVI Capacity Information - Bad Request Response too Big
     ...    Test objective: The objective is test that the retrieval of existing NFVI Capacity Information list fails because response is too big, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: NFVO does not support paged response.
     ...    Post-Conditions: none 
@@ -149,7 +149,7 @@ GET NFVI Capacity Information as Paged Response
     ...    Test title: GET NFVI Capacity Information as Paged Response
     ...    Test objective: The objective is to test that GET method retrieves the list of existing NFVI Capacity Information as paged response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: NFVO supports paged response.
     ...    Post-Conditions: none    
@@ -162,7 +162,7 @@ PUT NFVI Capacity Information - Method not implemented
     ...    Test title: PUT NFVI Capacity Information - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 10.4.2.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.2.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -174,7 +174,7 @@ PATCH NFVI Capacity Information - Method not implemented
     ...    Test title: PATCH NFVI Capacity Information - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none 
-    ...    Reference: Clause 10.4.2.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.2.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -186,9 +186,34 @@ DELETE NFVI Capacity Information - Method not implemented
     ...    Test title: DELETE NFVI Capacity Information - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none 
-    ...    Reference: Clause 10.4.2.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.2.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE NFVI Capacity Information
     Check HTTP Response Status Code Is    405
+
+GET NFVI Capacity Information with permitted authorization scope
+    [Documentation]    Test ID: 5.3.6.2.16
+    ...    Test title: GET NFVI Capacity Information with permitted authorization scope
+    ...    Test objective: The objective is to GET NFVI Capacity Information objects with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET NFVI Capacity Information with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    NfviCapacityInfos
+
+GET NFVI Capacity Information with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.6.2.17
+    ...    Test title: GET NFVI Capacity Information with not permitted authorization scope
+    ...    Test objective: The objective is to test that GET NFVI Capacity Information objects fails when using not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 10.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET NFVI Capacity Information with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
diff --git a/SOL005/NFVICapacityInformation-API/NFVICapacityInformationKeywords.robot b/SOL005/NFVICapacityInformation-API/NFVICapacityInformationKeywords.robot
index c7c754f37708a2eab2d2651998ee77acf47c0dcc..893df1c7696f664afeb9e58c5341dfcffe86849d 100644
--- a/SOL005/NFVICapacityInformation-API/NFVICapacityInformationKeywords.robot
+++ b/SOL005/NFVICapacityInformation-API/NFVICapacityInformationKeywords.robot
@@ -6,6 +6,7 @@ Library     JSONLibrary
 Library     JSONSchemaLibrary    schemas/
 Library     OperatingSystem
 Library     String
+Library     jwt
 
 *** Keywords ***
 POST API Version
@@ -108,7 +109,31 @@ GET NFVI Capacity Information
     Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/nfvi_capacity_infos 
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse} 		
+	Set Global Variable    ${response}    ${outputResponse} 	
+
+GET NFVI Capacity Information with permitted authorization scope
+    Log    The GET method queries information about NFVI Capacity Information.
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${INFOS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/nfvi_capacity_infos 
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 	
+
+GET NFVI Capacity Information with not permitted authorization scope
+    Log    The GET method queries information about NFVI Capacity Information.
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/nfvi_capacity_infos 
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 
 
 GET NFVI Capacity Information with filter
     Log    The GET method queries information about NFVI Capacity Information.
@@ -227,7 +252,31 @@ GET Individual VIMs NFVI Capacity Information
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/nfvi_capacity_infos/${vimId} 		
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}      
+	Set Global Variable    ${response}    ${outputResponse}   
+
+GET Individual VIMs NFVI Capacity Information with permitted authorization scope
+    log    Trying to get information about an Individual VIMs NFVI Capacity Information
+    Set Headers    {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${INFOS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/nfvi_capacity_infos/${vimId} 		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}  
+
+GET Individual VIMs NFVI Capacity Information with not permitted authorization scope
+    log    Trying to get information about an Individual VIMs NFVI Capacity Information
+    Set Headers    {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/nfvi_capacity_infos/${vimId} 		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}   
 
 GET Individual VIMs NFVI Capacity Information using filter
     log    Trying to get information about an Individual VIMs NFVI Capacity Information
@@ -308,6 +357,30 @@ GET Capacity Thresholds
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}    
 
+GET Capacity Thresholds with permitted authorization scope
+    log    Trying to get information about multiple Capacity Thresholds
+    Set Headers    {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${THRESHOLDS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/capacity_thresholds	
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}    
+
+GET Capacity Thresholds with not permitted authorization scope
+    log    Trying to get information about multiple Capacity Thresholds
+    Set Headers    {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/capacity_thresholds	
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}  
+
 GET Capacity Thresholds using filter
     log    Trying to get information about multiple Capacity Thresholds using filtering parameters
     Set Headers    {"Accept":"${ACCEPT_JSON}"}  
@@ -373,8 +446,32 @@ GET Individual Capacity Threshold
     Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/capacity_thresholds/${capacityThreshold}  		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}   
+
+GET Individual Capacity Threshold with permitted authorization scope
+    log    Trying to get information about an Individual Capacity Threshold
+    Set Headers    {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${THRESHOLDS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/capacity_thresholds/${capacityThreshold}  		
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}      
+
+GET Individual Capacity Threshold with not permitted authorization scope
+    log    Trying to get information about an Individual Capacity Threshold
+    Set Headers    {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/capacity_thresholds/${capacityThreshold}  		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}   
 	
 GET Individual Capacity Threshold - Invalid URI
     log    Trying to get information about an Individual Capacity Threshold
@@ -512,3 +609,8 @@ DELETE notification endpoint
     Delete    ${callbackResp}
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
+
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded} 
\ No newline at end of file
diff --git a/SOL005/NFVICapacityInformation-API/NotificationEndpoint.robot b/SOL005/NFVICapacityInformation-API/NotificationEndpoint.robot
index 7afef2e5276645be51e4cd39b54a1516163e62cc..a060f95627753066bda987ffa7e52f11791d4599 100644
--- a/SOL005/NFVICapacityInformation-API/NotificationEndpoint.robot
+++ b/SOL005/NFVICapacityInformation-API/NotificationEndpoint.robot
@@ -8,7 +8,7 @@ Capacity Shortage Notification
     ...    Test title: Capacity Shortage Notification
     ...    Test objective: The objective is to test that Capacity Shortage Notification is delivered with success to the notification consumer.
     ...    Pre-conditions: The consumer has already created an Individual Capacity Threshold resource
-    ...    Reference: Clause 10.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -20,7 +20,7 @@ Test the Notification Endpoint - Successful
     ...    Test title: Test the Notification Endpoint - Successful
     ...    Test objective: The objective is to test the Notification Endpoint provided by the notification consumer.
     ...    Pre-conditions: The consumer has already created an Individual Capacity Threshold resource
-    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -32,7 +32,7 @@ Test the Notification Endpoint - UNREACHABLE
     ...    Test title: Test the Notification Endpoint - UNREACHABLE
     ...    Test objective: The objective is to test the Notification Endpoint provided by the notification consumer.
     ...    Pre-conditions: The consumer has already created an Individual Capacity Threshold resource
-    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.6.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: The notification endpoint is unreachable by the API producer.
     ...    Post-Conditions: none 
@@ -45,7 +45,7 @@ PUT Notification endpoint - Method Not Implemented
     ...    Test title: PUT Notification endpoint - Method Not Implemented
     ...    Test objective: The objective is to test the PUT method for Notification Endpoint provided by the consumer is not implemented.
     ...    Pre-conditions: A notification endpoint is provided by the API consumer upon subscription.
-    ...    Reference: Clause 10.4.6.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.6.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -57,7 +57,7 @@ PATCH Notification endpoint - Method Not Implemented
     ...    Test title: PATCH Notification endpoint - Method Not Implemented
     ...    Test objective: The objective is to test the PATCH method for Notification Endpoint provided by the consumer is not implemented.
     ...    Pre-conditions: A notification endpoint is provided by the API consumer upon subscription.
-    ...    Reference: Clause 10.4.6.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.6.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -69,7 +69,7 @@ DELETE Notification endpoint - Method Not Implemented
     ...    Test title: DELETE Notification endpoint - Method Not Implemented
     ...    Test objective: The objective is to test the DELETE method for Notification Endpoint provided by the consumer is not implemented.
     ...    Pre-conditions: A notification endpoint is provided by the API consumer upon subscription.
-    ...    Reference: Clause 10.4.6.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 10.4.6.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL005/NFVICapacityInformation-API/environment/variables.txt b/SOL005/NFVICapacityInformation-API/environment/variables.txt
index 20c6351696d8304b27257a1a5af65174636651d0..d402693c45599cc3eb981cb65e87e604aa062022 100644
--- a/SOL005/NFVICapacityInformation-API/environment/variables.txt
+++ b/SOL005/NFVICapacityInformation-API/environment/variables.txt
@@ -4,6 +4,11 @@ ${NFVO_PORT}      8081    # Listening port of the NFVO
 ${NFVO_SCHEMA}    https
 ${AUTHORIZATION_HEADER}    Authorization
 ${AUTHORIZATION_TOKEN}    Bearer 0b79bab50daca910b000d4f1a2b675d604257e42
+
+${INFOS_PERMITTED_SCOPE}    nfvici:v2:nfvi_capacity_infos
+${THRESHOLDS_PERMITTED_SCOPE}    nfvici:v2:thresholds
+${NOT_PERMITTED_SCOPE}    nfvici:v2:invalid
+
 ${ACCEPT_JSON}    application/json
 ${AUTH_USAGE}     1
 ${CONTENT_TYPE_JSON}    application/json
diff --git a/SOL005/NSDManagement-API/IndividualNSDArchiveArtifact.robot b/SOL005/NSDManagement-API/IndividualNSDArchiveArtifact.robot
index 0e450f62b2225525e8d21c3ddd470d60057007d1..793b9e14f86c9b924026acc434a47f752971b3b2 100644
--- a/SOL005/NSDManagement-API/IndividualNSDArchiveArtifact.robot
+++ b/SOL005/NSDManagement-API/IndividualNSDArchiveArtifact.robot
@@ -12,7 +12,7 @@ GET Individual NSD Archive Artifact
     ...    Test title: GET Individual NSD Archive Artifact
     ...    Test objective: The objective is to test the retrieval of an individual NSD Archive artifact
     ...    Pre-conditions: One or more NSD archives are on-boarded to the NFVO.
-    ...    Reference: Clause 5.4.4c.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4c.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -24,7 +24,7 @@ GET Individual NSD Archive Artifact with include_signatures parameter
     ...    Test title: GET Individual NSD Archive Artifact with include_signatures parameter
     ...    Test objective: The objective is to test that the GET request read the whole content of the archive containing the artifact files successfully and also contain security certificates when requested with "include_signature" parameter, and perform a validation that returned content is in Zip format
     ...    Pre-conditions: One or more NSD archives are on-boarded to the NFVO.
-    ...    Reference: Clause 5.4.4c.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4c.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -37,7 +37,7 @@ GET Individual NSD Archive Artifact in octet stream format
     ...    Test title: GET Individual NSD Archive Artifact in octet stream format
     ...    Test objective: The objective is to test the retrieval of an individual NSD Archive artifact when the NFVO cannot determine the artifact content type. The test performs a validation that the returned artifcat in is octet-stream format. 
     ...    Pre-conditions: One or more NSD archives are on-boarded to the NFVO.
-    ...    Reference: Clause 5.4.4c.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4c.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO cannot determine the content type of the artifact
     ...    Post-Conditions: none
@@ -50,7 +50,7 @@ GET Individual NSD Archive Artifact with Range Request and NFVO supporting Range
     ...    Test title: GET Individual NSD Archive Artifact with Range Request and NFVO supporting Range Requests
     ...    Test objective: The objective is to test the retrieval of an individual NSD Archive artifact when using a range request to return single range of bytes from the file, with the NFVO supporting it. The test also perform a validation that returned content matches the issued range
     ...    Pre-conditions: One or more NSD archives are on-boarded to the NFVO.
-    ...    Reference: Clause 5.4.4c.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4c.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports range requests to return single range of bytes from the NSD Archive artifact
     ...    Post-Conditions: none
@@ -64,7 +64,7 @@ GET Individual NSD Archive Artifact with Range Request and NFVO not supporting R
     ...    Test title: GET Individual NSD Archive Artifact with Range Request and NFVO not supporting Range Requests
     ...    Test objective: The objective is to test that the retrieval of an individual NSD archive artifact, when using a range request to return single range of bytes from the file and the NFVO not supporting it, returns the full NSD Archive artifact.
     ...    Pre-conditions: One or more NSD archives are on-boarded to the NFVO.
-    ...    Reference: Clause 5.4.4c.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4c.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO does not support range requests to return single range of bytes from the NSD Archive artifact
     ...    Post-Conditions: none    
@@ -76,7 +76,7 @@ GET Individual NSD Archive Artifact with invalid resource identifier
     ...    Test title: GET Individual NSD Archive Artifact with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of an individual NSD Archive Artifact fails when using an invalid resource identifier
     ...    Pre-conditions: One or more NSD archives are on-boarded to the NFVO.
-    ...    Reference: Clause 5.4.4c.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4c.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -89,7 +89,7 @@ GET Individual NSD Archive Artifact - Not Acceptable
     ...    Test title: GET Individual NSD Archive Artifact - Not Acceptable
     ...    Test objective: The objective is to test that the retrieval of an individual NSD Archive artifact fails when related request contained an "Accept" header not compatible with the Content type "application/zip" but the "include_signatures" flag was provided
     ...    Pre-conditions: One or more NSD archives are on-boarded to the NFVO.
-    ...    Reference: Clause 5.4.4c.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4c.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none      
@@ -102,7 +102,7 @@ GET Individual NSD Archive Artifact with conflict due to onboarding state
     ...    GET Individual NSD Archive Artifact with conflict due to onboarding state
     ...    Test objective: The objective is to test that the retrieval of an individual NSD Archive Artifact fails due to a conflict when the NSD is not in onboarding state ONBOARDED in the NFVO. The test also performs a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: The onboarding state of the NSD archive for which the content is requested is different from ONBOARDED.
-    ...    Reference: Clause 5.4.4c.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4c.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -115,7 +115,7 @@ GET Individual NSD Archive Artifact with invalid Range Request
     ...    Test title: GET Individual NSD Archive Artifact with invalid Range Request
     ...    Test objective: The objective is to test that the retrieval of an Individual NSD Archive fails when using a range request that does not match any available byte range in the file.
     ...    Pre-conditions: One or more NSD Archives are on-boarded to the NFVO.
-    ...    Reference: Clause 5.4.4c.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4c.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports range requests to return single range of bytes from the NSD Archive artifact
     ...    Post-Conditions: none      
@@ -127,7 +127,7 @@ POST Individual NSD Archive Artifact - Method not implemented
     ...    Test title: POST Individual NSD Archive Artifact - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create an individual artifact contained in an NSD archive.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.4c.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4c.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -139,7 +139,7 @@ PUT Individual NSD Archive Artifact - Method not implemented
     ...    Test title: PUT Individual NSD Archive Artifact - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify an Individual NSD Archive artifact
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.4c.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4c.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -151,7 +151,7 @@ PATCH Individual NSD Archive Artifact - Method not implemented
     ...    Test title: PATCH Individual NSD Archive Artifact - Method not implemented
     ...    Test objective: The objective is to test that PATCH  method is not allowed to update an Individual NSD Archive artifact
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.4c.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4c.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -163,10 +163,34 @@ DELETE Individual NSD Archive Artifact - Method not implemented
     ...    Test title: DELETE Individual NSD Archive Artifact - Method not implemented
     ...    Test objective: The objective is to test that DELETE  method is not allowed to delete an Individual NSD Archive artifact
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.4c.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4c.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send DELETE Request for Individual NSD Archive Artifact
     Check HTTP Response Status Code Is    405
+
+GET Individual NSD Archive Artifact with permitted authorization scope
+    [Documentation]    Test ID: 5.3.1.16.14
+    ...    Test title: GET Individual NSD Archive Artifact with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of an individual NSD Archive artifact with permitted authorization scope
+    ...    Pre-conditions: One or more NSD archives are on-boarded to the NFVO.
+    ...    Reference: Clause 5.4.4c.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual NSD Archive Artifact with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+
+GET Individual NSD Archive Artifact with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.1.16.14
+    ...    Test title: GET Individual NSD Archive Artifact with not permitted authorization scope
+    ...    Test objective: The objective is to test that the retrieval of an individual NSD Archive artifact fails when using not permitted authorization scope
+    ...    Pre-conditions: One or more NSD archives are on-boarded to the NFVO.
+    ...    Reference: Clause 5.4.4c.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual NSD Archive Artifact with not permitted authorization scope
+    Check HTTP Response Status Code Is    200
     
\ No newline at end of file
diff --git a/SOL005/NSDManagement-API/IndividualNSDescriptor.robot b/SOL005/NSDManagement-API/IndividualNSDescriptor.robot
index c583a45b5798a34ced2981c4eb31ae19c34d4c9b..4d889561b93a52f255048594cbd938478ed7038d 100644
--- a/SOL005/NSDManagement-API/IndividualNSDescriptor.robot
+++ b/SOL005/NSDManagement-API/IndividualNSDescriptor.robot
@@ -14,7 +14,7 @@ GET Individual Network Service Descriptor Information
     ...    Test title: GET Individual Network Service Descriptor Information
     ...    Test objective: The objective is to test the retrieval of an individual Network Service Descriptor information and perform a JSON schema validation of the collected data structure
     ...    Pre-conditions: One or more Network Service Descriptors are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -30,7 +30,7 @@ GET Individual Network Service Descriptor Information with invalid resource iden
     ...    Test title: GET Individual Network Service Descriptor Information with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of an individual Network Service Descriptor Information fails when using an invalid resource identifier
     ...    Pre-conditions: One or more Network Service Descriptors are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -43,7 +43,7 @@ Disable Individual Network Service Descriptor
     ...    Test title: Disable Individual Network Service Descriptor  
     ...    Test objective: The objective is to test the disabling of an individual Network Service Descriptor and perform a JSON schema and content validation of the collected data structure
     ...    Pre-conditions: One or more Network Service Descriptors are onboarded in the NFVO in enabled operational state.
-    ...    Reference: Clause 5.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The Network Service Descriptor is in operational state DISABLED and usage state is not modified
@@ -59,7 +59,7 @@ Enable Individual Network Service Descriptor
     ...    Test title: Enable Individual Network Service Descriptor
     ...    Test objective: The objective is to test the enabling of an individual Network Service Descriptor and perform a JSON schema and content validation of the collected data structure
     ...    Pre-conditions: One or more Network Service Descriptors are onboarded in the NFVO in DISABLED operational state (Test ID 5.3.1.2.3).
-    ...    Reference: Clause 5.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The Network Service Descriptor is in operational state ENABLED and usage state is not modified
@@ -74,7 +74,7 @@ Enable Individual Network Service Descriptor with conflict due to operational st
     ...    Test title: Enable Individual Network Service Descriptor with conflict due to operational state ENABLED
     ...    Test objective: The objective is to test that enabling an individual Network Service Descriptor that is already in ENABLED operational state failsand perform a JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: One or more Network Service Descriptors are onboarded in the NFVO in ENABLED operational state (Test ID 5.3.1.2.4).
-    ...    Reference: Clause 5.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -87,7 +87,7 @@ Enable Individual Network Service Descriptor with conflict due to onboarding sta
     ...    Test title: Enable Individual Network Service Descriptor with conflict due to onboarding state
     ...    Test objective: The objective is to test that the retrieval of an Network Service Descriptor fails due to a conflict when the Network Service Descriptor is not in onboarding state ONBOARDED in the NFVO. The test also performs a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: One or more Network Service Descriptors are onboarded in the NFVO in ENABLED operational state. The onboarding state of the Network Service Descriptor for which the enabling is requested is different from ONBOARDED.
-    ...    Reference: Clause 5.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -100,7 +100,7 @@ Enable Individual Network Service Descriptor with HTTP Etag precondition failure
     ...    Test title:  Enable Individual Network Service Descriptor with HTTP Etag precondition failure
     ...    Test objective: The objective is to test that the retrieval of an Network Service Descriptor fails due to a precondition failure when using an uncorrect Http Etag identified.
     ...    Pre-conditions: One or more Network Service Descriptors are onboarded in the NFVO in ENABLED operational state (Test ID 5.3.1.2.4).
-    ...    Reference: Clause 5.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -112,7 +112,7 @@ Enable Individual Network Service Descriptor with HTTP Conditional Request Not S
     ...    Test title:  Enable Individual Network Service Descriptor with HTTP Conditional Request Not Supported Precondition Failure
     ...    Test objective: The objective is to test that the retrieval of an Network Service Descriptor fails if the API Producer does not support "Last-Modified" and "ETag" HTTP Headers
     ...    Pre-conditions: One or more Network Service Descriptors are onboarded in the NFVO in ENABLED operational state (Test ID 5.3.1.2.4).
-    ...    Reference: Clause 5.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: API Producer does not support "Last-Modified" and "ETag" HTTP Headers
     ...    Post-Conditions: none
@@ -135,7 +135,7 @@ DELETE Individual Network Service Descriptor
     ...    Test title:  DELETE Individual Network Service Descriptor
     ...    Test objective: The objective is to test the deletion of an individual Network Service Descriptor.
     ...    Pre-conditions: One or more Network Service Descriptors are onboarded in the NFVO in DISABLED operational state and NOT_IN_USE usage state.
-    ...    Reference: Clause 5.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The Network Service Descriptor is not available anymore in the NFVO 
@@ -148,7 +148,7 @@ DELETE Individual Network Service Descriptor in operational state ENABLED
     ...    Test title:  DELETE Individual Network Service Descriptor in operational state ENABLED
     ...    Test objective: The objective is to test that the deletion of an individual Network Service Descriptor in operational state ENABLED fails. The test also performs a JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: One or more Network Service Descriptors are onboarded in the NFVO in ENABLED operational state (Test ID 5.3.1.2.4).
-    ...    Reference: Clause 5.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The Network Service Descriptor is not deleted by the failed operation. 
@@ -162,7 +162,7 @@ POST Individual Network Service Descriptor - Method not implemented
     ...    Test title: POST Individual Network Service Descriptor - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new Network Service Descriptor
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.3.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.3.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -174,13 +174,40 @@ PUT Individual Network Service Descriptor - Method not implemented
     ...    Test title: PUT Individual Network Service Descriptor - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify a new Network Service Descriptor
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.3.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.3.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send PUT Request for Individual Network Service Descriptor
     Check HTTP Response Status Code Is    405
-    
+
+DELETE Individual Network Service Descriptor with permitted authorization scope
+    [Documentation]    Test ID: 5.3.1.2.13
+    ...    Test title:  DELETE Individual Network Service Descriptor with permitted authorization scope
+    ...    Test objective: The objective is to test the deletion of an individual Network Service Descriptor with permitted authorization scope.
+    ...    Pre-conditions: One or more Network Service Descriptors are onboarded in the NFVO in DISABLED operational state and NOT_IN_USE usage state.
+    ...    Reference: Clause 5.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: The Network Service Descriptor is not available anymore in the NFVO 
+    Send DELETE Request for Individual Network Service Descriptor with permitted authorization scope
+    Check HTTP Response Status Code Is    204
+    Check Postcondition Network Service Descriptor is Deleted
+
+
+DELETE Individual Network Service Descriptor with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.1.2.14
+    ...    Test title:  DELETE Individual Network Service Descriptor with not permitted authorization scope
+    ...    Test objective: The objective is to test that the deletion of an individual Network Service Descriptor fails when using a not permitted authorization scope.
+    ...    Pre-conditions: One or more Network Service Descriptors are onboarded in the NFVO in DISABLED operational state and NOT_IN_USE usage state.
+    ...    Reference: Clause 5.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: The Network Service Descriptor is not available anymore in the NFVO 
+    Send DELETE Request for Individual Network Service Descriptor with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
+
+
 *** Keywords ***
 Void
     log    do nothing
diff --git a/SOL005/NSDManagement-API/IndividualPNFDArchiveArtifact.robot b/SOL005/NSDManagement-API/IndividualPNFDArchiveArtifact.robot
index d9c4f6bed7df1d42661bea206bf0b849f4050798..a3e0251781a0b65f838bcc65affd8d9dec20c9b8 100644
--- a/SOL005/NSDManagement-API/IndividualPNFDArchiveArtifact.robot
+++ b/SOL005/NSDManagement-API/IndividualPNFDArchiveArtifact.robot
@@ -12,7 +12,7 @@ GET Individual PNFD Archive Artifact
     ...    Test title: GET Individual PNFD Archive Artifact
     ...    Test objective: The objective is to test the retrieval of an individual PNFD Archive artifact
     ...    Pre-conditions: One or more PNFD archives are on-boarded in the NFVO.
-    ...    Reference: Clause 5.4.7c.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7c.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -24,7 +24,7 @@ GET Individual PNFD Archive Artifact with include_signatures parameter
     ...    Test title: GET Individual PNFD Archive Artifact with include_signatures parameter
     ...    Test objective: The objective is to test that the GET request read the whole content of the archive containing the artifact files successfully and also contain security certificates when requested with "include_signature" parameter, and perform a validation that returned content is in Zip format
     ...    Pre-conditions: One or more PNFD archives are on-boarded to the NFVO.
-    ...    Reference: Clause 5.4.7c.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7c.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -37,7 +37,7 @@ GET Individual PNFD Archive Artifact in octet stream format
     ...    Test title: GET Individual PNFD Archive Artifact in octet stream format
     ...    Test objective: The objective is to test the retrieval of an individual PNFD Archive artifact when the NFVO cannot determine the artifact content type. The test performs a validation that the returned artifcat in is octet-stream format. 
     ...    Pre-conditions: One or more PNFD archives are on-boarded to the NFVO.
-    ...    Reference: Clause 5.4.7c.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7c.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO cannot determine the content type of the artifact
     ...    Post-Conditions: none
@@ -50,7 +50,7 @@ GET Individual PNFD Archive Artifact with Range Request and NFVO supporting Rang
     ...    Test title: GET Individual PNFD Archive Artifact with Range Request and NFVO supporting Range Requests
     ...    Test objective: The objective is to test the retrieval of an individual PNFD Archive artifact when using a range request to return single range of bytes from the file, with the NFVO supporting it. The test also perform a validation that returned content matches the issued range
     ...    Pre-conditions: One or more PNFD archives are on-boarded in the NFVO.
-    ...    Reference: Clause 5.4.7c.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7c.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports range requests to return single range of bytes from the PNFD Archive artifact
     ...    Post-Conditions: none
@@ -64,7 +64,7 @@ GET Individual PNFD Archive Artifact with Range Request and NFVO not supporting
     ...    Test title: GET Individual PNFD Archive Artifact with Range Request and NFVO not supporting Range Requests
     ...    Test objective: The objective is to test that the retrieval of an individual PNFD archive artifact, when using a range request to return single range of bytes from the file and the NFVO not supporting it, returns the full PNFD Archive artifact.
     ...    Pre-conditions: One or more PNFD archives are on-boarded in the NFVO.
-    ...    Reference: Clause 5.4.7c.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7c.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO does not support range requests to return single range of bytes from the PNFD Archive artifact
     ...    Post-Conditions: none    
@@ -76,7 +76,7 @@ GET Individual PNFD Archive Artifact with invalid resource identifier
     ...    Test title: GET Individual PNFD Archive Artifact with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of an individual PNFD Archive Artifact fails when using an invalid resource identifier
     ...    Pre-conditions: One or more PNFD archives are on-boarded in the NFVO.
-    ...    Reference: Clause 5.4.7c.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7c.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -89,7 +89,7 @@ GET Individual PNFD Archive Artifact - Not Acceptable
     ...    Test title: GET Individual PNFD Archive Artifact - Not Acceptable
     ...    Test objective: The objective is to test that the retrieval of an individual PNFD Archive artifact fails when related request contained an "Accept" header not compatible with the Content type "application/zip" but the "include_signatures" flag was provided
     ...    Pre-conditions: One or more PNFD archives are on-boarded to the NFVO.
-    ...    Reference: Clause 5.4.7c.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7c.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none      
@@ -102,7 +102,7 @@ GET Individual PNFD Archive Artifact with conflict due to onboarding state
     ...    GET Individual PNFD Archive Artifact with conflict due to onboarding state
     ...    Test objective: The objective is to test that the retrieval of an individual PNFD Archive Artifact fails due to a conflict when the PNFD is not in onboarding state ONBOARDED in the NFVO. The test also performs a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: The onboarding state of the PNFD archive for which the content is requested is different from ONBOARDED.
-    ...    Reference: Clause 5.4.7c.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7c.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -115,7 +115,7 @@ GET Individual PNFD Archive Artifact with invalid Range Request
     ...    Test title: GET Individual PNFD Archive Artifact with invalid Range Request
     ...    Test objective: The objective is to test that the retrieval of an Individual PNFD Archive fails when using a range request that does not match any available byte range in the file.
     ...    Pre-conditions: One or more PNFD Archives are on-boarded to the NFVO.
-    ...    Reference: Clause 5.4.7c.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7c.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports range requests to return single range of bytes from the PNFD Archive artifact
     ...    Post-Conditions: none      
@@ -128,7 +128,7 @@ POST Individual PNFD Archive Artifact - Method not implemented
     ...    Test title: POST Individual PNFD Archive Artifact - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create an individual artifact contained in an PNFD archive.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.7c.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7c.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -140,7 +140,7 @@ PUT Individual PNFD Archive Artifact - Method not implemented
     ...    Test title: PUT Individual PNFD Archive Artifact - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify an Individual PNFD Archive artifact
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.7c.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7c.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -152,7 +152,7 @@ PATCH Individual PNFD Archive Artifact - Method not implemented
     ...    Test title: PATCH Individual PNFD Archive Artifact - Method not implemented
     ...    Test objective: The objective is to test that PATCH  method is not allowed to update an Individual PNFD Archive artifact
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.7c.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7c.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -164,10 +164,35 @@ DELETE Individual PNFD Archive Artifact - Method not implemented
     ...    Test title: DELETE Individual PNFD Archive Artifact - Method not implemented
     ...    Test objective: The objective is to test that DELETE  method is not allowed to delete an Individual PNFD Archive artifact
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.7c.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7c.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send DELETE Request for Individual PNFD Archive Artifact
     Check HTTP Response Status Code Is    405
+
+GET Individual PNFD Archive Artifact with permitted authorization scope
+    [Documentation]    Test ID: 5.3.1.17.13
+    ...    Test title: GET Individual PNFD Archive Artifact with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of an individual PNFD Archive artifact with permitted authorization scope
+    ...    Pre-conditions: One or more PNFD archives are on-boarded in the NFVO.
+    ...    Reference: Clause 5.4.7c.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual PNFD Archive Artifact with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+
+GET Individual PNFD Archive Artifact with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.1.17.14
+    ...    Test title: GET Individual PNFD Archive Artifact with not permitted authorization scope
+    ...    Test objective: The objective is to test that the retrieval of an individual PNFD Archive artifact fails when using not permitted authorization scope
+    ...    Pre-conditions: One or more PNFD archives are on-boarded in the NFVO.
+    ...    Reference: Clause 5.4.7c.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual PNFD Archive Artifact with not permitted authorization scope
+    Check HTTP Response Status Code Is    200
+
     
\ No newline at end of file
diff --git a/SOL005/NSDManagement-API/IndividualPnfDescriptor.robot b/SOL005/NSDManagement-API/IndividualPnfDescriptor.robot
index 25ff5e97cf62e349ed9448f3617ba313baacc725..d5e0aa8e94b772a9b5afe1df2426766755999828 100644
--- a/SOL005/NSDManagement-API/IndividualPnfDescriptor.robot
+++ b/SOL005/NSDManagement-API/IndividualPnfDescriptor.robot
@@ -13,7 +13,7 @@ GET Individual PNF Descriptor Information
     ...    Test title: GET Individual PNF Descriptor Information
     ...    Test objective: The objective is to test the retrieval of an individual PNF Descriptor information and perform a JSON schema validation of the collected data structure
     ...    Pre-conditions: One or more PNF Descriptors are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.6.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.6.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -28,7 +28,7 @@ GET Individual PNF Descriptor Information with invalid resource identifier
     ...    Test title: GET Individual PNF Descriptor Information with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of an individual PNF Descriptor Information fails when using an invalid resource identifier
     ...    Pre-conditions: One or more PNF Descriptors are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.6.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.6.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -41,7 +41,7 @@ Update Individual PNF Descriptor
     ...    Test title: Update Individual PNF Descriptor
     ...    Test objective: The objective is to test the update of an individual PNF Descriptor and perform a JSON schema and content validation of the collected data structure
     ...    Pre-conditions: One or more PNF Descriptors are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.6.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.6.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The PNF Descriptor is modified according to the update request
@@ -55,7 +55,7 @@ Update Individual PNF Descriptor with HTTP Etag precondition failure
     ...    Test title:  Update Individual PNF Descriptor with HTTP Etag precondition failure
     ...    Test objective: The objective is to test that the update of a PNF Descriptor fails due to a precondition failure when using an uncorrect Http Etag identified.
     ...    Pre-conditions: One or more PNF Descriptors are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.6.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.6.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -67,7 +67,7 @@ Update Individual PNF Descriptor with HTTP Conditional Request Not Supported Pre
     ...    Test title:  Update Individual PNF Descriptor with HTTP Conditional Request Not Supported Precondition Failure
     ...    Test objective: The objective is to test that the update of a PNF Descriptor fails due to the API Producer not supporting "Last-Modified" and "ETag" HTTP Headers
     ...    Pre-conditions: One or more PNF Descriptors are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.6.3.4, 4.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.6.3.4, 4.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: API Producer does not support "Last-Modified" and "ETag" HTTP Headers
     ...    Post-Conditions: none
@@ -79,7 +79,7 @@ POST Individual PNF Descriptor - Method not implemented
     ...    Test title: POST Individual PNF Descriptor - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new PNF Descriptor
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -91,7 +91,7 @@ PUT Individual PNF Descriptor - Method not implemented
     ...    Test title: PUT Individual PNF Descriptor - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify a new PNF Descriptor
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.6.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.6.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -103,10 +103,36 @@ DELETE Individual PNF Descriptor
     ...    Test title:  DELETE Individual PNF Descriptor
     ...    Test objective: The objective is to test the deletion of an individual PNF Descriptor.
     ...    Pre-conditions: One or more PNF Descriptors are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.6.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.6.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The PNF Descriptor is not available anymore in the NFVO 
     Send DELETE Request for Individual PNF Descriptor
     Check HTTP Response Status Code Is    204
-    Check Postcondition PNF Descriptor is Deleted
\ No newline at end of file
+    Check Postcondition PNF Descriptor is Deleted
+
+Update Individual PNF Descriptor with permitted authorization scope
+    [Documentation]    Test ID: 5.3.1.5.8
+    ...    Test title: Update Individual PNF Descriptor with permitted authorization scope
+    ...    Test objective: The objective is to test the update of an individual PNF Descriptor with permitted authorization scope
+    ...    Pre-conditions: One or more PNF Descriptors are onboarded in the NFVO.
+    ...    Reference: Clause 5.4.6.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: The PNF Descriptor is modified according to the update request
+    Send PATCH to update Individual PNF Descriptor with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   PnfdInfoModification
+    Check Postcondition PNF Descriptor is modified according to the requested update  
+
+Update Individual PNF Descriptor with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.1.5.9
+    ...    Test title: Update Individual PNF Descriptor with not permitted authorization scope
+    ...    Test objective: The objective is to test that the update of an individual PNF Descriptor fails when using not permitted authorization scope
+    ...    Pre-conditions: One or more PNF Descriptors are onboarded in the NFVO.
+    ...    Reference: Clause 5.4.6.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: The PNF Descriptor is modified according to the update request
+    Send PATCH to update Individual PNF Descriptor with not permitted authorization scope
+    Check HTTP Response Status Code Is    401  
\ No newline at end of file
diff --git a/SOL005/NSDManagement-API/IndividualSubscription.robot b/SOL005/NSDManagement-API/IndividualSubscription.robot
index c710cbc312e2bdc8f8170d9e51789f1c8e3d8fc8..baf663bfeedf5e242ae6b876f0e49d48676fbb44 100644
--- a/SOL005/NSDManagement-API/IndividualSubscription.robot
+++ b/SOL005/NSDManagement-API/IndividualSubscription.robot
@@ -12,7 +12,7 @@ GET Individual NSD Management Subscription
     ...    Test title: GET Individual NSD Management Subscription
     ...    Test objective: The objective is to test the retrieval of individual NSD Management subscription and perform a JSON schema and content validation of the returned subscription data structure
     ...    Pre-conditions: At least one NSD Management subscription is available in the NFVO.
-    ...    Reference: Clause 5.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -27,7 +27,7 @@ GET Individual NSD Management Subscription with invalid resource identifier
     ...    Test title: GET Individual NSD Management Subscription with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of an individual NSD Management subscription fails when using an invalid resource identifier
     ...    Pre-conditions: At least one NSD Management subscription is available in the NFVO.
-    ...    Reference: Clause 5.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -40,7 +40,7 @@ DELETE Individual NSD Management Subscription with invalid resource identifier
     ...    Test title: DELETE Individual NSD Management Subscription with invalid resource identifier
     ...    Test objective: The objective is to test that the deletion of an individual NSD Management subscription fails when using an invalid resource identifier
     ...    Pre-conditions: At least one NSD Management subscription is available in the NFVO.
-    ...    Reference: Clause 5.4.9.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.9.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -52,7 +52,7 @@ POST Individual NSD Management Subscription - Method not implemented
     ...    Test title: POST Individual NSD Management Subscription - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new NSD Management Subscription
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.9.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.9.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -64,7 +64,7 @@ PUT Individual NSD Management Subscription - Method not implemented
     ...    Test title: PUT Individual NSD Management Subscription - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to update an existing NSD Management subscription
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.9.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.9.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -76,7 +76,7 @@ PATCH Individual NSD Management Subscription - Method not implemented
     ...    Test title: PATCH Individual NSD Management Subscription - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to modify an existing NSD Management subscription
     ...    Pre-conditions: At least one NSD Management subscription is available in the NFVO.
-    ...    Reference: Clause 5.4.9.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.9.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -88,10 +88,37 @@ DELETE Individual NSD Management Subscription
     ...    Test title: DELETE Individual NSD Management Subscription
     ...    Test objective: The objective is to test the deletion of an individual NSD Management subscription
     ...    Pre-conditions: At least one NSD Management subscription is available in the NFVO.
-    ...    Reference: Clause 5.4.9.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.9.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The NSD Management Subscription is not available anymore in the NFVO    
     Send Delete request for individual NSD Management Subscription
     Check HTTP Response Status Code Is    204
-    Check Postcondition NSD Management Subscription is Deleted
\ No newline at end of file
+    Check Postcondition NSD Management Subscription is Deleted
+
+GET Individual NSD Management Subscription with permitted authorization scope
+    [Documentation]    Test ID: 5.3.1.8.8
+    ...    Test title: GET Individual NSD Management Subscription with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of individual NSD Management subscription with permitted authorization scope
+    ...    Pre-conditions: At least one NSD Management subscription is available in the NFVO.
+    ...    Reference: Clause 5.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Individual NSD Management Subscription with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   NsdmSubscription
+    Check HTTP Response Body NsdmSubscription content against NS Descriptor
+    Check HTTP Response Body Subscription Identifier matches the requested Subscription
+
+GET Individual NSD Management Subscription with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.1.8.9
+    ...    Test title: GET Individual NSD Management Subscription with not permitted authorization scope
+    ...    Test objective: The objective is to test that the retrieval of individual NSD Management subscription fails when not permitted authorization scope
+    ...    Pre-conditions: At least one NSD Management subscription is available in the NFVO.
+    ...    Reference: Clause 5.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Individual NSD Management Subscription with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/NSDManagement-API/NSD.robot b/SOL005/NSDManagement-API/NSD.robot
index 6aa11f74bacc8b4fed2bb3ec7371825cb39d8193..f0a9a3a855cf305f315f18cd0ed9a9582d8255ff 100644
--- a/SOL005/NSDManagement-API/NSD.robot
+++ b/SOL005/NSDManagement-API/NSD.robot
@@ -12,7 +12,7 @@ Get single file NSD in Plain Format
     ...    Test title: Get single file NSD in Plain Format
     ...    Test objective: The objective is to test the retrieval of the NSD in plain format within a NSD archive and perform a validation that returned content is in plain format
     ...    Pre-conditions: One or more NSDs are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.4a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NSD is implemented as a single file
     ...    Post-Conditions: none
@@ -25,7 +25,7 @@ Get NSD in Zip Format
     ...    Test title: Get NSD in Zip Format
     ...    Test objective: The objective is to test the retrieval of the NSD in zip format within a NSD archive and perform a validation that returned content is in zip format
     ...    Pre-conditions: One or more NSDs are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.4a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -38,7 +38,7 @@ Get single file NSD in Plain or Zip Format
     ...    Test title: Get single file NSDin Plain or Zip Format
     ...    Test objective: The objective is to test the retrieval of the single file NSD within a NSD archive when requesting Plain or Zip format to NFVO by including both formats in the request, and perform a validation that response is in Plain or Zip format
     ...    Pre-conditions: One or more NSDs are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.4a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NSD is implemented as a single file
     ...    Post-Conditions: none
@@ -51,7 +51,7 @@ Get multi file NSD in Plain or Zip Format
     ...    Test title: Get multi file NSD in Plain or Zip Format
     ...    Test objective: The objective is to test the retrieval of the multi file NSD within a NSD archive when requesting Plain or Zip format to NFVO by including both formats in the request, and perform a validation that returned content is in Zip format
     ...    Pre-conditions: One or more NSDs are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.4a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NSD is implemented as a multi file
     ...    Post-Conditions: none
@@ -64,7 +64,7 @@ Get multi file NSD in Plain Format
     ...    Test title: Get multi file NSD in Plain Format
     ...    Test objective: The objective is to test that the retrieval of the multi file NSD within a NSD archive fails when requesting it in Plain format, and perform a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: One or more NSDs are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.4a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NSD is implemented as a multi file
     ...    Post-Conditions: none
@@ -77,7 +77,7 @@ Get NSD Content with invalid resource identifier
     ...    Test title: Get NSD Content with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of the NSD within a NSD archive fails when using an invalid resource identifier
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.4a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -90,7 +90,7 @@ Get NSD with conflict due to onboarding state
     ...    Test title: Get NSD with conflict due to onboarding state
     ...    Test objective: The objective is to test that the retrieval of the NSD within a NSD archive fails due to a conflict when the NSD is not in onboarding state ONBOARDED in the NFVO. The test also performs a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: The onboarding state of the NSD is different from ONBOARDED.
-    ...    Reference: Clause 5.4.4a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -103,7 +103,7 @@ Get NSD with security information
     ...    Test title: Get NSD with security information
     ...    Test objective: The objective is to test the retrieval of the NSD within a NSD archive shall include in the ZIP archive the security information when requested with "include_signature" parameter
     ...    Pre-conditions: One or more NSDs are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.4a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -116,7 +116,7 @@ POST NSD - Method not implemented
     ...    Test title: POST NSD - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new Network Service Descriptor
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.4a.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4a.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -128,7 +128,7 @@ PUT NSD - Method not implemented
     ...    Test title: PUT NSD - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update Network Service Descriptor
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.4a.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4a.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -140,7 +140,7 @@ PATCH NSD - Method not implemented
     ...    Test title: PATCH NSD - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update Network Service Descriptor
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.4a.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4a.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -152,9 +152,34 @@ DELETE NSD - Method not implemented
     ...    Test title: DELETE NSD - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete Network Service Descriptor
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.4a.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4a.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send DELETE Request for NSD
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+Get single file NSD in Plain Format with permitted authorization scope
+    [Documentation]    Test ID: 5.3.1.11.13
+    ...    Test title: Get single file NSD in Plain Format with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of the NSD in plain format within a NSD archive with permitted authorization scope
+    ...    Pre-conditions: One or more NSDs are onboarded in the NFVO.
+    ...    Reference: Clause 5.4.4a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: The NSD is implemented as a single file
+    ...    Post-Conditions: none
+    Get single file NSD in Plain Format with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Header Content-Type Is    text/plain
+
+Get single file NSD in Plain Format with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.1.11.13
+    ...    Test title: Get single file NSD in Plain Format with not permitted authorization scope
+    ...    Test objective: The objective is to test that the retrieval of the NSD in plain format within a NSD archive fails when using a not permitted authorization scope
+    ...    Pre-conditions: One or more NSDs are onboarded in the NFVO.
+    ...    Reference: Clause 5.4.4a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: The NSD is implemented as a single file
+    ...    Post-Conditions: none
+    Get single file NSD in Plain Format with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/NSDManagement-API/NSDArchiveContent.robot b/SOL005/NSDManagement-API/NSDArchiveContent.robot
index a2d8710e1e5434d9fef157e799b4f5830ef39dc3..f14230a009ce60c9f5726f9c1005ee1deca92f19 100644
--- a/SOL005/NSDManagement-API/NSDArchiveContent.robot
+++ b/SOL005/NSDManagement-API/NSDArchiveContent.robot
@@ -24,7 +24,7 @@ Get NSD Content in Zip Format
     ...    Test title: Get NSD Content in Zip Format
     ...    Test objective: The objective is to test the retrieval of the NSD Content in zip format and perform a validation that returned content is in zip format
     ...    Pre-conditions: One or more NSDs are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -70,7 +70,7 @@ Get NSD Content with invalid resource identifier
     ...    Test title: Get NSD Content with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of the NSD Content fails when using an invalid resource identifier
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -83,7 +83,7 @@ Get NSD Content with conflict due to onboarding state
     ...    Test title: Get NSD Content with conflict due to onboarding state
     ...    Test objective: The objective is to test that the retrieval of the NSD Content fails due to a conflict when the NSD is not in onboarding state ONBOARDED in the NFVO. The test also performs a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: The onboarding state of the NSD for which the NSD Content is requested is different from ONBOARDED.
-    ...    Reference: Clause 5.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -96,7 +96,7 @@ GET NSD Content with Range Request and NFVO supporting Range Requests
     ...    Test title: GET NSD Content with Range Request and NFVO supporting Range Requests
     ...    Test objective: The objective is to test the retrieval of NSD Content when using a range request to return single range of bytes from the file, with the NFVO supporting it. The test also perform a validation that returned content matches the issued range
     ...    Pre-conditions: One or more NSDs are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports range requests to return single range of bytes from the NSD file
     ...    Post-Conditions: none
@@ -111,7 +111,7 @@ GET NSD Content with Range Request and NFVO not supporting Range Requests
     ...    Test title: GET NSD Content with Range Request and NFVO not supporting Range Requests
     ...    Test objective: The objective is to test that the retrieval of NSD Content, when using a range request to return single range of bytes from the file and the NFVO not supporting it, returns the full NSD file.
     ...    Pre-conditions: One or more NSDs are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO does not support range requests to return single range of bytes from the NSD file
     ...    Post-Conditions: none    
@@ -124,7 +124,7 @@ GET NSD Content with invalid Range Request
     ...    Test title: GET NSD Content with invalid Range Request
     ...    Test objective: The objective is to test that the retrieval of NSD Content fails when using a range request that does not match any available byte range in the file.
     ...    Pre-conditions: One or more NSDs are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports range requests to return single range of bytes from the NSD file
     ...    Post-Conditions: none      
@@ -137,7 +137,7 @@ Upload NSD Content as Zip file in asynchronous mode
     ...    Test title: Upload NSD Content as Zip file in asynchronous mode
     ...    Test objective: The objective is to test the upload of an NSD Content in Zip format when the NFVO supports the asynchronous upload mode.
     ...    Pre-conditions: One or more NSDs are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.4.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports the upload of NSD contents in asynchronous mode
     ...    Post-Conditions: NSD Uploaded
@@ -161,7 +161,7 @@ Upload NSD Content as Zip file in synchronous mode
     ...    Test title: Upload NSD Content as Zip file in synchronous mode
     ...    Test objective: The objective is to test the upload of an NSD Content in Zip format when the NFVO supports the synchronous upload mode.
     ...    Pre-conditions: One or more NSDs are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.4.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports the upload of NSD contents in synchronous mode
     ...    Post-Conditions: The NSD content is successfully uploaded and available in the NFVO
@@ -185,7 +185,7 @@ Upload NSD Content with conflict due to onboarding state
     ...    Test title: Upload NSD Content with conflict due to onboarding state
     ...    Test objective: The objective is to test that the upload of the NSD Content fails due to a conflict when the NSD is not in onboarding state CREATED in the NFVO. The test also performs a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: The onboarding state of the NSD for which the NSD Content is requested is different from ONBOARDED.
-    ...    Reference: Clause 5.4.4.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -198,7 +198,7 @@ POST NSD Content - Method not implemented
     ...    Test title: POST NSD Content - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new Network Service Descriptor content
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -210,7 +210,7 @@ PATCH NSD Content - Method not implemented
     ...    Test title: PATCH NSD Content - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update Network Service Descriptor content
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.4.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -222,13 +222,38 @@ DELETE NSD Content - Method not implemented
     ...    Test title: DELETE NSD Content - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete Network Service Descriptor content
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.4.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send DELETE Request for NSD Content
     Check HTTP Response Status Code Is    405
-    
+
+Upload NSD Content as Zip file in synchronous mode with permitted authorization scope
+    [Documentation]    Test ID: 5.3.1.3.19
+    ...    Test title: Upload NSD Content as Zip file in synchronous mode  with permitted authorization scope
+    ...    Test objective: The objective is to test the upload of an NSD Content in Zip format with permitted authorization scope
+    ...    Pre-conditions: One or more NSDs are onboarded in the NFVO.
+    ...    Reference: Clause 5.4.4.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: The NFVO supports the upload of NSD contents in synchronous mode
+    ...    Post-Conditions: The NSD content is successfully uploaded and available in the NFVO
+    Send PUT Request to upload NSD Content as zip file in synchronous mode with permitted authorization scope
+    Check HTTP Response Status Code Is    204
+    Check Postcondition NSD Content is uploaded and available in the NFVO
+
+Upload NSD Content as Zip file in synchronous mode with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.1.3.20
+    ...    Test title: Upload NSD Content as Zip file in synchronous mode with not permitted authorization scope
+    ...    Test objective: The objective is to test that the upload of an NSD Content in Zip format fails when using a not permitted authorization scope
+    ...    Pre-conditions: One or more NSDs are onboarded in the NFVO.
+    ...    Reference: Clause 5.4.4.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: The NFVO supports the upload of NSD contents in synchronous mode
+    ...    Post-Conditions: none
+    Send PUT Request to upload NSD Content as zip file in synchronous mode with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
+
 *** Keywords ***
 Void
     log    do nothing
diff --git a/SOL005/NSDManagement-API/NSDArchiveManifest.robot b/SOL005/NSDManagement-API/NSDArchiveManifest.robot
index 87748287ab4f58c9842b6d0944b5dd320553fb88..9e47bb997338e48f6975ceff9a98c4000546cd62 100644
--- a/SOL005/NSDManagement-API/NSDArchiveManifest.robot
+++ b/SOL005/NSDManagement-API/NSDArchiveManifest.robot
@@ -12,7 +12,7 @@ Get NSD Archive Manifest
     ...    Test title: Get NSD Archive Manifest
     ...    Test objective: The objective is to test that GET method reads the content of the manifest file within an NSD archive
     ...    Pre-conditions: One or more NSDs are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.4b.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4b.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -25,7 +25,7 @@ Get NSD Archive Manifest with security information
     ...    Test title: Get NSD Archive Manifest with security information
     ...    Test objective: The objective is to test the retrieval of content of the manifest file within an NSD archive shall include in the ZIP archive the security information when requested with "include_signature" parameter
     ...    Pre-conditions: One or more NSDs are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.4b.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4b.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -38,7 +38,7 @@ Get NSD Archive Manifest with conflict due to onboarding state
     ...    Test title: Get NSD Archive Manifest with conflict due to onboarding state
     ...    Test objective: The objective is to test that the retrieval of content of the manifest file within an NSD archive fails due to a conflict when the NSD is not in onboarding state ONBOARDED in the NFVO. The test also performs a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: The onboarding state of the NSD is different from ONBOARDED.
-    ...    Reference: Clause 5.4.4b.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4b.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -51,7 +51,7 @@ POST NSD Archive Manifest - Method not implemented
     ...    Test title: POST NSD Archive Manifest - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new Network Service Descriptor Archive Manifest
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.4b.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4b.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -63,7 +63,7 @@ PUT NSD Archive Manifest - Method not implemented
     ...    Test title: PUT NSD Archive Manifest - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update Network Service Descriptor Archive Manifest
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.4b.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4b.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -75,7 +75,7 @@ PATCH NSD Archive Manifest - Method not implemented
     ...    Test title: PATCH NSD Archive Manifest - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update Network Service Descriptor Archive Manifest
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.4b.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4b.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -87,9 +87,34 @@ DELETE NSD Archive Manifest - Method not implemented
     ...    Test title: DELETE NSD Archive Manifest - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete Network Service Descriptor Archive Manifest
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.4b.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.4b.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send DELETE Request for NSD Archive Manifest
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+Get NSD Archive Manifest with permitted authorization scope
+    [Documentation]    Test ID: 5.3.1.12.8
+    ...    Test title: Get NSD Archive Manifest with permitted authorization scope
+    ...    Test objective: The objective is to test that GET method reads the content of the manifest file within an NSD archive with permitted authorization scope
+    ...    Pre-conditions: One or more NSDs are onboarded in the NFVO.
+    ...    Reference: Clause 5.4.4b.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get NSD Archive Manifest with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Header Content-Type Is    text/plain
+
+Get NSD Archive Manifest with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.1.12.9
+    ...    Test title: Get NSD Archive Manifest with not permitted authorization scope
+    ...    Test objective: The objective is to test that GET method reads the content of the manifest file within an NSD archive fails when using not permitted authorization scope
+    ...    Pre-conditions: One or more NSDs are onboarded in the NFVO.
+    ...    Reference: Clause 5.4.4b.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get NSD Archive Manifest with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/NSDManagement-API/NSDManagementKeywords.robot b/SOL005/NSDManagement-API/NSDManagementKeywords.robot
index d48366a4a60aac6c46792e9a893cff3b2db8b3f6..dae7ab8406f5d04361391d7321a05de735097cce 100644
--- a/SOL005/NSDManagement-API/NSDManagementKeywords.robot
+++ b/SOL005/NSDManagement-API/NSDManagementKeywords.robot
@@ -10,6 +10,7 @@ Library    JSONSchemaLibrary    schemas/
 Library    RequestsLibrary
 Library    Process
 Library    String
+Library    jwt
 #Variables  descriptors/SOL006/NSD/nsd_SOL006.yaml
 #Variables  descriptors/SOL001/NSD/nsd_SOL001.yaml
 
@@ -147,6 +148,32 @@ Send Post Request to create new Network Service Descriptor Resource
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output} 
 
+Send Post Request to create new Network Service Descriptor Resource with permitted authorization scope
+    Log    Creating a new network service descriptor
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${body}=    Get File    jsons/createNsdInfoRequest.json
+    ${scopeValue}=    Create Dictionary    scope=${NSD_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.POST    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_descriptors    ${body}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output} 
+
+Send Post Request to create new Network Service Descriptor Resource with not permitted authorization scope
+    Log    Creating a new network service descriptor
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${body}=    Get File    jsons/createNsdInfoRequest.json
+    ${scopeValue}=    Create Dictionary    scope=${NSD_NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.POST    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_descriptors    ${body}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output} 
+
 Check Postcondition NsdInfo Exists
     Log    Checking that nsd info exists
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
@@ -283,6 +310,28 @@ Send DELETE Request for Individual Network Service Descriptor
     REST.DELETE    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_descriptors/${disabledNsdInfoId}
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
+ 
+Send DELETE Request for Individual Network Service Descriptor with permitted authorization scope
+    Log    Trying to perform a DELETE nsdInfo. The nsdInfo should be in "NOT_USED" usageState and in "DISABLED" operationalState.
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${NSD_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.DELETE    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_descriptors/${disabledNsdInfoId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Send DELETE Request for Individual Network Service Descriptor with not permitted authorization scope
+    Log    Trying to perform a DELETE nsdInfo. The nsdInfo should be in "NOT_USED" usageState and in "DISABLED" operationalState.
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${NSD_NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.DELETE    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_descriptors/${disabledNsdInfoId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
 
 Check Postcondition Network Service Descriptor is Deleted
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
@@ -382,8 +431,32 @@ Send PUT Request to upload NSD Content as zip file in asynchronous mode
     Set Suite Variable      ${response}     ${response}
 
 Send PUT Request to upload NSD Content as zip file in synchronous mode
+    Create Session     nbi     ${NFVO_SCHEMA}://${NFVO_HOST}:${NFVO_PORT}  headers={"Accept": "${ACCEPT_JSON}", "Content-Type": "application/zip", "${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}      verify=False
+    ${body}=  Get Binary File  ${contentZipNsd}
+    ${response}=    Put Request     nbi     ${apiRoot}/${apiName}/${apiMajorVersion}/ns_descriptors/${nsdInfoIdZip}/nsd_content     data=${body}
+    Should Be Empty     ${response.text}
+    ${response}=    Create Dictionary   status=${response.status_code}
+    Set Suite Variable      ${response}     ${response}
+
+Send PUT Request to upload NSD Content as zip file in synchronous mode with permitted authorization scope
     Create Session      nbi     ${NFVO_SCHEMA}://${NFVO_HOST}:${NFVO_PORT}  headers={"Accept": "${ACCEPT_JSON}", "Content-Type": "application/zip", "${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}      verify=False
     ${body}=  Get Binary File  ${contentZipNsd}
+    ${scopeValue}=    Create Dictionary    scope=${ARCHIVE_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    ${response}=    Put Request     nbi     ${apiRoot}/${apiName}/${apiMajorVersion}/ns_descriptors/${nsdInfoIdZip}/nsd_content     data=${body}
+    Should Be Empty     ${response.text}
+    ${response}=    Create Dictionary   status=${response.status_code}
+    Set Suite Variable      ${response}     ${response}
+
+Send PUT Request to upload NSD Content as zip file in synchronous mode with not permitted authorization scope
+    Create Session      nbi     ${NFVO_SCHEMA}://${NFVO_HOST}:${NFVO_PORT}  headers={"Accept": "${ACCEPT_JSON}", "Content-Type": "application/zip", "${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}      verify=False
+    ${body}=  Get Binary File  ${contentZipNsd}
+    ${scopeValue}=    Create Dictionary    scope=${ARCHIVE_NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
     ${response}=    Put Request     nbi     ${apiRoot}/${apiName}/${apiMajorVersion}/ns_descriptors/${nsdInfoIdZip}/nsd_content     data=${body}
     Should Be Empty     ${response.text}
     ${response}=    Create Dictionary   status=${response.status_code}
@@ -541,6 +614,32 @@ Send Post Request to create new PNF Descriptor Resource
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output} 
 
+Send Post Request to create new PNF Descriptor Resource with permitted authorization scope
+    Log    Creating a new network service descriptor
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${body}=    Get File    jsons/createPnfdInfoRequest.json
+    ${scopeValue}=    Create Dictionary    scope=${PNFD_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.POST    ${apiRoot}/${apiName}/${apiMajorVersion}/pnf_descriptors    ${body}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output} 
+
+Send Post Request to create new PNF Descriptor Resource with not permitted authorization scope
+    Log    Creating a new network service descriptor
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${body}=    Get File    jsons/createPnfdInfoRequest.json
+    ${scopeValue}=    Create Dictionary    scope=${PNFD_NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.POST    ${apiRoot}/${apiName}/${apiMajorVersion}/pnf_descriptors    ${body}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output} 
+
 Check Postcondition PnfdInfo Exists
     Log    Checking that nsd info exists
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
@@ -611,6 +710,35 @@ Send PATCH to update Individual PNF Descriptor
     Set Suite Variable    ${response}    ${output}
     Set Suite Variable    ${body["userDefinedData"]}    ${userDefinedDataSet}
 
+Send PATCH to update Individual PNF Descriptor with permitted authorization scope
+    Log    Trying to perform a PATCH.
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${body}=    Get File    jsons/PnfdInfoModification.json
+    ${scopeValue}=    Create Dictionary    scope=${PNFD_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.PATCH    ${apiRoot}/${apiName}/${apiMajorVersion}/pnf_descriptors/${pnfdInfoId}    ${body}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+    Set Suite Variable    ${body["userDefinedData"]}    ${userDefinedDataSet}
+
+
+Send PATCH to update Individual PNF Descriptor with not permitted authorization scope
+    Log    Trying to perform a PATCH.
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${body}=    Get File    jsons/PnfdInfoModification.json
+    ${scopeValue}=    Create Dictionary    scope=${PNFD_NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.PATCH    ${apiRoot}/${apiName}/${apiMajorVersion}/pnf_descriptors/${pnfdInfoId}    ${body}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+    Set Suite Variable    ${body["userDefinedData"]}    ${userDefinedDataSet}
+
 Check Postcondition PNF Descriptor is modified according to the requested update
     Log    Checking postcondition op status
     Should Be Equal   ${response['body']['userDefinedData']}    ${userDefinedDataSet} 
@@ -723,6 +851,32 @@ Send PUT Request to upload PNFD Content as zip file
     ${response}=    Create Dictionary   status=${response.status_code}
     Set Suite Variable      ${response}     ${response}
 
+Send PUT Request to upload PNFD Content as zip file with permitted authorization scope
+    Log    Trying to perform a PUT. This method upload the content of a PNFD
+    Create Session      pnfd     ${NFVO_SCHEMA}://${NFVO_HOST}:${NFVO_PORT}      headers={"Accept": "${ACCEPT_PLAIN}", "Content-Type": "application/zip", "${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}      verify=False
+    ${body}=  Get Binary File  ${contentZipPnfd}
+    ${scopeValue}=    Create Dictionary    scope=${PNFD_ARCHIVE_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    ${response}=    Put Request     pnfd     ${apiRoot}/${apiName}/${apiMajorVersion}/pnf_descriptors/${pnfdInfoId}/pnfd_content     data=${body}
+    Should Be Empty     ${response.text}
+    ${response}=    Create Dictionary   status=${response.status_code}
+    Set Suite Variable      ${response}     ${response}
+
+Send PUT Request to upload PNFD Content as zip file with not permitted authorization scope
+    Log    Trying to perform a PUT. This method upload the content of a PNFD
+    Create Session      pnfd     ${NFVO_SCHEMA}://${NFVO_HOST}:${NFVO_PORT}      headers={"Accept": "${ACCEPT_PLAIN}", "Content-Type": "application/zip", "${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}      verify=False
+    ${body}=  Get Binary File  ${contentZipPnfd}
+    ${scopeValue}=    Create Dictionary    scope=${PNFD_ARCHIVE_NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    ${response}=    Put Request     pnfd     ${apiRoot}/${apiName}/${apiMajorVersion}/pnf_descriptors/${pnfdInfoId}/pnfd_content     data=${body}
+    Should Be Empty     ${response.text}
+    ${response}=    Create Dictionary   status=${response.status_code}
+    Set Suite Variable      ${response}     ${response}
+
 Send PUT Request to upload PNFD Content with conflict due to onboarding state
     Log    Trying to perform a PUT. This method upload the content of a PNFD
     Set Headers    {"Accept": "${ACCEPT_ZIP}"}
@@ -769,6 +923,32 @@ Get all NSD Management Subscriptions
     REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
+
+Get all NSD Management Subscriptions with permitted authorization scope
+    [Documentation]    This method shall support the URI query parameters, request and response data structures, and response codes, as
+    ...    specified in the Tables 5.4.8.3.2-1 and 5.4.8.3.2-2.
+    Log    Trying to get the list of subscriptions
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${SUBSCRIPTIONS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Get all NSD Management Subscriptions with not permitted authorization scope
+    [Documentation]    This method shall support the URI query parameters, request and response data structures, and response codes, as
+    ...    specified in the Tables 5.4.8.3.2-1 and 5.4.8.3.2-2.
+    Log    Trying to get the list of subscriptions
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
     
 Get NSD Management Subscriptions with attribute-based filters
     Log    Trying to get the list of subscriptions using filters
@@ -941,7 +1121,29 @@ Get Individual NSD Management Subscription
     REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
-    
+
+Get Individual NSD Management Subscription with permitted authorization scope
+    Log    Trying to get a single subscription identified by subscriptionId
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${SUBSCRIPTIONS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Get Individual NSD Management Subscription with not permitted authorization scope
+    Log    Trying to get a single subscription identified by subscriptionId
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
 GET individual NSD Management Subscription with invalid resource identifier
     Log    Trying to perform a request on a subscriptionID which doesn't exist
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
@@ -1043,6 +1245,28 @@ Get single file NSD in Plain Format
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+Get single file NSD in Plain Format with permitted authorization scope
+    Log    Trying to get a NSD present in the NFVO Catalogue
+    Set Headers    {"Accept": "${ACCEPT_PLAIN}"}
+    ${scopeValue}=    Create Dictionary    scope=${NSDF_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_descriptors/${nsdInfoIdPlain}/nsd
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Get single file NSD in Plain Format with not permitted authorization scope
+    Log    Trying to get a NSD present in the NFVO Catalogue
+    Set Headers    {"Accept": "${ACCEPT_PLAIN}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_descriptors/${nsdInfoIdPlain}/nsd
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
 Get NSD in Zip Format
     Log    Trying to get a NSD present in the NFVO Catalogue
     Set Headers    {"Accept": "${ACCEPT_ZIP}"}
@@ -1141,6 +1365,26 @@ Get NSD Archive Manifest
     REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_descriptors/${nsdInfoIdPlain}/manifest
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
+
+Get NSD Archive Manifest with permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_PLAIN}"}
+    ${scopeValue}=    Create Dictionary    scope=${NSD_MANIFEST_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_descriptors/${nsdInfoIdPlain}/manifest
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Get NSD Archive Manifest with not permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_PLAIN}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_descriptors/${nsdInfoIdPlain}/manifest
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
     
 Get NSD Archive Manifest with security information
     Log    Trying to get a NSD present in the NFVO Catalogue
@@ -1198,6 +1442,28 @@ Get single file PNFD in Plain Format
     REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_descriptors/${pnfdInfoId}/pnfd
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
+
+Get single file PNFD in Plain Format with permitted authorization scope
+    Log    Trying to get a PNFD present in the NFVO Catalogue
+    Set Headers    {"Accept": "${ACCEPT_PLAIN}"}
+    ${scopeValue}=    Create Dictionary    scope=${PNFDF_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_descriptors/${pnfdInfoId}/pnfd
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Get single file PNFD in Plain Format with not permitted authorization scope
+    Log    Trying to get a PNFD present in the NFVO Catalogue
+    Set Headers    {"Accept": "${ACCEPT_PLAIN}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_descriptors/${pnfdInfoId}/pnfd
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
     
 Get PNFD in Zip Format
     Log    Trying to get a PNFD present in the NFVO Catalogue
@@ -1297,6 +1563,27 @@ Get PNFD Archive Manifest
     REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_descriptors/${pnfdInfoId}/manifest
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
+
+Get PNFD Archive Manifest with permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_PLAIN}"}
+    ${scopeValue}=    Create Dictionary    scope=${PNFD_MANIFEST_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_descriptors/${pnfdInfoId}/manifest
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+
+Get PNFD Archive Manifest with not permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_PLAIN}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_descriptors/${pnfdInfoId}/manifest
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
     
 Get PNFD Archive Manifest with security information
     Log    Trying to get a PNFD present in the NFVO Catalogue
@@ -1385,6 +1672,26 @@ GET Individual PNFD Archive Artifact
     REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pnf_descriptors/${pnfdInfoId}/artifacts/${pnfd_artifactPath}
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
+
+GET Individual PNFD Archive Artifact with permitted authorization scope
+    Log    Trying to get a PNFD Archive Artifact
+    ${scopeValue}=    Create Dictionary    scope=${PNFD_ARTIFACTS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pnf_descriptors/${pnfdInfoId}/artifacts/${pnfd_artifactPath}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+GET Individual PNFD Archive Artifact with not permitted authorization scope
+    Log    Trying to get a PNFD Archive Artifact
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pnf_descriptors/${pnfdInfoId}/artifacts/${pnfd_artifactPath}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
     
 GET Individual PNFD Archive Artifact with include_signatures parameter
     Log    Trying to get PNFD Archive Artifact with security certificates
@@ -1458,6 +1765,26 @@ GET Individual NSD Archive Artifact
     REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_descriptors/${nsdInfoId}/artifacts/${artifactPath}
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
+
+GET Individual NSD Archive Artifact with permitted authorization scope
+    Log    Trying to get a NSD Archive Artifact
+    ${scopeValue}=    Create Dictionary    scope=${NSD_ARTIFACTS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_descriptors/${nsdInfoId}/artifacts/${artifactPath}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+GET Individual NSD Archive Artifact with not permitted authorization scope
+    Log    Trying to get a NSD Archive Artifact
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_descriptors/${nsdInfoId}/artifacts/${artifactPath}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
     
 GET Individual NSD Archive Artifact with include_signatures parameter
     Log    Trying to get NSD Archive Artifact with security certificates
@@ -1604,3 +1931,8 @@ Match the NsdmSubscription Response Attributes with NS Descriptors
     Run Keyword If  '${descriptorType}'=='SOL001'    Should Be Equal As Strings    ${response['body']['filter']['nsdVersion']}    ${NS_Version}
     Run Keyword If  '${descriptorType}'=='SOL001'    Should Be Equal As Strings    ${response['body']['filter']['nsdDesigner']}    ${Designer}
     Run Keyword If  '${descriptorType}'=='SOL001'    Should Be Equal As Strings    ${response['body']['filter']['nsdInvariantId']}    ${NS_InvariantID}
+
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded} 
diff --git a/SOL005/NSDManagement-API/NSDescriptors.robot b/SOL005/NSDManagement-API/NSDescriptors.robot
index 84228945efd06ebac5fe5164534fe04d2a8ad5e0..9bc360c3e0e7865b7f3f3604bc8fda8296e77e38 100644
--- a/SOL005/NSDManagement-API/NSDescriptors.robot
+++ b/SOL005/NSDManagement-API/NSDescriptors.robot
@@ -231,4 +231,32 @@ GET all Network Service Descriptors Information with "exclude_default" and "fiel
     GET all Network Service Descriptors Information with exclude_default and fields attribute selector
     Check HTTP Response Status Code Is    200
     Check HTTP Response Body Json Schema Is   NsdInfos
-    Check HTTP Response Body NsdInfos Matches the requested fields selector
\ No newline at end of file
+    Check HTTP Response Body NsdInfos Matches the requested fields selector
+
+Create new Network Service Descriptor Resource with permitted authorization scope
+    [Documentation]    Test ID: 5.3.1.1.18
+    ...    Test title:  Create new Network Service Descriptor Resource with permitted authorization scope
+    ...    Test objective: The objective is to test the creation of a new Create new Network Service Descriptor resource with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: The Network Service Descriptor resource is successfully created on the NFVO
+    Send Post Request to create new Network Service Descriptor Resource with permitted authorization scope
+    Check HTTP Response Status Code Is    201
+    Check HTTP Response Body Json Schema Is   NsdInfo
+    Check HTTP Response Header Contains    Location
+    Check Postcondition NsdInfo Exists
+    Check HTTP Response Body NsInstance content against NS Descriptor
+
+Create new Network Service Descriptor Resource with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.1.1.19
+    ...    Test title:  Create new Network Service Descriptor Resource with permitted authorization scope
+    ...    Test objective: The objective is to test that the creation of a new Create new Network Service Descriptor resource fails when using not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Send Post Request to create new Network Service Descriptor Resource with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/NSDManagement-API/NotificationEndpoint.robot b/SOL005/NSDManagement-API/NotificationEndpoint.robot
index 349392b92a6c22dd4cfc2037932b1f4d350ca2b9..f5a4fc5d8529575c3008fe5210c8d76261609d41 100644
--- a/SOL005/NSDManagement-API/NotificationEndpoint.robot
+++ b/SOL005/NSDManagement-API/NotificationEndpoint.robot
@@ -14,7 +14,7 @@ NSD Onboarding Notification
     ...    Test title: NSD Onboarding Notification
     ...    Test objective: The objective is to test that NSD Onboarding Notification is delivered with success to the notification consumer.
     ...    Pre-conditions: A NSD management subscription for onboarding notification is available in the NFVO.
-    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -26,7 +26,7 @@ NSD Onboarding Failure Notification
     ...    Test title: NSD Onboarding Failure Notification
     ...    Test objective: The objective is to test that NSD Onboarding Failure Notification is delivered with success to the notification consumer.
     ...    Pre-conditions: A NSD management subscription for onboarding failure notification is available in the NFVO.
-    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -38,7 +38,7 @@ NSD Change Notification
     ...    Test title: NSD Change Notification
     ...    Test objective: The objective is to test that NSD Change Notification is delivered with success to the notification consumer.
     ...    Pre-conditions: A NSD management subscription for change notification is available in the NFVO.
-    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -50,7 +50,7 @@ NSD Deletion Notification
     ...    Test title: NSD Deletion Notification
     ...    Test objective: The objective is to test that NSD Deletion Notification is delivered with success to the notification consumer.
     ...    Pre-conditions: A NSD management subscription for deletion notification is available in the NFVO.
-    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -62,7 +62,7 @@ Pnfd Onboarding Notification
     ...    Test title: Pnfd Onboarding Notification
     ...    Test objective: The objective is to test that Pnfd Onboarding Notification is delivered with success to the notification consumer.
     ...    Pre-conditions: A Pnfd management subscription for onboarding notification is available in the NFVO.
-    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -74,7 +74,7 @@ Pnfd Onboarding Failure Notification
     ...    Test title: Pnfd Onboarding Failure Notification
     ...    Test objective: The objective is to test that Pnfd Onboarding Failure Notification is delivered with success to the notification consumer.
     ...    Pre-conditions: A Pnfd management subscription for onboarding failure notification is available in the NFVO.
-    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -86,7 +86,7 @@ Pnfd Deletion Notification
     ...    Test title: pnfd Deletion Notification
     ...    Test objective: The objective is to test that Pnfd Deletion Notification is delivered with success to the notification consumer.
     ...    Pre-conditions: A Pnfd management subscription for deletion notification is available in the NFVO.
-    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL005/NSDManagement-API/Notifications.robot b/SOL005/NSDManagement-API/Notifications.robot
index 34d29a01a0706f79daf470013c490fbc196228d6..35b85aa94f31f3ce0eb25a114bf44a0bca89b400 100644
--- a/SOL005/NSDManagement-API/Notifications.robot
+++ b/SOL005/NSDManagement-API/Notifications.robot
@@ -15,7 +15,7 @@ NSD Onboarding Notification
     ...    Test title: NSD Onboarding Notification
     ...    Test objective: The objective is to test the dispatch of NSD Onboarding notification when the NSD onboarding operation is successfully completed, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A NSD management subscription for onboarding notifications is available in the NFVO.
-    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -28,7 +28,7 @@ NSD Onboarding Failure Notification
     ...    Test title: NSD Onboarding Failure Notification
     ...    Test objective: The objective is to test the dispatch of NSD Onboarding failure notification when the NSD onboarding operation fails, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A NSD management subscription for onboarding failure notifications is available in the NFVO.
-    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -41,7 +41,7 @@ NSD Operational State Change Notification
     ...    Test title: NSD Operational State Change Notification
     ...    Test objective: The objective is to test the dispatch of NSD Operational State Change notification when the NSD operational status change in the NFVO, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A NSD management subscription for operational state change notifications is available in the NFVO.
-    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -54,7 +54,7 @@ NSD Deletion Notification
     ...    Test title: NSD Deletion Notification
     ...    Test objective: The objective is to test the dispatch of NSD Deletion notification when the NSD is deleted from the NFVO, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A NSD management subscription for deletion notifications is available in the NFVO.
-    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -67,7 +67,7 @@ PNFD Onboarding Notification
     ...    Test title: PNFD Onboarding Notification
     ...    Test objective: The objective is to test the dispatch of PNFD Onboarding notification when the PNFD onboarding operation is successfully completed, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A PNFD management subscription for onboarding notifications is available in the NFVO.
-    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -80,7 +80,7 @@ PNFD Onboarding Failure Notification
     ...    Test title: PNFD Onboarding Failure Notification
     ...    Test objective: The objective is to test the dispatch of PNFD Onboarding failure notification when the PNFD onboarding operation fails, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A PNFD management subscription for onboarding failure notifications is available in the NFVO.
-    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -93,7 +93,7 @@ PNFD Deletion Notification
     ...    Test title: PNFD Deletion Notification
     ...    Test objective: The objective is to test the dispatch of PNFD Deletion notification when the PNFD is deleted from the NFVO, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A PNFD management subscription for deletion notifications is available in the NFVO.
-    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
diff --git a/SOL005/NSDManagement-API/PNFD.robot b/SOL005/NSDManagement-API/PNFD.robot
index c75b88d28f407481f67e2c687c4ca3b2faabbe52..d39fd0bf506127f3bb8f166078029bc83b97ee41 100644
--- a/SOL005/NSDManagement-API/PNFD.robot
+++ b/SOL005/NSDManagement-API/PNFD.robot
@@ -13,7 +13,7 @@ Get single file PNFD in Plain Format
     ...    Test title: Get single file PNFD in Plain Format
     ...    Test objective: The objective is to test the retrieval of the PNFD in plain format within a PNFD archive and perform a validation that returned content is in plain format
     ...    Pre-conditions: One or more PNFDs are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.7a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The PNFD is implemented as a single file
     ...    Post-Conditions: none
@@ -26,7 +26,7 @@ Get PNFD in Zip Format
     ...    Test title: Get PNFD in Zip Format
     ...    Test objective: The objective is to test the retrieval of the PNFD in zip format within a PNFD archive and perform a validation that returned content is in zip format
     ...    Pre-conditions: One or more PNFDs are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.7a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -39,7 +39,7 @@ Get single file PNFD in Plain or Zip Format
     ...    Test title: Get single file PNFDin Plain or Zip Format
     ...    Test objective: The objective is to test the retrieval of the single file PNFD within a PNFD archive when requesting Plain or Zip format to NFVO by including both formats in the request, and perform a validation that response is in Plain or Zip format
     ...    Pre-conditions: One or more PNFDs are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.7a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The PNFD is implemented as a single file
     ...    Post-Conditions: none
@@ -52,7 +52,7 @@ Get multi file PNFD in Plain or Zip Format
     ...    Test title: Get multi file PNFD in Plain or Zip Format
     ...    Test objective: The objective is to test the retrieval of the multi file PNFD within a PNFD archive when requesting Plain or Zip format to NFVO by including both formats in the request, and perform a validation that returned content is in Zip format
     ...    Pre-conditions: One or more PNFDs are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.7a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The PNFD is implemented as a multi file
     ...    Post-Conditions: none
@@ -65,7 +65,7 @@ Get multi file PNFD in Plain Format
     ...    Test title: Get multi file PNFD in Plain Format
     ...    Test objective: The objective is to test that the retrieval of the multi file PNFD within a PNFD archive fails when requesting it in Plain format, and perform a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: One or more PNFDs are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.7a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The PNFD is implemented as a multi file
     ...    Post-Conditions: none
@@ -78,7 +78,7 @@ Get PNFD Content with invalid resource identifier
     ...    Test title: Get PNFD Content with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of the PNFD within a PNFD archive fails when using an invalid resource identifier
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.7a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -91,7 +91,7 @@ Get PNFD with conflict due to onboarding state
     ...    Test title: Get PNFD with conflict due to onboarding state
     ...    Test objective: The objective is to test that the retrieval of the PNFD within a PNFD archive fails due to a conflict when the PNFD is not in onboarding state ONBOARDED in the NFVO. The test also performs a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: The onboarding state of the PNFD is different from ONBOARDED.
-    ...    Reference: Clause 5.4.7a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -104,7 +104,7 @@ Get PNFD with security information
     ...    Test title: Get PNFD with security information
     ...    Test objective: The objective is to test the retrieval of the PNFD within a PNFD archive shall include in the ZIP archive the security information when requested with "include_signature" parameter
     ...    Pre-conditions: One or more PNFDs are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.7a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -117,7 +117,7 @@ POST PNFD - Method not implemented
     ...    Test title: POST PNFD - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new PNFD
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.7a.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7a.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -129,7 +129,7 @@ PUT PNFD - Method not implemented
     ...    Test title: PUT PNFD - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update PNFD
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.7a.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7a.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -141,7 +141,7 @@ PATCH PNFD - Method not implemented
     ...    Test title: PATCH PNFD - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update PNFD
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.7a.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7a.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -153,9 +153,34 @@ DELETE PNFD - Method not implemented
     ...    Test title: DELETE PNFD - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete PNFD
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.7a.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7a.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send DELETE Request for PNFD
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+Get single file PNFD in Plain Format with permitted authorization scope
+    [Documentation]    Test ID: 5.3.1.13.13
+    ...    Test title: Get single file PNFD in Plain Format with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of the PNFD in plain format within a PNFD archive with permitted authorization scope
+    ...    Pre-conditions: One or more PNFDs are onboarded in the NFVO.
+    ...    Reference: Clause 5.4.7a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: The PNFD is implemented as a single file
+    ...    Post-Conditions: none
+    Get single file PNFD in Plain Format with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Header Content-Type Is    text/plain
+
+Get single file PNFD in Plain Format with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.1.13.14
+    ...    Test title: Get single file PNFD in Plain Format with not permitted authorization scope
+    ...    Test objective: The objective is to test that the retrieval of the PNFD in plain format within a PNFD archive fails when using a not permitted authorization scope
+    ...    Pre-conditions: One or more PNFDs are onboarded in the NFVO.
+    ...    Reference: Clause 5.4.7a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: The PNFD is implemented as a single file
+    ...    Post-Conditions: none
+    Get single file PNFD in Plain Format with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/NSDManagement-API/PNFDArchiveContent.robot b/SOL005/NSDManagement-API/PNFDArchiveContent.robot
index 90166c4fd3b43efea2e638ef546eac32e6f15980..7605003a8b9e0665f10cb5d6501b29ed1fbd42c7 100644
--- a/SOL005/NSDManagement-API/PNFDArchiveContent.robot
+++ b/SOL005/NSDManagement-API/PNFDArchiveContent.robot
@@ -13,7 +13,7 @@ Get PNFD Content
     ...    Test title: Get PNFD Content
     ...    Test objective: The objective is to test the retrieval of the PNFD Content in zip format and perform a validation that returned content is in plain format
     ...    Pre-conditions: One or more PNFDs are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -26,7 +26,7 @@ Get PNFD Content with invalid resource identifier
     ...    Test title: Get PNFD Content with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of the PNFD Content fails when using an invalid resource identifier
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -39,7 +39,7 @@ Get PNFD Content with conflict due to onboarding state
     ...    Test title: Get PNFD Content with conflict due to onboarding state
     ...    Test objective: The objective is to test that the retrieval of the PNFD Content fails due to a conflict when the PNFD is not in onboarding state ONBOARDED in the NFVO. The test also performs a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: The onboarding state of the PNFD for which the PNFD Content is requested is different from ONBOARDED.
-    ...    Reference: Clause 5.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -52,7 +52,7 @@ Upload PNFD Content as zip file
     ...    Test title: Upload PNFD Content as zip file
     ...    Test objective: The objective is to test the upload of a PNFD Content in plain text format.
     ...    Pre-conditions: One or more PNFDs are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.7.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The uploaded PNFD content is available in the NFVO
@@ -65,7 +65,7 @@ Upload PNFD Content with conflict due to onboarding state
     ...    Test title: Upload PNFD Content with conflict due to onboarding state
     ...    Test objective: The objective is to test that the upload of the PNFD Content fails due to a conflict when the PNFD is not in onboarding state CREATED in the NFVO. The test also performs a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: The onboarding state of the PNFD for which the PNFD Content is requested is different from CREATED.
-    ...    Reference: Clause 5.4.7.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -78,7 +78,7 @@ POST PNFD Content - Method not implemented
     ...    Test title: POST PNFD Content - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new PNF Descriptor content
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.7.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -90,7 +90,7 @@ PATCH PNFD Content - Method not implemented
     ...    Test title: PATCH PNFD Content - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update PNF Descriptor content
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.7.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -102,7 +102,7 @@ DELETE PNFD Content - Method not implemented
     ...    Test title: DELETE PNFD Content - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete PNF Descriptor content
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.7.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -114,7 +114,7 @@ Get PNFD Content with Range Request and NFVO supporting Range Requests
     ...    Test title: Get PNFD Content with Range Request and NFVO supporting Range Requests
     ...    Test objective: The objective is to test the retrieval of the PNFD Content in plain format when using a range request to return single range of bytes from the file, with the NFVO supporting it
     ...    Pre-conditions: One or more PNFDs are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -128,7 +128,7 @@ Get PNFD Content with invalid Range Request
     ...    Test title: Get PNFD Content with invalid Range Request
     ...    Test objective: The objective is to test the retrieval of the PNFD Content in plain format and perform a validation that returned content is in plain format
     ...    Pre-conditions: One or more PNFDs are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -141,10 +141,35 @@ Upload PNFD Archive Content
     ...    Test title: Upload PNFD Archive Content
     ...    Test objective: The objective is to test the PNFD archive has been accepted for uploading, but the processing has not been completed.
     ...    Pre-conditions: One or more PNFDs are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.7.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send PUT Request to upload PNFD Content as zip file
     Check HTTP Response Status Code Is    202
-    Wait for individual grant successful notification
\ No newline at end of file
+    Wait for individual grant successful notification
+
+Upload PNFD Content as zip file with permitted authorization scope
+    [Documentation]    Test ID: 5.3.1.6.12
+    ...    Test title: Upload PNFD Content as zip file with permitted authorization scope
+    ...    Test objective: The objective is to test the upload of a PNFD Content in zip format with permitted authorization scope.
+    ...    Pre-conditions: One or more PNFDs are onboarded in the NFVO.
+    ...    Reference: Clause 5.4.7.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: The uploaded PNFD content is available in the NFVO
+    Send PUT Request to upload PNFD Content as zip file with permitted authorization scope
+    Check HTTP Response Status Code Is    204
+    Check Postcondition PNFD Content Exists
+
+Upload PNFD Content as zip file with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.1.6.13
+    ...    Test title: Upload PNFD Content as zip file with not permitted authorization scope
+    ...    Test objective: The objective is to test the upload of a PNFD Content in zip format fails when using not permitted authorization scope.
+    ...    Pre-conditions: One or more PNFDs are onboarded in the NFVO.
+    ...    Reference: Clause 5.4.7.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: noe
+    Send PUT Request to upload PNFD Content as zip file with permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/NSDManagement-API/PNFDArchiveManifest.robot b/SOL005/NSDManagement-API/PNFDArchiveManifest.robot
index d81b6947f0268e02bebf141b36c2da07bc7536f2..a069715f0db2a23b70897ccddf5fa3a481ff2228 100644
--- a/SOL005/NSDManagement-API/PNFDArchiveManifest.robot
+++ b/SOL005/NSDManagement-API/PNFDArchiveManifest.robot
@@ -12,7 +12,7 @@ Get PNFD Archive Manifest
     ...    Test title: Get PNFD Archive Manifest
     ...    Test objective: The objective is to test that GET method reads the content of the manifest file within an PNFD archive
     ...    Pre-conditions: One or more PNFDs are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.7b.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7b.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -25,7 +25,7 @@ Get PNFD Archive Manifest with security information
     ...    Test title: Get PNFD Archive Manifest with security information
     ...    Test objective: The objective is to test the retrieval of content of the manifest file within an PNFD archive shall include in the ZIP archive the security information when requested with "include_signature" parameter
     ...    Pre-conditions: One or more PNFDs are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.7b.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7b.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -38,7 +38,7 @@ Get PNFD Archive Manifest with conflict due to onboarding state
     ...    Test title: Get PNFD Archive Manifest with conflict due to onboarding state
     ...    Test objective: The objective is to test that the retrieval of content of the manifest file within an PNFD archive fails due to a conflict when the PNFD is not in onboarding state ONBOARDED in the NFVO. The test also performs a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: The onboarding state of the PNFD is different from ONBOARDED.
-    ...    Reference: Clause 5.4.7b.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7b.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -51,7 +51,7 @@ POST PNFD Archive Manifest - Method not implemented
     ...    Test title: POST PNFD Archive Manifest - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new Network Service Descriptor Archive Manifest
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.7b.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7b.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -63,7 +63,7 @@ PUT PNFD Archive Manifest - Method not implemented
     ...    Test title: PUT PNFD Archive Manifest - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update Network Service Descriptor Archive Manifest
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.7b.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7b.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -75,7 +75,7 @@ PATCH PNFD Archive Manifest - Method not implemented
     ...    Test title: PATCH PNFD Archive Manifest - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update Network Service Descriptor Archive Manifest
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.7b.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7b.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -87,9 +87,34 @@ DELETE PNFD Archive Manifest - Method not implemented
     ...    Test title: DELETE PNFD Archive Manifest - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete Network Service Descriptor Archive Manifest
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.7b.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.7b.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send DELETE Request for PNFD Archive Manifest
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+Get PNFD Archive Manifest with permitted authorization scope
+    [Documentation]    Test ID: 5.3.1.14.8
+    ...    Test title: Get PNFD Archive Manifest with permitted authorization scope
+    ...    Test objective: The objective is to test that GET method reads the content of the manifest file within an PNFD archive with permitted authorization scope
+    ...    Pre-conditions: One or more PNFDs are onboarded in the NFVO.
+    ...    Reference: Clause 5.4.7b.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get PNFD Archive Manifest with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Header Content-Type Is    text/plain
+
+Get PNFD Archive Manifest with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.1.14.9
+    ...    Test title: Get PNFD Archive Manifest with not permitted authorization scope
+    ...    Test objective: The objective is to test that GET method to read the content of the manifest file within an PNFD archive fails when a not permitted authorization scope
+    ...    Pre-conditions: One or more PNFDs are onboarded in the NFVO.
+    ...    Reference: Clause 5.4.7b.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get PNFD Archive Manifest with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
diff --git a/SOL005/NSDManagement-API/PNFDescriptors.robot b/SOL005/NSDManagement-API/PNFDescriptors.robot
index f649c0213379b1c342d5a85a1b811a4f25760eab..f79b7a455835b3878fe8e6f5245808c61d707748 100644
--- a/SOL005/NSDManagement-API/PNFDescriptors.robot
+++ b/SOL005/NSDManagement-API/PNFDescriptors.robot
@@ -13,7 +13,7 @@ GET all PNF Descriptors Information
     ...    Test title: GET all PNF Descriptors Information
     ...    Test objective: The objective is to test the retrieval of all the PNF Descriptors information and perform a JSON schema and content validation of the collected data structure
     ...    Pre-conditions: One or more PNF Descriptors are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -26,7 +26,7 @@ GET PNF Descriptors Information with attribute-based filter
     ...    Test title: GET PNF Descriptors Information with attribute-based filter
     ...    Test objective: The objective is to test the retrieval of PNF Descriptors information using attribute-based filter, perform a JSON schema validation of the collected data structure, and verify that the retrieved information matches the issued attribute-based filter
     ...    Pre-conditions: One or more PNF Descriptors are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -40,7 +40,7 @@ GET PNF Descriptors Information with invalid attribute-based filter
     ...    Test title: GET PNF Descriptors Information with invalid attribute-based filter
     ...    Test objective: The objective is to test that the retrieval of PNF Descriptors information fails when using invalid attribute-based filter, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: One or more PNF Descriptors are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -53,7 +53,7 @@ GET all PNF Descriptors Information with "all_fields" attribute selector
     ...    Test title: GET all PNF Descriptors Information with "all_fields" attribute selector
     ...    Test objective: The objective is to test the retrieval of all PNF Descriptors Information with "all_fields" attribute selector, perform a JSON schema validation of the collected data structure, and verify that the retrieved information matches the issued "all_fileds" selector
     ...    Pre-conditions: One or more PNF Descriptors are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -67,7 +67,7 @@ GET all PNF Descriptors Information with "exclude_default" attribute selector
     ...    Test title: GET all PNF Descriptors Information with "exclude_default" attribute selector
     ...    Test objective: The objective is to test the retrieval of all PNF Descriptors Information with "exclude_default" attribute selector, perform a JSON schema validation of the collected data structure, and verify that the retrieved information matches the issued "exclude_default" selector
     ...    Pre-conditions: One or more PNF Descriptors are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -81,7 +81,7 @@ GET all PNF Descriptors Information with "fields" attribute selector
     ...    Test title: GET all PNF Descriptors Information with "fields" attribute selector
     ...    Test objective: The objective is to test the retrieval of all PNF Descriptors Information with "fields" attribute selector, perform a JSON schema validation of the collected data structure, and verify that the retrieved information matches the issued "fields" selector
     ...    Pre-conditions: One or more PNF Descriptors are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports the use of "fields" attribute selector
     ...    Post-Conditions: none
@@ -95,7 +95,7 @@ GET all PNF Descriptors Information with "exclude_fields" attribute selector
     ...    Test title: GET all PNF Descriptors Information with "exclude_fields" attribute selector
     ...    Test objective: The objective is to test the retrieval of all PNF Descriptors Information with "exclude_fields" attribute selector, perform a JSON schema validation of the collected data structure, and verify that the retrieved information matches the issued "exclude_fields" selector
     ...    Pre-conditions: One or more PNF Descriptors are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports the use of "exclude_fields" attribute selector
     ...    Post-Conditions: none
@@ -109,7 +109,7 @@ Create new PNF Descriptor Resource
     ...    Test title:  Create new PNF Descriptor Resource
     ...    Test objective: The objective is to test the creation of a new Create new PNF Descriptor resource and perform the JSON schema validation of the returned structure
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.5.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.5.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The PNF Descriptor resource is successfully created on the NFVO
@@ -124,7 +124,7 @@ PUT all PNF Descriptors - Method not implemented
     ...    Test title: PUT all PNF Descriptors Information - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify PNF Descriptors Information
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.5.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.5.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -136,7 +136,7 @@ PATCH all PNF Descriptors - Method not implemented
     ...    Test title: PATCH all PNF Descriptors Information - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update NF Descriptors Information
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.5.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.5.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -148,7 +148,7 @@ DELETE all PNF Descriptors - Method not implemented
     ...    Test title: DELETE all PNF Descriptors Information - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete PNF Descriptors Information
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.5.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.5.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -160,7 +160,7 @@ GET all PNF Descriptors Information as Paged Response
     ...    Test title: GET all PNF Descriptors Information as Paged Response
     ...    Test objective: The objective is to test the retrieval of all the PNF Descriptors information as a Paged Response.
     ...    Pre-conditions: One or more PNF Descriptors are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -173,7 +173,7 @@ GET PNF Descriptors Information - Bad Request Response too Big
     ...    Test title: GET PNF Descriptors Information - Bad Request Response too Big
     ...    Test objective: The objective is to test that the retrieval of PNF Descriptors information fails because response is too big, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: One or more PNF Descriptors are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -186,11 +186,38 @@ GET all PNF Descriptors Information with "exclude_default" and "fields" attribut
     ...    Test title: GET all PNF Descriptors Information with "exclude_default" and "fields" attribute selector
     ...    Test objective: The objective is to test the retrieval of all PNF Descriptors Information with "exclude_default" and "fields" attribute selector, perform a JSON schema validation of the collected data structure, and verify that the retrieved information matches the issued "exclude_default" and "fields" selector
     ...    Pre-conditions: One or more PNF Descriptors are onboarded in the NFVO.
-    ...    Reference: Clause 5.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports the use of "exclude_default" and "fields" attribute selector
     ...    Post-Conditions: none
     GET all PNF Descriptors Information with exclude_default and fields attribute selector
     Check HTTP Response Status Code Is    200
     Check HTTP Response Body Json Schema Is   PnfdInfos
-    Check HTTP Response Body PnfdInfos Matches the requested fields selector
\ No newline at end of file
+    Check HTTP Response Body PnfdInfos Matches the requested fields selector
+
+Create new PNF Descriptor Resource with permitted authorization scope
+    [Documentation]    Test ID: 5.3.1.4.15
+    ...    Test title:  Create new PNF Descriptor Resource with permitted authorization scope
+    ...    Test objective: The objective is to test the creation of a new Create new PNF Descriptor resource with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.5.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: The PNF Descriptor resource is successfully created on the NFVO
+    Send Post Request to create new PNF Descriptor Resource with permitted authorization scope
+    Check HTTP Response Status Code Is    201
+    Check HTTP Response Body Json Schema Is   PnfdInfo
+    Check HTTP Response Header Contains    Location
+    Check Postcondition PnfdInfo Exists
+
+Create new PNF Descriptor Resource with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.1.4.16
+    ...    Test title:  Create new PNF Descriptor Resource with not permitted authorization scope
+    ...    Test objective: The objective is to test that the creation of a new Create new PNF Descriptor resource fails when using not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.5.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Send Post Request to create new PNF Descriptor Resource with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/NSDManagement-API/Subscriptions.robot b/SOL005/NSDManagement-API/Subscriptions.robot
index d50b449201454fee970b13d79a199b9c383a4e45..bbe5044a87ce978a94b4e2614cd8df21e0915dd1 100644
--- a/SOL005/NSDManagement-API/Subscriptions.robot
+++ b/SOL005/NSDManagement-API/Subscriptions.robot
@@ -15,7 +15,7 @@ Get All NSD Management Subscriptions
     ...    Test title: Get All NSD Management Subscriptions
     ...    Test objective: The objective is to test the retrieval of all NSD Management subscriptions and perform a JSON schema validation of the returned subscriptions data structure
     ...    Pre-conditions: At least one NSD Management subscription is available in the NFVO.
-    ...    Reference: Clause 5.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -28,7 +28,7 @@ Get NSD Management Subscriptions with attribute-based filter
     ...    Test title: Get NSD Management Subscriptions with attribute-based filter
     ...    Test objective: The objective is to test the retrieval of NSD Management subscriptions using attribute-based filter, perform a JSON schema validation of the collected data structure, and verify that the retrieved information matches the issued attribute-based filters 
     ...    Pre-conditions: At least one NSD Management subscription is available in the NFVO.
-    ...    Reference: Clause 5.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -42,7 +42,7 @@ Get NSD Management Subscriptions with invalid attribute-based filter
     ...    Test title: Get NSD Management Subscriptions with attribute-based filters
     ...    Test objective: The objective is to test that the retrieval of NSD Management subscriptions fails when using invalid attribute-based filters, and perform the JSON schema validation of the failed operation HTTP response. 
     ...    Pre-conditions: At least one NSD Management subscription is available in the NFVO.
-    ...    Reference: Clause 5.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -55,7 +55,7 @@ GET NSD Management Subscription with invalid resource endpoint
     ...    Test title: GET NSD Management Subscription with invalid resource endpoint
     ...    Test objective: The objective is to test that the retrieval of all NSD Management subscriptions fails when using invalid resource endpoint.
     ...    Pre-conditions: At least one NSD Management subscription is available in the NFVO.
-    ...    Reference: Clause 5.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -68,7 +68,7 @@ Create new NSD Management subscription
     ...    Test title: Create new NSD Management subscription
     ...    Test objective: The objective is to test the creation of a new NSD Management subscription and perform a JSON schema and content validation of the returned subscription data structure
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.8.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.8.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The NSD Management subscription is successfully set and it matches the issued subscription
@@ -84,7 +84,7 @@ Create duplicated NSD Management subscription with NFVO not creating duplicated
     ...    Test title: Create duplicated NSD Management subscription with NFVO not creating duplicated subscriptions
     ...    Test objective: The objective is to test the attempt of a creation of a duplicated NSD Management subscription and check that no new subscription is created by the NFVO and a link to the original subscription is returned
     ...    Pre-conditions: At least one NSD Management subscription is available in the NFVO.
-    ...    Reference: Clause 5.4.8.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.8.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO does not support the creation of duplicated subscriptions
     ...    Post-Conditions: The existing NSD Management subscription returned is available in the NFVO
@@ -100,7 +100,7 @@ Create duplicated NSD Management subscription with NFVO creating duplicated subs
     ...    Test title: Create duplicated NSD Management subscription with NFVO creating duplicated subscriptions
     ...    Test objective: The objective is to test the creation of a duplicated NSD Management subscription and perform a JSON schema and content validation of the returned duplicated subscription data structure
     ...    Pre-conditions: At least one NSD Management subscription is available in the NFVO.
-    ...    Reference: Clause 5.4.8.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.8.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports the creation of duplicated subscriptions
     ...    Post-Conditions: The duplicated NSD Management subscription is successfully set and it matches the issued subscription    
@@ -115,7 +115,7 @@ PUT NSD Management Subscriptions - Method not implemented
     ...    Test title: PUT NSD Management Subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify NSD Management subscriptions
     ...    Pre-conditions: At least one NSD Management subscription is available in the NFVO.
-    ...    Reference: Clause 5.4.8.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.8.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -127,7 +127,7 @@ PATCH NSD Management Subscriptions - Method not implemented
     ...    Test title: PATCH NSD Management Subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update NSD Management subscriptions
     ...    Pre-conditions: At least one NSD Management subscription is available in the NFVO.
-    ...    Reference: Clause 5.4.8.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.8.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -139,7 +139,7 @@ DELETE NSD Management Subscriptions - Method not implemented
     ...    Test title: DELETE NSD Management Subscriptions - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete NSD Management subscriptions
     ...    Pre-conditions: At least one NSD Management subscription is available in the NFVO.
-    ...    Reference: Clause 5.4.8.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.8.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The NSD Management subscriptions are not deleted by the failed operation 
@@ -152,7 +152,7 @@ Get All NSD Management Subscriptions as Paged Response
     ...    Test title: Get All NSD Management Subscriptions as Paged Response
     ...    Test objective: The objective is to test the retrieval of all NSD Management subscriptions as a Paged Response.
     ...    Pre-conditions: At least one NSD Management subscription is available in the NFVO.
-    ...    Reference: Clause 5.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -165,7 +165,7 @@ Get NSD Management Subscriptions - Bad Request Response too Big
     ...    Test title: Get NSD Management Subscriptions - Bad Request Response too Big
     ...    Test objective: The objective is to test that the retrieval of NSD Management subscriptions fails because reponse is too big, and perform the JSON schema validation of the failed operation HTTP response. 
     ...    Pre-conditions: At least one NSD Management subscription is available in the NFVO.
-    ...    Reference: Clause 5.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -178,9 +178,34 @@ Create new NSD Management subscription - Unprocessable Content
     ...    Test title: Create new NSD Management subscription - Unprocessable Content
     ...    Test objective: The objective is to test the creation of a new NSD Management subscription fials when content type of the payload body is supported and the payload body of a request contains syntactically correct data but the data cannot be processed
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.4.8.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 5.4.8.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send Post Request for NSD Management Subscription
     Check HTTP Response Status Code Is    422
+
+Get All NSD Management Subscriptions with permitted authorization scope
+    [Documentation]    Test ID: 5.3.1.7.14
+    ...    Test title: Get All NSD Management Subscriptions with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of all NSD Management subscriptions with permitted authorization scope
+    ...    Pre-conditions: At least one NSD Management subscription is available in the NFVO.
+    ...    Reference: Clause 5.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none    
+    Get all NSD Management Subscriptions with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    NsdmSubscriptions
+
+Get All NSD Management Subscriptions with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.1.7.15
+    ...    Test title: Get All NSD Management Subscriptions with not permitted authorization scope
+    ...    Test objective: The objective is to test that the retrieval of all NSD Management subscriptions fails when using a not permitted authorization scope
+    ...    Pre-conditions: At least one NSD Management subscription is available in the NFVO.
+    ...    Reference: Clause 5.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none    
+    Get all NSD Management Subscriptions with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
diff --git a/SOL005/NSDManagement-API/descriptors/SOL001/NSD/nsd_SOL001.yaml b/SOL005/NSDManagement-API/descriptors/SOL001/NSD/nsd_SOL001.yaml
index a2a363b27113f2a4aa78dc15a4e30dfec4f83b01..f0ef3b27b9303f96fc72ea9909190c3f1cf196a0 100644
--- a/SOL005/NSDManagement-API/descriptors/SOL001/NSD/nsd_SOL001.yaml
+++ b/SOL005/NSDManagement-API/descriptors/SOL001/NSD/nsd_SOL001.yaml
@@ -1,4 +1,4 @@
-tosca_definitions_version: "tosca_simple_yaml_1_2"
+tosca_definitions_version: "tosca_simple_yaml_1_3"
 tosca_default_namespace: "toscanfv"
 description: "Referenxce NSD descriptor "
 metadata:
@@ -47,7 +47,7 @@ topology_template:
         flavourId: "VNF-B_flavor"
         flavourDescription: "VNF-B flavor"
         vnfm_info: 
-          - 'etsivnfm:v2.3.1'
+          - 'etsivnfm:v4.5.1'
       requirements:
         virtualLink:
           ext_b_left: "vl_left"
diff --git a/SOL005/NSDManagement-API/environment/variables.txt b/SOL005/NSDManagement-API/environment/variables.txt
index 1f6581e323531ce0ede03853fc3233fce50c1ffb..482353d85f225bc165b306eb9347b6d83f99c52e 100644
--- a/SOL005/NSDManagement-API/environment/variables.txt
+++ b/SOL005/NSDManagement-API/environment/variables.txt
@@ -9,6 +9,26 @@ ${ACCEPT_JSON}    application/json
 ${apiRoot}        /
 ${AUTH_USAGE}     1
 ${NEG_AUTHORIZATION_TOKEN}    Bearer negativetoken
+
+${OAUTH_ENCRIPTION_ALGORITHM}    HS256
+${NSD_PERMITTED_SCOPE}    nsd:v2:ns_descriptors
+${NSD_NOT_PERMITTED_SCOPE}    nsd:v2:ns_descriptors:readonly
+${ARCHIVE_PERMITTED_SCOPE}    nsd:v2:nsd_archive_content
+${ARCHIVE_NOT_PERMITTED_SCOPE}    nsd:v2:nsd_archive_content:readonly
+${NSDF_PERMITTED_SCOPE}    nsd:v2:nsd:readonly
+${NSD_MANIFEST_PERMITTED_SCOPE}    nsd:v2:nsd:readonly
+${NSD_ARTIFACTS_PERMITTED_SCOPE}    nsd:v2:nsd_artifacts:readonly 
+${PNFD_PERMITTED_SCOPE}    nsd:v2:pnf_descriptors
+${PNFD_NOT_PERMITTED_SCOPE}    nsd:v2:pnf_descriptors:readonly
+${PNFD_ARCHIVE_PERMITTED_SCOPE}    nsd:v2:pnfd_archive_content
+${PNFD_ARCHIVE_NOT_PERMITTED_SCOPE}    nsd:v2:pnfd_archive_content:readonly
+${PNFF_PERMITTED_SCOPE}    nsd:v2:pnfd:readonly
+${PNFD_MANIFEST_PERMITTED_SCOPE}    nsd:v2:pnfd:readonly
+${PNFD_ARTIFACTS_PERMITTED_SCOPE}    nsd:v2:pnfd_artifacts:readonly 
+${SUBCRIPTIONS_PERMITTED_SCOPE}    nsd:v2:subscriptions
+${NOT_PERMITTED_SCOPE}    nsd:v2:nvalid
+
+
 ${apiMajorVersion}     v2
 ${apiName}        nsd
 ${MOCK_SERVER_JAR}    ../../../bin/mockserver-netty-5.5.0-jar-with-dependencies.jar
diff --git a/SOL005/NSFaultManagement-API/Alarms.robot b/SOL005/NSFaultManagement-API/Alarms.robot
index 65966d475507eabb000c34c4046afd97ba195dbb..138740b0ddbeff99b5ba1ca6a13cba422b73d5d4 100644
--- a/SOL005/NSFaultManagement-API/Alarms.robot
+++ b/SOL005/NSFaultManagement-API/Alarms.robot
@@ -12,7 +12,7 @@ POST Alarms - Method not implemented
     ...    Test title:POST Alarms - Method not implemented
     ...    Test objective: The objective is to test that Post method is not allowed to create Fault management alarms on NFV
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none 
     ...    Post-Conditions:  none
@@ -24,7 +24,7 @@ GET information about multiple alarms
     ...    Test title: GET information about multiple alarms
     ...    Test objective: The objective is to retrieve information about the alarm list and perform a JSON schema and content validation of the returned alarms data structure
     ...    Pre-conditions:  none
-    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO 
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -37,7 +37,7 @@ GET information about multiple alarms with filters
     ...    Test title: GET information about multiple alarms with filters
     ...    Test objective: The objective is to retrieve information about the alarm list and perform a JSON schema and content validation of the returned alarms data structure, and verify that the retrieved information matches the issued attribute-based filters 
     ...    Pre-conditions:  none
-    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO 
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -50,7 +50,7 @@ GET information about multiple alarms Bad Request Invalid attribute-based filter
     ...    Test title: GET information about multiple alarms Bad Request Invalid attribute-based filtering parameters
     ...    Test objective:  The objective is to try to retrieve information about the alarm list with invalid filters and perform a JSON schema and content validation of the returned problem details data structure
     ...    Pre-conditions:  none
-    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  none
     ...    Post-Conditions:  none
@@ -63,7 +63,7 @@ GET information about multiple alarms with "all_fields" attribute selector
     ...    Test title: GET information about multiple alarms with "all_fields" attribute selector
     ...    Test objective: The objective is to retrieve information about the alarm list
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.2.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.2.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -76,7 +76,7 @@ GET information about multiple alarms with exclude_default attribute selector
     ...    Test title: GET information about multiple alarms with "exclude_default" attribute selector
     ...    Test objective: The objective is to retrieve information about the alarm list
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.2.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.2.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -90,7 +90,7 @@ GET information about multiple alarms with fields attribute selector
     ...    Test title: GET information about multiple alarms with fields attribute selector
     ...    Test objective: The objective is to retrieve information about the alarm list
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.2.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.2.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -103,7 +103,7 @@ GET information about multiple alarms with "exclude_fields" attribute selector
     ...    Test title: GET information about multiple alarms with "exclude_fields" attribute selector
     ...    Test objective: The objective is to retrieve information about the alarm list
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.2.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.2.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -116,7 +116,7 @@ PUT Alarms - Method not implemented
     ...    Test title: PUT Alarms - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed for Fault management alarms on NFV
     ...    Pre-conditions:  none
-    ...    Reference: Clause 8.4.2.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.2.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -128,7 +128,7 @@ PATCH Alarms - Method not implemented
     ...    Test title: PATCH Alarms - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed for Fault management alarms on NFV
     ...    Pre-conditions:  none
-    ...    Reference: Clause 8.4.2.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.2.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -140,7 +140,7 @@ DELETE Alarms - Method not implemented
     ...    Test title: DELETE Alarms - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed for Fault management alarms on NFV
     ...    Pre-conditions:  none
-    ...    Reference: Clause 8.4.2.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.2.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -152,7 +152,7 @@ GET information about multiple alarms as Paged Response
     ...    Test title: GET information about multiple alarms as Paged Response
     ...    Test objective: The objective is to retrieve information about the alarm list as paged response.
     ...    Pre-conditions:  none
-    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO 
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -165,7 +165,7 @@ GET information about multiple alarms - Bad Request Response too Big
     ...    Test title: GET information about multiple alarms - Bad Request Response too Big
     ...    Test objective:  The objective is to test that the retrieval of information about the alarm list fails because response is too big, and perform a JSON schema and content validation of the returned problem details data structure
     ...    Pre-conditions:  none
-    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  none
     ...    Post-Conditions:  none
@@ -178,7 +178,7 @@ GET information about multiple alarms with filter "id"
     ...    Test title: GET information about multiple alarms with filter "id"
     ...    Test objective: The objective is to retrieve information about the alarm list with filter "id" and perform a JSON schema and content validation of the returned alarms data structure, and verify that the retrieved information matches the issued attribute-based filters 
     ...    Pre-conditions:  none
-    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO 
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -192,7 +192,7 @@ GET information about multiple alarms with filter "rootCauseFaultyComponent.faul
     ...    Test title: GET information about multiple alarms with filter "rootCauseFaultyComponent.faultyNestedNsInstanceId"
     ...    Test objective: The objective is to retrieve information about the alarm list with filter "rootCauseFaultyComponent.faultyNestedNsInstanceId" and perform a JSON schema and content validation of the returned alarms data structure, and verify that the retrieved information matches the issued attribute-based filters 
     ...    Pre-conditions:  none
-    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO 
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -206,7 +206,7 @@ GET information about multiple alarms with filter "rootCauseFaultyComponent.faul
     ...    Test title: GET information about multiple alarms with filter "rootCauseFaultyComponent.faultyNsVirtualLinkInstanceId"
     ...    Test objective: The objective is to retrieve information about the alarm list with filter "rootCauseFaultyComponent.faultyNsVirtualLinkInstanceId" and perform a JSON schema and content validation of the returned alarms data structure, and verify that the retrieved information matches the issued attribute-based filters 
     ...    Pre-conditions:  none
-    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO 
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -220,7 +220,7 @@ GET information about multiple alarms with filter "rootCauseFaultyComponent.faul
     ...    Test title: GET information about multiple alarms with filter "rootCauseFaultyComponent.faultyVnfInstanceId"
     ...    Test objective: The objective is to retrieve information about the alarm list with filter "rootCauseFaultyComponent.faultyVnfInstanceId" and perform a JSON schema and content validation of the returned alarms data structure, and verify that the retrieved information matches the issued attribute-based filters 
     ...    Pre-conditions:  none
-    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO 
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -234,7 +234,7 @@ GET information about multiple alarms with filter "rootCauseFaultyResource.fault
     ...    Test title: GET information about multiple alarms with filter "rootCauseFaultyResource.faultyResourceType"
     ...    Test objective: The objective is to retrieve information about the alarm list with filter "rootCauseFaultyResource.faultyResourceType" and perform a JSON schema and content validation of the returned alarms data structure, and verify that the retrieved information matches the issued attribute-based filters 
     ...    Pre-conditions:  none
-    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO 
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -248,7 +248,7 @@ GET information about multiple alarms with filter "eventType"
     ...    Test title: GET information about multiple alarms with filter "eventType"
     ...    Test objective: The objective is to retrieve information about the alarm list with filter "eventType" and perform a JSON schema and content validation of the returned alarms data structure, and verify that the retrieved information matches the issued attribute-based filters 
     ...    Pre-conditions:  none
-    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO 
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -262,7 +262,7 @@ GET information about multiple alarms with filter "perceivedSeverity"
     ...    Test title: GET information about multiple alarms with filter "perceivedSeverity"
     ...    Test objective: The objective is to retrieve information about the alarm list with filter "perceivedSeverity" and perform a JSON schema and content validation of the returned alarms data structure, and verify that the retrieved information matches the issued attribute-based filters 
     ...    Pre-conditions:  none
-    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO 
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -276,11 +276,36 @@ GET information about multiple alarms with filter "probableCause"
     ...    Test title: GET information about multiple alarms with filter "probableCause"
     ...    Test objective: The objective is to retrieve information about the alarm list with filter "probableCause" and perform a JSON schema and content validation of the returned alarms data structure, and verify that the retrieved information matches the issued attribute-based filters 
     ...    Pre-conditions:  none
-    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO 
     ...    Applicability:  none
     ...    Post-Conditions: none
     GET Alarms with filter "probableCause"
     Check HTTP Response Status Code Is    200
     Check HTTP Response Body Json Schema Is    alarms
-    Check PostCondition HTTP Response Body alarms Matches the requested attribute-based filter "probableCause"
\ No newline at end of file
+    Check PostCondition HTTP Response Body alarms Matches the requested attribute-based filter "probableCause"
+
+GET information about multiple alarms with permitted authorization scope
+    [Documentation]    Test ID: 5.3.3.1.22
+    ...    Test title: GET information about multiple alarms with permitted authorization scope
+    ...    Test objective: The objective is to retrieve information about the alarm list with permitted authorization scope
+    ...    Pre-conditions:  none
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO 
+    ...    Applicability:  none
+    ...    Post-Conditions: none
+    GET Alarms with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    alarms
+
+GET information about multiple alarms with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.3.1.22
+    ...    Test title: GET information about multiple alarms with not permitted authorization scope
+    ...    Test objective: The objective is to test that retrieve information about the alarm list fails when using not permitted authorization scope
+    ...    Pre-conditions:  none
+    ...    Reference: Clause 8.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO 
+    ...    Applicability:  none
+    ...    Post-Conditions: none
+    GET Alarms with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
diff --git a/SOL005/NSFaultManagement-API/IndividualAlarm.robot b/SOL005/NSFaultManagement-API/IndividualAlarm.robot
index 1232ef5c6e887a50be200dfd3be59fd35f3b753a..de94545c734d7d61a59da342c1b6839a2ac19f2d 100644
--- a/SOL005/NSFaultManagement-API/IndividualAlarm.robot
+++ b/SOL005/NSFaultManagement-API/IndividualAlarm.robot
@@ -14,7 +14,7 @@ POST Individual Alarm - Method not implemented
     ...    Test title:POST Individual Alarm - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed for Fault management individual alarm on NFV
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.3.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.3.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions:  none
@@ -26,7 +26,7 @@ GET information about Individual Alarm
     ...    Test title: GET information about Individual Alarm 
     ...    Test objective: The objective is to retrieve information about individual alarm and perform a JSON schema and content validation of the returned alarm data structure
     ...    Pre-conditions: The related alarm exists
-    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  none
     ...    Post-Conditions: none   
@@ -39,7 +39,7 @@ GET information about Invalid Individual Alarm
     ...    Test title: GET information about Invalid Individual Alarm 
     ...    Test objective: The objective is to try to read an Invalid individual alarm and get 404 not found response code
     ...    Pre-conditions: The related alarm does not exists
-    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  none
     ...    Post-Conditions:   none 
@@ -52,7 +52,7 @@ PUT Individual Alarm - Method not implemented
     ...    Test title:PUT Individual Alarm - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed for Fault management individual alarm on NFV
     ...    Pre-conditions:  none
-    ...    Reference: Clause 8.4.3.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.3.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  none
     ...    Post-Conditions:   none
@@ -64,7 +64,7 @@ PATCH Alarm
     ...    Test title: Modify an individual alarm resource
     ...    Test objective: The objective is to Modify an individual alarm resource and perform a JSON schema and content validation of the returned alarm modifications data structure
     ...    Pre-conditions: The related alarm exists
-    ...    Reference: Clause 8.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  none
     ...    Post-Conditions:  none
@@ -77,7 +77,7 @@ PATCH Alarm - Conflict
     ...    Test title: Modify an individual alarm resource - Conflict
     ...    Test objective: The objective is to test that an individual alarm resource cannot be modified if the alarm is already in the state that is requested to be set
     ...    Pre-conditions: The related alarm exists
-    ...    Reference: Clause 8.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -90,7 +90,7 @@ PATCH Alarm - Precondition failed
     ...    Test title: Modify an individual alarm resource - Precondition failed
     ...    Test objective: The objective is to test that an individual alarm resource cannot be modifed if the resource was modified by another entity
     ...    Pre-conditions: The related alarm exists
-    ...    Reference: Clause 8.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  none
     ...    Post-Conditions: 
@@ -103,7 +103,7 @@ PATCH Alarm - Precondition failed HTTP Conditional Request Not Supported
     ...    Test title: Modify an individual alarm resource - Precondition failed HTTP Conditional Request Not Supported
     ...    Test objective: The objective is to test that an individual alarm resource cannot be modifed if API Producer does not support "Last-Modified" and "ETag" HTTP Headers
     ...    Pre-conditions: The related alarm exists
-    ...    Reference: Clause 8.4.3.3.4, 4.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.3.3.4, 4.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: API Producer does not support "Last-Modified" and "ETag" HTTP Headers
     ...    Post-Conditions: 
@@ -116,9 +116,32 @@ DELETE Individual Alarm - Method not implemented
     ...    Test title:DELETE Individual Alarm - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed for Fault management individual alarm on NFV
     ...    Pre-conditions:  none
-    ...    Reference: Clause 8.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  none
     ...    Post-Conditions: none
     DELETE Individual Alarm
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+PATCH Alarm with permitted authorization scope
+    [Documentation]    Test ID: 5.3.3.2.9
+    ...    Test title: Modify an individual alarm resource with permitted authorization scope
+    ...    Test objective: The objective is to Modify an individual alarm resource with permitted authorization scope
+    ...    Reference: Clause 8.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability:  none
+    ...    Post-Conditions:  none
+    PATCH Individual Alarm with permitted authorization scope
+    Check HTTP Response Status Code Is    200  
+    Check HTTP Response Body Json Schema Is    alarmModifications
+
+PATCH Alarm with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.3.2.10
+    ...    Test title: Modify an individual alarm resource with not permitted authorization scope
+    ...    Test objective: The objective is to test that Modify an individual alarm resource fails when using not permitted authorization scope
+    ...    Reference: Clause 8.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability:  none
+    ...    Post-Conditions:  none
+    PATCH Individual Alarm with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/NSFaultManagement-API/IndividualSubscription.robot b/SOL005/NSFaultManagement-API/IndividualSubscription.robot
index c917ec0ec496738662ee8fee6da22121bbe1ba69..1c819ad1481c612d20feb4b1b5e3ca054053991a 100644
--- a/SOL005/NSFaultManagement-API/IndividualSubscription.robot
+++ b/SOL005/NSFaultManagement-API/IndividualSubscription.robot
@@ -11,7 +11,7 @@ Post Individual Subscription - Method not implemented
     ...    Test title:Post Individual Subscription - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed for Fault management subscription on NFV  
     ...    Pre-conditions:none 
-    ...    Reference: Clause 8.4.5.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.5.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -23,7 +23,7 @@ Get Information about an individual subscription
     ...    Test title: Get Information about an individual subscription
     ...    Test objective: The objective is to read an individual subscription for NFVO alarms subscribed by the client and perform a JSON schema and content validation of the returned fault management individual subscription data structure
     ...    Pre-conditions: The subscription with the given id exists
-    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -36,7 +36,7 @@ PUT an individual subscription - Method not implemented
     ...    Test title:PUT an individual subscription - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed for Fault management subscription on NFV   
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.5.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.5.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -48,7 +48,7 @@ PATCH an individual subscription - Method not implemented
     ...    Test title:PATCH an individual subscription - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed for Fault management subscription on NFV  
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.5.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.5.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -60,9 +60,32 @@ DELETE an individual subscription
     ...    Test title:DELETE an individual subscription
     ...    Test objective: The objective is to DELETE an individual subscription 
     ...    Pre-conditions: The Subsbcription already exists
-    ...    Reference: Clause 8.4.5.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.5.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  none
     ...    Post-Conditions: subscription is not deleted
     DELETE Individual Subscription
-    Check HTTP Response Status Code Is    204
\ No newline at end of file
+    Check HTTP Response Status Code Is    204
+
+Get Information about an individual subscription with permitted authorization scope
+    [Documentation]    Test ID: 5.3.3.4.6
+    ...    Test title: Get Information about an individual subscription with permitted authorization scope
+    ...    Test objective: The objective is to read an individual subscription for NFVO alarms subscribed by the client with permitted authorization scope
+    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability:  none
+    ...    Post-Conditions: none
+    GET Individual Subscription with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    FmSubscription
+
+Get Information about an individual subscription with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.3.4.7
+    ...    Test title: Get Information about an individual subscription with not permitted authorization scope
+    ...    Test objective: The objective is to test that read an individual subscription for NFVO alarms subscribed by the client fails when using a not permitted authorization scope
+    ...    Reference: Clause 8.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability:  none
+    ...    Post-Conditions: none
+    GET Individual Subscription with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/NSFaultManagement-API/NSFMOperationKeywords.robot b/SOL005/NSFaultManagement-API/NSFMOperationKeywords.robot
index f03589b37f8fae493147a4f963a7d702ee6a2d36..1d87174931bc4254962168f03de30aae5ba0dc7a 100644
--- a/SOL005/NSFaultManagement-API/NSFMOperationKeywords.robot
+++ b/SOL005/NSFaultManagement-API/NSFMOperationKeywords.robot
@@ -99,6 +99,30 @@ GET Alarms
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms
     ${outputResponse}=    Output    response
     Set Global Variable    ${response}    ${outputResponse}
+
+GET Alarms with permitted authorization scope
+    Log    Query NFVO The GET method queries information about multiple alarms.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    ${scopeValue}=    Create Dictionary    scope=${ALARMS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Log    Execute Query
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+
+GET Alarms with not permitted authorization scope
+    Log    Query NFVO The GET method queries information about multiple alarms.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Log    Execute Query
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
     
 GET Alarms With Filters
 	Log    Query NFVO The GET method queries information about multiple alarms with filters.
@@ -198,7 +222,33 @@ PATCH Individual Alarm
     Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms/${alarmId}    ${body}
     ${outputResponse}=    Output    response
     Set Global Variable    ${response}    ${outputResponse}
-   
+
+PATCH Individual Alarm with permitted authorization scope
+    log    Trying to perform a PATCH. This method modifies an individual alarm resource
+    Set Headers  {"Accept":"${ACCEPT}"} 
+    Set Headers  {"Content-Type": "${CONTENT_TYPE_PATCH}"} 
+    ${scopeValue}=    Create Dictionary    scope=${ALARMS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    ${body}=    Get File    jsons/alarmModifications.json
+    Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms/${alarmId}    ${body}
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+
+PATCH Individual Alarm with not permitted authorization scope
+    log    Trying to perform a PATCH. This method modifies an individual alarm resource
+    Set Headers  {"Accept":"${ACCEPT}"} 
+    Set Headers  {"Content-Type": "${CONTENT_TYPE_PATCH}"} 
+    ${scopeValue}=    Create Dictionary    scope=${ALARMS_NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    ${body}=    Get File    jsons/alarmModifications.json
+    Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms/${alarmId}    ${body}
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+
 PATCH Individual Alarm - ETag mismatch
     log    Trying to perform a PATCH. This method modifies an individual alarm resource
     Set Headers  {"Accept":"${ACCEPT}"} 
@@ -271,6 +321,28 @@ GET Subscriptions
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions
     ${outputResponse}=    Output    response
     Set Global Variable    ${response}    ${outputResponse}
+
+GET Subscriptions with permitted authorization scope
+    Log    Get the list of active subscriptions
+    Set Headers    {"Accept": "${ACCEPT}"}
+    ${scopeValue}=    Create Dictionary    scope=${SUBSCRIPTIONS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+
+GET Subscriptions with not permitted authorization scope
+    Log    Get the list of active subscriptions
+    Set Headers    {"Accept": "${ACCEPT}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
         
 GET Subscriptions with filter
     Log    Get the list of active subscriptions using a filter
@@ -349,6 +421,28 @@ POST Individual Subscription
     Set Global Variable    ${response}    ${outputResponse}
     
 GET Individual Subscription
+    log    Trying to get information about an individual subscription
+    Set Headers    {"Accept":"${ACCEPT}"}  
+    ${scopeValue}=    Create Dictionary    scope=${SUBSCRIPTIONS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}   
+
+GET Individual Subscription with permitted authorization scope
+    log    Trying to get information about an individual subscription
+    Set Headers    {"Accept":"${ACCEPT}"}  
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}   
+
+GET Individual Subscription with not permitted authorization scope
     log    Trying to get information about an individual subscription
     Set Headers    {"Accept":"${ACCEPT}"}  
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
@@ -643,3 +737,8 @@ Check Response for duplicated subscription
     Run Keyword If    ${NFVO_ALLOWS_DUPLICATE_SUBS} == 1    Check HTTP Response Status Code Is    201
     Run Keyword If    ${NFVO_ALLOWS_DUPLICATE_SUBS} == 1    Check HTTP Response Body Json Schema Is    FmSubscription
     Run Keyword If    ${NFVO_ALLOWS_DUPLICATE_SUBS} == 0    Check HTTP Response Status Code Is    303
+
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded} 
\ No newline at end of file
diff --git a/SOL005/NSFaultManagement-API/NotificationEndpoint.robot b/SOL005/NSFaultManagement-API/NotificationEndpoint.robot
index 09a20920cc46667de6682a68476ec6a7c52595d7..e871c755e837b4accd4e4e20928faf051f233964 100644
--- a/SOL005/NSFaultManagement-API/NotificationEndpoint.robot
+++ b/SOL005/NSFaultManagement-API/NotificationEndpoint.robot
@@ -13,7 +13,7 @@ NS Fault Alarm Notification
     ...    Test title: NS Fault Alarm Notification
     ...    Test objective: The objective is to test that NS Fault Alarm Notification is delivered with success to the notification consumer
     ...    Pre-conditions: A NS instance is instantiated, and a subscription for fault alarm notifications is available in the NFVO.
-    ...    Reference: Clause 8.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -25,7 +25,7 @@ NS Fault Alarm Cleared Notification
     ...    Test title: NS Fault Alarm Cleared Notification
     ...    Test objective: The objective is to test that NS Fault Alarm Cleared Notification is delivered with success to the notification consumer
     ...    Pre-conditions: A NS instance is instantiated, and a subscription for fault alarm cleared notifications is available in the NFVO.
-    ...    Reference: Clause 8.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -37,7 +37,7 @@ NS Fault Alarm List Rebuilt Notification
     ...    Test title: NS Fault Alarm List Rebuilt Notification
     ...    Test objective: The objective is to test that NS Fault Alarm List Rebuilt Notification is delivered with success to the notification consumer
     ...    Pre-conditions: A NS instance is instantiated, and a subscription for fault alarm list rebuilt notifications is available in the NFVO.
-    ...    Reference: Clause 8.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL005/NSFaultManagement-API/Notifications.robot b/SOL005/NSFaultManagement-API/Notifications.robot
index 52ef3b75c00673e497897cde8a6e4c08e4597523..cf6b810f5594f095b3ef28b03b961e33386d9796 100644
--- a/SOL005/NSFaultManagement-API/Notifications.robot
+++ b/SOL005/NSFaultManagement-API/Notifications.robot
@@ -18,7 +18,7 @@ NS Fault Alarm Notification
     ...    Test title: NS Fault Alarm Notification
     ...    Test objective: The objective is to test the dispatch of NS Fault Alarm Notification when a virtualised resource within an NS instance fails, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A NS instance is instantiated, and a subscription for fault alarm notifications is available in the NFVO.
-    ...    Reference: Clause 8.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -31,7 +31,7 @@ NS Fault Alarm Cleared Notification
     ...    Test title: NS Fault Alarm Cleared Notification
     ...    Test objective: The objective is to test the dispatch of NS Fault Alarm Cleared Notification when a faulty virtualised resource within an NS instance is cleared, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A NS instance is instantiated, a virtualised resource is in faulty state, and a subscription for fault alarm cleared notifications is available in the NFVO.
-    ...    Reference: Clause 8.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -44,7 +44,7 @@ NS Fault Alarm List Rebuilt Notification
     ...    Test title: NS Fault Alarm List Rebuilt Notification 
     ...    Test objective: The objective is to test the dispatch of NS Fault Alarm List Rebuilt Notification when the NFVO decides to rebuild the list of its NS alarms, e.g. due to a corruption in the alarm storage, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A NS instance is instantiated, one or more virtualised resource are in faulty state, and a subscription for fault alarm list rebuilt notifications is available in the NFVO.
-    ...    Reference: Clause 8.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -57,7 +57,7 @@ NS Fault Alarm Notification with Instrumental Platform Hook
     ...    Test title: NS Fault Alarm Notification with Instrumental Platform Hook
     ...    Test objective: The objective is to test the dispatch of NS Fault Alarm Notification when a virtualised resource failure within an NS instance is automatically triggered through an instrumenation platform, and perform a JSON schema and content validation of the delivered notification.
     ...    Pre-conditions: A NS instance is instantiated
-    ...    Reference: Clause 8.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: An instrumentation platform is available to trigger the NS instance failure condition
     ...    Post-Conditions: none 
@@ -70,7 +70,7 @@ NS Fault Alarm Cleared Notification with Instrumental Platform Hook
     ...    Test title: NS Fault Alarm Cleared Notification with Instrumental Platform Hook
     ...    Test objective: The objective is to test the dispatch of NS Fault Clear Alarm Notification when a virtualised resource failure within an NS instance is automatically cleared through an instrumenation platform, and perform a JSON schema and content validation of the delivered notification.
     ...    Pre-conditions: A NS instance is instantiated and a virtualised resource is in faulty state.
-    ...    Reference: Clause 8.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: An instrumentation platform is available to trigger the NS instance failure clear condition
     ...    Post-Conditions: none 
@@ -83,7 +83,7 @@ NS Fault Alarm List Rebuilt Notification with Instrumental Platform Hook
     ...    Test title: NS Fault Alarm List Rebuilt Notification with Instrumental Platform Hook
     ...    Test objective: The objective is to test the dispatch of NS Fault Alarm List Rebuilt Notification when the NFVO decision to rebuild the list of its NS alarms is automatically triggered through an instrumentation platform, and perform a JSON schema and content validation of the delivered notification.
     ...    Pre-conditions: A NS instance is instantiated and one or more virtualised resource are in faulty state
-    ...    Reference: Clause 8.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: An instrumentation platform is available to trigger the NS instance alarm list rebuilt condition
     ...    Post-Conditions: none 
diff --git a/SOL005/NSFaultManagement-API/Subscriptions.robot b/SOL005/NSFaultManagement-API/Subscriptions.robot
index 1b8f094728bd26dfa313b79f5ab1e0deed8d1526..d53185cf56e1c3e8d033ca3ab81495064472f568 100644
--- a/SOL005/NSFaultManagement-API/Subscriptions.robot
+++ b/SOL005/NSFaultManagement-API/Subscriptions.robot
@@ -16,7 +16,7 @@ Create a new alarm subscription
     ...    Test title: Create a new alarm subscription
     ...    Test objective: The objective is to create a new Fault management alarm subscriptions and perform a JSON schema and content validation of the returned fault management alarms subscription data structure
     ...    Pre-conditions: no subscription with the same filter and callbackUri exists
-    ...    Reference: Clause 8.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO 
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -30,7 +30,7 @@ Create a duplicated Subscription
     ...    Test title: Create a duplicated alarm subscription
     ...    Test objective: The objective is to create a new subscription with the NFV allowing duplication and perform a JSON schema and content validation of the returned fault management alarms subscription data structure..
     ...    Pre-conditions: subscription with the same filter and callbackUri exists
-    ...    Reference: Clause 8.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO 
     ...    Applicability: 
     ...    Post-Conditions: none
@@ -54,7 +54,7 @@ Retrieve a list of alarm subscriptions
     ...    Test title: Retrieve a list of alarm subscriptions
     ...    Test objective: The objective is to retrieve the list of active subscriptions and perform a JSON schema and content validation of the returned fault management alarms subscription data structure.
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -67,7 +67,7 @@ Retrieve a list of alarm subscriptions - Filter
     ...    Test title: Retrieve a list of alarm subscriptions - Filter
     ...    Test objective: The objective is to retrieve the list of active subscriptions with filter and perform a JSON schema and content validation of the returned fault management alarms subscription data structure.
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO 
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -80,7 +80,7 @@ GET subscriptions - Bad Request Invalid attribute-based filtering parameters
     ...    Test title: GET subscriptions - Bad Request Invalid attribute-based filtering parameters
     ...    Test objective:The objective is to retrieve the list of active subscriptions with Invalid attribute-based filtering parameters and perform a JSON schema and content validation of the returned problem details data structure.
     ...    Pre-conditions:  none
-    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:   none
     ...    Post-Conditions: none     
@@ -93,7 +93,7 @@ GET subscriptions with "all_fields" attribute selector
     ...    Test title: GET subscriptions with "all_fields" attribute selector
     ...    Test objective: The objective is to retrieve the list of active subscriptions with attribute selector
     ...    Pre-conditions: 
-    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  
     ...    Post-Conditions: 
@@ -106,7 +106,7 @@ GET subscriptions with "exclude_default" attribute selector
     ...    Test title: GET subscriptions with "exclude_default" attribute selector
     ...    Test objective: The objective is to retrieve the list of active subscriptions with attribute selector
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -119,7 +119,7 @@ GET subscriptions with "fields" attribute selector
     ...    Test title: GET subscriptions with "fields" attribute selector
     ...    Test objective: The objective is to retrieve the list of active subscriptions with attribute selector
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -132,7 +132,7 @@ GET subscriptions with "exclude_fields" attribute selector
     ...    Test title: GET subscriptions with "exclude_fields" attribute selector
     ...    Test objective: The objective is to retrieve the list of active subscriptions with attribute selector
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -145,7 +145,7 @@ PUT subscriptions - Method not implemented
     ...    Test title:PUT subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to for Fault management subscriptions on NFV 
     ...    Pre-conditions:  none
-    ...    Reference: Clause 8.4.4.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.4.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  none
     ...    Post-Conditions:   none
@@ -157,7 +157,7 @@ PATCH subscriptions - Method not implemented
     ...    Test title:PATCH subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to for Fault management subscriptions on NFV  
     ...    Pre-conditions:  none
-    ...    Reference: Clause 8.4.4.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.4.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  none
     ...    Post-Conditions:   none
@@ -169,7 +169,7 @@ DELETE subscriptions - Method not implemented
     ...    Test title: DELETE subscriptions - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to for Fault management subscriptions on NFV 
     ...    Pre-conditions:  none
-    ...    Reference: Clause 8.4.4.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.4.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -181,7 +181,7 @@ Retrieve a list of alarm subscriptions as Paged Response
     ...    Test title: Retrieve a list of alarm subscriptions as Paged Response
     ...    Test objective: The objective is to retrieve the list of active subscriptions as paged response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -194,7 +194,7 @@ GET subscriptions - Bad Request Response too Big
     ...    Test title: GET subscriptions - Bad Request Response too Big
     ...    Test objective:The objective is test that the retrieval of active subscriptions list fails because response is too big, and perform a JSON schema and content validation of the returned problem details data structure.
     ...    Pre-conditions:  none
-    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:   none
     ...    Post-Conditions: none     
@@ -207,7 +207,7 @@ Retrieve a list of alarm subscriptions with filter "id"
     ...    Test title: Retrieve a list of alarm subscriptions with filter "id"
     ...    Test objective: The objective is to retrieve the list of active subscriptions with filter "id" and perform a JSON schema and content validation of the returned fault management alarms subscription data structure.
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO 
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -221,7 +221,7 @@ Retrieve a list of alarm subscriptions with filter "filter.notificationTypes"
     ...    Test title: Retrieve a list of alarm subscriptions with filter "filter.notificationTypes"
     ...    Test objective: The objective is to retrieve the list of active subscriptions with filter "filter.notificationTypes" and perform a JSON schema and content validation of the returned fault management alarms subscription data structure.
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO 
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -235,7 +235,7 @@ Retrieve a list of alarm subscriptions with filter "filter.faultyResourceTypes"
     ...    Test title: Retrieve a list of alarm subscriptions with filter "filter.faultyResourceTypes"
     ...    Test objective: The objective is to retrieve the list of active subscriptions with filter "filter.faultyResourceTypes" and perform a JSON schema and content validation of the returned fault management alarms subscription data structure.
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO 
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -249,7 +249,7 @@ Retrieve a list of alarm subscriptions with filter "filter.perceivedSeverities"
     ...    Test title: Retrieve a list of alarm subscriptions with filter "filter.perceivedSeverities"
     ...    Test objective: The objective is to retrieve the list of active subscriptions with filter "filter.perceivedSeverities" and perform a JSON schema and content validation of the returned fault management alarms subscription data structure.
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO 
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -263,7 +263,7 @@ Retrieve a list of alarm subscriptions with filter "filter.eventTypes"
     ...    Test title: Retrieve a list of alarm subscriptions with filter "filter.eventTypes"
     ...    Test objective: The objective is to retrieve the list of active subscriptions with filter "filter.eventTypes" and perform a JSON schema and content validation of the returned fault management alarms subscription data structure.
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO 
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -277,7 +277,7 @@ Retrieve a list of alarm subscriptions with filter "filter.probableCauses"
     ...    Test title: Retrieve a list of alarm subscriptions with filter "filter.probableCauses"
     ...    Test objective: The objective is to retrieve the list of active subscriptions with filter "filter.probableCauses" and perform a JSON schema and content validation of the returned fault management alarms subscription data structure.
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO 
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -291,14 +291,39 @@ Create a new alarm subscription - Unprocessable Content
     ...    Test title: Create a new alarm subscription- Unprocessable Content
     ...    Test objective: The objective is to test that creation of a new Fault management alarm subscriptions fials when content type of the payload body is supported and the payload body of a request contains syntactically correct data but the data cannot be processed.
     ...    Pre-conditions: 
-    ...    Reference: Clause 8.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 8.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO 
     ...    Applicability: none
     ...    Post-Conditions: none
     POST Subscription
     Check HTTP Response Status Code Is    422
     Check HTTP Response Body Json Schema Is  ProblemDetails
-    
+
+ Retrieve a list of alarm subscriptions with permitted authorization scope
+    [Documentation]    Test ID: 5.3.3.3.23
+    ...    Test title: Retrieve a list of alarm subscriptions with permitted authorization scope
+    ...    Test objective: The objective is to retrieve the list of active subscriptions with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability:  none
+    ...    Post-Conditions: none
+    GET Subscriptions with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    FmSubscriptions
+
+ Retrieve a list of alarm subscriptions with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.3.3.4
+    ...    Test title: Retrieve a list of alarm subscriptions with not permitted authorization scope
+    ...    Test objective: The objective is to test that retrieve the list of active subscriptions fails when using not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 8.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability:  none
+    ...    Post-Conditions: none
+    GET Subscriptions with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
+
 *** Keywords ***
 Void
     log    do nothing
diff --git a/SOL005/NSFaultManagement-API/environment/variables.txt b/SOL005/NSFaultManagement-API/environment/variables.txt
index 55f08b37190623536a85464c45bd3f2dba7ca9af..a487294a1964e67993463ae4fb470a13ecf2de20 100644
--- a/SOL005/NSFaultManagement-API/environment/variables.txt
+++ b/SOL005/NSFaultManagement-API/environment/variables.txt
@@ -4,6 +4,13 @@ ${NFVO_PORT}      8080    # Listening port of the VNFM
 ${NFVO_SCHEMA}    http
 ${AUTHORIZATION_HEADER}    Authorization
 ${AUTHORIZATION_TOKEN}    Bearer 0b79bab50daca910b000d4f1a2b675d604257e42
+
+${OAUTH_ENCRIPTION_ALGORITHM}    HS256
+${ALARMS_PERMITTED_SCOPE}    nsfm:v2:alarms 
+${ALARMS_NOT_PERMITTED_SCOPE}    nsfm:v2:alarms:readonly
+${SUBSCRIPTIONS_PERMITTED_SCOPE}    nsfm:v2:subscriptions
+${NOT_PERMITTED_SCOPE}    nsfm:v2:invalid 
+
 ${ACCEPT}         application/json
 ${ACCEPT_JSON}         application/json
 ${AUTH_USAGE}     1
diff --git a/SOL005/NSLCMCoordination-API/CancelCoordinationActionTask.robot b/SOL005/NSLCMCoordination-API/CancelCoordinationActionTask.robot
index a9fb107ae11347862923e936c879ad1034ce0ad1..169db08418313f3a555e4d3e1eb2bf8e68d8f30d 100644
--- a/SOL005/NSLCMCoordination-API/CancelCoordinationActionTask.robot
+++ b/SOL005/NSLCMCoordination-API/CancelCoordinationActionTask.robot
@@ -13,7 +13,7 @@ Request a cancellation of an ongoing coordination action
     ...    Test title:  Request a cancellation of an ongoing coordination action
     ...    Test objective: The objective is to test the request for the cancellation of an ongoing coordination task
     ...    Pre-conditions: An ongoing coordination action is available
-    ...    Reference: Clause 12.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 12.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_OSS/BSS
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -26,7 +26,7 @@ Request a cancellation of a finished coordination action
     ...    Test title: Request a cancellation of a finished coordination action
     ...    Test objective: The objective is to test the request for the cancellation of a finished coordination action
     ...    Pre-conditions: A finished coordination action is available
-    ...    Reference: Clause 12.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 12.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_OSS/BSS
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -40,7 +40,7 @@ Request a cancellation of an ongoing coordination action without authentication
     ...    Test title: Request a cancellation of an ongoing coordination action without authentication
     ...    Test objective: The objective is to test the failure of the request for a cancellation of a coordination task when no authentication is used
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 12.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_OSS/BSS
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -53,7 +53,7 @@ GET information about a cancellation of an ongoing coordination action - method
     ...    Test title: GET information about a cancellation of an ongoing coordination action - method not implemented
     ...    Test objective: The objective is to test that the GET method is not allowed to retrieve cancellation details of an ongoing coordination action
     ...    Pre-conditions: A cancellation task has been activated
-    ...    Reference: Clause 12.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 12.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_OSS/BSS
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -66,7 +66,7 @@ PUT information about a cancellation of an ongoing coordination action - method
     ...    Test title: PUT information about a cancellation of an ongoing coordination action - method not implemented
     ...    Test objective: The objective is to test that the PUT method is not allowed to modify cancellation details of an ongoing coordination action
     ...    Pre-conditions: A cancellation task has been activated
-    ...    Reference: Clause 12.4.4.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 12.4.4.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_OSS/BSS
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -79,7 +79,7 @@ PATCH information about a cancellation of an ongoing coordination action - metho
     ...    Test title: PATCH information about a cancellation of an ongoing coordination action - method not implemented
     ...    Test objective: he objective is to test that the PATCH method is not allowed to modify cancellation details of an ongoing coordination action
     ...    Pre-conditions: A cancellation task has been activated
-    ...    Reference: Clause 12.4.4.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 12.4.4.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_OSS/BSS
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -92,9 +92,33 @@ DELETE information about a cancellation of an ongoing coordination action - meth
     ...    Test title: DELETE information about a cancellation of an ongoing coordination action - method not implemented
     ...    Test objective: The objective is to test that the DELETE method is not allowed to remove cancellation details of an ongoing coordination action
     ...    Pre-conditions: A cancellation task has been activated
-    ...    Reference: Clause 12.4.4.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 12.4.4.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_OSS/BSS
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE information about a cancellation of an ongoing coordination action
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+Request a cancellation of an ongoing coordination action with permitted authorization scope
+    [Documentation]    Test ID: 5.3.8.4.8
+    ...    Test title:  Request a cancellation of an ongoing coordination action with permitted authorization scope
+    ...    Test objective: The objective is to test the request for the cancellation of an ongoing coordination task with permitted authorization scope
+    ...    Pre-conditions: An ongoing coordination action is available
+    ...    Reference: Clause 12.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_OSS/BSS
+    ...    Applicability: none
+    ...    Post-Conditions: none 
+    Send Post Request for cancellation of an ongoing coordination action with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+
+Request a cancellation of an ongoing coordination action with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.8.4.9
+    ...    Test title:  Request a cancellation of an ongoing coordination action with not permitted authorization scope
+    ...    Test objective: The objective is to test that the request for the cancellation of an ongoing coordination task fails when using not permitted authorization scope
+    ...    Pre-conditions: An ongoing coordination action is available
+    ...    Reference: Clause 12.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_OSS/BSS
+    ...    Applicability: none
+    ...    Post-Conditions: none 
+    Send Post Request for cancellation of an ongoing coordination action with not permitted authorization scope
+    Check HTTP Response Status Code Is    202
\ No newline at end of file
diff --git a/SOL005/NSLCMCoordination-API/Coordinations.robot b/SOL005/NSLCMCoordination-API/Coordinations.robot
index 4fb278643cd32b403ef5843ee714e12c2a2d674d..c03bacf4d1bcac2ef7a4c94c4d955dc6cc8dc5f2 100644
--- a/SOL005/NSLCMCoordination-API/Coordinations.robot
+++ b/SOL005/NSLCMCoordination-API/Coordinations.robot
@@ -13,7 +13,7 @@ Request a Coordination of an LCM operation occurrence synchronously
     ...    Test title:  Request a Coordination of an LCM operation occurrence synchronously
     ...    Test objective: The objective is to test the synchronous request for the coordination of an LCM operation occurrence and perform the JSON schema validation of the returned structure
     ...    Pre-conditions: The status of the related LCM opeation occurrence is "PROCESSING"
-    ...    Reference: Clause 12.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 12.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_OSS/BSS
     ...    Applicability: none
     ...    Post-Conditions: A Individual coordination action resource is successfully created on the NFVO
@@ -29,7 +29,7 @@ Request a Coordination of an LCM operation occurrence asynchronously
     ...    Test title:  Request a Coordination of an LCM operation occurrence asynchronously
     ...    Test objective: The objective is to test the asynchronous request for the coordination of an LCM operation occurrence and perform the validation of the headers returned
     ...    Pre-conditions: The status of the related LCM opeation occurrence is "PROCESSING"
-    ...    Reference: Clause 12.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 12.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_OSS/BSS
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -42,7 +42,7 @@ Request a Coordination of an LCM operation occurrence - FORBIDDEN
     ...    Test title:  Request a Coordination of an LCM operation occurrence - FORBIDDEN
     ...    Test objective: The objective is to test the failure of a request for the coordination of an LCM operation occurrence
     ...    Pre-conditions: The status of the related LCM opeation occurrence is "PROCESSING". The request is performed by a user that has not the grant to run this operation
-    ...    Reference: Clause 12.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 12.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_OSS/BSS
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -55,7 +55,7 @@ Request a Coordination of an LCM operation occurrence - CONFLICT
     ...    Test title:  Request a Coordination of an LCM operation occurrence - CONFLICT
     ...    Test objective: The objective is to test the failure of a request for the coordination of an LCM operation occurrence
     ...    Pre-conditions: The status of the related LCM opeation occurrence is not "PROCESSING"
-    ...    Reference: Clause 12.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 12.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_OSS/BSS
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -69,7 +69,7 @@ Request a Coordination of an LCM operation occurrence synchronously - Service Un
     ...    Test title:  Request a Coordination of an LCM operation occurrence synchronously - Service Unavailable
     ...    Test objective: The objective is to test the request for the coordination of an LCM operation occurrence and the verify that the NFVO cannot perform immediately the request, but can perform it sometime in the future.
     ...    Pre-conditions: The status of the related LCM opeation occurrence is "PROCESSING" but API producer cannot perform immediately the request
-    ...    Reference: Clause 12.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 12.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_OSS/BSS
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -83,7 +83,7 @@ Request a Coordination of an LCM operation occurrence without authentication
     ...    Test title:  Request a Coordination of an LCM operation occurrence without authentication
     ...    Test objective: The objective is to test the failure of the request for the coordination of an LCM operation occurrence without providing an authentication token
     ...    Pre-conditions: The status of the related LCM opeation occurrence is "PROCESSING"
-    ...    Reference: Clause 12.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 12.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_OSS/BSS
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -96,7 +96,7 @@ GET all Coordinations of an LCM operation occurrence - method not implemented
     ...    Test title: GET all Coordinations of an LCM operation occurrence - method not implemented
     ...    Test objective: The objective is to test that the GET method is not allowed to retrieve coordination requests information
     ...    Pre-conditions: The status of the related LCM opeation occurrence is "PROCESSING"
-    ...    Reference: Clause 12.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 12.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_OSS/BSS
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -109,7 +109,7 @@ PUT all Coordinations of an LCM operation occurrence - method not implemented
     ...    Test title: PUT all Coordinations of an LCM operation occurrence - method not implemented
     ...    Test objective: The objective is to test that the PUT method is not allowed to modify coordination requests information
     ...    Pre-conditions: The status of the related LCM opeation occurrence is "PROCESSING"
-    ...    Reference: Clause 12.4.2.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 12.4.2.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_OSS/BSS
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -122,7 +122,7 @@ PATCH all Coordinations of an LCM operation occurrence - method not implemented
     ...    Test title: PATCH all Coordinations of an LCM operation occurrence - method not implemented
     ...    Test objective: The objective is to test that the PATCH method is not allowed to modify coordination requests information
     ...    Pre-conditions: The status of the related LCM opeation occurrence is "PROCESSING"
-    ...    Reference: Clause 12.4.2.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 12.4.2.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_OSS/BSS
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -135,9 +135,36 @@ DELETE all Coordinations of an LCM operation occurrence - method not implemented
     ...    Test title: DELETE all Coordinations of an LCM operation occurrence - method not implemented
     ...    Test objective: The objective is to test that the DELETE method is not allowed to remove coordination requests information
     ...    Pre-conditions: The status of the related LCM opeation occurrence is "PROCESSING"
-    ...    Reference: Clause 12.4.2.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 12.4.2.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_OSS/BSS
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE all Coordinations of an LCM operation occurrence
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+Request a Coordination of an LCM operation occurrence synchronously with permitted authorization scope
+    [Documentation]    Test ID: 5.3.8.2.10
+    ...    Test title:  Request a Coordination of an LCM operation occurrence synchronously with permitted authorization scope
+    ...    Test objective: The objective is to test the synchronous request for the coordination of an LCM operation occurrence with permitted authorization scope
+    ...    Pre-conditions: The status of the related LCM opeation occurrence is "PROCESSING"
+    ...    Reference: Clause 12.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_OSS/BSS
+    ...    Applicability: none
+    ...    Post-Conditions: A Individual coordination action resource is successfully created on the NFVO
+    Send Post Request for coordination of an LCM operation occurrence with permitted authorization scope
+    Check HTTP Response Status Code Is    201
+    Check HTTP Response Header Contains    Location
+    Check HTTP Response Body Json Schema Is   LcmCoord
+    Check Postcondition LcmCoord Exists
+
+Request a Coordination of an LCM operation occurrence synchronously with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.8.2.10
+    ...    Test title:  Request a Coordination of an LCM operation occurrence synchronously with not permitted authorization scope
+    ...    Test objective: The objective is to test that the synchronous request for the coordination of an LCM operation occurrence fails when using not permitted authorization scope
+    ...    Pre-conditions: The status of the related LCM opeation occurrence is "PROCESSING"
+    ...    Reference: Clause 12.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_OSS/BSS
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Send Post Request for coordination of an LCM operation occurrence with permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/NSLCMCoordination-API/IndividualCoordinationAction.robot b/SOL005/NSLCMCoordination-API/IndividualCoordinationAction.robot
index f79a7d446d9ba35588d9ceececbf16defe843f4b..2ee2e9d1b6ce3d1b0dbabe33fa3ff92dc9b4b280 100644
--- a/SOL005/NSLCMCoordination-API/IndividualCoordinationAction.robot
+++ b/SOL005/NSLCMCoordination-API/IndividualCoordinationAction.robot
@@ -13,7 +13,7 @@ POST an individual coordination action of an LCM operation occurrence - method n
     ...    Test title: POST an individual coordination action of an LCM operation occurrence - method not implemented
     ...    Test objective: The objective is to test that the POST method is not allowed to submit a new individuaal coordination requests information
     ...    Pre-conditions: One or more LCM Coordinations have been requested
-    ...    Reference: Clause 12.4.3.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 12.4.3.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_OSS/BSS
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -26,7 +26,7 @@ Get information about a finished coordination task
     ...    Test title:  Get information about a finished coordination task 
     ...    Test objective: The objective is to retrieve information about an individual coordination task and perform a JSON schema validation.
     ...    Pre-conditions: Individual coordination task is terminated
-    ...    Reference: Clause 12.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 12.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_OSS/BSS
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -40,7 +40,7 @@ Get information about an ongoing coordination task
     ...    Test title:  Get information about an ongoing coordination task 
     ...    Test objective: The objective is to retrieve information about an individual coordination task that is still in running or is in the process of being cancelled
     ...    Pre-conditions: Individual coordination task is still ongoing or is in the process of being cancelled
-    ...    Reference: Clause 12.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 12.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_OSS/BSS
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -53,7 +53,7 @@ Get information about an invalid coordination task
     ...    Test title: Get information about an invalid coordination task
     ...    Test objective: The objective is to try to read an individual coordination task
     ...    Pre-conditions: Individual coordination task is not present
-    ...    Reference: Clause 12.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 12.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_OSS/BSS
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -66,7 +66,7 @@ Get information about a finished coordination task without authentication
     ...    Test title:  Get information about a finished coordination task without authentication
     ...    Test objective: The objective is to try to read an individual coordination task without using authentication
     ...    Pre-conditions: none
-    ...    Reference: Clause 12.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 12.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_OSS/BSS
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -79,7 +79,7 @@ PUT an individual coordination action of an LCM operation occurrence - method no
     ...    Test title: PUT an individual coordination action of an LCM operation occurrence - method not implemented
     ...    Test objective: The objective is to test that the PUT method is not allowed to modify an individual coordination action
     ...    Pre-conditions: One or more LCM Coordinations have been requested
-    ...    Reference: Clause 12.4.3.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 12.4.3.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_OSS/BSS
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -92,7 +92,7 @@ PATCH an individual coordination action of an LCM operation occurrence - method
     ...    Test title: PATCH an individual coordination action of an LCM operation occurrence - method not implemented
     ...    Test objective: The objective is to test that the PATCH method is not allowed to modify an individual coordination action
     ...    Pre-conditions: One or more LCM Coordinations have been requested
-    ...    Reference: Clause 12.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 12.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_OSS/BSS
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -105,9 +105,35 @@ DELETE an individual coordination action of an LCM operation occurrence - method
     ...    Test title: DELETE an individual coordination action of an LCM operation occurrence - method not implemented
     ...    Test objective: The objective is to test that the DELETE method is not allowed to remove an individual coordination action
     ...    Pre-conditions: One or more LCM Coordinations have been requested
-    ...    Reference: Clause 12.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 12.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_OSS/BSS
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE an individual coordination action of an LCM operation occurrence
     Check HTTP Response Status Code Is    405
+
+Get information about a finished coordination task with permitted authorization scope
+    [Documentation]    Test ID: 5.3.8.3.9
+    ...    Test title:  Get information about a finished coordination task with permitted authorization scope
+    ...    Test objective: The objective is to retrieve information about an individual coordination task with permitted authorization scope
+    ...    Pre-conditions: Individual coordination task is terminated
+    ...    Reference: Clause 12.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_OSS/BSS
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Retrieve information about a finished coordination task with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   LcmCoord
+
+
+Get information about a finished coordination task with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.8.3.9
+    ...    Test title:  Get information about a finished coordination task with not permitted authorization scope
+    ...    Test objective: The objective is to test that retrieve information about an individual coordination task fails when using not permitted authorization scope
+    ...    Pre-conditions: Individual coordination task is terminated
+    ...    Reference: Clause 12.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_OSS/BSS
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Retrieve information about a finished coordination task with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/NSLCMCoordination-API/NSLCMCoordKeywords.robot b/SOL005/NSLCMCoordination-API/NSLCMCoordKeywords.robot
index 1fbd51d7c768a0253a6456079835319982188bb9..1fa359755abef4c6791d7fa0449901c2ee49e186 100644
--- a/SOL005/NSLCMCoordination-API/NSLCMCoordKeywords.robot
+++ b/SOL005/NSLCMCoordination-API/NSLCMCoordKeywords.robot
@@ -10,6 +10,7 @@ Library    JSONSchemaLibrary    schemas/
 Library    RequestsLibrary
 Library    Process
 Library    String
+Library    jwt
 
 *** Keywords ***
 Send Post Request for coordination of an LCM operation occurrence
@@ -22,6 +23,34 @@ Send Post Request for coordination of an LCM operation occurrence
     REST.POST    ${apiRoot}/${apiName}/${apiMajorVersion}/coordinations    ${body}
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output} 
+
+Send Post Request for coordination of an LCM operation occurrence with permitted authorization scope
+    Log    Requesting a new coordination task for an LCM Operation occurrence
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${template}=    Get File    jsons/createLcmCoordRequest.json
+    ${body}=        Format String    ${template}    nsInstanceId=${nsInstanceId}    nsLcmOpOccId=${nsLcmOpOccId}    lcmOperationType=${lcmOperationType}    coordinationActionName=${coordinationActionName}    nsLcmOpOccHref=${nsLcmOpOccHref}    nsInstanceHref=${nsInstanceHref}     
+    ${scopeValue}=    Create Dictionary    scope=${ALL_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${NFVO_AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.POST    ${apiRoot}/${apiName}/${apiMajorVersion}/coordinations    ${body}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output} 
+
+Send Post Request for coordination of an LCM operation occurrence with not permitted authorization scope
+    Log    Requesting a new coordination task for an LCM Operation occurrence
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${template}=    Get File    jsons/createLcmCoordRequest.json
+    ${body}=        Format String    ${template}    nsInstanceId=${nsInstanceId}    nsLcmOpOccId=${nsLcmOpOccId}    lcmOperationType=${lcmOperationType}    coordinationActionName=${coordinationActionName}    nsLcmOpOccHref=${nsLcmOpOccHref}    nsInstanceHref=${nsInstanceHref}     
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${NFVO_AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.POST    ${apiRoot}/${apiName}/${apiMajorVersion}/coordinations    ${body}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output} 
     
 
 Check HTTP Response Body Json Schema Is
@@ -149,6 +178,31 @@ Retrieve information about a finished coordination task
     REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/coordinations/${coordinationId}
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
+
+Retrieve information about a finished coordination task with permitted authorization scope  
+    Log    Requesting the retrieve of a finished coordination task
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${ALL_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${NFVO_AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/coordinations/${coordinationId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+
+Retrieve information about a finished coordination task with not permitted authorization scope  
+    Log    Requesting the retrieve of a finished coordination task
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${NFVO_AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/coordinations/${coordinationId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
  
  
 Retrieve information about an ongoing coordination task   
@@ -218,6 +272,31 @@ Send Post Request for cancellation of an ongoing coordination action
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+Send Post Request for cancellation of an ongoing coordination action with permitted authorization scope
+    Log    Requesting the cancellation of an ongoing coordination task
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${ALL_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${NFVO_AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.POST    ${apiRoot}/${apiName}/${apiMajorVersion}/coordinations/${ongoingCoordinationId}/cancel
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+
+Send Post Request for cancellation of an ongoing coordination action with not permitted authorization scope
+    Log    Requesting the cancellation of an ongoing coordination task
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${NFVO_AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.POST    ${apiRoot}/${apiName}/${apiMajorVersion}/coordinations/${ongoingCoordinationId}/cancel
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
 Send Post Request for cancellation of a finished coordination action
     Log    Requesting the cancellation of a finished coordination task
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
@@ -270,4 +349,9 @@ DELETE information about a cancellation of an ongoing coordination action
     Run Keyword If    ${NFVO_AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     REST.DELETE    ${apiRoot}/${apiName}/${apiMajorVersion}/coordinations/${ongoingCoordinationId}/cancel
     ${output}=    Output    response
-    Set Suite Variable    ${response}    ${output}
\ No newline at end of file
+    Set Suite Variable    ${response}    ${output}
+
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded} 
\ No newline at end of file
diff --git a/SOL005/NSLCMCoordination-API/environment/variables.txt b/SOL005/NSLCMCoordination-API/environment/variables.txt
index ef38b0b48d686cb7e30c4ab467d55e5b70ce8d65..06d1657472b6f8c4ae1006bd0afc76690e6041f0 100644
--- a/SOL005/NSLCMCoordination-API/environment/variables.txt
+++ b/SOL005/NSLCMCoordination-API/environment/variables.txt
@@ -4,6 +4,12 @@ ${NFVO_PORT}    8081    # Listening port of the NFVO
 ${NFVO_SCHEMA}    https
 ${AUTHORIZATION_HEADER}    Authorization
 ${AUTHORIZATION_TOKEN}    Bearer 0b79bab50daca910b000d4f1a2b675d604257e42
+
+${OAUTH_ENCRIPTION_ALGORITHM}    HS256
+${ALL_PERMITTED_SCOPE}    lcmcoord:v2:all  
+${NOT_PERMITTED_SCOPE}    lcmcoord:v2:invalid
+
+
 ${INSUFFICIENT_AUTHORIZATION_TOKEN}    Bearer INSUFFICIENT_AUTHORIZATION_TOKEN
 #${NEG_AUTHORIZATION_TOKEN}    Bearer negativetoken
 ${NFVO_AUTH_USAGE}    1
diff --git a/SOL005/NSLifecycleManagement-API/CancelOperationTask.robot b/SOL005/NSLifecycleManagement-API/CancelOperationTask.robot
index 828e1ed74d085fababba42a9a3cea64da814bf9d..3d518325858160f5907bd7930a53f3a815882465 100644
--- a/SOL005/NSLifecycleManagement-API/CancelOperationTask.robot
+++ b/SOL005/NSLifecycleManagement-API/CancelOperationTask.robot
@@ -13,7 +13,7 @@ POST Cancel operation task
     ...    Test title: POST Cancel operation task
     ...    Test objective: The objective is to test that POST method cancel the NS LCM operation
     ...    Pre-conditions: NS instance status equal to STARTING, PROCESSING or ROLLING_BACK
-    ...    Reference: Clause 6.4.15.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.15.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: NS instance status equal to FAILED_TEMP     
@@ -26,7 +26,7 @@ POST Cancel operation task Not Found
     ...    Test title: POST Cancel operation task Not Found
     ...    Test objective: The objective is to test that POST method fail completing the Cancel NS LCM operation if the resource is not found
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.15.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.15.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none       
@@ -39,7 +39,7 @@ POST Cancel operation task Conflict
     ...    Test title: POST Cancel operation task Conflict
     ...    Test objective: The objective is to test that POST method fail if a status conflict exist on the NS LCM operation. (i.e. NS instance status not equal to STARTING, PROCESSING or ROLLING_BACK)
     ...    Pre-conditions: NS instance status not equal to STARTING, PROCESSING or ROLLING_BACK
-    ...    Reference: Clause 6.4.15.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.15.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -52,7 +52,7 @@ GET Cancel operation task - Method not implemented
     ...    Test title: GET Cancel operation task - Method not implemented
     ...    Test objective: The objective is to test that GET method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.15.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.15.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -64,7 +64,7 @@ PUT Cancel operation task - Method not implemented
     ...    Test title: PUT Cancel operation task - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.15.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.15.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -76,7 +76,7 @@ PATCH Cancel operation task - Method not implemented
     ...    Test title: PATCH Cancel operation task - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.15.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.15.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -88,9 +88,34 @@ DELETE Cancel operation task - Method not implemented
     ...    Test title: DELETE Cancel operation task - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.15.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.15.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE Cancel operation task
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+POST Cancel operation task with permitted authorization scope
+    [Documentation]    Test ID: 5.3.2.14.8
+    ...    Test title: POST Cancel operation task with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method cancel the NS LCM operation with permitted authorization scope
+    ...    Pre-conditions: NS instance status equal to STARTING, PROCESSING or ROLLING_BACK
+    ...    Reference: Clause 6.4.15.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: NS instance status equal to FAILED_TEMP     
+	POST Cancel operation task with permitted authorization scope
+	Check HTTP Response Status Code Is    202
+	Check operation resource state is FAILED_TEMP
+
+POST Cancel operation task with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.2.14.9
+    ...    Test title: POST Cancel operation task with not permitted authorization scope
+    ...    Test objective: The objective is to test that POST method cancel the NS LCM operation fails when using not permitted authorization scope
+    ...    Pre-conditions: NS instance status equal to STARTING, PROCESSING or ROLLING_BACK
+    ...    Reference: Clause 6.4.15.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none   
+	POST Cancel operation task with not permitted authorization scope
+	Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/NSLifecycleManagement-API/ContinueOperationTask.robot b/SOL005/NSLifecycleManagement-API/ContinueOperationTask.robot
index 050be51cb2185adae945590379cd0c61236a4bbc..c5bc0595433183987d8907aa9783f707068de555 100644
--- a/SOL005/NSLifecycleManagement-API/ContinueOperationTask.robot
+++ b/SOL005/NSLifecycleManagement-API/ContinueOperationTask.robot
@@ -13,7 +13,7 @@ POST Continue operation task
     ...    Test title: POST Continue operation task
     ...    Test objective: The objective is to test that POST method trigger a continue on the LCM operation
     ...    Pre-conditions: NS instance status equal to FAILED_TEMP
-    ...    Reference: Clause 6.4.13.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.13.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: NS instance status not equal to FAILED_TEMP 
@@ -26,7 +26,7 @@ POST Continue operation task Not Found
     ...    Test title: POST Continue operation task Not Found
     ...    Test objective: The objective is to test that POST method cannot perform a continue operation task because the resource is not found
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.13.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.13.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -39,7 +39,7 @@ POST Continue operation task Conflict
     ...    Test title: POST Continue operation task Conflict
     ...    Test objective: The objective is to test that POST method fail in case of operation status conflict (i.e. NS instance status not equal to FAILED_TEMP )
     ...    Pre-conditions: NS instance status not equal to FAILED_TEMP 
-    ...    Reference: Clause 6.4.13.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.13.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none      
@@ -52,7 +52,7 @@ GET Continue operation task - Method not implemented
     ...    Test title: GET Continue operation task - Method not implemented
     ...    Test objective: The objective is to test that GET method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.13.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.13.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -64,7 +64,7 @@ PUT Continue operation task - Method not implemented
     ...    Test title: PUT Continue operation task - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.13.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.13.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -76,7 +76,7 @@ PATCH Continue operation task - Method not implemented
     ...    Test title: PATCH Continue operation task - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.14.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.14.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -88,9 +88,34 @@ DELETE Continue operation task - Method not implemented
     ...    Test title: DELETE Continue operation task - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.14.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.14.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE Continue operation task
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+POST Continue operation task with permitted authorization scope
+     [Documentation]    Test ID: 5.3.2.12.8
+    ...    Test title: POST Continue operation task with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method trigger a continue on the LCM operation with permitted authorization scope
+    ...    Pre-conditions: NS instance status equal to FAILED_TEMP
+    ...    Reference: Clause 6.4.13.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: NS instance status not equal to FAILED_TEMP 
+	POST Continue operation task with permitted authorization scope
+	Check HTTP Response Status Code Is    202
+	Check operation resource state is not FAILED_TEMP
+
+POST Continue operation task with not permitted authorization scope
+     [Documentation]    Test ID: 5.3.2.12.9
+    ...    Test title: POST Continue operation task with not permitted authorization scope
+    ...    Test objective: The objective is to test that POST method trigger a continue on the LCM operation fails when using not permitted authorization scope
+    ...    Pre-conditions: NS instance status equal to FAILED_TEMP
+    ...    Reference: Clause 6.4.13.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none 
+	POST Continue operation task with not permitted authorization scope
+	Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/NSLifecycleManagement-API/CreateNSInstanceWorkflow.robot b/SOL005/NSLifecycleManagement-API/CreateNSInstanceWorkflow.robot
index 6f13626cf16cf365c0635e2461d5dde358493960..3cdae826599aeb6ea39f8f8be110aa2f045e1e4c 100644
--- a/SOL005/NSLifecycleManagement-API/CreateNSInstanceWorkflow.robot
+++ b/SOL005/NSLifecycleManagement-API/CreateNSInstanceWorkflow.robot
@@ -15,7 +15,7 @@ NS Instance Creation
     ...    Test title: NS Instance Creation
     ...    Test objective: The objective is to test the workflow for Creating a NS instance
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The NS resource is in NOT_ISTANTIATED state
@@ -32,7 +32,7 @@ NS Instance Creation with DISABLED Network Service Descriptor
     ...    Test title: NS Instance Creation with DISABLED Network Service Descriptor
     ...    Test objective: The objective is to test the workflow for Creating a NS instance with a disabled NSD
     ...    Pre-conditions: One or more Network Service Descriptors are onboarded in the NFVO in disabled operational state.
-    ...    Reference: Clauses 6.4.2.3.1 and 5.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clauses 6.4.2.3.1 and 5.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
diff --git a/SOL005/NSLifecycleManagement-API/DeleteNSInstanceWorkflow.robot b/SOL005/NSLifecycleManagement-API/DeleteNSInstanceWorkflow.robot
index 1d913ed0ca3dbeb434fc5ed29d8e0f2a363390c5..bc233abc8733ad89a08abfb761dcaa7369daeb28 100644
--- a/SOL005/NSLifecycleManagement-API/DeleteNSInstanceWorkflow.robot
+++ b/SOL005/NSLifecycleManagement-API/DeleteNSInstanceWorkflow.robot
@@ -15,7 +15,7 @@ NS Instance Deletion
     ...    Test title: NS Instance Deletion
     ...    Test objective: The objective is to test the workflow for Deleting a NS instance
     ...    Pre-conditions: the resource is in NOT_INSTANTIATED state
-    ...    Reference: Clause 6.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: NS Instance resource is deleted
diff --git a/SOL005/NSLifecycleManagement-API/FailOperationTask.robot b/SOL005/NSLifecycleManagement-API/FailOperationTask.robot
index ec528bf6e2ff80db742d783f34a73320874c0954..971bb0c8474b89591b5e118ea31081dc755808b0 100644
--- a/SOL005/NSLifecycleManagement-API/FailOperationTask.robot
+++ b/SOL005/NSLifecycleManagement-API/FailOperationTask.robot
@@ -13,7 +13,7 @@ POST Fail operation task
     ...    Test title: POST Fail operation task
     ...    Test objective: The objective is to test that POST method trigger a state change to "finally failed" on the NS LCM operation
     ...    Pre-conditions: NS instance status equal to FAILED_TEMP
-    ...    Reference: Clause 6.4.14.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.14.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -26,7 +26,7 @@ POST Fail operation task Not Found
     ...    Test title: POST Fail operation task Not Found
     ...    Test objective: The objective is to test that POST method fail if the NS LCM resource is not found
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.14.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.14.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -39,7 +39,7 @@ POST Fail operation task Conflict
     ...    Test title: POST Fail operation task Conflict
     ...    Test objective: The objective is to test that POST method fail in case of status conflict on the NS LCM operation (i.e NS instance status not equal to FAILED_TEMP)
     ...    Pre-conditions: NS instance status not equal to FAILED_TEMP
-    ...    Reference: Clause 6.4.14.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.14.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -52,7 +52,7 @@ GET Fail operation task - Method not implemented
     ...    Test title: GET Fail operation task - Method not implemented
     ...    Test objective: The objective is to test that GET method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.14.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.14.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -64,7 +64,7 @@ PUT Fail operation task - Method not implemented
     ...    Test title: PUT Fail operation task - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.14.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.14.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -76,7 +76,7 @@ PATCH Fail operation task - Method not implemented
     ...    Test title: PATCH Fail operation task - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.14.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.14.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -88,11 +88,35 @@ DELETE Fail operation task - Method not implemented
     ...    Test title: DELETE Fail operation task - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.14.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.14.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none    
     DELETE Fail operation task
     Check HTTP Response Status Code Is    405
+
+POST Fail operation task with permitted authorization scope
+    [Documentation]    Test ID: 5.3.2.13.8
+    ...    Test title: POST Fail operation task with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method trigger a state change to "finally failed" on the NS LCM operation with permitted authorization scope
+    ...    Pre-conditions: NS instance status equal to FAILED_TEMP
+    ...    Reference: Clause 6.4.14.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none 
+	POST Fail operation task with permitted authorization scope
+	Check HTTP Response Status Code Is    202
+	Check resource is finally failed
     
-	
\ No newline at end of file
+POST Fail operation task with not ermitted authorization scope
+    [Documentation]    Test ID: 5.3.2.13.9
+    ...    Test title: POST Fail operation task with not ermitted authorization scope
+    ...    Test objective: The objective is to test that POST method trigger a state change to "finally failed" on the NS LCM operation fails when using not permitted authorization scope
+    ...    Pre-conditions: NS instance status equal to FAILED_TEMP
+    ...    Reference: Clause 6.4.14.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none 
+	POST Fail operation task with not permitted authorization scope
+	Check HTTP Response Status Code Is    401
+    
\ No newline at end of file
diff --git a/SOL005/NSLifecycleManagement-API/HealNSTask.robot b/SOL005/NSLifecycleManagement-API/HealNSTask.robot
index cc688b4e7a88f0ecacef01dee68ab50bb5b8a364..9644f4292d6e317fdec362ef3c33b437acf9a758 100644
--- a/SOL005/NSLifecycleManagement-API/HealNSTask.robot
+++ b/SOL005/NSLifecycleManagement-API/HealNSTask.robot
@@ -13,7 +13,7 @@ POST Heal a NSInstance
     ...    Test title: POST Heal a NSInstance
     ...    Test objective: The objective is to test that POST method trigger a Heal NS instance
     ...    Pre-conditions: NS Instance is in INSTANTIATED state.
-    ...    Reference: Clause 6.4.7.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.7.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: NS instance is still in INSTANTIATED state.
@@ -26,7 +26,7 @@ POST Heal a NSInstance - Conflict (Not Instantited)
     ...    Test title: POST Heal a NSInstance - Conflict (Not Instantited)
     ...    Test objective: The objective is to test that POST method fail if NS instance is in NOT_INSTANTIATE state 
     ...    Pre-conditions: NS Instance is in NOT_INSTANTIATED state
-    ...    Reference: Clause 6.4.7.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.7.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: NS Instance is still in NOT_INSTANTIATED state
@@ -39,7 +39,7 @@ GET Heal NSInstance- Method not implemented
     ...    Test title: GET Heal NSInstance- Method not implemented
     ...    Test objective: The objective is to test that GET method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -51,7 +51,7 @@ PUT Heal NSInstance - Method not implemented
     ...    Test title: PUT Heal NSInstance - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.7.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.7.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -63,7 +63,7 @@ PATCH Heal NSInstance - Method not implemented
     ...    Test title: PATCH Heal NSInstance - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.7.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.7.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -75,11 +75,37 @@ DELETE Heal NSInstance - Method not implemented
     ...    Test title: DELETE Heal NSInstance - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.7.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.7.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE Heal NSInstance
     Check HTTP Response Status Code Is    405
+
+POST Heal a NSInstance with permitted authorization scope
+    [Documentation]    Test ID: 5.3.2.6.6
+    ...    Test title: POST Heal a NSInstance with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method trigger a Heal NS instance with permitted authorization scope
+    ...    Pre-conditions: NS Instance is in INSTANTIATED state.
+    ...    Reference: Clause 6.4.7.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: NS instance is still in INSTANTIATED state.
+    POST Heal NSInstance with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Header Contains    Location
+
+POST Heal a NSInstance with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.2.6.7
+    ...    Test title: POST Heal a NSInstance with not permitted authorization scope
+    ...    Test objective: The objective is to test that POST method trigger a Heal NS instance fails when using not permitted authorization scope
+    ...    Pre-conditions: NS Instance is in INSTANTIATED state.
+    ...    Reference: Clause 6.4.7.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: NS instance is still in INSTANTIATED state.
+    POST Heal NSInstance with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
+
     
     
\ No newline at end of file
diff --git a/SOL005/NSLifecycleManagement-API/HealNSTaskWorkflow.robot b/SOL005/NSLifecycleManagement-API/HealNSTaskWorkflow.robot
index 526058be709f7945b9550c73d22748fa8b4f095b..365f84e5e0fa6f5436fdc780f8c8b598b9883539 100644
--- a/SOL005/NSLifecycleManagement-API/HealNSTaskWorkflow.robot
+++ b/SOL005/NSLifecycleManagement-API/HealNSTaskWorkflow.robot
@@ -14,7 +14,7 @@ Heal Flow of NS lifecycle management operations
     ...    Test title: Heal Flow of NS lifecycle management operations
     ...    Test objective: The objective is to test the workflow for Healing a NS instance
     ...    Pre-conditions: the resource is in INSTANTIATED state
-    ...    Reference: Clause 6.4.7 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.7 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: NS Instance still in INSTANTIATED state
diff --git a/SOL005/NSLifecycleManagement-API/IndividualNSInstance.robot b/SOL005/NSLifecycleManagement-API/IndividualNSInstance.robot
index 63cb732197408a2971c607a877096ced43c57afd..07bbcec4062b76c8c98390d59c23b4d2d65e6d47 100644
--- a/SOL005/NSLifecycleManagement-API/IndividualNSInstance.robot
+++ b/SOL005/NSLifecycleManagement-API/IndividualNSInstance.robot
@@ -13,7 +13,7 @@ POST Individual NSInstance - Method not implemented
     ...    Test title: POST Individual NSInstance - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.3.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.3.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -25,7 +25,7 @@ GET Information about an individual NS Instance
     ...    Test title: GET Information about an individual NS Instance
     ...    Test objective: The objective is to test that GET method returns an individual NS instance
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -40,7 +40,7 @@ PUT Individual NSInstance - Method not implemented
     ...    Test title: PUT Individual NSInstance - Method not implemented
     ...    Test objective: TThe objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.3.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.3.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -52,7 +52,7 @@ PATCH Individual NSInstance - Method not implemented
     ...    Test title: PATCH Individual NSInstance - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -64,7 +64,7 @@ DELETE Individual NSInstance
     ...    Test title: DELETE Individual NSInstance
     ...    Test objective: The objective is to test that DELETE method delete a not INSTANTIATED NS instance
     ...    Pre-conditions: NS instance is not INSTANTIATED .
-    ...    Reference: Clause 6.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: Check Postcondition NS Instance is deleted
@@ -77,11 +77,36 @@ DELETE Individual NSInstance Conflict
     ...    Test title: DELETE Individual NSInstance Conflict
     ...    Test objective: The objective is to test that DELETE method cannot delete an INSTANTIATED NS instance
     ...    Pre-conditions: one instance of a NS in INSTANTIATED state
-    ...    Reference: Clause 6.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: Check Postcondition NS Instance is not deleted
     DELETE IndividualNSInstance
     Check HTTP Response Status Code Is    409
     Check HTTP Response Body Json Schema Is    ProblemDetails
-    Check Postcondition NS Instance is not deleted
\ No newline at end of file
+    Check Postcondition NS Instance is not deleted
+
+DELETE Individual NSInstance with permitted authorization scope
+     [Documentation]    Test ID: 5.3.2.2.7
+    ...    Test title: DELETE Individual NSInstance with permitted authorization scope
+    ...    Test objective: The objective is to test that DELETE method delete a not INSTANTIATED NS instance with permitted authorization scope
+    ...    Pre-conditions: NS instance is not INSTANTIATED .
+    ...    Reference: Clause 6.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: Check Postcondition NS Instance is deleted
+    DELETE IndividualNSInstance with permitted authorization scope  
+    Check HTTP Response Status Code Is    204
+    Check Postcondition NS Instance is deleted
+
+DELETE Individual NSInstance with not permitted authorization scope
+     [Documentation]    Test ID: 5.3.2.2.8
+    ...    Test title: DELETE Individual NSInstance with not permitted authorization scope
+    ...    Test objective: The objective is to test that DELETE method fails to delete a not INSTANTIATED NS instance when using a not permitted authorization scope
+    ...    Pre-conditions: NS instance is not INSTANTIATED .
+    ...    Reference: Clause 6.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    DELETE IndividualNSInstance with not permitted authorization scope  
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/NSLifecycleManagement-API/IndividualNSLCMOccurences.robot b/SOL005/NSLifecycleManagement-API/IndividualNSLCMOccurences.robot
index 5320d5d49b13eb7ca1846b4d3c4f9144f7a43fcc..734c5f8db1b9149d0fc3aaa3e14d5e5e10b40a10 100644
--- a/SOL005/NSLifecycleManagement-API/IndividualNSLCMOccurences.robot
+++ b/SOL005/NSLifecycleManagement-API/IndividualNSLCMOccurences.robot
@@ -12,7 +12,7 @@ Post Individual NS LCM occurrences - Method not implemented
     ...    Test title: Post Individual NS LCM occurrences - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -24,7 +24,7 @@ Get status information about Individual NS LCM occurrences
     ...    Test title: Get status information about Individual NS LCM occurrences
     ...    Test objective: The objective is to test that GET method returns the LCM occurrence of the NS
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.10.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.10.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -38,7 +38,7 @@ PUT status information about Individual NS LCM occurrences - Method not implemen
     ...    Test title: PUT status information about Individual NS LCM occurrences - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.10.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.10.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -50,7 +50,7 @@ PATCH status information about Individual NS LCM occurrences
     ...    Test title: PATCH status information about Individual NS LCM occurrences
     ...    Test objective: The objective is to test that PATCH method modify an existing Individual NS LCM occurrence
     ...    Pre-conditions: An Individual NS LCM occurrence represents a scheduled operation not yet started 
-    ...    Reference: Clause 6.4.10.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.10.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -62,7 +62,7 @@ PATCH status information about Individual NS LCM occurrences - scheduled operati
     ...    Test title: PATCH status information about Individual NS LCM occurrences
     ...    Test objective: The objective is to test that PATCH method modify an existing Individual NS LCM occurrence
     ...    Pre-conditions: An Individual NS LCM occurrence represents a scheduled operation already started 
-    ...    Reference: Clause 6.4.10.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.10.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -75,7 +75,7 @@ PATCH status information about Individual NS LCM occurrences - Precondition fail
     ...    Test title: PATCH status information about Individual NS LCM occurrences - Precondition failed
     ...    Test objective: The objective is to test that PATCH method that modifies an existing Individual NS LCM occurrence fails if the resource was modified by another entity
     ...    Pre-conditions: An Individual NS LCM occurrence represents a scheduled operation not yet started 
-    ...    Reference: Clause 6.4.10.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.10.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The resource was modified by another entity
     ...    Post-Conditions: none
@@ -88,7 +88,7 @@ PATCH status information about Individual NS LCM occurrences - Precondition fail
     ...    Test title: PATCH status information about Individual NS LCM occurrences - Precondition failed HTTP Conditional Request Not Supported
     ...    Test objective: The objective is to test that PATCH method that modifies an existing Individual NS LCM occurrence fails if the API Producer does not support "Last-Modified" and "ETag" HTTP Headers
     ...    Pre-conditions: An Individual NS LCM occurrence represents a scheduled operation not yet started 
-    ...    Reference: Clause 6.4.10.3.4, 4.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.10.3.4, 4.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: API Producer does not support "Last-Modified" and "ETag" HTTP Headers
     ...    Post-Conditions: none
@@ -101,9 +101,33 @@ DELETE status information about Individual NS LCM occurrences - Method not imple
     ...    Test title: DELETE status information about Individual NS LCM occurrences - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.10.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.10.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE Individual NS LCM OP Occurrence
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+PATCH status information about Individual NS LCM occurrences with permitted authorization scope
+     [Documentation]    Test ID: 5.3.2.9.6
+    ...    Test title: PATCH status information about Individual NS LCM occurrences with permitted authorization scope
+    ...    Test objective: The objective is to test that PATCH method modify an existing Individual NS LCM occurrence with permitted authorization scope
+    ...    Pre-conditions: An Individual NS LCM occurrence represents a scheduled operation not yet started 
+    ...    Reference: Clause 6.4.10.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    PATCH Individual NS LCM OP Occurrence with permitted authorization scope
+    Check HTTP Response Status Code Is    204
+
+PATCH status information about Individual NS LCM occurrences with not permitted authorization scope
+     [Documentation]    Test ID: 5.3.2.9.4
+    ...    Test title: PATCH status information about Individual NS LCM occurrences with not permitted authorization scope
+    ...    Test objective: The objective is to test that PATCH method modify an existing Individual NS LCM occurrence fails when using not permitted authorization scope
+    ...    Pre-conditions: An Individual NS LCM occurrence represents a scheduled operation not yet started 
+    ...    Reference: Clause 6.4.10.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    PATCH Individual NS LCM OP Occurrence with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/NSLifecycleManagement-API/IndividualSubscription.robot b/SOL005/NSLifecycleManagement-API/IndividualSubscription.robot
index 745d38f14bb5fe85161f2e07771e46a61e5ccef0..d581fa720013022a15a6bd91eb92a1f863e8fd13 100644
--- a/SOL005/NSLifecycleManagement-API/IndividualSubscription.robot
+++ b/SOL005/NSLifecycleManagement-API/IndividualSubscription.robot
@@ -14,7 +14,7 @@ POST Individual Subscription - Method not implemented
     ...    Test title: POST Individual Subscription - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.17.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.17.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -26,7 +26,7 @@ GET Information about an individual subscription
     ...    Test title: GET Information about an individual subscription
     ...    Test objective: The objective is to test the retrieval of NS lifecycle management subscription and perform a JSON schema validation of the returned subscription data structure
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.17.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.17.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -39,7 +39,7 @@ PUT an individual subscription - Method not implemented
     ...    Test title: PUT an individual subscription - Method not implemented
     ...    Test objective: TThe objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.17.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.17.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -51,7 +51,7 @@ PATCH an individual subscription - Method not implemented
     ...    Test title: PATCH an individual subscription - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.17.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.17.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -63,9 +63,35 @@ DELETE an individual subscription
     ...    Test title: DELETE an individual subscription
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: At least one lifecycle management subscription is available in the NFVO
-    ...    Reference: Clause 6.4.17.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.17.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The NS lifecycle management subscription is not available anymore on NFVO
     DELETE Individual Subscription
-    Check HTTP Response Status Code Is    204
\ No newline at end of file
+    Check HTTP Response Status Code Is    204
+
+GET Information about an individual subscription with permitted authorization scope
+     [Documentation]    Test ID: 5.3.2.16.6
+    ...    Test title: GET Information about an individual subscription with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of NS lifecycle management subscription and perform a JSON schema validation of the returned subscription data structure with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 6.4.17.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual subscription with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   subscription
+
+
+GET Information about an individual subscription with not permitted authorization scope
+     [Documentation]    Test ID: 5.3.2.16.7
+    ...    Test title: GET Information about an individual subscription with not permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of NS lifecycle management subscription and perform a JSON schema validation of the returned subscription data structure fails when using not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 6.4.17.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual subscription with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/NSLifecycleManagement-API/IndividualVNFSnapshot.robot b/SOL005/NSLifecycleManagement-API/IndividualVNFSnapshot.robot
index 72dbaba07f5f425203a5774f0fc3280751e975a9..7c3e8f8dff96d0564d4b575039dafbebaf2d0768 100644
--- a/SOL005/NSLifecycleManagement-API/IndividualVNFSnapshot.robot
+++ b/SOL005/NSLifecycleManagement-API/IndividualVNFSnapshot.robot
@@ -7,7 +7,7 @@ POST Individual VNF Snapshot - Method not implemented
     ...    Test title: POST Individual VNF Snapshot - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.20.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.20.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -19,7 +19,7 @@ GET Information about an individual VNF Snapshot - SUCCESSFUL
     ...    Test title: GET Information about an individual VNF Snapshot - SUCCESSFUL
     ...    Test objective: The objective is to GET information about an individual VNF Snapshot
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.20.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.20.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -32,7 +32,7 @@ GET Information about an individual VNF Snapshot - NOT FOUND
     ...    Test title: GET Information about an individual VNF Snapshot - NOT FOUND
     ...    Test objective: The objective is to test that the retrieval of individual VNF Snapshot fails when using an invalid resource identifier.
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.20.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.20.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -45,7 +45,7 @@ PUT Individual VNF Snapshot - Method not implemented
     ...    Test title: PUT Individual VNF Snapshot - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.20.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.20.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -57,7 +57,7 @@ PATCH Individual VNF Snapshot - Method not implemented
     ...    Test title: PATCH Individual VNF Snapshot - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.20.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.20.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: VNF Snapshot not modified
@@ -69,7 +69,7 @@ DELETE Individual VNF Snapshot
     ...    Test title: DELETE Individual VNF Snapshot
     ...    Test objective: The objective is to delete a VNF Snapshot
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.20.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.20.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: VNF Snapshot resource is deleted.
@@ -82,11 +82,36 @@ DELETE Individual VNF Snapshot - Conflict
     ...    Test title: DELETE Individual VNF Snapshot Conflict
     ...    Test objective: The objective is to verify that The operation cannot be executed currently, due to a conflict with the state of the VNF Snapshot resource.
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.20.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.20.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: VNF snapshot is in use by some operation such as reverting a VNF instance to a VNF snapshot or creating a VNF snapshot package.
     ...    Post-Conditions: VNF Snapshot resource is not deleted.
     DELETE individual VNF Snapshot - CONFLICT
     Check HTTP Response Status Code Is    409
     Check HTTP Response Body Json Schema Is    ProblemDetails
-    Check Postcondition VNF Snapshot Resource Existence
\ No newline at end of file
+    Check Postcondition VNF Snapshot Resource Existence
+
+GET Information about an individual VNF Snapshot with permitted authorization scope
+    [Documentation]    Test ID: 5.3.2.28.8
+    ...    Test title: GET Information about an individual VNF Snapshot with permitted authorization scope
+    ...    Test objective: The objective is to GET information about an individual VNF Snapshot with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 6.4.20.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET individual VNF Snapshot with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    VnfSnapshotInfo
+
+GET Information about an individual VNF Snapshot with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.2.28.9
+    ...    Test title: GET Information about an individual VNF Snapshot with permitted authorization scope
+    ...    Test objective: The objective is to test that GET information about an individual VNF Snapshot fails when using not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 6.4.20.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET individual VNF Snapshot with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/NSLifecycleManagement-API/InstantiateNSTask.robot b/SOL005/NSLifecycleManagement-API/InstantiateNSTask.robot
index 90b29e0fd2b1dbecf6ab501956e6ba859913c880..45baf0a9279a609abe94f9b08ea86012fc375d4b 100644
--- a/SOL005/NSLifecycleManagement-API/InstantiateNSTask.robot
+++ b/SOL005/NSLifecycleManagement-API/InstantiateNSTask.robot
@@ -13,7 +13,7 @@ POST Instantiate a nsInstance
     ...    Test title: POST Instantiate a nsInstance
     ...    Test objective: The objective is to test that POST method instantiate a new NS instance
     ...    Pre-conditions: An NS instance created and it is in NOT_INSTANTIATED state
-    ...    Reference: Clause 6.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -27,7 +27,7 @@ POST Instantiate a nsInstance with feasibility check only
     ...    Test title: POST Instantiate a nsInstance with feasibility check
     ...    Test objective: The objective is to test that POST method instantiate a new NS instance with feasibility check only
     ...    Pre-conditions: An NS instance created and it is in NOT_INSTANTIATED state
-    ...    Reference: Clause 6.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -41,7 +41,7 @@ POST Instantiate a nsInstance Conflict
     ...    Test title: POST Instantiate a nsInstance Conflict
     ...    Test objective: The objective is to test that the operation cannot be performed due to a conflict with the state of resource (i.e. the resource is in INSTANTIATED state)
     ...    Pre-conditions: resource is in INSTANTIATED state
-    ...    Reference: Clause 6.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The NS instance is not instantiated on the NFVO
@@ -54,7 +54,7 @@ GET Instantiate NSInstance - Method not implemented
     ...    Test title: GET Instantiate NSInstance - Method not implemented
     ...    Test objective: The objective is to test that the operation cannot be performed due because method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none.
@@ -66,7 +66,7 @@ PUT Instantiate NSInstance - Method not implemented
     ...    Test title: PUT Instantiate NSInstance - Method not implemented
     ...    Test objective: The objective is to test that the operation cannot be performed due because method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.4.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.4.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none.
@@ -78,7 +78,7 @@ PATCH Instantiate NSInstance - Method not implemented
     ...    Test title: PATCH Instantiate NSInstance - Method not implemented
     ...    Test objective: The objective is to test that the operation cannot be performed due because method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.4.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.4.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none.
@@ -90,9 +90,35 @@ DELETE Instantiate NSInstance - Method not implemented
     ...    Test title: DELETE Instantiate NSInstance - Method not implemented
     ...    Test objective: The objective is to test that the operation cannot be performed due because method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.4.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.4.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none.
     DELETE Instantiate NSInstance
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+POST Instantiate a nsInstance with permitted authorization scope
+    [Documentation]    Test ID: 5.3.2.3.7
+    ...    Test title: POST Instantiate a nsInstance with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method instantiate a new NS instance with permitted authorization scope
+    ...    Pre-conditions: An NS instance created and it is in NOT_INSTANTIATED state
+    ...    Reference: Clause 6.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Instantiate nsInstance with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Header Contains    Location
+    Check Operation Occurrence Id
+
+POST Instantiate a nsInstance with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.2.3.8
+    ...    Test title: POST Instantiate a nsInstance with not permitted authorization scope
+    ...    Test objective: The objective is to test that POST method instantiate a new NS instance fails when using not permitted authorization scope
+    ...    Pre-conditions: An NS instance created and it is in NOT_INSTANTIATED state
+    ...    Reference: Clause 6.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Instantiate nsInstance with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/NSLifecycleManagement-API/InstantiateNSTaskWorkflow.robot b/SOL005/NSLifecycleManagement-API/InstantiateNSTaskWorkflow.robot
index 341ad1bcc8ce20ef737135f48f02405f0a9b6fe5..db1aa88f138dbc903319ee40b5609ae6d4a97ed5 100644
--- a/SOL005/NSLifecycleManagement-API/InstantiateNSTaskWorkflow.robot
+++ b/SOL005/NSLifecycleManagement-API/InstantiateNSTaskWorkflow.robot
@@ -14,7 +14,7 @@ Instantiate Flow of NS lifecycle management operations
     ...    Test title: Instantiate Flow of NS lifecycle management operations
     ...    Test objective: The objective is to test the workflow for Instantiate a NS instance
     ...    Pre-conditions: the resource is in NOT_INSTANTIATED state
-    ...    Reference: Clause 6.4.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: the resource is in INSTANTIATED state
diff --git a/SOL005/NSLifecycleManagement-API/NSInstances.robot b/SOL005/NSLifecycleManagement-API/NSInstances.robot
index 57e37608533ba6ea2c65aea29f5be34bf1068c40..c38c54cc53b7e994f906414c8a6765e2709d6e6c 100644
--- a/SOL005/NSLifecycleManagement-API/NSInstances.robot
+++ b/SOL005/NSLifecycleManagement-API/NSInstances.robot
@@ -199,4 +199,31 @@ GET information about multiple NS instances - Filter
     ...    Post-Conditions: none.
     GET NsInstances using filtering parameter
     Check HTTP Response Status Code Is    200
-    Check HTTP Response Body Json Schema Is    NsInstances  
\ No newline at end of file
+    Check HTTP Response Body Json Schema Is    NsInstances  
+
+POST Create a new NsInstance with permitted authorization scope
+    [Documentation]    Test ID: 5.3.2.1.16
+    ...    Test title: POST Create a new NsInstance with permitted authorization scope
+    ...    Test objective: The objective is to test the creation of a new Ns Instances with permitted authorization scope
+    ...    Pre-conditions: none.
+    ...    Reference: Clause 6.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none.
+    ...    Post-Conditions: A Ns instance is instantiated.
+    POST New nsInstance with permitted authorization scope
+    Check HTTP Response Status Code Is    201
+    Check HTTP Response Header Contains    Location
+    Check HTTP Response Body Json Schema Is    NsInstance
+    Check HTTP Response Body NsInstance content against NS Descriptor
+
+POST Create a new NsInstance with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.2.1.17
+    ...    Test title: POST Create a new NsInstance with not permitted authorization scope
+    ...    Test objective: The objective is to test that the creation of a new Ns Instances fails when using a not permitted authorization scope
+    ...    Pre-conditions: none.
+    ...    Reference: Clause 6.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none.
+    ...    Post-Conditions: none.
+    POST New nsInstance with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/NSLifecycleManagement-API/NSLCMOccurences.robot b/SOL005/NSLifecycleManagement-API/NSLCMOccurences.robot
index 3cec36ed8c8f10e7f68c3f67b8e3eb07e69b81f1..f00db3885399cf9102b8bf3f33785ad4f7a42a80 100644
--- a/SOL005/NSLifecycleManagement-API/NSLCMOccurences.robot
+++ b/SOL005/NSLifecycleManagement-API/NSLCMOccurences.robot
@@ -12,7 +12,7 @@ POST NS LCM occurrences - Method not implemented
     ...    Test title: POST NS LCM occurrences - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.9.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.9.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -24,7 +24,7 @@ GET status information about multiple NS LCM occurrences
     ...    Test title: GET status information about multiple NS LCM occurrences
     ...    Test objective: The objective is to test that GET method returns a list of LCM occurrences of the NS
     ...    Pre-conditions: At least one LCM occurrences available in the NFVO
-    ...    Reference: Clause 6.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -37,7 +37,7 @@ GET status information about multiple NS LCM occurrences Bad Request Invalid att
     ...    Test title: GET status information about multiple NS LCM occurrences Bad Request Invalid attribute-based filtering parameters
     ...    Test objective: The objective is to test that GET method fail because of wrong query parameter
     ...    Pre-conditions: At least one LCM occurrences available in the NFVO, Invalid filter parameter
-    ...    Reference: Clause 6.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -50,7 +50,7 @@ GET status information about multiple NS LCM occurrences Bad Request Invalid att
     ...    Test title: GET status information about multiple NS LCM occurrences Bad Request Invalid attribute selector
     ...    Test objective: The objective is to test that GET method fail because of wrong attributes selector
     ...    Pre-conditions: At least one LCM occurrences available in the NFVO, Invalid attribute selector
-    ...    Reference: Clause 6.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -63,7 +63,7 @@ GET status information about multiple NS LCM occurrences with "all_fields"
     ...    Test title: GET status information about multiple NS LCM occurrences with "all_fields"
     ...    Test objective: The objective is to test that GET method returns a list of LCM occurrences of the NS
     ...    Pre-conditions: At least one LCM occurrences available in the NFVO
-    ...    Reference: Clause 6.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -76,7 +76,7 @@ GET status information about multiple NS LCM occurrences with "exclude_default"
     ...    Test title: GET status information about multiple NS LCM occurrences with "exclude_default"
     ...    Test objective: The objective is to test that GET method returns a list of LCM occurrences of the NS
     ...    Pre-conditions: At least one LCM occurrences available in the NFVO
-    ...    Reference: Clause 6.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -89,7 +89,7 @@ GET status information about multiple NS LCM occurrences with "fields"
     ...    Test title: GET status information about multiple NS LCM occurrences with "fields"
     ...    Test objective: The objective is to test that GET method returns a list of LCM occurrences of the NS
     ...    Pre-conditions: At least one LCM occurrences available in the NFVO
-    ...    Reference: Clause 6.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -102,7 +102,7 @@ GET status information about multiple NS LCM occurrences with "exclude_fields"
     ...    Test title: GET status information about multiple NS LCM occurrences with "exclude_fields"
     ...    Test objective: The objective is to test that GET method returns a list of LCM occurrences of the NS
     ...    Pre-conditions: At least one LCM occurrences available in the NFVO
-    ...    Reference: Clause 6.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -115,7 +115,7 @@ PUT status information about multiple NS LCM occurrences - Method not implemente
     ...    Test title: PUT status information about multiple NS LCM occurrences - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.9.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.9.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -127,7 +127,7 @@ PATCH status information about multiple NS LCM occurrences - Method not implemen
     ...    Test title: PATCH status information about multiple NS LCM occurrences - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.9.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.9.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -139,7 +139,7 @@ DELETE status information about multiple NS LCM occurrences - Method not impleme
     ...    Test title: DELETE status information about multiple NS LCM occurrences - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.9.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.9.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -151,7 +151,7 @@ GET status information about multiple NS LCM occurrences as Paged Response
     ...    Test title: GET status information about multiple NS LCM occurrences as Paged Reponse
     ...    Test objective: The objective is to test that GET method returns a list of LCM occurrences of the NS as paged response.
     ...    Pre-conditions: At least one LCM occurrences available in the NFVO
-    ...    Reference: Clause 6.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -164,7 +164,7 @@ GET status information about multiple NS LCM occurrences - Bad Request Response
     ...    Test title: GET status information about multiple NS LCM occurrences - Bad Request Response too Big
     ...    Test objective: The objective is to test that GET method fail because response is too big, and perform the JSON schema validation of the failed operation HTTP response. 
     ...    Pre-conditions: At least one LCM occurrences available in the NFVO, Invalid filter parameter
-    ...    Reference: Clause 6.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -177,7 +177,7 @@ GET status information about multiple NS LCM occurrences with "fields" and "excl
     ...    Test title: GET status information about multiple NS LCM occurrences with "fields" and "exclude_default"
     ...    Test objective: The objective is to test that GET method returns a list of LCM occurrences of the NS
     ...    Pre-conditions: At least one LCM occurrences available in the NFVO
-    ...    Reference: Clause 6.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -190,10 +190,35 @@ GET status information about multiple NS LCM occurrences - Filter
     ...    Test title: GET status information about multiple NS LCM occurrences - Filter
     ...    Test objective: The objective is to test that GET method returns a list of LCM occurrences of the NS using filtering-based query parameters
     ...    Pre-conditions: At least one LCM occurrences available in the NFVO
-    ...    Reference: Clause 6.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
 	GET NS LCM OP Occurrences using filtering parameters
 	Check HTTP Response Status Code Is    200
-	Check HTTP Response Body Json Schema Is    NsLcmOpOccs
\ No newline at end of file
+	Check HTTP Response Body Json Schema Is    NsLcmOpOccs
+
+GET status information about multiple NS LCM occurrences with permitted authorization scope 
+     [Documentation]    Test ID: 5.3.2.8.16
+    ...    Test title: GET status information about multiple NS LCM occurrences with permitted authorization scope
+    ...    Test objective: The objective is to test that GET method returns a list of LCM occurrences of the NS with permitted authorization scope
+    ...    Pre-conditions: At least one LCM occurrences available in the NFVO
+    ...    Reference: Clause 6.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+	GET NS LCM OP Occurrences with permitted authorization scope
+	Check HTTP Response Status Code Is    200
+	Check HTTP Response Body Json Schema Is    NsLcmOpOccs
+
+GET status information about multiple NS LCM occurrences with not permitted authorization scope 
+     [Documentation]    Test ID: 5.3.2.8.17
+    ...    Test title: GET status information about multiple NS LCM occurrences with not permitted authorization scope
+    ...    Test objective: The objective is to test that GET method returns a list of LCM occurrences of the NS with permitted authorization scope
+    ...    Pre-conditions: At least one LCM occurrences available in the NFVO
+    ...    Reference: Clause 6.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+	GET NS LCM OP Occurrences with not permitted authorization scope
+	Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/NSLifecycleManagement-API/NSLCMOperationKeywords.robot b/SOL005/NSLifecycleManagement-API/NSLCMOperationKeywords.robot
index bc90236bd2d92e20216d8988321b66c5ef2a1861..60384161f52acd7705edef0c8f3e5d0c92a58db0 100644
--- a/SOL005/NSLifecycleManagement-API/NSLCMOperationKeywords.robot
+++ b/SOL005/NSLifecycleManagement-API/NSLCMOperationKeywords.robot
@@ -8,6 +8,7 @@ Library    OperatingSystem
 Library    MockServerLibrary
 Library    Collections
 Library    String
+Library    jwt
 #Variables  descriptors/SOL006/VNFD/vnfd_SOL006.yaml
 #Variables  descriptors/SOL006/NSD/nsd_SOL006.yaml
 #Variables  descriptors/SOL001/VNFD/vnfd_SOL001.yaml
@@ -229,6 +230,36 @@ POST New nsInstance
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}     
 
+POST New nsInstance with permitted authorization scope
+    Log    Create NS instance by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/ns_instances
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scope=${NSINSTANCE_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Run Keyword If    ${check_descriptors} == 1    PARSE the NS Descriptor File
+    ${template}=    Get File    jsons/CreateNsRequest.json 
+    ${body}=        Format String   ${template}     nsdId=${NS_DescriptorID}   nsInstanceName=${nsInstanceName}   vimAccountId=${vimAccountId}   nsInstanceDescription=${nsInstanceDescription}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_instances    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}     
+
+POST New nsInstance with not permitted authorization scope
+    Log    Create NS instance by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/ns_instances
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scope=${NSINSTANCE_NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Run Keyword If    ${check_descriptors} == 1    PARSE the NS Descriptor File
+    ${template}=    Get File    jsons/CreateNsRequest.json 
+    ${body}=        Format String   ${template}     nsdId=${NS_DescriptorID}   nsInstanceName=${nsInstanceName}   vimAccountId=${vimAccountId}   nsInstanceDescription=${nsInstanceDescription}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_instances    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
 Check HTTP Response Body NsInstance content against VNF Descriptor
     #${check_descriptors} flag, 1 to check descriptors
     Run Keyword If    ${check_descriptors} == 1    Check Individual NsInstance Content
@@ -538,8 +569,27 @@ DELETE IndividualNSInstance
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_instances/${nsInstanceId}
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse} 	
+	Set Global Variable    ${response}    ${outputResponse} 
+
+DELETE IndividualNSInstance with permitted authorization scope
+    log    Trying to delete an individual VNF instance
+    ${scopeValue}=    Create Dictionary    scope=${NSINSTANCE_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_instances/${nsInstanceId}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}	
 	
+DELETE IndividualNSInstance with not permitted authorization scope
+    log    Trying to delete an individual VNF instance
+    ${scopeValue}=    Create Dictionary    scope=${NSINSTANCE_NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Delete    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_instances/${nsInstanceId}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
 
 DELETE IndividualNSInstance Conflict
     log    Trying to delete an individual VNF instance
@@ -583,7 +633,7 @@ GET Instantiate NSInstance
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 	
- POST Instantiate nsInstance
+POST Instantiate nsInstance
     Log    Trying to Instantiate a ns Instance
     Set Headers  {"Accept":"${ACCEPT}"}  
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
@@ -594,6 +644,36 @@ GET Instantiate NSInstance
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_instances/${nsInstanceId}/instantiate    ${body}
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
+
+POST Instantiate nsInstance with permitted authorization scope
+    Log    Trying to Instantiate a ns Instance
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scope=${INSTANTIATE_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Run Keyword If    ${check_descriptors} == 1    PARSE the NS Descriptor File
+    ${template}=    Get File    jsons/InstantiateNs.json
+    ${body}=        Format String   ${template}     nsFlavourId=${nsFlavourId}   vimAccountId=${vimAccountId}   nsdId=${nsdId}    sapdId=${SAP_IDs[0]}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_instances/${nsInstanceId}/instantiate    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+POST Instantiate nsInstance with not permitted authorization scope
+    Log    Trying to Instantiate a ns Instance
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Run Keyword If    ${check_descriptors} == 1    PARSE the NS Descriptor File
+    ${template}=    Get File    jsons/InstantiateNs.json
+    ${body}=        Format String   ${template}     nsFlavourId=${nsFlavourId}   vimAccountId=${vimAccountId}   nsdId=${nsdId}    sapdId=${SAP_IDs[0]}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_instances/${nsInstanceId}/instantiate    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
 	
 POST Instantiate nsInstance with feasibility check only
     Log    Trying to Instantiate a ns Instance
@@ -652,6 +732,36 @@ POST scale nsInstance
 	Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_instances/${nsInstanceId}/scale    ${body}
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
+
+POST scale nsInstance with permitted authorization scope
+	Log    Trying to Instantiate a scale NS Instance
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scope=${SCALE_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Run Keyword If    ${check_descriptors} == 1    PARSE the Descriptor File
+    ${template}=    Get File    jsons/ScaleNs.json
+    ${body}=        Format String   ${template}     scaleType=${scaleType}   scaleTimeout=${scaleTimeout}   scaleVnfType=${scaleVnfType}   scaleGroupDescriptor=${scaleGroupDescriptor}   scaleMemberVnfIndex=${scaleMemberVnfIndex}    vnfInstantiationLevelId=${InstantiationLevel_IDs[0]}
+	Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_instances/${nsInstanceId}/scale    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+POST scale nsInstance with not permitted authorization scope
+	Log    Trying to Instantiate a scale NS Instance
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Run Keyword If    ${check_descriptors} == 1    PARSE the Descriptor File
+    ${template}=    Get File    jsons/ScaleNs.json
+    ${body}=        Format String   ${template}     scaleType=${scaleType}   scaleTimeout=${scaleTimeout}   scaleVnfType=${scaleVnfType}   scaleGroupDescriptor=${scaleGroupDescriptor}   scaleMemberVnfIndex=${scaleMemberVnfIndex}    vnfInstantiationLevelId=${InstantiationLevel_IDs[0]}
+	Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_instances/${nsInstanceId}/scale    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}  
 	
 DELETE Update NSInstance
     log    Trying to delete an Update NS instance. This method should not be implemented
@@ -699,6 +809,38 @@ POST Update NSInstance
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_instances/${nsInstanceId}/update    ${body}
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
+
+POST Update NSInstance with permitted authorization scope
+	Log    Trying to Instantiate a Update NS Instance
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scope=${UPDATE_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Run Keyword If    ${check_descriptors} == 1    PARSE the Descriptor File
+    Run Keyword If    ${check_descriptors} == 1    PARSE the NS Descriptor File  
+    ${template} =    Get File    jsons/UpdateNsRequest.json
+    ${body}=        Format String   ${template}     vnfdId=${descriptor_id}    vnfFlavourId=${Flavour_ID}    newFlavourId=${Flavour_ID}    vnfVirtualLinkDescId=${VirtualLink_IDs[0]}    instantiationLevelId=${InstantiationLevel_IDs[1]}    vnfInstantiationLevelId=${InstantiationLevel_IDs[0]}    newNsdId=${NS_DescriptorID}    sapdId=${SAP_IDs[0]}    vnfInstanceId=${vnfInstanceId}    
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_instances/${nsInstanceId}/update    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 
+
+POST Update NSInstance with not permitted authorization scope
+	Log    Trying to Instantiate a Update NS Instance
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Run Keyword If    ${check_descriptors} == 1    PARSE the Descriptor File
+    Run Keyword If    ${check_descriptors} == 1    PARSE the NS Descriptor File  
+    ${template} =    Get File    jsons/UpdateNsRequest.json
+    ${body}=        Format String   ${template}     vnfdId=${descriptor_id}    vnfFlavourId=${Flavour_ID}    newFlavourId=${Flavour_ID}    vnfVirtualLinkDescId=${VirtualLink_IDs[0]}    instantiationLevelId=${InstantiationLevel_IDs[1]}    vnfInstantiationLevelId=${InstantiationLevel_IDs[0]}    newNsdId=${NS_DescriptorID}    sapdId=${SAP_IDs[0]}    vnfInstanceId=${vnfInstanceId}    
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_instances/${nsInstanceId}/update    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 
  
 POST Update NSInstance with feasibility check only
 	Log    Trying to Instantiate a Update NS Instance
@@ -757,6 +899,33 @@ POST Heal NSInstance
 	Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_instances/${nsInstanceId}/heal    ${body}
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
+
+POST Heal NSInstance with permitted authorization scope
+	Log    Trying to Instantiate a Heal NS Instance
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scope=${HEAL_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}    ${template}=    Get File    jsons/HealNsRequest.json
+    ${body}=        Format String   ${template}     nsDegreeHealing=${nsDegreeHealing}
+	Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_instances/${nsInstanceId}/heal    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 
+
+POST Heal NSInstance with not permitted authorization scope
+	Log    Trying to Instantiate a Heal NS Instance
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    ${template}=    Get File    jsons/HealNsRequest.json
+    ${body}=        Format String   ${template}     nsDegreeHealing=${nsDegreeHealing}
+	Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_instances/${nsInstanceId}/heal    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 
 	
 DELETE Terminate NSInstance
     log    Trying to Delete an Terminate NS instance. This method should not be implemented
@@ -799,6 +968,30 @@ POST Terminate NSInstance
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     ${body}=    Get File    jsons/TerminateNsRequest.json
 	Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_instances/${nsInstanceId}/terminate    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+POST Terminate NSInstance with permitted authorization scope
+	Log    Trying to Instantiate a Terminate NS Instance
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scope=${TERMINATE_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}    ${body}=    Get File    jsons/TerminateNsRequest.json
+	Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_instances/${nsInstanceId}/terminate    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 
+
+POST Terminate NSInstance with not permitted authorization scope
+	Log    Trying to Instantiate a Terminate NS Instance
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}    ${body}=    Get File    jsons/TerminateNsRequest.json
+	Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_instances/${nsInstanceId}/terminate    ${body}
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 		
@@ -835,6 +1028,28 @@ DELETE NS LCM OP Occurrences
 	Set Global Variable    ${response}    ${outputResponse}
 	
 GET NS LCM OP Occurrences
+    Log    Query status information about multiple NS lifecycle management operation occurrences.
+	Set Headers  {"Accept":"${ACCEPT}"}  
+    ${scopeValue}=    Create Dictionary    scope=${OPCCS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}	Log    Execute Query and validate response
+	Get    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_lcm_op_occs
+	${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+GET NS LCM OP Occurrences with permitted authorization scope
+    Log    Query status information about multiple NS lifecycle management operation occurrences.
+	Set Headers  {"Accept":"${ACCEPT}"}  
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}	Log    Execute Query and validate response
+	Get    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_lcm_op_occs
+	${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+GET NS LCM OP Occurrences with not permitted authorization scope
     Log    Query status information about multiple NS lifecycle management operation occurrences.
 	Set Headers  {"Accept":"${ACCEPT}"}  
 	Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
@@ -929,6 +1144,33 @@ PATCH Individual NS LCM OP Occurrence
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
 
+PATCH Individual NS LCM OP Occurrence with permitted authorization scope
+    log    Trying to perform a PATCH.
+    Set Headers  {"Accept":"${ACCEPT}"}
+    Set Headers  {"Content-Type": "${CONTENT_TYPE_PATCH}"}
+    ${scopeValue}=    Create Dictionary    scope=${OPOCCS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}    ${body}=    Get File    jsons/NsLcmInfoModificationRequest.json
+    ${body}=        Format String   ${body}     scheduledTime=${schedule_for_new_operation_start}
+    Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_lcm_op_occs/${nsLcmOpOccId_scheduledOp_notStarted}    ${body}	 	
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+PATCH Individual NS LCM OP Occurrence with not permitted authorization scope
+    log    Trying to perform a PATCH.
+    Set Headers  {"Accept":"${ACCEPT}"}
+    Set Headers  {"Content-Type": "${CONTENT_TYPE_PATCH}"}
+    ${scopeValue}=    Create Dictionary    scope=${OPOCCS_NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}    ${body}=    Get File    jsons/NsLcmInfoModificationRequest.json
+    ${body}=        Format String   ${body}     scheduledTime=${schedule_for_new_operation_start}
+    Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_lcm_op_occs/${nsLcmOpOccId_scheduledOp_notStarted}    ${body}	 	
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+
 PATCH Individual NS LCM OP Occurrence of Already Started Scheduled Operation 
     log    Trying to perform a PATCH.
     Set Headers  {"Accept":"${ACCEPT}"}
@@ -1016,6 +1258,28 @@ POST Retry operation task
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_lcm_op_occs/${nsLcmOpOccId}/retry
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
+
+POST Retry operation task with permitted authorization scope
+    Log    Retry a NS lifecycle operation if that operation has experienced a temporary failure
+    ${scopeValue}=    Create Dictionary    scope=${OPOCCS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Log    Execute Query and validate response
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_lcm_op_occs/${nsLcmOpOccId}/retry
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+POST Retry operation task with not permitted authorization scope
+    Log    Retry a NS lifecycle operation if that operation has experienced a temporary failure
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Log    Execute Query and validate response
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_lcm_op_occs/${nsLcmOpOccId}/retry
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
 	
 GET Rollback operation task
     log    Trying to perform a GET. This method should not be implemented
@@ -1052,6 +1316,28 @@ POST Rollback operation task
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_lcm_op_occs/${nsLcmOpOccId}/rollback
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
+
+POST Rollback operation task with permitted authorization scope
+    Log    Rollback a NS lifecycle operation task
+    ${scopeValue}=    Create Dictionary    scope=${OPOCCS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Log    Execute Query and validate response
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_lcm_op_occs/${nsLcmOpOccId}/rollback
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+POST Rollback operation task with not permitted authorization scope
+    Log    Rollback a NS lifecycle operation task
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Log    Execute Query and validate response
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_lcm_op_occs/${nsLcmOpOccId}/rollback
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
 	
 GET Continue operation task
     log    Trying to perform a GET. This method should not be implemented
@@ -1089,6 +1375,28 @@ POST Continue operation task
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
 
+POST Continue operation task with permitted authorization scope
+    Log    Continue a NS lifecycle operation task
+    ${scopeValue}=    Create Dictionary    scope=${OPOCCS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Log    Execute Query and validate response
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_lcm_op_occs/${nsLcmOpOccId}/continue
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+POST Continue operation task with not permitted authorization scope
+    Log    Continue a NS lifecycle operation task
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Log    Execute Query and validate response
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_lcm_op_occs/${nsLcmOpOccId}/continue
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
 GET Fail operation task
     log    Trying to perform a GET. This method should not be implemented
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
@@ -1119,12 +1427,34 @@ DELETE Fail operation task
 	
 POST Fail operation task
     Log    Fail a NS lifecycle operation task
-    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    ${scopeValue}=    Create Dictionary    scope=${OPOCCS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Log    Execute Query and validate response
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_lcm_op_occs/${nsLcmOpOccId}/fail
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+POST Fail operation task with permitted authorization scope
+    Log    Fail a NS lifecycle operation task
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
     Log    Execute Query and validate response
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_lcm_op_occs/${nsLcmOpOccId}/fail
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
 	
+POST Fail operation task with not permitted authorization scope
+    Log    Fail a NS lifecycle operation task
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    Log    Execute Query and validate response
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_lcm_op_occs/${nsLcmOpOccId}/fail
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
 GET Cancel operation task
     log    Trying to perform a GET. This method should not be implemented
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
@@ -1160,6 +1490,28 @@ POST Cancel operation task
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_lcm_op_occs/${nsLcmOpOccId}/cancel
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
+
+POST Cancel operation task with permitted authorization scope
+    Log    Cancel a NS lifecycle operation task
+    ${scopeValue}=    Create Dictionary    scope=${OPOCCS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Log    Execute Query and validate response
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_lcm_op_occs/${nsLcmOpOccId}/cancel
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+POST Cancel operation task with not permitted authorization scope
+    Log    Cancel a NS lifecycle operation task
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Log    Execute Query and validate response
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/ns_lcm_op_occs/${nsLcmOpOccId}/cancel
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
 	
 PUT subscriptions
     Log    Trying to perform a PUT. This method should not be implemented
@@ -1260,6 +1612,32 @@ GET Subscriptions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
 
+GET Subscriptions with permitted authorization scope
+    Log    Get the list of active subscriptions
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scope=${SUBSCRIPTIONS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Log    Execute Query and validate response
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+GET Subscriptions with not permitted authorization scope
+    Log    Get the list of active subscriptions
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Log    Execute Query and validate response
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
 Get subscriptions with all_fields attribute selector
     Log    Get the list of active subscriptions, using fields
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
@@ -1339,6 +1717,28 @@ GET Individual subscription
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}  
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
+
+GET Individual subscription with permitted authorization scope
+    log    Trying to get information about an individual subscription
+    Set Headers    {"Accept":"${ACCEPT}"}  
+    ${scopeValue}=    Create Dictionary    scope=${SUBSCRIPTIONS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}  
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+GET Individual subscription with not permitted authorization scope
+    log    Trying to get information about an individual subscription
+    Set Headers    {"Accept":"${ACCEPT}"}  
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}  
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
 	
 DELETE Individual subscription
     log    Try to delete an individual subscription
@@ -1518,9 +1918,33 @@ GET multiple VNF Snapshots
     Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
     Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots 
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 	
+
+GET multiple VNF Snapshots with permitted authorization scope	
+    Log    Query VNF The GET method queries information about multiple VNF snapshots.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scope=${SNAPSHOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots 
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 		
 
+GET multiple VNF Snapshots with not permitted authorization scope	
+    Log    Query VNF The GET method queries information about multiple VNF snapshots.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots 
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
 GET multiple VNF Snapshots with bad attribute	
     Log    Query VNF The GET method queries information about multiple VNF snapshots.
     Set Headers  {"Accept":"${ACCEPT}"}  
@@ -1631,13 +2055,37 @@ POST individual VNF Snapshot
 	Set Global Variable    ${response}    ${outputResponse}        
 
 GET individual VNF Snapshot
+    log    Trying to get information about an individual VNF snapshot
+    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scope=${SNAPSHOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots/${vnfSnapshotInfoId} 		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 
+
+GET individual VNF Snapshot with permitted authorization scope
+    log    Trying to get information about an individual VNF snapshot
+    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots/${vnfSnapshotInfoId} 		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 
+
+GET individual VNF Snapshot with not permitted authorization scope
     log    Trying to get information about an individual VNF snapshot
     Set Headers    {"Accept":"${ACCEPT}"}  
     Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshots/${vnfSnapshotInfoId} 		
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}      
+	Set Global Variable    ${response}    ${outputResponse}       
 
 GET individual VNF Snapshot with invalid URI
     log    Trying to get information about an individual VNF snapshot
@@ -1718,4 +2166,7 @@ Configure Notification NS Creation Deletion Handler
     &{notification_response}=  Create Mock Response    headers=${headers}    status_code=204
     Create Mock Expectation  ${notification_request}  ${notification_response}
 
-
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded} 
diff --git a/SOL005/NSLifecycleManagement-API/NotificationEndpoint.robot b/SOL005/NSLifecycleManagement-API/NotificationEndpoint.robot
index 617d81b7085e0737aec1d03d4e7d7a8b46a3be6f..ca3a865783de18ffd9e9bc61b85d180bb4668604 100644
--- a/SOL005/NSLifecycleManagement-API/NotificationEndpoint.robot
+++ b/SOL005/NSLifecycleManagement-API/NotificationEndpoint.robot
@@ -15,7 +15,7 @@ Ns Lcm Operation Occurrence Notification
     ...    Test title: Ns Lcm Operation Occurrence Notification
     ...    Test objective: The objective is to test that Ns Lcm Operation Occurrence Notification is delivered with success to the notification consumer.
     ...    Pre-conditions: A subscription for NS LCM Operation Occurrence notifications is available in the NFVO.
-    ...    Reference: Clause 6.4.18.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.18.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -27,7 +27,7 @@ Ns Identifier Creation Notification
     ...    Test title: Ns Identifier Creation Notification
     ...    Test objective: The objective is to test that Ns Identifier Creation Notification is delivered with success to the notification consumer.
     ...    Pre-conditions: A subscription for Ns Identifier Creation notification is available in the NFVO.
-    ...    Reference: Clause 6.4.18.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.18.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -39,7 +39,7 @@ Ns Identifier Deletion Notification
     ...    Test title: Ns Identifier Deletion Notification
     ...    Test objective: The objective is to test that Ns Identifier Deletion Notification is delivered with success to the notification consumer.
     ...    Pre-conditions: A subscription for Ns Identifier Deletion notification is available in the NFVO.
-    ...    Reference: Clause 6.4.18.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.18.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -51,7 +51,7 @@ Ns Change Notification
     ...    Test title: Ns Change Notification
     ...    Test objective: The objective is to test that Ns Change Notification is delivered with success to the notification consumer.
     ...    Pre-conditions: A subscription for Ns Change notification is available in the NFVO.
-    ...    Reference: Clause 6.4.18.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.18.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -63,7 +63,7 @@ Ns LCM Capacity Shortage Notification
     ...    Test title: Ns LCM Capacity Shortage Notification
     ...    Test objective: The objective is to test that Ns LCM Capacity Shortage Notification is delivered with success to the notification consumer.
     ...    Pre-conditions: A subscription for Ns LCM Capacity Shortage notification is available in the NFVO.
-    ...    Reference: Clause 6.4.18.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.18.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL005/NSLifecycleManagement-API/Notifications.robot b/SOL005/NSLifecycleManagement-API/Notifications.robot
index d16a01eabb64a4002fe38b5961bb31a691966ff7..6b8f95c9f176f8732be7ed50e82bfc3ff5b6c0fe 100644
--- a/SOL005/NSLifecycleManagement-API/Notifications.robot
+++ b/SOL005/NSLifecycleManagement-API/Notifications.robot
@@ -13,7 +13,7 @@ NS LCM Operation Occurrence Start Notification
     ...    Test title: NS LCM Operation Occurrence Start Notification
     ...    Test objective: The objective is to test the dispatch of NS LCM Operation Occurrence Start Notification when a new NS LCM operation is started in the NFVO, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A subscription for NS LCM Operation Occurrence notifications is available in the NFVO.
-    ...    Reference: Clause 6.4.18.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.18.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -27,7 +27,7 @@ NS LCM Operation Occurrence Result Notification
     ...    Test title: NS LCM Operation Occurrence Result Notification
     ...    Test objective: The objective is to test the dispatch of NS LCM Operation Occurrence Result Notification when a NS LCM operation is completed in the NFVO, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: An NS LCM operation is in progress, and a subscription for NS LCM Operation Occurrence notifications is available in the NFVO.
-    ...    Reference: Clause 6.4.18.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.18.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -41,7 +41,7 @@ NS Identifier Creation Notification
     ...    Test title: NS Identifier Creation Notification
     ...    Test objective: The objective is to test the dispatch of NS Identifier Creation Notification when a new NS instance resource is created in the NFVO, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A subscription for NS identifier creation notifications is available in the NFVO.
-    ...    Reference: Clause 6.4.18.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.18.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -54,7 +54,7 @@ NS Identifier Deletion Notification
     ...    Test title: NS Identifier Deletion Notification
     ...    Test objective: The objective is to test the dispatch of NS Identifier Deletion Notification when a NS instance resource is deleted in the NFVO, and perform a JSON schema and content validation of the delivered notification.The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A NS instance resource is created, and a subscription for NS identifier deletion notifications is available in the NFVO.
-    ...    Reference: Clause 6.4.18.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.18.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -67,7 +67,7 @@ NS Change Notification
     ...    Test title: NS Change Notification
     ...    Test objective: The objective is to test the dispatch of NS Change Notification when a NS instance component is affected by an LCM operation occurrence, and perform a JSON schema and content validation of the delivered notification.The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A NS instance resource is created, and a subscription for NS change notifications is available in the NFVO.
-    ...    Reference: Clause 6.4.18.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.18.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -80,7 +80,7 @@ NS LCM Capacity Shortage Notification
     ...    Test title: NS LCM Capacity Shortage Notification
     ...    Test objective: The objective is to test the dispatch of NS LCM Capacity Shortage Notification when a resource shortage occurs during the execution of an NS LCM operation, and perform a JSON schema and content validation of the delivered notification.The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A NS instance resource is created, and a subscription for NS LCM Capacity Shortage notifications is available in the NFVO.
-    ...    Reference: Clause 6.4.18.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.18.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL005/NSLifecycleManagement-API/RetryOperationTask.robot b/SOL005/NSLifecycleManagement-API/RetryOperationTask.robot
index a38f60873d338e20c1dc8f57a76072880b0d6f6a..9ca9e46285d63f63bed329fdbb43f434bfe0b33c 100644
--- a/SOL005/NSLifecycleManagement-API/RetryOperationTask.robot
+++ b/SOL005/NSLifecycleManagement-API/RetryOperationTask.robot
@@ -13,7 +13,7 @@ Post Retry operation task
     ...    Test title: Post Retry operation task
     ...    Test objective: The objective is to test that POST method trigger a retry of NS lifecycle operation in case of temporary failure
     ...    Pre-conditions: NS instance status equal to FAILED_TEMP
-    ...    Reference: Clause 6.4.11.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.11.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: NS instance status not equal to FAILED_TEMP
@@ -27,7 +27,7 @@ Post Retry operation task Not Found
     ...    Test title: Post Retry operation task Not Found
     ...    Test objective: The objective is to test that POST method fail in case of NS lifecycle operation not found
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.11.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.11.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -40,7 +40,7 @@ Post Retry operation task Conflict
     ...    Test title: Post Retry operation task Conflict
     ...    Test objective: The objective is to test that POST method fail in case of NS lifecycle operation status conflict (i.e.  NS instance status not equal to FAILED_TEMP)
     ...    Pre-conditions:  NS instance status not equal to FAILED_TEMP
-    ...    Reference: Clause 6.4.11.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.11.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -53,7 +53,7 @@ GET Retry operation task - Method not implemented
     ...    Test title: GET Retry operation task - Method not implemented
     ...    Test objective: The objective is to test that GET method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.11.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.11.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -65,7 +65,7 @@ PUT Retry operation task - Method not implemented
     ...    Test title: PUT Retry operation task - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.11.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.11.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -77,7 +77,7 @@ PATCH Retry operation task - Method not implemented
     ...    Test title: PATCH Retry operation task - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.11.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.11.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -89,12 +89,38 @@ DELETE Retry operation task - Method not implemented
     ...    Test title: DELETE Retry operation task - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.11.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.11.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE Retry operation task
     Check HTTP Response Status Code Is    405
+
+Post Retry operation task with permitted authorization scope
+     [Documentation]    Test ID: 5.3.2.10.8
+    ...    Test title: Post Retry operation task with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method trigger a retry of NS lifecycle operation in case of temporary failure with permitted authorization scope
+    ...    Pre-conditions: NS instance status equal to FAILED_TEMP
+    ...    Reference: Clause 6.4.11.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: NS instance status not equal to FAILED_TEMP
+	POST Retry operation task with permitted authorization scope
+	Check HTTP Response Status Code Is    202
+	Check HTTP Response Header Contains    Location
+	Check operation resource state is not FAILED_TEMP
+
+Post Retry operation task with not permitted authorization scope
+     [Documentation]    Test ID: 5.3.2.10.8
+    ...    Test title: Post Retry operation task with not permitted authorization scope
+    ...    Test objective: The objective is to test that POST method trigger a retry of NS lifecycle operation in case of temporary failure fails when using not permitted authorization scope
+    ...    Pre-conditions: NS instance status equal to FAILED_TEMP
+    ...    Reference: Clause 6.4.11.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+	POST Retry operation task with not permitted authorization scope
+	Check HTTP Response Status Code Is    401
     
 
 
diff --git a/SOL005/NSLifecycleManagement-API/RollbackOperationTask.robot b/SOL005/NSLifecycleManagement-API/RollbackOperationTask.robot
index c65417b059ba1f35df97315f8e037357ad22acfa..7a738354a913026b39a69ce9e162b442a3a87a65 100644
--- a/SOL005/NSLifecycleManagement-API/RollbackOperationTask.robot
+++ b/SOL005/NSLifecycleManagement-API/RollbackOperationTask.robot
@@ -13,7 +13,7 @@ POST Rollback operation task
     ...    Test title: POST Rollback operation task
     ...    Test objective: The objective is to test that POST method triggers a rollback on the NS LCM operation
     ...    Pre-conditions: NS instance status equal to FAILED_TEMP
-    ...    Reference: Clause 6.4.12.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.12.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: NS instance status not equal to FAILED_TEMP    
@@ -26,7 +26,7 @@ POST Rollback operation task Not Found
     ...    Test title: POST Rollback operation task Not Found
     ...    Test objective: The objective is to test that POST method fails if  NS LCM operation is not found
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.12.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.12.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none  
@@ -39,7 +39,7 @@ POST Rollback operation task Conflict
     ...    Test title: POST Rollback operation task Conflict
     ...    Test objective: The objective is to test that POST method fail in case of NS LCM operation status conflict (i.e. NS instance status not equal to FAILED_TEMP)
     ...    Pre-conditions: NS instance status not equal to FAILED_TEMP
-    ...    Reference: Clause 6.4.12.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.12.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none      
@@ -52,7 +52,7 @@ GET Rollback operation task - Method not implemented
     ...    Test title: GET Rollback operation task - Method not implemented
     ...    Test objective: The objective is to test that GET method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.12.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.12.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -64,7 +64,7 @@ PUT Rollback operation task - Method not implemented
     ...    Test title: PUT Rollback operation task - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.12.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.12.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -76,7 +76,7 @@ PATCH Rollback operation task - Method not implemented
     ...    Test title: PATCH Rollback operation task - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.12.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.12.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -88,12 +88,37 @@ DELETE Rollback operation task - Method not implemented
     ...    Test title: DELETE Rollback operation task - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.12.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.12.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE Rollback operation task
     Check HTTP Response Status Code Is    405
+
+POST Rollback operation task with permitted authorization scope
+     [Documentation]    Test ID: 5.3.2.11.8
+    ...    Test title: POST Rollback operation task with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method triggers a rollback on the NS LCM operation with permitted authorization scope
+    ...    Pre-conditions: NS instance status equal to FAILED_TEMP
+    ...    Reference: Clause 6.4.12.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: NS instance status not equal to FAILED_TEMP    
+	POST Rollback operation task with permitted authorization scope
+	Check HTTP Response Status Code Is    202
+	Check operation resource state is not FAILED_TEMP 
+
+POST Rollback operation task with not permitted authorization scope
+     [Documentation]    Test ID: 5.3.2.11.9
+    ...    Test title: POST Rollback operation task with not permitted authorization scope
+    ...    Test objective: The objective is to test that POST method triggers a rollback on the NS LCM operation fails when using not permitted authorization scope
+    ...    Pre-conditions: NS instance status equal to FAILED_TEMP
+    ...    Reference: Clause 6.4.12.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none    
+	POST Rollback operation task with not permitted authorization scope
+	Check HTTP Response Status Code Is    401
     
 
 
diff --git a/SOL005/NSLifecycleManagement-API/ScaleNSTask.robot b/SOL005/NSLifecycleManagement-API/ScaleNSTask.robot
index 728b50b765b093bf5b16c9382c67f5c9a5f5d226..b863abec37cea571bba3a21f1085dbc0acc0f96a 100644
--- a/SOL005/NSLifecycleManagement-API/ScaleNSTask.robot
+++ b/SOL005/NSLifecycleManagement-API/ScaleNSTask.robot
@@ -13,7 +13,7 @@ POST Scale a nsInstance
     ...    Test title: POST Scale a nsInstance
     ...    Test objective: The objective is to test that POST method scales NS instance
     ...    Pre-conditions: NS instance is INSTANTIATED state
-    ...    Reference: Clause 6.4.5.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.5.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: NS instance is INSTANTIATED state and NS has been scaled
@@ -27,7 +27,7 @@ POST Scale a nsInstance - Conflict (Not Instantited)
     ...    Test title: POST Scale a nsInstance - Conflict (Not Instantited)
     ...    Test objective: The objective is to test that POST method cannot scale NS instance because of conflict in resource status (i.e. because the resource is in  NOT_INSTANTIATED state)
     ...    Pre-conditions: NS instance is in NOT_INSTANTIATED state.
-    ...    Reference: Clause 6.4.5.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.5.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The Scale NS operation is not triggered on the NFVO
@@ -40,7 +40,7 @@ GET Scale NSInstance- Method not implemented
     ...    Test title: GET Scale NSInstance- Method not implemented
     ...    Test objective: The objective is to test that GET method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -52,7 +52,7 @@ PUT Scale NSInstance - Method not implemented
     ...    Test title: PUT Scale NSInstance - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.5.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.5.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -64,7 +64,7 @@ PATCH Scale NSInstance - Method not implemented
     ...    Test title: PATCH Scale NSInstance - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.5.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.5.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -76,11 +76,37 @@ DELETE Scale NSInstance - Method not implemented
     ...    Test title: DELETE Scale NSInstance - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.5.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.5.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE scale NSInstance
     Check HTTP Response Status Code Is    405
+
+POST Scale a nsInstance with permitted authorization scope
+    [Documentation]    Test ID: 5.3.2.4.7
+    ...    Test title: POST Scale a nsInstance with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method scales NS instance with permitted authorization scope
+    ...    Pre-conditions: NS instance is INSTANTIATED state
+    ...    Reference: Clause 6.4.5.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: NS instance is INSTANTIATED state and NS has been scaled
+    POST scale nsInstance with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Header Contains    Location
+    Check resource existence
+
+POST Scale a nsInstance with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.2.4.7
+    ...    Test title: POST Scale a nsInstance with not permitted authorization scope
+    ...    Test objective: The objective is to test that POST method scales NS instance fails when using not permitted authorization scope
+    ...    Pre-conditions: NS instance is INSTANTIATED state
+    ...    Reference: Clause 6.4.5.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST scale nsInstance with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
     
     
\ No newline at end of file
diff --git a/SOL005/NSLifecycleManagement-API/ScaleNSTaskWorkflow.robot b/SOL005/NSLifecycleManagement-API/ScaleNSTaskWorkflow.robot
index 1d651432993b2be672447c88d0b47e8dd8263896..d91d7cd06683169625b327b4fac002a8eb8be097 100644
--- a/SOL005/NSLifecycleManagement-API/ScaleNSTaskWorkflow.robot
+++ b/SOL005/NSLifecycleManagement-API/ScaleNSTaskWorkflow.robot
@@ -14,7 +14,7 @@ Scale Flow of NS lifecycle management operations
     ...    Test title: Instantiate Flow of NS lifecycle management operations
     ...    Test objective: The objective is to test the workflow for Instantiate a NS instance
     ...    Pre-conditions: the resource is in NOT_INSTANTIATED state
-    ...    Reference: Clause 6.4.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: the resource is in INSTANTIATED state    
diff --git a/SOL005/NSLifecycleManagement-API/Subscriptions.robot b/SOL005/NSLifecycleManagement-API/Subscriptions.robot
index 8368092b32c985cb7a0ea56d7c133d9451b0ef00..3125b8a082980e4400c7806068ccc29b99857236 100644
--- a/SOL005/NSLifecycleManagement-API/Subscriptions.robot
+++ b/SOL005/NSLifecycleManagement-API/Subscriptions.robot
@@ -15,7 +15,7 @@ POST Create a new subscription
     ...    Test title: POST Create a new subscription
     ...    Test objective: The objective is to test that POST method create a subscription
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.16.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.16.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: subscription is created in the NFVO     
@@ -29,7 +29,7 @@ POST Create a new Subscription - DUPLICATION
     ...    Test title: POST Create a new subscription - DUPLICATION
     ...    Test objective: The objective is to test that POST method create a duplicate subscription 
     ...    Pre-conditions: a subscription shall already exist
-    ...    Reference: Clause 6.4.16.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.16.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: duplication supported by NFVO
     ...    Post-Conditions: duplicate subscription is created in the NFVO     
@@ -43,7 +43,7 @@ POST Create a new Subscription - NO-DUPLICATION
     ...    Test title: POST Create a new subscription - NO-DUPLICATION
     ...    Test objective: The objective is to test that POST method cannot create a duplicate subscription 
     ...    Pre-conditions: a subscription shall already exist
-    ...    Reference: Clause 6.4.16.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.16.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: duplication NOT supported by NFVO
     ...    Post-Conditions: duplicate subscription is not created in the NFVO     
@@ -56,7 +56,7 @@ GET Subscriptions
     ...    Test title: GET Subscriptions
     ...    Test objective: The objective is to test that GET method  retrieve the list of existing subscriptions
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.16.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.16.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -69,7 +69,7 @@ GET Subscription - Filter
     ...    Test title: GET Subscription - Filter
     ...    Test objective: The objective is Get the list of active subscriptions using a filter
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.16.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.16.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -82,7 +82,7 @@ GET subscriptions - Bad Request Invalid attribute-based filtering parameters
     ...    Test title: GET subscriptions - Bad Request Invalid attribute-based filtering parameters
     ...    Test objective: The objective is Get the list of active subscriptions using an invalid filter
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.16.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.16.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_VNFM
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -95,7 +95,7 @@ GET subscriptions with "all_fields" attribute selector
     ...    Test title: GET subscriptions with "all_fields" attribute selector
     ...    Test objective: The objective is to retrieve the list of active subscriptions with attribute selector
     ...    Pre-conditions: 
-    ...    Reference: Clause 6.4.16.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.16.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  
     ...    Post-Conditions: 
@@ -108,7 +108,7 @@ GET subscriptions with "exclude_default" attribute selector
     ...    Test title: GET subscriptions with "exclude_default" attribute selector
     ...    Test objective: The objective is to retrieve the list of active subscriptions with attribute selector
     ...    Pre-conditions: 
-    ...    Reference: Clause 6.4.16.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.16.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  
     ...    Post-Conditions: 
@@ -121,7 +121,7 @@ GET subscriptions with "fields" attribute selector
     ...    Test title: GET subscriptions with "fields" attribute selector
     ...    Test objective: The objective is to retrieve the list of active subscriptions with attribute selector
     ...    Pre-conditions: 
-    ...    Reference: Clause 6.4.16.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.16.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  
     ...    Post-Conditions: 
@@ -134,7 +134,7 @@ GET subscriptions with "exclude_fields" attribute selector
     ...    Test title: GET subscriptions with "exclude_fields" attribute selector
     ...    Test objective: The objective is to retrieve the list of active subscriptions with attribute selector
     ...    Pre-conditions: 
-    ...    Reference: Clause 6.4.16.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.16.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  
     ...    Post-Conditions: 
@@ -147,7 +147,7 @@ PUT subscriptions - Method not implemented
     ...    Test title: PUT subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PUT method cannot modify a NS lifecycle management subscription
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.16.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.16.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -159,7 +159,7 @@ PATCH subscriptions - Method not implemented
     ...    Test title: PATCH subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PUT method cannot modify a NS lifecycle management subscription
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.16.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.16.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -171,7 +171,7 @@ DELETE subscriptions - Method not implemented
     ...    Test title: DELETE subscriptions - Method not implemented
     ...    Test objective: The objective is to test that DELETE method cannot modify a NS lifecycle management subscription
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.16.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.16.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -183,7 +183,7 @@ GET Subscriptions as Paged Response
     ...    Test title: GET Subscriptions as Paged Response
     ...    Test objective: The objective is to test that GET method  retrieve the list of existing subscriptions as paged response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.16.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.16.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: NFVO supports paged response
     ...    Post-Conditions: none    
@@ -196,7 +196,7 @@ GET subscriptions - Bad Request Response too Big
     ...    Test title: GET subscriptions - Bad Request Response too Big
     ...    Test objective: The objective is test that the retrieval of active subscriptions list fails because response is too big, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.16.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.16.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: NFVO does not support paged response
     ...    Post-Conditions: none 
@@ -209,9 +209,34 @@ POST Create a new subscription - Unprocessable Content
     ...    Test title: POST Create a new subscription - Unprocessable Content
     ...    Test objective: The objective is to test the creation of a new lifecycle management subscription fials when content type of the payload body is supported and the payload body of a request contains syntactically correct data but the data cannot be processed
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.16.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.16.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none     
     POST subscriptions
     Check HTTP Response Status Code Is    422
+
+GET Subscriptions with permitted authorization scope
+    [Documentation]    Test ID: 5.3.2.15.17
+    ...    Test title: GET Subscriptions with permitted authorization scope
+    ...    Test objective: The objective is to test that GET method  retrieve the list of existing subscriptions with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 6.4.16.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none    
+    GET Subscriptions with permitted authorization scope
+    Check HTTP Response Status Code Is  200
+    Check HTTP Response Body Json Schema Is    subscriptions
+
+GET Subscriptions with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.2.15.18
+    ...    Test title: GET Subscriptions with not permitted authorization scope
+    ...    Test objective: The objective is to test that GET method  retrieve the list of existing subscriptions fails when using not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 6.4.16.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none    
+    GET Subscriptions with not permitted authorization scope
+    Check HTTP Response Status Code Is  401
diff --git a/SOL005/NSLifecycleManagement-API/TerminateNSTask.robot b/SOL005/NSLifecycleManagement-API/TerminateNSTask.robot
index c81445cc0fdd683101793b3d902fc223456c42a5..350ac232163a0f5ae3218774f174facd478f642e 100644
--- a/SOL005/NSLifecycleManagement-API/TerminateNSTask.robot
+++ b/SOL005/NSLifecycleManagement-API/TerminateNSTask.robot
@@ -12,7 +12,7 @@ POST Terminate a NSInstance
     ...    Test title: POST Terminate a NSInstance
     ...    Test objective: The objective is to test that POST method terminate the NS
     ...    Pre-conditions: NS instance in INSTANTIATED state
-    ...    Reference: Clause 6.4.8.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.8.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: NS instance has NOT_INSTANTIATED state
@@ -26,7 +26,7 @@ POST Terminate a NSInstance - Conflict (Not Instantited)
     ...    Test title: POST Terminate a NSInstance - Conflict (Not Instantited)
     ...    Test objective: The objective is to test that POST method cannot terminate the NS because of conflict in resource status (i.e. the resource is not in INSTANTIATED state) 
     ...    Pre-conditions: NS instance is in NOT_INSTANTIATED state
-    ...    Reference: Clause 6.4.8.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.8.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: NS instance is in NOT_INSTANTIATED state
@@ -40,7 +40,7 @@ GET Terminate NSInstance- Method not implemented
     ...    Test title: GET Terminate NSInstance- Method not implemented
     ...    Test objective: The objective is to test that GET method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -52,7 +52,7 @@ PUT Terminate NSInstance - Method not implemented
     ...    Test title: PUT Terminate NSInstance - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.8.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.8.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -64,7 +64,7 @@ PATCH Terminate NSInstance - Method not implemented
     ...    Test title: PATCH Terminate NSInstance - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.8.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.8.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -76,9 +76,35 @@ DELETE Terminate NSInstance - Method not implemented
     ...    Test title: DELETE Terminate NSInstance - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.8.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.8.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE Terminate NSInstance
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+POST Terminate a NSInstance with permitted authorization scope
+    [Documentation]    Test ID: 5.3.2.7.7
+    ...    Test title: POST Terminate a NSInstance with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method terminate the NS with permitted authorization scope
+    ...    Pre-conditions: NS instance in INSTANTIATED state
+    ...    Reference: Clause 6.4.8.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: NS instance has NOT_INSTANTIATED state
+    POST Terminate NSInstance with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Header Contains    Location
+    Check resource not_instantiated
+
+POST Terminate a NSInstance with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.2.7.8
+    ...    Test title: POST Terminate a NSInstance with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method terminate the NS fails when using not permitted authorization scope
+    ...    Pre-conditions: NS instance in INSTANTIATED state
+    ...    Reference: Clause 6.4.8.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Terminate NSInstance with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/NSLifecycleManagement-API/TerminateNSTaskWorkflow.robot b/SOL005/NSLifecycleManagement-API/TerminateNSTaskWorkflow.robot
index 6e615e273891a010423b83629b8798f97feba781..f6f909397462786795283f54852a7f2d70c117a1 100644
--- a/SOL005/NSLifecycleManagement-API/TerminateNSTaskWorkflow.robot
+++ b/SOL005/NSLifecycleManagement-API/TerminateNSTaskWorkflow.robot
@@ -14,7 +14,7 @@ Terminate Flow of NS lifecycle management operations
     ...    Test title: Terminate Flow of NS lifecycle management operations
     ...    Test objective: The objective is to test the workflow for Terminate a NS instance
     ...    Pre-conditions: the resource is in INSTANTIATED state
-    ...    Reference: Clause 6.4.8 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.8 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: the resource is in NOT_INSTANTIATED state
diff --git a/SOL005/NSLifecycleManagement-API/UpdateNSTask.robot b/SOL005/NSLifecycleManagement-API/UpdateNSTask.robot
index e1db1334ca7af1fa8a49904859c129d024fc9b0b..3e679881469c2fb914139d02132071615c40ca62 100644
--- a/SOL005/NSLifecycleManagement-API/UpdateNSTask.robot
+++ b/SOL005/NSLifecycleManagement-API/UpdateNSTask.robot
@@ -13,7 +13,7 @@ POST Update a NSInstance
     ...    Test title: POST Update a NSInstance
     ...    Test objective: The objective is to test that POST method update a NS instance
     ...    Pre-conditions: An NS instance is in INSTANTIATED state
-    ...    Reference: Clause 6.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The NS instance is still INSTANTIATED and updated on the NFVO
@@ -26,7 +26,7 @@ POST Update a NSInstance with feasibility check only
     ...    Test title: POST Update a NSInstance
     ...    Test objective: The objective is to test that POST method update a NS instance with feasibility check only
     ...    Pre-conditions: An NS instance is in INSTANTIATED state
-    ...    Reference: Clause 6.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -39,7 +39,7 @@ POST Update a NSInstance - Conflict (Not Instantited)
     ...    Test title: POST Update a NSInstance - Conflict (Not Instantited)
     ...    Test objective: The objective is to test that POST method fail if a NS Instance is not existing or is in NOT_INSTANTIATED state
     ...    Pre-conditions: An NS instance is in INSTANTIATED state 
-    ...    Reference: Clause 6.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The  NS instance is not updated on the NFVO
@@ -52,7 +52,7 @@ GET Update NSInstance- Method not implemented
     ...    Test title: GET Update NSInstance- Method not implemented
     ...    Test objective: The objective is to test that GET method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.6.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.6.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -64,7 +64,7 @@ PUT Update NSInstance - Method not implemented
     ...    Test title: PUT Update NSInstance - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.6.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.6.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -76,7 +76,7 @@ PATCH Update NSInstance - Method not implemented
     ...    Test title: PATCH Update NSInstance - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.6.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.6.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -88,9 +88,34 @@ DELETE Update NSInstance - Method not implemented
     ...    Test title: DELETE Update NSInstance - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.6.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.6.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE Update NSInstance
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+POST Update a NSInstance with permitted authorization scope
+    [Documentation]    Test ID: 5.3.2.5.7
+    ...    Test title: POST Update a NSInstance with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method update a NS instance with permitted authorization scope
+    ...    Pre-conditions: An NS instance is in INSTANTIATED state
+    ...    Reference: Clause 6.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: The NS instance is still INSTANTIATED and updated on the NFVO
+    POST Update NSInstance with permitted authorization scope 
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Header Contains    Location
+
+POST Update a NSInstance with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.2.5.8
+    ...    Test title: POST Update a NSInstance with not permitted authorization scope
+    ...    Test objective: The objective is to test that POST method update a NS instance fails when using not permitted authorization scope
+    ...    Pre-conditions: An NS instance is in INSTANTIATED state
+    ...    Reference: Clause 6.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Update NSInstance with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
diff --git a/SOL005/NSLifecycleManagement-API/UpdateNSTaskWorkflow.robot b/SOL005/NSLifecycleManagement-API/UpdateNSTaskWorkflow.robot
index 7c6076c3f4345fc3efdca1ee7a093bd252aee2a9..e1a2a8bdab79cbdd5c8bb7ce8b4033bafd2f1c3a 100644
--- a/SOL005/NSLifecycleManagement-API/UpdateNSTaskWorkflow.robot
+++ b/SOL005/NSLifecycleManagement-API/UpdateNSTaskWorkflow.robot
@@ -15,7 +15,7 @@ Update Flow of NS lifecycle management operations
     ...    Test title: Update Flow of NS lifecycle management operations
     ...    Test objective: The objective is to test the workflow for Update a NS instance
     ...    Pre-conditions: the resource is in INSTANTIATED state
-    ...    Reference: Clause 6.4.6 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.6 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: the resource is in INSTANTIATED state
diff --git a/SOL005/NSLifecycleManagement-API/VNFSnapshots.robot b/SOL005/NSLifecycleManagement-API/VNFSnapshots.robot
index 2442f09e515a90a32b8238f32b06c3191f242fcd..4a6c415fe1f8f01e10e4980c9467c241df611e8c 100644
--- a/SOL005/NSLifecycleManagement-API/VNFSnapshots.robot
+++ b/SOL005/NSLifecycleManagement-API/VNFSnapshots.robot
@@ -7,7 +7,7 @@ POST VNF Snapshots - Method Not Implemented
     ...    Test title: POST VNF Snapshots - Method Not Implemented
     ...    Test objective: The objective is to test that POST method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.19.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.19.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -19,7 +19,7 @@ GET information about multiple VNF Snapshots
     ...    Test title: GET information about multiple VNF Snapshots
     ...    Test objective: The objective is to get information about multiples VNF snapshots
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.19.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.19.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -32,7 +32,7 @@ GET information about multiple VNF Snapshots Bad Request Invalid attribute-based
     ...    Test title: GET information about multiple VNF Snapshots Bad Request Invalid attribute-based filtering parameters
     ...    Test objective: The objective is to get information about multiples VNF Snapshots with Invalid attribute-based filtering parameters
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.19.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.19.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -45,7 +45,7 @@ GET information about multiple VNF Snapshots Bad Request Invalid attribute selec
     ...    Test title: GET information about multiple VNF Snapshots Bad Request Invalid attribute selector
     ...    Test objective: The objective is to get information about multiples VNF Snapshots with Invalid attribute-based filtering parameters
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.19.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.19.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -58,7 +58,7 @@ GET information about multiple VNF Snapshots with "all_fields" attribute selecto
     ...    Test title: GET information about multiple VNF Snapshots with "all_fields" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF Snapshots
     ...    Pre-conditions:  none
-    ...    Reference: Clause 6.4.19.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.19.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -71,7 +71,7 @@ GET information about multiple VNF Snapshots with "exclude_default" attribute se
     ...    Test title: GET information about multiple VNF Snapshots with "exclude_default" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF Snapshots
     ...    Pre-conditions:  none
-    ...    Reference: Clause 6.4.19.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.19.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -84,7 +84,7 @@ GET information about multiple VNF Snapshots with "fields" attribute selector
     ...    Test title: GET information about multiple VNF Snapshots with "fields" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF Snapshots
     ...    Pre-conditions:  none
-    ...    Reference: Clause 6.4.19.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.19.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -97,7 +97,7 @@ GET information about multiple VNF Snapshots with "exclude_default" and "fields"
     ...    Test title: GET information about multiple VNF Snapshots with "exclude_default" and "fields" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF Snapshots
     ...    Pre-conditions:  none
-    ...    Reference: Clause 6.4.19.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.19.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -110,7 +110,7 @@ GET information about multiple VNF Snapshots with "exclude_fields" attribute sel
     ...    Test title: GET information about multiple VNF Snapshots with "exclude_fields" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF Snapshots
     ...    Pre-conditions:  none
-    ...    Reference: Clause 6.4.19.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.19.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -123,7 +123,7 @@ GET VNF Snapshots - Bad Request Response too Big
     ...    Test title: GET VNF Snapshots - Bad Request Response too Big
     ...    Test objective: The objective is test that the retrieval of existing VNF Snapshots list fails because response is too big, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.19.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.19.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: NFVO does not support paged response.
     ...    Post-Conditions: none 
@@ -136,7 +136,7 @@ GET VNF Snapshots as Paged Response
     ...    Test title: GET VNF Snapshots as Paged Response
     ...    Test objective: The objective is to test that GET method retrieves the list of existing VNF Snapshots as paged response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.19.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.19.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: NFVO supports paged response.
     ...    Post-Conditions: none    
@@ -149,7 +149,7 @@ PUT VNF Snapshots - Method not implemented
     ...    Test title: PUT VNF Snapshots - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 6.4.19.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.19.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -161,7 +161,7 @@ PATCH VNF Snapshots - Method not implemented
     ...    Test title: PATCH VNF Snapshots - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none 
-    ...    Reference: Clause 6.4.19.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.19.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -173,7 +173,7 @@ DELETE VNF Snapshots - Method not implemented
     ...    Test title: DELETE VNF Snapshots - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none 
-    ...    Reference: Clause 6.4.19.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.19.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -185,10 +185,35 @@ GET information about multiple VNF Snapshots using Filter
     ...    Test title: GET information about multiple VNF Snapshots using Filter
     ...    Test objective: The objective is to get information about multiples VNF snapshots using filter
     ...    Pre-conditions: none
-    ...    Reference: Clause 6.4.19.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.19.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     GET multiple VNF Snapshots using filter
     Check HTTP Response Status Code Is    200
-    Check HTTP Response Body Json Schema Is    VnfSnapshotsInfo
\ No newline at end of file
+    Check HTTP Response Body Json Schema Is    VnfSnapshotsInfo
+
+GET information about multiple VNF Snapshots with permitted authorization scope 
+    [Documentation]    Test ID: 5.3.2.27.16
+    ...    Test title: GET information about multiple VNF Snapshots with permitted authorization scope 
+    ...    Test objective: The objective is to get information about multiples VNF snapshots with permitted authorization scope 
+    ...    Pre-conditions: none
+    ...    Reference: Clause 6.4.19.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET multiple VNF Snapshots with permitted authorization scope 
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    VnfSnapshotsInfo
+
+GET information about multiple VNF Snapshots with not permitted authorization scope 
+    [Documentation]    Test ID: 5.3.2.27.17
+    ...    Test title: GET information about multiple VNF Snapshots with not permitted authorization scope 
+    ...    Test objective: The objective is to test that get information about multiples VNF snapshots fails when using not permitted authorization scope 
+    ...    Pre-conditions: none
+    ...    Reference: Clause 6.4.19.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET multiple VNF Snapshots with not permitted authorization scope 
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/NSLifecycleManagement-API/descriptors/SOL001/NSD/nsd_SOL001.yaml b/SOL005/NSLifecycleManagement-API/descriptors/SOL001/NSD/nsd_SOL001.yaml
index 484f963765f12d873a007726b08b134e6509e9ee..fcbb7729bd1a2eb39f50acc2512c1f0556c0544e 100644
--- a/SOL005/NSLifecycleManagement-API/descriptors/SOL001/NSD/nsd_SOL001.yaml
+++ b/SOL005/NSLifecycleManagement-API/descriptors/SOL001/NSD/nsd_SOL001.yaml
@@ -1,4 +1,4 @@
-tosca_definitions_version: "tosca_simple_yaml_1_2"
+tosca_definitions_version: "tosca_simple_yaml_1_3"
 tosca_default_namespace: "toscanfv"
 description: "Referenxce NSD descriptor "
 metadata:
@@ -27,7 +27,7 @@ topology_template:
         flavourId: "VNF-B_flavor"
         flavourDescription: "VNF-B flavor"
         vnfm_info: 
-          - 'etsivnfm:v2.3.1'
+          - 'etsivnfm:v4.5.1'
       requirements:
         virtualLink:
           ext_b_right: "vl_right"
@@ -78,4 +78,4 @@ topology_template:
           min_bitrate_requirements:  
             root: 1000
         connectivityType:
-          layer_protocols: [ipv4]
\ No newline at end of file
+          layer_protocols: [ipv4]
diff --git a/SOL005/NSLifecycleManagement-API/descriptors/SOL001/VNFD/vnfd_SOL001.yaml b/SOL005/NSLifecycleManagement-API/descriptors/SOL001/VNFD/vnfd_SOL001.yaml
index 838bea448dbc7726ffbf899d1e1fb68609a356b2..66ed8f4aa2f5595d496e5f1e86fc95f80c70c951 100644
--- a/SOL005/NSLifecycleManagement-API/descriptors/SOL001/VNFD/vnfd_SOL001.yaml
+++ b/SOL005/NSLifecycleManagement-API/descriptors/SOL001/VNFD/vnfd_SOL001.yaml
@@ -1,8 +1,8 @@
-tosca_definitions_version: tosca_simple_yaml_1_2
+tosca_definitions_version: tosca_simple_yaml_1_3
 description: "TST010 reference VNF-B"
 
 imports:
-  - https://forge.etsi.org/rep/nfv/SOL001/raw/v3.3.1/etsi_nfv_sol001_vnfd_types.yaml  
+  - https://forge.etsi.org/rep/nfv/SOL001/raw/v4.4.1/etsi_nfv_sol001_vnfd_types.yaml  
 
 metadata:
   descriptor_id: "VNF-B"
@@ -44,7 +44,7 @@ node_types:
         type: list
         entry_schema:
           type: string
-        default: [ 'etsivnfm:v2.3.1' ]
+        default: [ 'etsivnfm:4.5.1' ]
     interfaces:
       Vnflcm:
         type: "tosca.interfaces.nfv.Vnflcm"
@@ -162,4 +162,4 @@ topology_template:
           terminate:
             implementation: terminate-example.yaml
           operate:
-            implementation: operate-example.yaml                
\ No newline at end of file
+            implementation: operate-example.yaml                
diff --git a/SOL005/NSLifecycleManagement-API/environment/variables.txt b/SOL005/NSLifecycleManagement-API/environment/variables.txt
index 57ba85380f9a4adb3b09699ecc682b92fa92f67e..e3846e8c6c853ce0549bfa15663d4aa14c2334ed 100644
--- a/SOL005/NSLifecycleManagement-API/environment/variables.txt
+++ b/SOL005/NSLifecycleManagement-API/environment/variables.txt
@@ -5,6 +5,22 @@ ${NFVO_SCHEMA}    https
 
 ${AUTHORIZATION_HEADER}    Authorization
 ${AUTHORIZATION_TOKEN}    Bearer 0b79bab50daca910b000d4f1a2b675d604257e42
+
+${OAUTH_ENCRIPTION_ALGORITHM}    HS256
+${NSINSTANCE_PERMITTED_SCOPE}    nslcm:v2:ns_instance 
+${NSINSTANCE_NOT_PERMITTED_SCOPE}    nslcm:v2:ns_instance:readonly
+${INSTANTIATE_PERMITTED_SCOPE}    nslcm:v2:instantiate
+${SCALE_PERMITTED_SCOPE}    nslcm:v2:scale
+${UPDATE_PERMITTED_SCOPE}    nslcm:v2:update
+${HEAL_PERMITTED_SCOPE}    nslcm:v2:heal
+${TERMINATE_PERMITTED_SCOPE}    nslcm:v2:tearminate
+${OPOCCS_PERMITTED_SCOPE}    nslcm:v2:op_occs
+${OPOCCS_NOT_PERMITTED_SCOPE}    nslcm:v2:op_occs:readonly
+${SUBSCRIPTIONS_PERMITTED_SCOPE}    nslcm:v2:subscriptions
+${SNAPSHOT_PERMITTED_SCOPE}    nslcm:v2:subscriptions
+${NOT_PERMITTED_SCOPE}    nslcm:v2:invalid
+
+
 ${CONTENT_TYPE}    application/json
 ${ACCEPT_JSON}         application/json
 ${ACCEPT}         application/json
diff --git a/SOL005/NSLifecycleManagement-API/schemas/NsInstance.schema.json b/SOL005/NSLifecycleManagement-API/schemas/NsInstance.schema.json
index a747be656c090130f565622920f53fa6470fe253..3382fff9cb322ea23b47a8911b77f547102aef0d 100644
--- a/SOL005/NSLifecycleManagement-API/schemas/NsInstance.schema.json
+++ b/SOL005/NSLifecycleManagement-API/schemas/NsInstance.schema.json
@@ -1,4135 +1,4655 @@
 {
-	"description": "This type represents a response for Query NS operation.  It shall comply with the provisions defined in Table 6.5.2.10-1.\nNOTE 1: Void.\n          \"vnfInstance\" attribute or one \"nestedNsInstanceId\" attribute shall be present.\nNOTE 2: The “priority” attribute of the NS instance is configured in the NSD in the NsDf structure.\n          The mapping from application-specific priority values to a value in the NsDf is under OSS/BSS responsibility.\n          The \"zero\" value expresses the highest priority and the fact that the NS instance based on this DF cannot be\n          pre-empted during resource allocation.\nNOTE 3: Examples for the usage of priority include conflict resolution in case of resource shortage\n",
-	"type": "object",
-	"required": [
-	  "id",
-	  "nsInstanceName",
-	  "nsInstanceDescription",
-	  "nsdId",
-	  "nsdInfoId",
-	  "nsState",
-	  "_links"
-	],
-	"properties": {
-	  "id": {
-		"description": "An identifier with the intention of being globally unique.\n",
-		"type": "string"
-	  },
-	  "nsInstanceName": {
-		"description": "Human readable name of the NS instance.\n",
-		"type": "string"
-	  },
-	  "nsInstanceDescription": {
-		"description": "Human readable description of the NS instance.\n",
-		"type": "string"
-	  },
-	  "nsdId": {
-		"description": "An identifier with the intention of being globally unique.\n",
-		"type": "string"
-	  },
-	  "versionDependency": {
-		"description": "Describes version dependencies currently valid for the nested NS instance. Identifies versions  of descriptors of other constituents in the NSD upon which the nested NS depends.  The dependencies may be described for the NSD referenced in this NsInfo with nsdId and for  NSDs with the same \"nsdExtInvariantId\". There shall not be more than one versionDependency present with the same dependentConstituentId. It may be present for the NsInfo of a nested NS. It shall not be present otherwise.\n",
-		"type": "array",
-		"items": {
-		  "description": "This type represents the information related to all dependencies that an NSD constituent has on the versions of other NSD constituents.  It shall comply with the provisions defined in table 6.5.3.112-1.\n",
-		  "type": "object",
-		  "required": [
-			"dependentConstituentId"
-		  ],
-		  "properties": {
-			"dependentConstituentId": {
-			  "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-			  "type": "string"
-			},
-			"versionDependencyStatement": {
-			  "description": "Identifies one or multiple versions of an NSD constituents upon which the dependent constituent identified by  dependentConstituentId has a dependency. Cardinality 0 is used to remove an existing version dependency in a profile.\n",
-			  "type": "array",
-			  "items": {
-				"description": "This type represents the information related to one or more VNF, NS or PNF descriptor identifiers which describe one  single dependency. When more than one descriptor is indicated, they correspond to different versions of the same VNF,  NS or PNF and they represent alternatives to fulfil the dependency. It shall comply with the provisions defined in  table 6.5.3.113-1.\n",
-				"type": "object",
-				"required": [
-				  "descriptorId"
-				],
-				"properties": {
-				  "descriptorId": {
-					"description": "Identifies a VNFD, NSD or PNFD upon which the entity using this data type depends. When more than one descriptor is indicated, they shall correspond to versions of the same VNF, NS or PNF and they represent alternatives, i.e. the presence of one of them fulfills the dependency.",
-					"type": "array",
-					"items": {
-					  "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-					  "type": "string"
-					}
-				  }
-				}
-			  }
-			}
-		  }
-		}
-	  },
-	  "nsdInfoId": {
-		"description": "An identifier with the intention of being globally unique.\n",
-		"type": "string"
-	  },
-	  "flavourId": {
-		"description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-		"type": "string"
-	  },
-	  "priority": {
-		"description": "A number as defined in IETF RFC 8259.\n",
-		"type": "number"
-	  },
-	  "vnfInstance": {
-		"description": "Information on constituent VNF(s) of the NS instance.\n",
-		"type": "array",
-		"items": {
-		  "description": "This type represents a VNF instance. It shall comply with the provisions defined in table 6.5.3.57-1.\nNOTE: Clause B.3.2 of ETSI GS NFV-SOL 003 provides examples illustrating the relationship among the \n      different run-time data types (CP, VL and link ports) used to represent the connectivity \n      of a VNF.\n\nNOTE 1: Modifying the value of this attribute shall not be performed when conflicts exist between the \n        previous and the newly referred VNF package, i.e. when the new VNFD is changed with respect to \n        the previous VNFD in other aspects than merely referencing to other VNF software images. \n        In order to avoid misalignment of the VnfInstance with the current VNF's on-boarded VNF Package, \n        the values of attributes in the VnfInstance that have corresponding attributes in the VNFD shall \n        be kept in sync with the values in the VNFD.\nNOTE 2: ETSI GS NFV-SOL 001 specifies the structure and format of the VNFD based on TOSCA specifications. NOTE 3: VNF configurable properties are sometimes also referred to as configuration parameters applicable \n        to a VNF. Some of these are set prior to instantiation and cannot be modified if the VNF is instantiated, \n        some are set prior to instantiation (are part of initial configuration) and can be modified later, \n        and others can be set only after instantiation. The applicability of certain configuration may depend \n        on the VNF and the required operation of the VNF at a certain point in time.\nNOTE 4: It is possible to have several ExtManagedVirtualLinkInfo for the same VNF internal VL in case of a \n        multi-site VNF spanning several VIMs. The set of ExtManagedVirtualLinkInfo corresponding to the same \n        VNF internal VL shall indicate so by referencing to the same VnfVirtualLinkDesc and externally-managed \n        multi-site VL instance (refer to clause 6.5.3.59).\nNOTE 5: Even though externally-managed internal VLs are also used for VNF-internal connectivity, they shall not \n        be listed in the \"vnfVirtualLinkResourceInfo\" attribute as this would be redundant.\n",
-		  "type": "object",
-		  "required": [
-			"id",
-			"vnfdId",
-			"vnfProvider",
-			"vnfProductName",
-			"vnfSoftwareVersion",
-			"vnfdVersion",
-			"vnfPkgId",
-			"instantiationState"
-		  ],
-		  "properties": {
-			"id": {
-			  "description": "An identifier with the intention of being globally unique.\n",
-			  "type": "string"
-			},
-			"vnfInstanceName": {
-			  "description": "Name of the VNF instance. Modifications to this attribute can be requested using the \"ModifyVnfInfoData\" structure.\n",
-			  "type": "string"
-			},
-			"vnfInstanceDescription": {
-			  "description": "Human-readable description of the VNF instance. Modifications to this attribute can be requested using the \"ModifyVnfInfoData\" structure.\n",
-			  "type": "string"
-			},
-			"vnfdId": {
-			  "description": "An identifier with the intention of being globally unique.\n",
-			  "type": "string"
-			},
-			"vnfProvider": {
-			  "description": "Provider of the VNF and the VNFD. The value is copied from the VNFD.\n",
-			  "type": "string"
-			},
-			"vnfProductName": {
-			  "description": "Name to identify the VNF Product. The value is copied from the VNFD.\n",
-			  "type": "string"
-			},
-			"vnfSoftwareVersion": {
-			  "description": "A Version. Representation: string of variable length.\n",
-			  "type": "string"
-			},
-			"vnfdVersion": {
-			  "description": "A Version. Representation: string of variable length.\n",
-			  "type": "string"
-			},
-			"versionDependency": {
-			  "description": "Describes version dependencies currently valid for the VNF instance. Identifies versions of descriptors of other constituents in the NSD upon which the VNF depends. The dependencies may be described for the VNFD referenced in this VnfInfo with \"vnfdId\" and for VNFDs with the same \"vnfdExtInvariantId\". There shall not be more than one \"versionDependency\" present with the same dependentConstituentId.\n",
-			  "type": "array",
-			  "items": {
-				"description": "This type represents the information related to all dependencies that an NSD constituent has on the versions of other NSD constituents.  It shall comply with the provisions defined in table 6.5.3.112-1.\n",
-				"type": "object",
-				"required": [
-				  "dependentConstituentId"
-				],
-				"properties": {
-				  "dependentConstituentId": {
-					"description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-					"type": "string"
-				  },
-				  "versionDependencyStatement": {
-					"description": "Identifies one or multiple versions of an NSD constituents upon which the dependent constituent identified by  dependentConstituentId has a dependency. Cardinality 0 is used to remove an existing version dependency in a profile.\n",
-					"type": "array",
-					"items": {
-					  "description": "This type represents the information related to one or more VNF, NS or PNF descriptor identifiers which describe one  single dependency. When more than one descriptor is indicated, they correspond to different versions of the same VNF,  NS or PNF and they represent alternatives to fulfil the dependency. It shall comply with the provisions defined in  table 6.5.3.113-1.\n",
-					  "type": "object",
-					  "required": [
-						"descriptorId"
-					  ],
-					  "properties": {
-						"descriptorId": {
-						  "description": "Identifies a VNFD, NSD or PNFD upon which the entity using this data type depends. When more than one descriptor is indicated, they shall correspond to versions of the same VNF, NS or PNF and they represent alternatives, i.e. the presence of one of them fulfills the dependency.",
-						  "type": "array",
-						  "items": {
-							"description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-							"type": "string"
-						  }
-						}
-					  }
-					}
-				  }
-				}
-			  }
-			},
-			"vnfPkgId": {
-			  "description": "An identifier with the intention of being globally unique.\n",
-			  "type": "string"
-			},
-			"vnfConfigurableProperties": {
-			  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-			  "type": "object"
-			},
-			"vimId": {
-			  "description": "An identifier with the intention of being globally unique.\n",
-			  "type": "string"
-			},
-			"instantiationState": {
-			  "description": "The instantiation state of the VNF.\nPermitted values: - NOT_INSTANTIATED: The VNF instance is terminated or not instantiated. - INSTANTIATED: The VNF instance is instantiated.\n",
-			  "type": "string",
-			  "enum": [
-				"NOT_INSTANTIATED",
-				"INSTANTIATED"
-			  ]
-			},
-			"instantiatedVnfInfo": {
-			  "description": "Information specific to an instantiated VNF instance. This attribute shall be present if the instantiateState attribute value is INSTANTIATED.\n",
-			  "type": "object",
-			  "required": [
-				"flavourId",
-				"vnfState",
-				"extCpInfo"
-			  ],
-			  "properties": {
-				"flavourId": {
-				  "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-				  "type": "string"
-				},
-				"vnfState": {
-				  "type": "string",
-				  "enum": [
-					"STARTED",
-					"STOPPED"
-				  ]
-				},
-				"scaleStatus": {
-				  "description": "Scale status of the VNF, one entry per aspect. Represents for every scaling aspect how \"big\" the VNF has been scaled w.r.t. that aspect.\n",
-				  "type": "array",
-				  "items": {
-					"required": [
-					  "aspectId",
-					  "scaleLevel"
-					],
-					"type": "object",
-					"properties": {
-					  "aspectId": {
-						"description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-						"type": "string"
-					  },
-					  "vnfdId": {
-						"description": "An identifier with the intention of being globally unique.\n",
-						"type": "string"
-					  },
-					  "scaleLevel": {
-						"description": "Indicates the scale level. The minimum value shall be 0 and the maximum value shall be <= maxScaleLevel as described in the VNFD.\n",
-						"type": "integer"
-					  }
-					}
-				  }
-				},
-				"maxScaleLevels": {
-				  "description": "Maximum allowed scale levels of the VNF, one entry per aspect. This attribute shall be present if the VNF supports scaling.\n",
-				  "type": "array",
-				  "items": {
-					"required": [
-					  "aspectId",
-					  "scaleLevel"
-					],
-					"type": "object",
-					"properties": {
-					  "aspectId": {
-						"description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-						"type": "string"
-					  },
-					  "vnfdId": {
-						"description": "An identifier with the intention of being globally unique.\n",
-						"type": "string"
-					  },
-					  "scaleLevel": {
-						"description": "Indicates the scale level. The minimum value shall be 0 and the maximum value shall be <= maxScaleLevel as described in the VNFD.\n",
-						"type": "integer"
-					  }
-					}
-				  }
-				},
-				"extCpInfo": {
-				  "description": "Information about the external CPs exposed by the VNF instance. When trunking is enabled, the list of entries includes both, external CPs corresponding to parent ports of a trunk, and external CPs associated to sub-ports of a trunk.\n",
-				  "type": "array",
-				  "minItems": 1,
-				  "items": {
-					"description": "This type represents information about an external CP of a VNF. It shall comply  with the provisions defined in Table 6.5.3.70-1. NOTE 1: The attributes attributes \"associatedVnfcCpId\", \"associatedVipCpId\", \"associatedVirtualCpId\" and \"associatedVnfVirtualLinkId\" are mutually exclusive. Exactly one shall be present. NOTE 2: An external CP instance is not associated to a link port in the cases indicated for the “extLinkPorts” attribute in clause 6.5.3.26. NOTE 3:  Cardinality greater than 1 is only applicable for specific cases where more than one network attachment definition resource is needed to fulfil the connectivity requirements of the external CP, e.g. to build a link redundant mated pair in SR-IOV cases. NOTE 4:  When more than one \"netAttDefResourceId\" is indicated, all shall belong to the same namespace.\n",
-					"type": "object",
-					"required": [
-					  "id",
-					  "cpdId",
-					  "cpProtocolInfo"
-					],
-					"oneOf": [
-					  {
-						"required": [
-						  "associatedVnfcCpId"
-						]
-					  },
-					  {
-						"required": [
-						  "associatedVipCpId"
-						]
-					  },
-					  {
-						"required": [
-						  "associatedVirtualCpId"
-						]
-					  },
-					  {
-						"required": [
-						  "associatedVnfVirtualLinkId"
-						]
-					  }
-					],
-					"properties": {
-					  "id": {
-						"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						"type": "string"
-					  },
-					  "cpdId": {
-						"description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-						"type": "string"
-					  },
-					  "cpConfigId": {
-						"description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-						"type": "string"
-					  },
-					  "vnfdId": {
-						"description": "An identifier with the intention of being globally unique.\n",
-						"type": "string"
-					  },
-					  "cpProtocolInfo": {
-						"description": "Network protocol information for this CP.\n",
-						"type": "array",
-						"minItems": 1,
-						"items": {
-						  "description": "This type describes the protocol layer(s) that a CP or SAP uses together with protocol-related information, like addresses. It shall comply with the provisions defined in Table 6.5.3.58-1. NOTE: This attribute allows to signal the addition of further types of layer and protocol in future versions of the present document in a backwards-compatible way. In the current version of the present document, only IP over Ethernet is supported.\n",
-						  "type": "object",
-						  "required": [
-							"layerProtocol",
-							"ipOverEthernet"
-						  ],
-						  "properties": {
-							"layerProtocol": {
-							  "description": "The identifier of layer(s) and protocol(s) associated to the network address information. Permitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
-							  "type": "string",
-							  "enum": [
-								"IP_OVER_ETHERNET",
-								"IP_FOR_VIRTUAL_CP"
-							  ]
-							},
-							"ipOverEthernet": {
-							  "description": "This type represents information about a network address that has been assigned.\nNOTE 1: At least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2: Exactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3: If the Cp instance represents a subport in a trunk, \"segmentationId\" shall be present. Otherwise it shall not be present. NOTE 4: Depending on the NFVI networking infrastructure, the \"segmentationId\" may indicate the actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header of the packets or it may be an identifier used between the application and the NFVI networking infrastructure to identify the network sub-interface of the trunk port in question. In the latter case the NFVI infrastructure will map this local \"segmentationId\" to whatever \"segmentationId\" is actually used by the NFVI's transport technology.\n",
-							  "type": "object",
-							  "anyOf": [
-								{
-								  "required": [
-									"macAddress"
-								  ]
-								},
-								{
-								  "required": [
-									"ipAddresses"
-								  ]
-								}
-							  ],
-							  "properties": {
-								"macAddress": {
-								  "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
-								  "type": "string",
-								  "format": "MAC"
-								},
-								"segmentationId": {
-								  "description": "Identification of the network segment to which the Cp instance connects to. See note 3 and note 4.\n",
-								  "type": "string"
-								},
-								"ipAddresses": {
-								  "description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or dynamic IP address assignment per subnet. See note 1.\n",
-								  "type": "array",
-								  "items": {
-									"type": "object",
-									"required": [
-									  "type"
-									],
-									"oneOf": [
-									  {
-										"required": [
-										  "addresses"
-										]
-									  },
-									  {
-										"required": [
-										  "addressRange"
-										]
-									  }
-									],
-									"properties": {
-									  "type": {
-										"description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
-										"type": "string",
-										"enum": [
-										  "IPV4",
-										  "IPV6"
-										]
-									  },
-									  "addresses": {
-										"description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
-										"type": "array",
-										"items": {
-										  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-										  "type": "string",
-										  "format": "IP"
-										}
-									  },
-									  "isDynamic": {
-										"description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
-										"type": "boolean"
-									  },
-									  "addressRange": {
-										"description": "An IP address range used, e.g., in case of egress connections. Exactly one of \"addresses\" or \"addressRange\" shall be present. See note 2.\n",
-										"type": "object",
-										"required": [
-										  "minAddress",
-										  "maxAddress"
-										],
-										"properties": {
-										  "minAddress": {
-											"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-											"type": "string",
-											"format": "IP"
-										  },
-										  "maxAddress": {
-											"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-											"type": "string",
-											"format": "IP"
-										  }
-										}
-									  },
-									  "subnetId": {
-										"description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-										"type": "string"
-									  }
-									}
-								  }
-								},
-								"type": {
-								  "description": "The type of the IP addresses\n",
-								  "type": "string",
-								  "enum": [
-									"PV4",
-									"PV6"
-								  ]
-								},
-								"addresses": {
-								  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-								  "type": "string",
-								  "format": "IP"
-								},
-								"isDynamic": {
-								  "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
-								  "type": "boolean"
-								},
-								"addressRange": {
-								  "description": "An IP address range used, e.g. in case of egress connections. See note.\n",
-								  "type": "object",
-								  "required": [
-									"minAddress",
-									"maxAddress"
-								  ],
-								  "properties": {
-									"minAddress": {
-									  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									  "type": "string",
-									  "format": "IP"
-									},
-									"maxAddress": {
-									  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									  "type": "string",
-									  "format": "IP"
-									}
-								  }
-								},
-								"minAddress": {
-								  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-								  "type": "string",
-								  "format": "IP"
-								},
-								"maxAddress": {
-								  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-								  "type": "string",
-								  "format": "IP"
-								},
-								"subnetId": {
-								  "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-								  "type": "string"
-								}
-							  }
-							},
-							"virtualCpAddress": {
-							  "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
-							  "type": "object",
-							  "required": [
-								"type"
-							  ],
-							  "properties": {
-								"type": {
-								  "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
-								  "type": "string",
-								  "enum": [
-									"IPV4",
-									"IPV6"
-								  ]
-								},
-								"loadBalancerIp": {
-								  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-								  "type": "string",
-								  "format": "IP"
-								},
-								"addressPoolName": {
-								  "description": "Name of an address pool from which an IP address is assigned to the virtual CP.",
-								  "type": "string"
-								}
-							  }
-							}
-						  }
-						}
-					  },
-					  "extLinkPortId": {
-						"description": "An identifier with the intention of being globally unique.\n",
-						"type": "string"
-					  },
-					  "netAttDefResourceId": {
-						"description": "Identifier of the \"NetAttDefResourceInfo\" structure that provides the  specification of the interface to attach the connection point to a secondary container cluster network. See notes 3 and 4.\nIt shall be present if the external CP is associated to a VNFC realized  by one or a set of OS containers and is connected to a secondary container  cluster network. It shall not be present otherwise.\n",
-						"type": "array",
-						"items": {
-						  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						  "type": "string"
-						}
-					  },
-					  "metadata": {
-						"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-						"type": "object"
-					  },
-					  "associatedVnfcCpId": {
-						"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						"type": "string"
-					  },
-					  "associatedVipCpId": {
-						"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						"type": "string"
-					  },
-					  "associatedVirtualCpId": {
-						"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						"type": "string"
-					  },
-					  "associatedVnfVirtualLinkId": {
-						"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						"type": "string"
-					  }
-					}
-				  }
-				},
-				"vipCpInfo": {
-				  "description": "VIP CPs that are part of the VNF instance. Shall be present when that particular VIP CP of the VNFC instance is associated to an external CP of the VNF instance. May be present otherwise.\n",
-				  "type": "array",
-				  "items": {
-					"description": "This type provides information related to virtual IP (VIP) CP. It shall comply with the provisions defined in table 6.5.3.97 1. NOTE:   It is possible that there is no associated VnfcCp because the VIP CP is available but not associated yet.\n",
-					"type": "object",
-					"required": [
-					  "cpInstanceId",
-					  "cpdId"
-					],
-					"properties": {
-					  "cpInstanceId": {
-						"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						"type": "string"
-					  },
-					  "cpdId": {
-						"description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-						"type": "string"
-					  },
-					  "vnfdId": {
-						"description": "An identifier with the intention of being globally unique.\n",
-						"type": "string"
-					  },
-					  "vnfExtCpId": {
-						"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						"type": "string"
-					  },
-					  "cpProtocolInfo": {
-						"description": "Protocol information for this CP. There shall be one cpProtocolInfo for layer 3. There may be one cpProtocolInfo for layer 2.\n",
-						"type": "array",
-						"items": {
-						  "description": "This type describes the protocol layer(s) that a CP or SAP uses together with protocol-related information, like addresses. It shall comply with the provisions defined in Table 6.5.3.58-1. NOTE: This attribute allows to signal the addition of further types of layer and protocol in future versions of the present document in a backwards-compatible way. In the current version of the present document, only IP over Ethernet is supported.\n",
-						  "type": "object",
-						  "required": [
-							"layerProtocol",
-							"ipOverEthernet"
-						  ],
-						  "properties": {
-							"layerProtocol": {
-							  "description": "The identifier of layer(s) and protocol(s) associated to the network address information. Permitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
-							  "type": "string",
-							  "enum": [
-								"IP_OVER_ETHERNET",
-								"IP_FOR_VIRTUAL_CP"
-							  ]
-							},
-							"ipOverEthernet": {
-							  "description": "This type represents information about a network address that has been assigned.\nNOTE 1: At least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2: Exactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3: If the Cp instance represents a subport in a trunk, \"segmentationId\" shall be present. Otherwise it shall not be present. NOTE 4: Depending on the NFVI networking infrastructure, the \"segmentationId\" may indicate the actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header of the packets or it may be an identifier used between the application and the NFVI networking infrastructure to identify the network sub-interface of the trunk port in question. In the latter case the NFVI infrastructure will map this local \"segmentationId\" to whatever \"segmentationId\" is actually used by the NFVI's transport technology.\n",
-							  "type": "object",
-							  "anyOf": [
-								{
-								  "required": [
-									"macAddress"
-								  ]
-								},
-								{
-								  "required": [
-									"ipAddresses"
-								  ]
-								}
-							  ],
-							  "properties": {
-								"macAddress": {
-								  "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
-								  "type": "string",
-								  "format": "MAC"
-								},
-								"segmentationId": {
-								  "description": "Identification of the network segment to which the Cp instance connects to. See note 3 and note 4.\n",
-								  "type": "string"
-								},
-								"ipAddresses": {
-								  "description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or dynamic IP address assignment per subnet. See note 1.\n",
-								  "type": "array",
-								  "items": {
-									"type": "object",
-									"required": [
-									  "type"
-									],
-									"oneOf": [
-									  {
-										"required": [
-										  "addresses"
-										]
-									  },
-									  {
-										"required": [
-										  "addressRange"
-										]
-									  }
-									],
-									"properties": {
-									  "type": {
-										"description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
-										"type": "string",
-										"enum": [
-										  "IPV4",
-										  "IPV6"
-										]
-									  },
-									  "addresses": {
-										"description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
-										"type": "array",
-										"items": {
-										  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-										  "type": "string",
-										  "format": "IP"
-										}
-									  },
-									  "isDynamic": {
-										"description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
-										"type": "boolean"
-									  },
-									  "addressRange": {
-										"description": "An IP address range used, e.g., in case of egress connections. Exactly one of \"addresses\" or \"addressRange\" shall be present. See note 2.\n",
-										"type": "object",
-										"required": [
-										  "minAddress",
-										  "maxAddress"
-										],
-										"properties": {
-										  "minAddress": {
-											"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-											"type": "string",
-											"format": "IP"
-										  },
-										  "maxAddress": {
-											"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-											"type": "string",
-											"format": "IP"
-										  }
-										}
-									  },
-									  "subnetId": {
-										"description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-										"type": "string"
-									  }
-									}
-								  }
-								},
-								"type": {
-								  "description": "The type of the IP addresses\n",
-								  "type": "string",
-								  "enum": [
-									"PV4",
-									"PV6"
-								  ]
-								},
-								"addresses": {
-								  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-								  "type": "string",
-								  "format": "IP"
-								},
-								"isDynamic": {
-								  "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
-								  "type": "boolean"
-								},
-								"addressRange": {
-								  "description": "An IP address range used, e.g. in case of egress connections. See note.\n",
-								  "type": "object",
-								  "required": [
-									"minAddress",
-									"maxAddress"
-								  ],
-								  "properties": {
-									"minAddress": {
-									  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									  "type": "string",
-									  "format": "IP"
-									},
-									"maxAddress": {
-									  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									  "type": "string",
-									  "format": "IP"
-									}
-								  }
-								},
-								"minAddress": {
-								  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-								  "type": "string",
-								  "format": "IP"
-								},
-								"maxAddress": {
-								  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-								  "type": "string",
-								  "format": "IP"
-								},
-								"subnetId": {
-								  "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-								  "type": "string"
-								}
-							  }
-							},
-							"virtualCpAddress": {
-							  "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
-							  "type": "object",
-							  "required": [
-								"type"
-							  ],
-							  "properties": {
-								"type": {
-								  "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
-								  "type": "string",
-								  "enum": [
-									"IPV4",
-									"IPV6"
-								  ]
-								},
-								"loadBalancerIp": {
-								  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-								  "type": "string",
-								  "format": "IP"
-								},
-								"addressPoolName": {
-								  "description": "Name of an address pool from which an IP address is assigned to the virtual CP.",
-								  "type": "string"
-								}
-							  }
-							}
-						  }
-						}
-					  },
-					  "associatedVnfcCpIds": {
-						"description": "Identifiers of the VnfcCps that share the virtual IP addresse allocated to the VIP CP instance. See note.\n",
-						"type": "array",
-						"items": {
-						  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						  "type": "string"
-						}
-					  },
-					  "vnfLinkPortId": {
-						"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						"type": "string"
-					  },
-					  "metadata": {
-						"description": "Allows the OSS/BSS to provide additional parameter(s) to the termination process at the NS level.\n",
-						"type": "array",
-						"items": {
-						  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-						  "type": "object"
-						}
-					  }
-					}
-				  }
-				},
-				"virtualCpInfo": {
-				  "description": "virtual CPs that are part of the VNF instance. Shall be present when a particular virtual CP is associated to an external CP of the VNF  instance. May be present otherwise.\n",
-				  "type": "array",
-				  "items": {
-					"description": "This type represents the information related to a virtual CP instance of a VNF. NOTE: A consumer of the VNF LCM interface can learn the actual VNFC instances implementing  the service accessible via the virtual CP instance by querying the \"vnfcResourceInfo\" from the \"InstantiatedVnfInfo\" and filtering by corresponding \"vduId\" values.",
-					"type": "object",
-					"required": [
-					  "cpInstanceId",
-					  "cpdId",
-					  "resourceHandle",
-					  "vduId"
-					],
-					"properties": {
-					  "cpInstanceId": {
-						"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						"type": "string"
-					  },
-					  "cpdId": {
-						"description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-						"type": "string"
-					  },
-					  "resourceHandle": {
-						"description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
-						"type": "object",
-						"required": [
-						  "resourceId"
-						],
-						"properties": {
-						  "vimId": {
-							"description": "An identifier with the intention of being globally unique.\n",
-							"type": "string"
-						  },
-						  "resourceProviderId": {
-							"description": "An identifier with the intention of being globally unique.\n",
-							"type": "string"
-						  },
-						  "resourceId": {
-							"description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-							"type": "string"
-						  },
-						  "vimLevelResourceType": {
-							"description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
-							"type": "string"
-						  },
-						  "vimLevelAdditionalResourceInfo": {
-							"description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
-							"type": "object",
-							"properties": {
-							  "hostName": {
-								"description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
-								"type": "string"
-							  },
-							  "persistentVolume": {
-								"description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
-								"type": "string"
-							  },
-							  "additionalInfo": {
-								"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-								"type": "object"
-							  }
-							}
-						  },
-						  "containerNamespace": {
-							"description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
-							"type": "string"
-						  }
-						}
-					  },
-					  "vnfExtCpId": {
-						"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						"type": "string"
-					  },
-					  "cpProtocolInfo": {
-						"description": "Protocol information for this CP. There shall be one cpProtocolInfo for each layer protocol supported.\n",
-						"type": "array",
-						"items": {
-						  "description": "This type describes the protocol layer(s) that a CP or SAP uses together with protocol-related information, like addresses. It shall comply with the provisions defined in Table 6.5.3.58-1. NOTE: This attribute allows to signal the addition of further types of layer and protocol in future versions of the present document in a backwards-compatible way. In the current version of the present document, only IP over Ethernet is supported.\n",
-						  "type": "object",
-						  "required": [
-							"layerProtocol",
-							"ipOverEthernet"
-						  ],
-						  "properties": {
-							"layerProtocol": {
-							  "description": "The identifier of layer(s) and protocol(s) associated to the network address information. Permitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
-							  "type": "string",
-							  "enum": [
-								"IP_OVER_ETHERNET",
-								"IP_FOR_VIRTUAL_CP"
-							  ]
-							},
-							"ipOverEthernet": {
-							  "description": "This type represents information about a network address that has been assigned.\nNOTE 1: At least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2: Exactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3: If the Cp instance represents a subport in a trunk, \"segmentationId\" shall be present. Otherwise it shall not be present. NOTE 4: Depending on the NFVI networking infrastructure, the \"segmentationId\" may indicate the actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header of the packets or it may be an identifier used between the application and the NFVI networking infrastructure to identify the network sub-interface of the trunk port in question. In the latter case the NFVI infrastructure will map this local \"segmentationId\" to whatever \"segmentationId\" is actually used by the NFVI's transport technology.\n",
-							  "type": "object",
-							  "anyOf": [
-								{
-								  "required": [
-									"macAddress"
-								  ]
-								},
-								{
-								  "required": [
-									"ipAddresses"
-								  ]
-								}
-							  ],
-							  "properties": {
-								"macAddress": {
-								  "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
-								  "type": "string",
-								  "format": "MAC"
-								},
-								"segmentationId": {
-								  "description": "Identification of the network segment to which the Cp instance connects to. See note 3 and note 4.\n",
-								  "type": "string"
-								},
-								"ipAddresses": {
-								  "description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or dynamic IP address assignment per subnet. See note 1.\n",
-								  "type": "array",
-								  "items": {
-									"type": "object",
-									"required": [
-									  "type"
-									],
-									"oneOf": [
-									  {
-										"required": [
-										  "addresses"
-										]
-									  },
-									  {
-										"required": [
-										  "addressRange"
-										]
-									  }
-									],
-									"properties": {
-									  "type": {
-										"description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
-										"type": "string",
-										"enum": [
-										  "IPV4",
-										  "IPV6"
-										]
-									  },
-									  "addresses": {
-										"description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
-										"type": "array",
-										"items": {
-										  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-										  "type": "string",
-										  "format": "IP"
-										}
-									  },
-									  "isDynamic": {
-										"description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
-										"type": "boolean"
-									  },
-									  "addressRange": {
-										"description": "An IP address range used, e.g., in case of egress connections. Exactly one of \"addresses\" or \"addressRange\" shall be present. See note 2.\n",
-										"type": "object",
-										"required": [
-										  "minAddress",
-										  "maxAddress"
-										],
-										"properties": {
-										  "minAddress": {
-											"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-											"type": "string",
-											"format": "IP"
-										  },
-										  "maxAddress": {
-											"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-											"type": "string",
-											"format": "IP"
-										  }
-										}
-									  },
-									  "subnetId": {
-										"description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-										"type": "string"
-									  }
-									}
-								  }
-								},
-								"type": {
-								  "description": "The type of the IP addresses\n",
-								  "type": "string",
-								  "enum": [
-									"PV4",
-									"PV6"
-								  ]
-								},
-								"addresses": {
-								  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-								  "type": "string",
-								  "format": "IP"
-								},
-								"isDynamic": {
-								  "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
-								  "type": "boolean"
-								},
-								"addressRange": {
-								  "description": "An IP address range used, e.g. in case of egress connections. See note.\n",
-								  "type": "object",
-								  "required": [
-									"minAddress",
-									"maxAddress"
-								  ],
-								  "properties": {
-									"minAddress": {
-									  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									  "type": "string",
-									  "format": "IP"
-									},
-									"maxAddress": {
-									  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									  "type": "string",
-									  "format": "IP"
-									}
-								  }
-								},
-								"minAddress": {
-								  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-								  "type": "string",
-								  "format": "IP"
-								},
-								"maxAddress": {
-								  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-								  "type": "string",
-								  "format": "IP"
-								},
-								"subnetId": {
-								  "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-								  "type": "string"
-								}
-							  }
-							},
-							"virtualCpAddress": {
-							  "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
-							  "type": "object",
-							  "required": [
-								"type"
-							  ],
-							  "properties": {
-								"type": {
-								  "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
-								  "type": "string",
-								  "enum": [
-									"IPV4",
-									"IPV6"
-								  ]
-								},
-								"loadBalancerIp": {
-								  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-								  "type": "string",
-								  "format": "IP"
-								},
-								"addressPoolName": {
-								  "description": "Name of an address pool from which an IP address is assigned to the virtual CP.",
-								  "type": "string"
-								}
-							  }
-							}
-						  }
-						}
-					  },
-					  "vduId": {
-						"description": "Reference to the VDU(s) which implement the service accessible via the virtual CP instance. See note.\n",
-						"type": "array",
-						"items": {
-						  "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-						  "type": "string"
-						}
-					  },
-					  "additionalServiceInfo": {
-						"description": "Additional service identification information of the virtual CP instance.\n",
-						"type": "array",
-						"items": {
-						  "description": "This type represents the additional service information of the virtual CP instance used to expose properties of the virtual CP to NFV-MANO.\nNOTE: This attribute shall only be present if additional information is needed to identify the service termination within the VNF, such as for example a URL path information in an HTTP request required to allow a single virtual CP IP address to be used for several HTTP based services that use the same port number.",
-						  "type": "object",
-						  "required": [
-							"portInfo"
-						  ],
-						  "properties": {
-							"portInfo": {
-							  "description": "Service port numbers exposed by the virtual CP instance.\n",
-							  "type": "array",
-							  "items": {
-								"description": "This type represents the information related to the service identifying port properties exposed by the virtual CP instance.",
-								"type": "object",
-								"required": [
-								  "name",
-								  "protocol",
-								  "port",
-								  "isPortConfigurable"
-								],
-								"properties": {
-								  "name": {
-									"description": "The name of the port exposed by the virtual CP instance.\n",
-									"type": "string"
-								  },
-								  "protocol": {
-									"description": "The L4 protocol for this port exposed by the virtual CP instance.\n  Permitted values:\n  - TCP\n  - UDP\n  - SCTP\n",
-									"type": "string",
-									"enum": [
-									  "TCP",
-									  "UDP",
-									  "SCTP"
-									]
-								  },
-								  "port": {
-									"description": "The L4 port number exposed by the virtual CP instance.\n",
-									"type": "integer"
-								  },
-								  "isPortConfigurable": {
-									"description": "Specifies whether the port attribute value is allowed to be configurable.\n",
-									"type": "boolean"
-								  }
-								}
-							  }
-							},
-							"serviceInfo": {
-							  "description": "Service matching information exposed by the virtual CP instance. See note.\n",
-							  "type": "array",
-							  "items": {
-								"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-								"type": "object"
-							  }
-							}
-						  }
-						}
-					  },
-					  "metadata": {
-						"description": "Metadata about this virtual CP instance.\n",
-						"type": "array",
-						"items": {
-						  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-						  "type": "object"
-						}
-					  }
-					}
-				  }
-				},
-				"extVirtualLinkInfo": {
-				  "description": "Information about the external VLs the VNF instance is connected to.\n",
-				  "type": "array",
-				  "items": {
-					"description": "This type represents information about an VNF external VL.",
-					"type": "object",
-					"required": [
-					  "id",
-					  "resourceHandle",
-					  "currentVnfExtCpData"
-					],
-					"properties": {
-					  "id": {
-						"description": "An identifier with the intention of being globally unique.\n",
-						"type": "string"
-					  },
-					  "resourceHandle": {
-						"description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
-						"type": "object",
-						"required": [
-						  "resourceId"
-						],
-						"properties": {
-						  "vimId": {
-							"description": "An identifier with the intention of being globally unique.\n",
-							"type": "string"
-						  },
-						  "resourceProviderId": {
-							"description": "An identifier with the intention of being globally unique.\n",
-							"type": "string"
-						  },
-						  "resourceId": {
-							"description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-							"type": "string"
-						  },
-						  "vimLevelResourceType": {
-							"description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
-							"type": "string"
-						  },
-						  "vimLevelAdditionalResourceInfo": {
-							"description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
-							"type": "object",
-							"properties": {
-							  "hostName": {
-								"description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
-								"type": "string"
-							  },
-							  "persistentVolume": {
-								"description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
-								"type": "string"
-							  },
-							  "additionalInfo": {
-								"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-								"type": "object"
-							  }
-							}
-						  },
-						  "containerNamespace": {
-							"description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
-							"type": "string"
-						  }
-						}
-					  },
-					  "extLinkPorts": {
-						"description": "Link ports of this VL.\n",
-						"type": "array",
-						"items": {
-						  "description": "This type represents information about a link port of an external VL, i.e. a port providing connectivity for the VNF to an NS VL. NOTE 1: The use cases UC#4 and UC#5 in Annex A.4 of ETSI GS NFV-IFA 007 provide examples for such a configuration. NOTE 2: The value of \"trunkResourceId\" is scoped by the value of \"vimConnectionId\" in the \"resourceHandle\" attribute.\n",
-						  "type": "object",
-						  "required": [
-							"id",
-							"resourceHandle"
-						  ],
-						  "properties": {
-							"id": {
-							  "description": "An identifier with the intention of being globally unique.\n",
-							  "type": "string"
-							},
-							"resourceHandle": {
-							  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
-							  "type": "object",
-							  "required": [
-								"resourceId"
-							  ],
-							  "properties": {
-								"vimId": {
-								  "description": "An identifier with the intention of being globally unique.\n",
-								  "type": "string"
-								},
-								"resourceProviderId": {
-								  "description": "An identifier with the intention of being globally unique.\n",
-								  "type": "string"
-								},
-								"resourceId": {
-								  "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-								  "type": "string"
-								},
-								"vimLevelResourceType": {
-								  "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
-								  "type": "string"
-								},
-								"vimLevelAdditionalResourceInfo": {
-								  "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
-								  "type": "object",
-								  "properties": {
-									"hostName": {
-									  "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
-									  "type": "string"
-									},
-									"persistentVolume": {
-									  "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
-									  "type": "string"
-									},
-									"additionalInfo": {
-									  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-									  "type": "object"
-									}
-								  }
-								},
-								"containerNamespace": {
-								  "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
-								  "type": "string"
-								}
-							  }
-							},
-							"cpInstanceId": {
-							  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-							  "type": "string"
-							},
-							"secondaryCpInstanceId": {
-							  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-							  "type": "string"
-							},
-							"trunkResourceId": {
-							  "description": "An identifier maintained by the VIM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-							  "type": "string"
-							}
-						  }
-						}
-					  },
-					  "extNetAttDefResource": {
-						"description": "Network attachment definition resources that provide the specification of the interface to attach connection points to this VL.\n",
-						"type": "array",
-						"items": {
-						  "description": "This type represents the information related to a network attachment definition resource that provides the specification of the interface used to connect one or multiple connection points to a secondary container cluster network\n",
-						  "type": "object",
-						  "required": [
-							"netAttDefResourceInfoId",
-							"netAttDefResource"
-						  ],
-						  "properties": {
-							"netAttDefResourceInfoId": {
-							  "description": "An identifier with the intention of being globally unique.\n",
-							  "type": "string"
-							},
-							"netAttDefResource": {
-							  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
-							  "type": "object",
-							  "required": [
-								"resourceId"
-							  ],
-							  "properties": {
-								"vimId": {
-								  "description": "An identifier with the intention of being globally unique.\n",
-								  "type": "string"
-								},
-								"resourceProviderId": {
-								  "description": "An identifier with the intention of being globally unique.\n",
-								  "type": "string"
-								},
-								"resourceId": {
-								  "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-								  "type": "string"
-								},
-								"vimLevelResourceType": {
-								  "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
-								  "type": "string"
-								},
-								"vimLevelAdditionalResourceInfo": {
-								  "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
-								  "type": "object",
-								  "properties": {
-									"hostName": {
-									  "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
-									  "type": "string"
-									},
-									"persistentVolume": {
-									  "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
-									  "type": "string"
-									},
-									"additionalInfo": {
-									  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-									  "type": "object"
-									}
-								  }
-								},
-								"containerNamespace": {
-								  "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
-								  "type": "string"
-								}
-							  }
-							},
-							"associatedExtCpId": {
-							  "description": "Identifier of the external CP of the VNF associated to this network attachment definition resource.  Shall be present when the network attachment definition resource is used for external connectivity by the VNF\n",
-							  "type": "array",
-							  "items": {
-								"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-								"type": "string"
-							  }
-							},
-							"associatedVnfcCpId": {
-							  "description": "Identifier of the VNFC CP of the VNF associated to this network attachment definition resource.  May be present when the network attachment definition resource is used for internal connectivity by the VNF.\n",
-							  "type": "array",
-							  "items": {
-								"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-								"type": "string"
-							  }
-							}
-						  }
-						}
-					  },
-					  "currentVnfExtCpData": {
-						"description": "This type represents configuration information for external CPs created from a CPD.\nNOTE 1: In case this identifier refers to a CPD with trunking enabled, the external CP instances created from this CPD will represent ports in a trunk. NOTE 2:  The map entry value shall be set to \"null\" in order to delete a \"VnfExtCpConfig\" entry identified by a particular key value from the map, i.e. for the disconnection of an existing external CP instance addressed by cpInstanceId in the deleted map entry from a particular external virtual link, and deletion of that instance in case it represents a subport. Deleting the last key from the map removes the affected instance of the \"VnfExtCpData\" structure from its parent data structure. NOTE 3:  Within one VNF instance, all VNFC instances created from a particular VDU have the same external connectivity. Thus, given a particular value of the \"cpdId' attribute, there shall be one \"cpConfig\" entry for each VNFC instance that has been or can be created from a VDU which includes a CPD identified by the \"cpdId\" attribute. If the cpConfig represents a subport in a trunk, all \"cpConfig\" entries in this list shall have the same segmentationId, which means they are connected to the same set of external VLs via the trunk. NOTE 4: If, as defined by the input parameters of a \"ChangeVnfFlavour\", \"ChangeExtVnfConnectivity\"  or \"ChangeCurrentVnfPkg\" operation, a cpConfig map entry identified by a particular map key value is  moved into another \"ExtVirtualLinkData\" or \"VnfExtCpData\" structure, this particular cpConfig map entry  may be used by an external CP instance different than the one that has used it before the operation, or  by no external CP instance at all. Renaming a CPD identifier during the \"changeCurrentVnfPkg\" operation  does not count as moving the related \"cpConfig\" map entries to a new \"extCpData\" structure.\n",
-						"type": "object",
-						"required": [
-						  "cpdId"
-						],
-						"properties": {
-						  "cpdId": {
-							"description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-							"type": "string"
-						  },
-						  "cpConfig": {
-							"description": "Map of instance data that need to be configured on the CP instances  created from the respective CPD. The key of the map which identifies  the individual VnfExtCpConfig entries is of type \"IdentifierInVnf\"  and is managed by the API consumer. The entries shall be applied by  the VNFM according to the rules of JSON Merge Patch (see IETF RFC 7396 [11]).  See notes 2, 3 and 4.\n",
-							"type": "object",
-							"additionalProperties": {
-							  "description": "This type represents an externally provided link port, or a network attachment definition resource of secondary container cluster network, or network address information per  instance of a VNF external connection point. In the case of VM-based deployment of the VNFC exposing the external CP: In case a link port is provided, the NFVO shall use that link port when connecting the VNF external CP to the external VL. • In case a link port is not provided, the NFVO or VNFM shall create a link port on the external VL, and use that link port to connect the VNF external CP to the external VL. In the case of  container-based deployment of the VNFC exposing the external CP, the NFVO and VNFM shall use the network attachment definition resource of secondary container cluster  network when connecting the CP to the external VL.\nNOTE 1:  The following conditions apply to the attributes \"linkPortId\" and \"cpProtocolData\"\n        for an external CP instance connected or to be connected to a virtual network not\n        categorized as secondary container cluster network:\n        - At least one of the \"linkPortId\" and \"cpProtocolData\" attributes shall be present for\n        an external CP instance representing a subport that is to be created, or an external CP instance\n        that is to be created by creating the corresponding VNFC or VNF instance during the current or\n        a subsequent LCM operation, or for an existing external CP instance that is to be re-configured\n        or added to a particular external virtual link.\n        - If the \"cpProtocolData\" attribute is absent, the \"linkPortId\" attribute shall be provided\n      referencing a pre-created link port with pre-configured address information.\n        - If both \"cpProtocolData\" and \"linkportId\" are provided, the API consumer shall ensure that\n        the cpProtocolData can be used with the pre-created link port referenced by \"linkPortId\".\nNOTE 2: In case the NFVO manages its own identifier space, the NFVO may remap this identifier\n        when communicating with the VNFM. If the NFVO knows that there can be an identifier collision\n        when communicating with the VNFM by using the identifier from the OSS/BSS, the NFVO shall remap it.\nNOTE 3: The following conditions apply to the attributes \"netAttDefResourceId\" and \"cpProtocolData\" for an external CP\n        instance connected or to be connected to a secondary container cluster network:\n        − Void.\n        − At least one of these attributes shall be present for a to-be-created external CP instance or an existing\n        external CP instance.\nNOTE 4: Cardinality greater than 1 is only applicable for specific cases where more than one network\n        attachment definition resource is needed to fulfil the connectivity requirements of the external CP,\n        e.g. to build a link redundant mated pair in SR-IOV cases. When more than one \"netAttDefResourceId\"\n        is indicated, all shall belong to the same namespace as defined by the corresponding \n        \"containerNamespace\" attribute in the \"resourceHandle\" attribute in the \"NetAttDefResourceData\".\nNOTE 5: Either \"linkPortId\" or \"netAttDefResourceId\" may be included, but not both.\n",
-							  "type": "object",
-							  "oneOf": [
-								{
-								  "required": [
-									"linkPortId"
-								  ]
-								},
-								{
-								  "required": [
-									"cpProtocolData"
-								  ]
-								}
-							  ],
-							  "properties": {
-								"parentCpConfigId": {
-								  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-								  "type": "string"
-								},
-								"linkPortId": {
-								  "description": "An identifier with the intention of being globally unique.\n",
-								  "type": "string"
-								},
-								"createExtLinkPort": {
-								  "description": "Indicates the need to create a dedicated link port for the external CP. If set to True, a link port is created. If set to False, no link port is created. This attribute is only applicable for external CP instances without a floating IP address that expose a VIP CP instance for which a dedicated IP address is allocated. It shall be present in that case and shall be absent otherwise.\n",
-								  "type": "boolean"
-								},
-								"cpProtocolData": {
-								  "description": "Parameters for configuring the network protocols on the link port that connects the CP to a VL. See notes 1 and 3.\n",
-								  "type": "array",
-								  "items": {
-									"description": "This type represents network protocol data.\nNOTE:\tThis attribute allows to signal the addition of further types  of layer and protocol in future versions of the present document in  a backwards-compatible way. In the current version of the present  document, only IP over Ethernet is supported.\n",
-									"type": "object",
-									"required": [
-									  "layerProtocol"
-									],
-									"properties": {
-									  "layerProtocol": {
-										"description": "Identifier of layer(s) and protocol(s). Permitted values:  - IP_OVER_ETHERNET - IP_FOR_VIRTUAL_CP See note.\n",
-										"type": "string",
-										"enum": [
-										  "IP_OVER_ETHERNET",
-										  "IP_FOR_VIRTUAL_CP"
-										]
-									  },
-									  "ipOverEthernet": {
-										"description": "This type represents network address data for IP over Ethernet. NOTE 1: At least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2: Exactly one of \"fixedAddresses\", \"numDynamicAddresses\" or \"ipAddressRange\" shall be present. NOTE 3: If the CP instance represents a subport in a trunk, \"segmentationId\" shall be present. Otherwise it shall not be present. NOTE 4: Depending on the NFVI networking infrastructure, the \"segmentationId\" may indicate the actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header of the packets or it may be an identifier used between the application and the NFVI networking infrastructure to identify the network sub-interface of the trunk port in question. In the latter case the NFVI infrastructure will map this local \"segmentationId\" to whatever \"segmentationId\" is actually used by the NFVI's transport technology.\n",
-										"type": "object",
-										"anyOf": [
-										  {
-											"required": [
-											  "ipAddresses"
-											]
-										  },
-										  {
-											"required": [
-											  "macAddress"
-											]
-										  }
-										],
-										"properties": {
-										  "macAddress": {
-											"description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
-											"type": "string",
-											"format": "MAC"
-										  },
-										  "segmentationType": {
-											"description": "Specifies the encapsulation type for the traffics coming in and out of the trunk subport. Permitted values are: - VLAN: The subport uses VLAN as encapsulation type. - INHERIT: The subport gets its segmentation type from the network it is connected to. This attribute may be present for CP instances that represent subports in a trunk and shall be absent otherwise. If this attribute is not present for a subport CP instance, default value VLAN shall be used.\n",
-											"type": "string",
-											"enum": [
-											  "VLAN",
-											  "INHERIT"
-											]
-										  },
-										  "segmentationId": {
-											"description": "Identification of the network segment to which the CP instance connects to. See note 3 and note 4.\n",
-											"type": "string"
-										  },
-										  "ipAddresses": {
-											"description": "List of IP addresses to assign to the CP instance. Each entry represents IP address data for fixed or dynamic IP address assignment per subnet. If this attribute is not present, no IP address shall be assigned. See note 1.\n",
-											"type": "array",
-											"items": {
-											  "type": "object",
-											  "required": [
-												"type"
-											  ],
-											  "oneOf": [
-												{
-												  "required": [
-													"fixedAddresses"
-												  ]
-												},
-												{
-												  "required": [
-													"numDynamicAddresses"
-												  ]
-												},
-												{
-												  "required": [
-													"addressRange"
-												  ]
-												}
-											  ],
-											  "properties": {
-												"type": {
-												  "description": "The type of the IP addresses. Permitted values:\n  - IPV4\n  - IPV6\n",
-												  "type": "string",
-												  "enum": [
-													"IPV4",
-													"IPV6"
-												  ]
-												},
-												"fixedAddresses": {
-												  "description": "Fixed addresses to assign (from the subnet defined by \"subnetId\" if provided). Exactly one of \"fixedAddresses\", \"numDynamicAddresses\" or \"ipAddressRange\" shall be present.\n",
-												  "type": "array",
-												  "items": {
-													"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-													"type": "string",
-													"format": "IP"
-												  }
-												},
-												"numDynamicAddresses": {
-												  "description": "Number of dynamic addresses to assign (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
-												  "type": "integer"
-												},
-												"addressRange": {
-												  "description": "An IP address range to be used, e.g. in case of egress connections. In case this attribute is present, IP addresses from the range will be used.\n",
-												  "type": "object",
-												  "required": [
-													"minAddress",
-													"maxAddress"
-												  ],
-												  "properties": {
-													"minAddress": {
-													  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-													  "type": "string",
-													  "format": "IP"
-													},
-													"maxAddress": {
-													  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-													  "type": "string",
-													  "format": "IP"
-													}
-												  }
-												},
-												"subnetId": {
-												  "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-												  "type": "string"
-												}
-											  }
-											}
-										  }
-										}
-									  },
-									  "virtualCpAddress": {
-										"description": "This type represents network address data for a virtual CP.  It shall comply with the provisions defined in table 6.5.3.12a-1.\nNOTE 1: If the container cluster is set up to be able to configure an external load balancer this address will be\n        used, otherwise it will be ignored by the CISM.\nNOTE 2: In case the cluster can configure an external load balancer but no loadBalancerIp is provided the\n        container cluster will assign an IP address.\nNOTE 3: The attribute is only relevant if the virtual CP is instantiated in a cluster that supports configuration of IP\n        address pools for virtual CPs. Otherwise it shall be ignored. MetalLB is an example of a solution for\n        Kubernetes® that supports configuration of address pools for load balancer services.\nNOTE 4: The loadBalancerIp and the addressPoolName attributes shall not be present at the same time.\n",
-										"type": "object",
-										"required": [
-										  "type"
-										],
-										"properties": {
-										  "type": {
-											"description": "Identifier of layer(s) and protocol(s). Permitted values: IP_OVER_ETHERNET.\n",
-											"type": "string",
-											"enum": [
-											  "IPV4",
-											  "IPV6"
-											]
-										  },
-										  "loadBalancerIp": {
-											"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-											"type": "string",
-											"format": "IP"
-										  },
-										  "addressPoolName": {
-											"description": "Name of an address pool from which the container cluster will assign an IP address to the virtual CP. See notes 3 and 4.\n",
-											"type": "array",
-											"items": {
-											  "type": "string"
-											}
-										  }
-										}
-									  }
-									}
-								  }
-								},
-								"netAttDefResourceId": {
-								  "description": "Identifier of the \"NetAttDefResourceData\" structure that provides the specification of the interface to attach the external CP to a secondary container cluster network.  It is only applicable if the external CP is connected or to be connected to a secondary container cluster network. It shall not be present if the external CP is related to a virtual network not categorized as secondary container cluster network.  See notes 3, 4 and 5.\n",
-								  "type": "array",
-								  "items": {
-									"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-									"type": "string"
-								  }
-								}
-							  }
-							}
-						  }
-						}
-					  }
-					}
-				  }
-				},
-				"extManagedVirtualLinkInfo": {
-				  "description": "Information about the externally-managed internal VLs of the VNF instance.  See note 4 and note 5.\n",
-				  "type": "array",
-				  "items": {
-					"description": "This type provides information about an externally-managed internal virtual link for VNFs\n",
-					"type": "object",
-					"required": [
-					  "id",
-					  "vnfVirtualLinkDescId",
-					  "networkResource"
-					],
-					"properties": {
-					  "id": {
-						"description": "An identifier with the intention of being globally unique.\n",
-						"type": "string"
-					  },
-					  "vnfdId": {
-						"description": "An identifier with the intention of being globally unique.\n",
-						"type": "string"
-					  },
-					  "vnfVirtualLinkDescId": {
-						"description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-						"type": "string"
-					  },
-					  "networkResource": {
-						"description": "Reference to the VirtualNetwork resource or multi-site connectivity service providing this VL.\n",
-						"type": "array",
-						"items": {
-						  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
-						  "type": "object",
-						  "required": [
-							"resourceId"
-						  ],
-						  "properties": {
-							"vimId": {
-							  "description": "An identifier with the intention of being globally unique.\n",
-							  "type": "string"
-							},
-							"resourceProviderId": {
-							  "description": "An identifier with the intention of being globally unique.\n",
-							  "type": "string"
-							},
-							"resourceId": {
-							  "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-							  "type": "string"
-							},
-							"vimLevelResourceType": {
-							  "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
-							  "type": "string"
-							},
-							"vimLevelAdditionalResourceInfo": {
-							  "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
-							  "type": "object",
-							  "properties": {
-								"hostName": {
-								  "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
-								  "type": "string"
-								},
-								"persistentVolume": {
-								  "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
-								  "type": "string"
-								},
-								"additionalInfo": {
-								  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-								  "type": "object"
-								}
-							  }
-							},
-							"containerNamespace": {
-							  "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
-							  "type": "string"
-							}
-						  }
-						}
-					  },
-					  "vnfLinkPorts": {
-						"description": "Link ports of this VL.\n",
-						"type": "array",
-						"items": {
-						  "type": "object",
-						  "description": "This type represents a link port of an internal VL of a VNF. It shall comply with the provisions defined in table 6.5.3.64-1.\nNOTE 1: Either cpInstanceId with cpInstanceType set to \"EXT_CP\" or any combination of cpInstanceId with cpInstanceType set to \"VNFC_CP\" and vipCpInstanceId (i.e. one or both of them) shall be present for a VnfLinkPortInfo. In case both cpInstanceId with cpInstanceType set to \"VNFC_CP\" and vipCpInstanceId are present, the two different CP instances share the linkport.\n",
-						  "required": [
-							"id",
-							"resourceHandle"
-						  ],
-						  "properties": {
-							"id": {
-							  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-							  "type": "string"
-							},
-							"resourceHandle": {
-							  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
-							  "type": "object",
-							  "required": [
-								"resourceId"
-							  ],
-							  "properties": {
-								"vimId": {
-								  "description": "An identifier with the intention of being globally unique.\n",
-								  "type": "string"
-								},
-								"resourceProviderId": {
-								  "description": "An identifier with the intention of being globally unique.\n",
-								  "type": "string"
-								},
-								"resourceId": {
-								  "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-								  "type": "string"
-								},
-								"vimLevelResourceType": {
-								  "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
-								  "type": "string"
-								},
-								"vimLevelAdditionalResourceInfo": {
-								  "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
-								  "type": "object",
-								  "properties": {
-									"hostName": {
-									  "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
-									  "type": "string"
-									},
-									"persistentVolume": {
-									  "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
-									  "type": "string"
-									},
-									"additionalInfo": {
-									  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-									  "type": "object"
-									}
-								  }
-								},
-								"containerNamespace": {
-								  "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
-								  "type": "string"
-								}
-							  }
-							},
-							"cpInstanceId": {
-							  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-							  "type": "string"
-							},
-							"cpInstanceType": {
-							  "description": "Type of the CP instance that is identified by cpInstanceId. Shall be present if \"cpInstanceId\" is present, and shall be absent otherwise. Permitted values: * VNFC_CP: The link port is connected to a VNFC CP * EXT_CP: The link port is associated to an external CP. See note 1.\n",
-							  "type": "string",
-							  "enum": [
-								"VNFC_CP",
-								"EXT_CP"
-							  ]
-							},
-							"vipCpInstanceId": {
-							  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-							  "type": "string"
-							},
-							"trunkResourceId": {
-							  "description": "An identifier maintained by the VIM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-							  "type": "string"
-							}
-						  }
-						}
-					  },
-					  "vnfNetAttDefResource": {
-						"description": "This type represents the information related to a network attachment definition resource that provides the specification of the interface used to connect one or multiple connection points to a secondary container cluster network\n",
-						"type": "object",
-						"required": [
-						  "netAttDefResourceInfoId",
-						  "netAttDefResource"
-						],
-						"properties": {
-						  "netAttDefResourceInfoId": {
-							"description": "An identifier with the intention of being globally unique.\n",
-							"type": "string"
-						  },
-						  "netAttDefResource": {
-							"description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
-							"type": "object",
-							"required": [
-							  "resourceId"
-							],
-							"properties": {
-							  "vimId": {
-								"description": "An identifier with the intention of being globally unique.\n",
-								"type": "string"
-							  },
-							  "resourceProviderId": {
-								"description": "An identifier with the intention of being globally unique.\n",
-								"type": "string"
-							  },
-							  "resourceId": {
-								"description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-								"type": "string"
-							  },
-							  "vimLevelResourceType": {
-								"description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
-								"type": "string"
-							  },
-							  "vimLevelAdditionalResourceInfo": {
-								"description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
-								"type": "object",
-								"properties": {
-								  "hostName": {
-									"description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
-									"type": "string"
-								  },
-								  "persistentVolume": {
-									"description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
-									"type": "string"
-								  },
-								  "additionalInfo": {
-									"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-									"type": "object"
-								  }
-								}
-							  },
-							  "containerNamespace": {
-								"description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
-								"type": "string"
-							  }
-							}
-						  },
-						  "associatedExtCpId": {
-							"description": "Identifier of the external CP of the VNF associated to this network attachment definition resource.  Shall be present when the network attachment definition resource is used for external connectivity by the VNF\n",
-							"type": "array",
-							"items": {
-							  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-							  "type": "string"
-							}
-						  },
-						  "associatedVnfcCpId": {
-							"description": "Identifier of the VNFC CP of the VNF associated to this network attachment definition resource.  May be present when the network attachment definition resource is used for internal connectivity by the VNF.\n",
-							"type": "array",
-							"items": {
-							  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-							  "type": "string"
-							}
-						  }
-						}
-					  },
-					  "extManagedMultisiteVirtualLinkId": {
-						"description": "An identifier with the intention of being globally unique.\n",
-						"type": "string"
-					  }
-					}
-				  }
-				},
-				"monitoringParameters": {
-				  "description": "Performance metrics tracked by the VNFM (e.g. for  auto-scaling purposes) as identified by the VNF  provider in the VNFD.\n",
-				  "type": "array",
-				  "items": {
-					"description": "This type represents a monitoring parameter that is tracked by the VNFM, for example,  for auto-scaling purposes. It shall comply with the provisions defined in Table 6.5.3.69-1.\n",
-					"type": "object",
-					"required": [
-					  "id",
-					  "performanceMetric"
-					],
-					"properties": {
-					  "id": {
-						"description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-						"type": "string"
-					  },
-					  "vnfdId": {
-						"description": "An identifier with the intention of being globally unique.\n",
-						"type": "string"
-					  },
-					  "name": {
-						"description": "Human readable name of the monitoring parameter, as defined in the VNFD.\n",
-						"type": "string"
-					  },
-					  "performanceMetric": {
-						"description": "Performance metric that is monitored. This attribute shall contain the related  \"Measurement Name\" value as defined in clause 7.2 of ETSI GS NFV-IFA 027.\n",
-						"type": "string"
-					  }
-					}
-				  }
-				},
-				"localizationLanguage": {
-				  "description": "Information about localization language of the VNF (includes e.g. strings in the VNFD). The localization languages supported by a VNF can be declared in the VNFD, and localization language selection can take place at instantiation time. The value shall comply with the format defined in IETF RFC 5646.\n",
-				  "type": "string"
-				},
-				"vnfcResourceInfo": {
-				  "description": "Information about the virtualised compute and storage resources used by the VNFCs of the VNF instance.\n",
-				  "type": "array",
-				  "items": {
-					"description": "This type represents the information on virtualised compute and storage resources used by a VNFC in a VNF instance. This feature addresses the following capabilities: • NFV Architecture support for VNFs which follow “cloud-native” design principles. • Enhance NFV-MANO capabilities to support container technologies. • Enhance NFV-MANO capabilities for container management and orchestration. • Enhance information model for containerized VNFs both using bare metal or nested virtualization technologies.\nNOTE 1: ETSI GS NFV-SOL 001 specifies the structure and format of the VNFD based on TOSCA specifications. NOTE 2: A VNFC CP is \"connected to\" an external CP if the VNFC CP is connected to an internal VL that exposes an external CP. A VNFC CP is \"exposed as\" an external CP if it is connected directly to an external VL. NOTE 3: The information can be omitted because it is already available as part of the external CP information.  NOTE 4:  Cardinality greater than 1 is only applicable for specific cases where more than one network  attachment definition resource is needed to fulfil the connectivity requirements of the internal CP,  e.g. to build a link redundant mated pair in SR-IOV cases. NOTE 5:  When more than one \"netAttDefResourceId\" is indicated, all shall belong to the same namespace.\n",
-					"type": "object",
-					"required": [
-					  "id",
-					  "vduId",
-					  "computeResource"
-					],
-					"properties": {
-					  "id": {
-						"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						"type": "string"
-					  },
-					  "vnfdId": {
-						"description": "An identifier with the intention of being globally unique.\n",
-						"type": "string"
-					  },
-					  "vduId": {
-						"description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-						"type": "string"
-					  },
-					  "computeResource": {
-						"description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
-						"type": "object",
-						"required": [
-						  "resourceId"
-						],
-						"properties": {
-						  "vimId": {
-							"description": "An identifier with the intention of being globally unique.\n",
-							"type": "string"
-						  },
-						  "resourceProviderId": {
-							"description": "An identifier with the intention of being globally unique.\n",
-							"type": "string"
-						  },
-						  "resourceId": {
-							"description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-							"type": "string"
-						  },
-						  "vimLevelResourceType": {
-							"description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
-							"type": "string"
-						  },
-						  "vimLevelAdditionalResourceInfo": {
-							"description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
-							"type": "object",
-							"properties": {
-							  "hostName": {
-								"description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
-								"type": "string"
-							  },
-							  "persistentVolume": {
-								"description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
-								"type": "string"
-							  },
-							  "additionalInfo": {
-								"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-								"type": "object"
-							  }
-							}
-						  },
-						  "containerNamespace": {
-							"description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
-							"type": "string"
-						  }
-						}
-					  },
-					  "storageResourceIds": {
-						"description": "References to the VirtualStorage resources or references to Storage MCIOs.  The value refers to a VirtualStorageResourceInfo item in the VnfInstance.\n",
-						"type": "array",
-						"items": {
-						  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						  "type": "string"
-						}
-					  },
-					  "reservationId": {
-						"description": "An identifier with the intention of being globally unique.\n",
-						"type": "string"
-					  },
-					  "vnfcCpInfo": {
-						"description": "CPs of the VNFC instance. Shall be present when that particular CP of the VNFC instance is exposed as an external CP of the VNF instance or is connected to an external CP of the VNF instance.See note 2. May be present otherwise.\n",
-						"type": "array",
-						"items": {
-						  "type": "object",
-						  "required": [
-							"id",
-							"cpdId"
-						  ],
-						  "properties": {
-							"id": {
-							  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-							  "type": "string"
-							},
-							"cpdId": {
-							  "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-							  "type": "string"
-							},
-							"vnfExtCpId": {
-							  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-							  "type": "string"
-							},
-							"cpProtocolInfo": {
-							  "description": "Network protocol information for this CP. May be omitted if the VNFC CP is exposed as an external CP. See note 3.\n",
-							  "type": "array",
-							  "items": {
-								"description": "This type describes the protocol layer(s) that a CP or SAP uses together with protocol-related information, like addresses. It shall comply with the provisions defined in Table 6.5.3.58-1. NOTE: This attribute allows to signal the addition of further types of layer and protocol in future versions of the present document in a backwards-compatible way. In the current version of the present document, only IP over Ethernet is supported.\n",
-								"type": "object",
-								"required": [
-								  "layerProtocol",
-								  "ipOverEthernet"
-								],
-								"properties": {
-								  "layerProtocol": {
-									"description": "The identifier of layer(s) and protocol(s) associated to the network address information. Permitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
-									"type": "string",
-									"enum": [
-									  "IP_OVER_ETHERNET",
-									  "IP_FOR_VIRTUAL_CP"
-									]
-								  },
-								  "ipOverEthernet": {
-									"description": "This type represents information about a network address that has been assigned.\nNOTE 1: At least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2: Exactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3: If the Cp instance represents a subport in a trunk, \"segmentationId\" shall be present. Otherwise it shall not be present. NOTE 4: Depending on the NFVI networking infrastructure, the \"segmentationId\" may indicate the actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header of the packets or it may be an identifier used between the application and the NFVI networking infrastructure to identify the network sub-interface of the trunk port in question. In the latter case the NFVI infrastructure will map this local \"segmentationId\" to whatever \"segmentationId\" is actually used by the NFVI's transport technology.\n",
-									"type": "object",
-									"anyOf": [
-									  {
-										"required": [
-										  "macAddress"
-										]
-									  },
-									  {
-										"required": [
-										  "ipAddresses"
-										]
-									  }
-									],
-									"properties": {
-									  "macAddress": {
-										"description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
-										"type": "string",
-										"format": "MAC"
-									  },
-									  "segmentationId": {
-										"description": "Identification of the network segment to which the Cp instance connects to. See note 3 and note 4.\n",
-										"type": "string"
-									  },
-									  "ipAddresses": {
-										"description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or dynamic IP address assignment per subnet. See note 1.\n",
-										"type": "array",
-										"items": {
-										  "type": "object",
-										  "required": [
-											"type"
-										  ],
-										  "oneOf": [
-											{
-											  "required": [
-												"addresses"
-											  ]
-											},
-											{
-											  "required": [
-												"addressRange"
-											  ]
-											}
-										  ],
-										  "properties": {
-											"type": {
-											  "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
-											  "type": "string",
-											  "enum": [
-												"IPV4",
-												"IPV6"
-											  ]
-											},
-											"addresses": {
-											  "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
-											  "type": "array",
-											  "items": {
-												"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-												"type": "string",
-												"format": "IP"
-											  }
-											},
-											"isDynamic": {
-											  "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
-											  "type": "boolean"
-											},
-											"addressRange": {
-											  "description": "An IP address range used, e.g., in case of egress connections. Exactly one of \"addresses\" or \"addressRange\" shall be present. See note 2.\n",
-											  "type": "object",
-											  "required": [
-												"minAddress",
-												"maxAddress"
-											  ],
-											  "properties": {
-												"minAddress": {
-												  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-												  "type": "string",
-												  "format": "IP"
-												},
-												"maxAddress": {
-												  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-												  "type": "string",
-												  "format": "IP"
-												}
-											  }
-											},
-											"subnetId": {
-											  "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-											  "type": "string"
-											}
-										  }
-										}
-									  },
-									  "type": {
-										"description": "The type of the IP addresses\n",
-										"type": "string",
-										"enum": [
-										  "PV4",
-										  "PV6"
-										]
-									  },
-									  "addresses": {
-										"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-										"type": "string",
-										"format": "IP"
-									  },
-									  "isDynamic": {
-										"description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
-										"type": "boolean"
-									  },
-									  "addressRange": {
-										"description": "An IP address range used, e.g. in case of egress connections. See note.\n",
-										"type": "object",
-										"required": [
-										  "minAddress",
-										  "maxAddress"
-										],
-										"properties": {
-										  "minAddress": {
-											"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-											"type": "string",
-											"format": "IP"
-										  },
-										  "maxAddress": {
-											"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-											"type": "string",
-											"format": "IP"
-										  }
-										}
-									  },
-									  "minAddress": {
-										"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-										"type": "string",
-										"format": "IP"
-									  },
-									  "maxAddress": {
-										"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-										"type": "string",
-										"format": "IP"
-									  },
-									  "subnetId": {
-										"description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-										"type": "string"
-									  }
-									}
-								  },
-								  "virtualCpAddress": {
-									"description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
-									"type": "object",
-									"required": [
-									  "type"
-									],
-									"properties": {
-									  "type": {
-										"description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
-										"type": "string",
-										"enum": [
-										  "IPV4",
-										  "IPV6"
-										]
-									  },
-									  "loadBalancerIp": {
-										"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-										"type": "string",
-										"format": "IP"
-									  },
-									  "addressPoolName": {
-										"description": "Name of an address pool from which an IP address is assigned to the virtual CP.",
-										"type": "string"
-									  }
-									}
-								  }
-								}
-							  }
-							},
-							"parentCpId": {
-							  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-							  "type": "string"
-							},
-							"vnfLinkPortId": {
-							  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-							  "type": "string"
-							},
-							"netAttDefResourceId": {
-							  "description": "Identifier of the \"NetAttDefResourceInfo\" structure that provides the specification of the interface to attach the connection point to a secondary container cluster network. See notes 4 and 5. It shall be present if the internal CP is associated to a VNFC realized by one or a set of OS containers and  is connected to a secondary container cluster network. It shall not be present otherwise.\n",
-							  "type": "array",
-							  "items": {
-								"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-								"type": "string"
-							  }
-							},
-							"metadata": {
-							  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-							  "type": "object"
-							}
-						  }
-						}
-					  },
-					  "metadata": {
-						"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-						"type": "object"
-					  }
-					}
-				  }
-				},
-				"vnfVirtualLinkResourceInfo": {
-				  "description": "Information about the virtualised network resources used by the VLs of the VNF instance. See note 5.\n",
-				  "type": "array",
-				  "items": {
-					"description": "This type represents the information that allows addressing a virtualised resource that is used by an internal VL instance in a VNF instance.\n",
-					"type": "object",
-					"required": [
-					  "id",
-					  "vnfVirtualLinkDescId",
-					  "networkResource"
-					],
-					"properties": {
-					  "id": {
-						"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						"type": "string"
-					  },
-					  "vnfdId": {
-						"description": "An identifier with the intention of being globally unique.\n",
-						"type": "string"
-					  },
-					  "vnfVirtualLinkDescId": {
-						"description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-						"type": "string"
-					  },
-					  "networkResource": {
-						"description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
-						"type": "object",
-						"required": [
-						  "resourceId"
-						],
-						"properties": {
-						  "vimId": {
-							"description": "An identifier with the intention of being globally unique.\n",
-							"type": "string"
-						  },
-						  "resourceProviderId": {
-							"description": "An identifier with the intention of being globally unique.\n",
-							"type": "string"
-						  },
-						  "resourceId": {
-							"description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-							"type": "string"
-						  },
-						  "vimLevelResourceType": {
-							"description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
-							"type": "string"
-						  },
-						  "vimLevelAdditionalResourceInfo": {
-							"description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
-							"type": "object",
-							"properties": {
-							  "hostName": {
-								"description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
-								"type": "string"
-							  },
-							  "persistentVolume": {
-								"description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
-								"type": "string"
-							  },
-							  "additionalInfo": {
-								"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-								"type": "object"
-							  }
-							}
-						  },
-						  "containerNamespace": {
-							"description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
-							"type": "string"
-						  }
-						}
-					  },
-					  "reservationId": {
-						"description": "An identifier with the intention of being globally unique.\n",
-						"type": "string"
-					  },
-					  "vnfLinkPorts": {
-						"description": "Links ports of this VL. Shall be present when the linkPort is used for external connectivity by the VNF (refer to VnfLinkPortInfo). May be present otherwise.\n",
-						"type": "array",
-						"items": {
-						  "type": "object",
-						  "description": "This type represents a link port of an internal VL of a VNF. It shall comply with the provisions defined in table 6.5.3.64-1.\nNOTE 1: Either cpInstanceId with cpInstanceType set to \"EXT_CP\" or any combination of cpInstanceId with cpInstanceType set to \"VNFC_CP\" and vipCpInstanceId (i.e. one or both of them) shall be present for a VnfLinkPortInfo. In case both cpInstanceId with cpInstanceType set to \"VNFC_CP\" and vipCpInstanceId are present, the two different CP instances share the linkport.\n",
-						  "required": [
-							"id",
-							"resourceHandle"
-						  ],
-						  "properties": {
-							"id": {
-							  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-							  "type": "string"
-							},
-							"resourceHandle": {
-							  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
-							  "type": "object",
-							  "required": [
-								"resourceId"
-							  ],
-							  "properties": {
-								"vimId": {
-								  "description": "An identifier with the intention of being globally unique.\n",
-								  "type": "string"
-								},
-								"resourceProviderId": {
-								  "description": "An identifier with the intention of being globally unique.\n",
-								  "type": "string"
-								},
-								"resourceId": {
-								  "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-								  "type": "string"
-								},
-								"vimLevelResourceType": {
-								  "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
-								  "type": "string"
-								},
-								"vimLevelAdditionalResourceInfo": {
-								  "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
-								  "type": "object",
-								  "properties": {
-									"hostName": {
-									  "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
-									  "type": "string"
-									},
-									"persistentVolume": {
-									  "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
-									  "type": "string"
-									},
-									"additionalInfo": {
-									  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-									  "type": "object"
-									}
-								  }
-								},
-								"containerNamespace": {
-								  "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
-								  "type": "string"
-								}
-							  }
-							},
-							"cpInstanceId": {
-							  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-							  "type": "string"
-							},
-							"cpInstanceType": {
-							  "description": "Type of the CP instance that is identified by cpInstanceId. Shall be present if \"cpInstanceId\" is present, and shall be absent otherwise. Permitted values: * VNFC_CP: The link port is connected to a VNFC CP * EXT_CP: The link port is associated to an external CP. See note 1.\n",
-							  "type": "string",
-							  "enum": [
-								"VNFC_CP",
-								"EXT_CP"
-							  ]
-							},
-							"vipCpInstanceId": {
-							  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-							  "type": "string"
-							},
-							"trunkResourceId": {
-							  "description": "An identifier maintained by the VIM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-							  "type": "string"
-							}
-						  }
-						}
-					  },
-					  "metadata": {
-						"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-						"type": "object"
-					  }
-					}
-				  }
-				},
-				"virtualStorageResourceInfo": {
-				  "description": "Information on the virtualised storage resource(s) used as storage for the VNF instance.\n",
-				  "type": "array",
-				  "items": {
-					"description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance.\n",
-					"type": "object",
-					"required": [
-					  "id",
-					  "virtualStorageDescId",
-					  "storageResource"
-					],
-					"properties": {
-					  "id": {
-						"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						"type": "string"
-					  },
-					  "virtualStorageDescId": {
-						"description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-						"type": "string"
-					  },
-					  "vnfdId": {
-						"description": "An identifier with the intention of being globally unique.\n",
-						"type": "string"
-					  },
-					  "storageResource": {
-						"description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
-						"type": "object",
-						"required": [
-						  "resourceId"
-						],
-						"properties": {
-						  "vimId": {
-							"description": "An identifier with the intention of being globally unique.\n",
-							"type": "string"
-						  },
-						  "resourceProviderId": {
-							"description": "An identifier with the intention of being globally unique.\n",
-							"type": "string"
-						  },
-						  "resourceId": {
-							"description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-							"type": "string"
-						  },
-						  "vimLevelResourceType": {
-							"description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
-							"type": "string"
-						  },
-						  "vimLevelAdditionalResourceInfo": {
-							"description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
-							"type": "object",
-							"properties": {
-							  "hostName": {
-								"description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
-								"type": "string"
-							  },
-							  "persistentVolume": {
-								"description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
-								"type": "string"
-							  },
-							  "additionalInfo": {
-								"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-								"type": "object"
-							  }
-							}
-						  },
-						  "containerNamespace": {
-							"description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
-							"type": "string"
-						  }
-						}
-					  },
-					  "reservationId": {
-						"description": "An identifier with the intention of being globally unique.\n",
-						"type": "string"
-					  },
-					  "metadata": {
-						"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-						"type": "object"
-					  }
-					}
-				  }
-				},
-				"mcioInfo": {
-				  "description": "Information on the MCIO(s) representing VNFC instance(s) realized by one or a set  of OS containers and created from the same VDU for the VNF instance.\n",
-				  "type": "array",
-				  "items": {
-					"description": "This type provides information about an MCIO representing the set of VNFC instances realized by one or a set of OS containers which have been created based on the same VDU.\nNOTE 1 The type of MCIO as specified in the declarative descriptor of the MCIO, and that can be read from the CISM. EXAMPLE: In case of MCIOs managed by Kubernetes, the type of MCIO corresponds to the “kind” property of the declarative descriptor. NOTE 2  If the attribute additionalInfo is present, it may contain runtime information on the actual and desired state of the MCIO(s). NOTE 3  When the container infrastructure service is a Kubernetes® instance, the mcioId is the combined values from the kind  and name fields of the Kubernetes® resource object, separated by a slash. Example: \"Deployment/abcd\". NOTE 4 When the container infrastructure service is a Kubernetes® instance, the mcioName is the name field of the resource object.",
-					"type": "object",
-					"required": [
-					  "mcioId",
-					  "mcioName",
-					  "mcioNamespace",
-					  "vduId",
-					  "cismId",
-					  "mcioType",
-					  "desiredInstances",
-					  "availableInstances"
-					],
-					"properties": {
-					  "mcioId": {
-						"description": "An identifier with the intention of being globally unique.\n",
-						"type": "string"
-					  },
-					  "mcioName": {
-						"description": "Human readable name of this MCIO. See note 4. \n",
-						"type": "string"
-					  },
-					  "mcioNamespace": {
-						"description": "Namespace of this MCIO.\n",
-						"type": "string"
-					  },
-					  "vduId": {
-						"description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-						"type": "string"
-					  },
-					  "cismId": {
-						"description": "An identifier with the intention of being globally unique.\n",
-						"type": "string"
-					  },
-					  "mcioType": {
-						"description": "The type of MCIO. Specific values, their semantics and associated MCIO types are defined in clause 6.5.4.13. Additional values are also permitted. See note 1.\n",
-						"type": "string"
-					  },
-					  "desiredInstances": {
-						"description": "Number of desired MCIO instances.\n",
-						"type": "integer"
-					  },
-					  "availableInstances": {
-						"description": "Number of available MCIO instances\n",
-						"type": "integer"
-					  },
-					  "additionalInfo": {
-						"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-						"type": "object"
-					  }
-					}
-				  }
-				}
-			  }
-			},
-			"metadata": {
-			  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-			  "type": "object"
-			},
-			"extensions": {
-			  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-			  "type": "object"
-			}
-		  }
-		}
-	  },
-	  "pnfInfo": {
-		"description": "Information on the PNF(s) that are part of the NS instance.\n",
-		"type": "array",
-		"items": {
-		  "description": "This type represents the information about a PNF that is part of an NS instance.  It shall comply with the provisions defined in Table 6.5.3.13-1.\n",
-		  "type": "object",
-		  "required": [
-			"pnfId",
-			"pnfdId",
-			"pnfdInfoId",
-			"pnfProfileId"
-		  ],
-		  "properties": {
-			"pnfId": {
-			  "description": "An identifier with the intention of being globally unique.\n",
-			  "type": "string"
-			},
-			"pnfName": {
-			  "description": "Name of the PNF.\n",
-			  "type": "string"
-			},
-			"pnfdId": {
-			  "description": "An identifier with the intention of being globally unique.\n",
-			  "type": "string"
-			},
-			"versionDependency": {
-			  "description": "Describes version dependencies currently valid for the PNF.  Identifies versions of descriptors of other constituents in the NSD upon which the PNF depends. The dependencies may be described for the PNFD referenced in this PnfInfo with pnfdId and for PNFDs with the same \"pnfdExtInvariantId\". There shall not be more than one versionDependency present with the same dependentConstituentId.\n",
-			  "type": "array",
-			  "items": {
-				"description": "This type represents the information related to all dependencies that an NSD constituent has on the versions of other NSD constituents.  It shall comply with the provisions defined in table 6.5.3.112-1.\n",
-				"type": "object",
-				"required": [
-				  "dependentConstituentId"
-				],
-				"properties": {
-				  "dependentConstituentId": {
-					"description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-					"type": "string"
-				  },
-				  "versionDependencyStatement": {
-					"description": "Identifies one or multiple versions of an NSD constituents upon which the dependent constituent identified by  dependentConstituentId has a dependency. Cardinality 0 is used to remove an existing version dependency in a profile.\n",
-					"type": "array",
-					"items": {
-					  "description": "This type represents the information related to one or more VNF, NS or PNF descriptor identifiers which describe one  single dependency. When more than one descriptor is indicated, they correspond to different versions of the same VNF,  NS or PNF and they represent alternatives to fulfil the dependency. It shall comply with the provisions defined in  table 6.5.3.113-1.\n",
-					  "type": "object",
-					  "required": [
-						"descriptorId"
-					  ],
-					  "properties": {
-						"descriptorId": {
-						  "description": "Identifies a VNFD, NSD or PNFD upon which the entity using this data type depends. When more than one descriptor is indicated, they shall correspond to versions of the same VNF, NS or PNF and they represent alternatives, i.e. the presence of one of them fulfills the dependency.",
-						  "type": "array",
-						  "items": {
-							"description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-							"type": "string"
-						  }
-						}
-					  }
-					}
-				  }
-				}
-			  }
-			},
-			"pnfdInfoId": {
-			  "description": "An identifier with the intention of being globally unique.\n",
-			  "type": "string"
-			},
-			"pnfProfileId": {
-			  "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-			  "type": "string"
-			},
-			"cpInfo": {
-			  "description": "This type represents the information about the external CP of the PNF.  It shall comply with the provisions defined in Table 6.5.3.17-1.\n",
-			  "type": "object",
-			  "required": [
-				"cpInstanceId",
-				"cpdId"
-			  ],
-			  "properties": {
-				"cpInstanceId": {
-				  "description": "An Identifier that is unique within respect to a PNF. Representation: string of variable length.\n",
-				  "type": "string"
-				},
-				"cpdId": {
-				  "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-				  "type": "string"
-				},
-				"cpProtocolData": {
-				  "description": "Parameters for configuring the network protocols on the CP.\n",
-				  "type": "array",
-				  "items": {
-					"description": "This type represents network protocol data.\nNOTE:\tThis attribute allows to signal the addition of further types  of layer and protocol in future versions of the present document in  a backwards-compatible way. In the current version of the present  document, only IP over Ethernet is supported.\n",
-					"type": "object",
-					"required": [
-					  "layerProtocol"
-					],
-					"properties": {
-					  "layerProtocol": {
-						"description": "Identifier of layer(s) and protocol(s). Permitted values:  - IP_OVER_ETHERNET - IP_FOR_VIRTUAL_CP See note.\n",
-						"type": "string",
-						"enum": [
-						  "IP_OVER_ETHERNET",
-						  "IP_FOR_VIRTUAL_CP"
-						]
-					  },
-					  "ipOverEthernet": {
-						"description": "This type represents network address data for IP over Ethernet. NOTE 1: At least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2: Exactly one of \"fixedAddresses\", \"numDynamicAddresses\" or \"ipAddressRange\" shall be present. NOTE 3: If the CP instance represents a subport in a trunk, \"segmentationId\" shall be present. Otherwise it shall not be present. NOTE 4: Depending on the NFVI networking infrastructure, the \"segmentationId\" may indicate the actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header of the packets or it may be an identifier used between the application and the NFVI networking infrastructure to identify the network sub-interface of the trunk port in question. In the latter case the NFVI infrastructure will map this local \"segmentationId\" to whatever \"segmentationId\" is actually used by the NFVI's transport technology.\n",
-						"type": "object",
-						"anyOf": [
-						  {
-							"required": [
-							  "ipAddresses"
-							]
-						  },
-						  {
-							"required": [
-							  "macAddress"
-							]
-						  }
-						],
-						"properties": {
-						  "macAddress": {
-							"description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
-							"type": "string",
-							"format": "MAC"
-						  },
-						  "segmentationType": {
-							"description": "Specifies the encapsulation type for the traffics coming in and out of the trunk subport. Permitted values are: - VLAN: The subport uses VLAN as encapsulation type. - INHERIT: The subport gets its segmentation type from the network it is connected to. This attribute may be present for CP instances that represent subports in a trunk and shall be absent otherwise. If this attribute is not present for a subport CP instance, default value VLAN shall be used.\n",
-							"type": "string",
-							"enum": [
-							  "VLAN",
-							  "INHERIT"
-							]
-						  },
-						  "segmentationId": {
-							"description": "Identification of the network segment to which the CP instance connects to. See note 3 and note 4.\n",
-							"type": "string"
-						  },
-						  "ipAddresses": {
-							"description": "List of IP addresses to assign to the CP instance. Each entry represents IP address data for fixed or dynamic IP address assignment per subnet. If this attribute is not present, no IP address shall be assigned. See note 1.\n",
-							"type": "array",
-							"items": {
-							  "type": "object",
-							  "required": [
-								"type"
-							  ],
-							  "oneOf": [
-								{
-								  "required": [
-									"fixedAddresses"
-								  ]
-								},
-								{
-								  "required": [
-									"numDynamicAddresses"
-								  ]
-								},
-								{
-								  "required": [
-									"addressRange"
-								  ]
-								}
-							  ],
-							  "properties": {
-								"type": {
-								  "description": "The type of the IP addresses. Permitted values:\n  - IPV4\n  - IPV6\n",
-								  "type": "string",
-								  "enum": [
-									"IPV4",
-									"IPV6"
-								  ]
-								},
-								"fixedAddresses": {
-								  "description": "Fixed addresses to assign (from the subnet defined by \"subnetId\" if provided). Exactly one of \"fixedAddresses\", \"numDynamicAddresses\" or \"ipAddressRange\" shall be present.\n",
-								  "type": "array",
-								  "items": {
-									"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									"type": "string",
-									"format": "IP"
-								  }
-								},
-								"numDynamicAddresses": {
-								  "description": "Number of dynamic addresses to assign (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
-								  "type": "integer"
-								},
-								"addressRange": {
-								  "description": "An IP address range to be used, e.g. in case of egress connections. In case this attribute is present, IP addresses from the range will be used.\n",
-								  "type": "object",
-								  "required": [
-									"minAddress",
-									"maxAddress"
-								  ],
-								  "properties": {
-									"minAddress": {
-									  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									  "type": "string",
-									  "format": "IP"
-									},
-									"maxAddress": {
-									  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									  "type": "string",
-									  "format": "IP"
-									}
-								  }
-								},
-								"subnetId": {
-								  "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-								  "type": "string"
-								}
-							  }
-							}
-						  }
-						}
-					  },
-					  "virtualCpAddress": {
-						"description": "This type represents network address data for a virtual CP.  It shall comply with the provisions defined in table 6.5.3.12a-1.\nNOTE 1: If the container cluster is set up to be able to configure an external load balancer this address will be\n        used, otherwise it will be ignored by the CISM.\nNOTE 2: In case the cluster can configure an external load balancer but no loadBalancerIp is provided the\n        container cluster will assign an IP address.\nNOTE 3: The attribute is only relevant if the virtual CP is instantiated in a cluster that supports configuration of IP\n        address pools for virtual CPs. Otherwise it shall be ignored. MetalLB is an example of a solution for\n        Kubernetes® that supports configuration of address pools for load balancer services.\nNOTE 4: The loadBalancerIp and the addressPoolName attributes shall not be present at the same time.\n",
-						"type": "object",
-						"required": [
-						  "type"
-						],
-						"properties": {
-						  "type": {
-							"description": "Identifier of layer(s) and protocol(s). Permitted values: IP_OVER_ETHERNET.\n",
-							"type": "string",
-							"enum": [
-							  "IPV4",
-							  "IPV6"
-							]
-						  },
-						  "loadBalancerIp": {
-							"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-							"type": "string",
-							"format": "IP"
-						  },
-						  "addressPoolName": {
-							"description": "Name of an address pool from which the container cluster will assign an IP address to the virtual CP. See notes 3 and 4.\n",
-							"type": "array",
-							"items": {
-							  "type": "string"
-							}
-						  }
-						}
-					  }
-					}
-				  }
-				}
-			  }
-			}
-		  }
-		}
-	  },
-	  "virtualLinkInfo": {
-		"description": "Information on the VL(s) of the NS instance. This attribute shall be present if the nsState attribute value is INSTANTIATED and if the NS instance has specified connectivity.\n",
-		"type": "array",
-		"items": {
-		  "description": "This type specifies the information about an NS VL instance.  It shall comply with the provisions defined in Table 6.5.3.53-1.\nNOTE: As an NS can include NFs deployed in NFVI PoPs under the control of several different VIMs, therefore deploying an NS VL can involve several VIMs, each allocating different virtualised network resources, as well as WIMs handling the connectivity in between the NFVI-PoPs in the form of multi-site connectivity services. When this NsVirtualLink is provided as an ExtVirtualLink as input of a VNF LCM operation, the id of the ExtVirtualLink shall be the same as the corresponding NsVirtualLink.\n",
-		  "type": "object",
-		  "required": [
-			"id",
-			"nsVirtualLinkDescId",
-			"nsVirtualLinkProfileId"
-		  ],
-		  "properties": {
-			"id": {
-			  "description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
-			  "type": "string"
-			},
-			"nsVirtualLinkDescId": {
-			  "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-			  "type": "string"
-			},
-			"nsVirtualLinkProfileId": {
-			  "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-			  "type": "string"
-			},
-			"resourceHandle": {
-			  "description": "Identifier(s) of the virtualised network resource(s) and/or multi-site connectivity service(s) realizing the VL instance. See note.\n",
-			  "type": "array",
-			  "items": {
-				"description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
-				"type": "object",
-				"required": [
-				  "resourceId"
-				],
-				"properties": {
-				  "vimId": {
-					"description": "An identifier with the intention of being globally unique.\n",
-					"type": "string"
-				  },
-				  "resourceProviderId": {
-					"description": "An identifier with the intention of being globally unique.\n",
-					"type": "string"
-				  },
-				  "resourceId": {
-					"description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-					"type": "string"
-				  },
-				  "vimLevelResourceType": {
-					"description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
-					"type": "string"
-				  },
-				  "vimLevelAdditionalResourceInfo": {
-					"description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
-					"type": "object",
-					"properties": {
-					  "hostName": {
-						"description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
-						"type": "string"
-					  },
-					  "persistentVolume": {
-						"description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
-						"type": "string"
-					  },
-					  "additionalInfo": {
-						"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-						"type": "object"
-					  }
-					}
-				  },
-				  "containerNamespace": {
-					"description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
-					"type": "string"
-				  }
-				}
-			  }
-			},
-			"linkPort": {
-			  "description": "Link ports of the VL instance. Cardinality of zero indicates that no port has yet been created for the VL instance.\n",
-			  "type": "array",
-			  "items": {
-				"description": "This type represents information about a link port of a VL instance. It shall comply with the provisions defined in Table 6.5.3.55-1. NOTE: When the NsVirtualLink, from which the present NsLinkPort is part of, is provided as an ExtVirtualLink as input of a VNF LCM operation, the id of the ExtLinkPort shall be the same as the corresponding NsLinkPort.\n",
-				"type": "object",
-				"required": [
-				  "id",
-				  "resourceHandle"
-				],
-				"properties": {
-				  "id": {
-					"description": "An identifier with the intention of being globally unique.\n",
-					"type": "string"
-				  },
-				  "resourceHandle": {
-					"description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
-					"type": "object",
-					"required": [
-					  "resourceId"
-					],
-					"properties": {
-					  "vimId": {
-						"description": "An identifier with the intention of being globally unique.\n",
-						"type": "string"
-					  },
-					  "resourceProviderId": {
-						"description": "An identifier with the intention of being globally unique.\n",
-						"type": "string"
-					  },
-					  "resourceId": {
-						"description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-						"type": "string"
-					  },
-					  "vimLevelResourceType": {
-						"description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
-						"type": "string"
-					  },
-					  "vimLevelAdditionalResourceInfo": {
-						"description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
-						"type": "object",
-						"properties": {
-						  "hostName": {
-							"description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
-							"type": "string"
-						  },
-						  "persistentVolume": {
-							"description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
-							"type": "string"
-						  },
-						  "additionalInfo": {
-							"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-							"type": "object"
-						  }
-						}
-					  },
-					  "containerNamespace": {
-						"description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
-						"type": "string"
-					  }
-					}
-				  },
-				  "nsCpHandle": {
-					"description": "This type represents an identifier of the CP or SAP instance.  It shall comply with the provisions defined in Table 6.5.3.56-1. NOTE 1: For the VNF external CP instance, both vnfInstanceId and vnfExtCpInstanceId shall be present as a pair. NOTE 2: For the PNF external CP instance, both pnfInfoId and PnfExtCpInstanceId shall be present as a pair. NOTE 3: For the SAP instance, both nsInstanceId and nsSapInstanceId shall be present as a pair. NOTE 4: One pair of identifiers (VNF external CP, PNF external CP or SAP) shall be present.\n",
-					"type": "object",
-					"oneOf": [
-					  {
-						"required": [
-						  "vnfInstanceId",
-						  "vnfExtCpInstanceId"
-						]
-					  },
-					  {
-						"required": [
-						  "pnfInfoId",
-						  "pnfExtCpInstanceId"
-						]
-					  },
-					  {
-						"required": [
-						  "nsInstanceId",
-						  "nsSapInstanceId"
-						]
-					  }
-					],
-					"properties": {
-					  "vnfInstanceId": {
-						"description": "An identifier with the intention of being globally unique.\n",
-						"type": "string"
-					  },
-					  "vnfExtCpInstanceId": {
-						"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						"type": "string"
-					  },
-					  "pnfInfoId": {
-						"description": "An identifier with the intention of being globally unique.\n",
-						"type": "string"
-					  },
-					  "pnfExtCpInstanceId": {
-						"description": "An Identifier that is unique within respect to a PNF. Representation: string of variable length.\n",
-						"type": "string"
-					  },
-					  "nsInstanceId": {
-						"description": "An identifier with the intention of being globally unique.\n",
-						"type": "string"
-					  },
-					  "nsSapInstanceId": {
-						"description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
-						"type": "string"
-					  }
-					}
-				  }
-				}
-			  }
-			}
-		  }
-		}
-	  },
-	  "vnffgInfo": {
-		"description": "Information on the VNFFG(s) of the NS instance.\n",
-		"type": "array",
-		"items": {
-		  "description": "Information on the VNFFG(s) of the NS instance. NOTE: It indicates an exhaustive list of all the CP instances and SAP instances of the VNFFG.\n",
-		  "type": "object",
-		  "required": [
-			"id",
-			"vnffgdId",
-			"vnfInstanceId",
-			"pnfInfoId"
-		  ],
-		  "properties": {
-			"id": {
-			  "description": "An identifier with the intention of being globally unique.\n",
-			  "type": "string"
-			},
-			"vnffgdId": {
-			  "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-			  "type": "string"
-			},
-			"vnfInstanceId": {
-			  "description": "Identifier(s) of the constituent VNF instance(s) of this VNFFG instance.\n",
-			  "type": "array",
-			  "items": {
-				"description": "An identifier with the intention of being globally unique.\n",
-				"type": "string"
-			  }
-			},
-			"pnfdInfoId": {
-			  "description": "Identifier(s) of the constituent PNF instance(s) of this VNFFG instance.\n",
-			  "type": "array",
-			  "items": {
-				"description": "An identifier with the intention of being globally unique.\n",
-				"type": "string"
-			  }
-			},
-			"nsVirtualLinkInfoId": {
-			  "description": "Identifier(s) of the constituent VL instance(s) of this VNFFG instance.\n",
-			  "type": "array",
-			  "items": {
-				"description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
-				"type": "string"
-			  }
-			},
-			"nsCpHandle": {
-			  "description": "This type represents an identifier of the CP or SAP instance.  It shall comply with the provisions defined in Table 6.5.3.56-1. NOTE 1: For the VNF external CP instance, both vnfInstanceId and vnfExtCpInstanceId shall be present as a pair. NOTE 2: For the PNF external CP instance, both pnfInfoId and PnfExtCpInstanceId shall be present as a pair. NOTE 3: For the SAP instance, both nsInstanceId and nsSapInstanceId shall be present as a pair. NOTE 4: One pair of identifiers (VNF external CP, PNF external CP or SAP) shall be present.\n",
-			  "type": "object",
-			  "oneOf": [
-				{
-				  "required": [
-					"vnfInstanceId",
-					"vnfExtCpInstanceId"
-				  ]
-				},
-				{
-				  "required": [
-					"pnfInfoId",
-					"pnfExtCpInstanceId"
-				  ]
-				},
-				{
-				  "required": [
-					"nsInstanceId",
-					"nsSapInstanceId"
-				  ]
-				}
-			  ],
-			  "properties": {
-				"vnfInstanceId": {
-				  "description": "An identifier with the intention of being globally unique.\n",
-				  "type": "string"
-				},
-				"vnfExtCpInstanceId": {
-				  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-				  "type": "string"
-				},
-				"pnfInfoId": {
-				  "description": "An identifier with the intention of being globally unique.\n",
-				  "type": "string"
-				},
-				"pnfExtCpInstanceId": {
-				  "description": "An Identifier that is unique within respect to a PNF. Representation: string of variable length.\n",
-				  "type": "string"
-				},
-				"nsInstanceId": {
-				  "description": "An identifier with the intention of being globally unique.\n",
-				  "type": "string"
-				},
-				"nsSapInstanceId": {
-				  "description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
-				  "type": "string"
-				}
-			  }
-			}
-		  }
-		}
-	  },
-	  "sapInfo": {
-		"description": "Information on the SAP(s) of the NS instance.\n",
-		"type": "array",
-		"items": {
-		  "description": "This type represents an SAP instance. It shall comply with the provisions defined in Table 6.5.3.67-1.\n",
-		  "type": "object",
-		  "required": [
-			"id",
-			"sapdId",
-			"sapName",
-			"sapProtocolInfo"
-		  ],
-		  "properties": {
-			"id": {
-			  "description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
-			  "type": "string"
-			},
-			"sapdId": {
-			  "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-			  "type": "string"
-			},
-			"sapName": {
-			  "description": "Human readable name for the SAP instance.\n",
-			  "type": "string"
-			},
-			"description": {
-			  "description": "Human readable description for the SAP instance.\n",
-			  "type": "string"
-			},
-			"sapProtocolInfo": {
-			  "description": "Network protocol information for this SAP.\n",
-			  "type": "array",
-			  "items": {
-				"description": "This type describes the protocol layer(s) that a CP or SAP uses together with protocol-related information, like addresses. It shall comply with the provisions defined in Table 6.5.3.58-1. NOTE: This attribute allows to signal the addition of further types of layer and protocol in future versions of the present document in a backwards-compatible way. In the current version of the present document, only IP over Ethernet is supported.\n",
-				"type": "object",
-				"required": [
-				  "layerProtocol",
-				  "ipOverEthernet"
-				],
-				"properties": {
-				  "layerProtocol": {
-					"description": "The identifier of layer(s) and protocol(s) associated to the network address information. Permitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
-					"type": "string",
-					"enum": [
-					  "IP_OVER_ETHERNET",
-					  "IP_FOR_VIRTUAL_CP"
-					]
-				  },
-				  "ipOverEthernet": {
-					"description": "This type represents information about a network address that has been assigned.\nNOTE 1: At least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2: Exactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3: If the Cp instance represents a subport in a trunk, \"segmentationId\" shall be present. Otherwise it shall not be present. NOTE 4: Depending on the NFVI networking infrastructure, the \"segmentationId\" may indicate the actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header of the packets or it may be an identifier used between the application and the NFVI networking infrastructure to identify the network sub-interface of the trunk port in question. In the latter case the NFVI infrastructure will map this local \"segmentationId\" to whatever \"segmentationId\" is actually used by the NFVI's transport technology.\n",
-					"type": "object",
-					"anyOf": [
-					  {
-						"required": [
-						  "macAddress"
-						]
-					  },
-					  {
-						"required": [
-						  "ipAddresses"
-						]
-					  }
-					],
-					"properties": {
-					  "macAddress": {
-						"description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
-						"type": "string",
-						"format": "MAC"
-					  },
-					  "segmentationId": {
-						"description": "Identification of the network segment to which the Cp instance connects to. See note 3 and note 4.\n",
-						"type": "string"
-					  },
-					  "ipAddresses": {
-						"description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or dynamic IP address assignment per subnet. See note 1.\n",
-						"type": "array",
-						"items": {
-						  "type": "object",
-						  "required": [
-							"type"
-						  ],
-						  "oneOf": [
-							{
-							  "required": [
-								"addresses"
-							  ]
-							},
-							{
-							  "required": [
-								"addressRange"
-							  ]
-							}
-						  ],
-						  "properties": {
-							"type": {
-							  "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
-							  "type": "string",
-							  "enum": [
-								"IPV4",
-								"IPV6"
-							  ]
-							},
-							"addresses": {
-							  "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
-							  "type": "array",
-							  "items": {
-								"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-								"type": "string",
-								"format": "IP"
-							  }
-							},
-							"isDynamic": {
-							  "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
-							  "type": "boolean"
-							},
-							"addressRange": {
-							  "description": "An IP address range used, e.g., in case of egress connections. Exactly one of \"addresses\" or \"addressRange\" shall be present. See note 2.\n",
-							  "type": "object",
-							  "required": [
-								"minAddress",
-								"maxAddress"
-							  ],
-							  "properties": {
-								"minAddress": {
-								  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-								  "type": "string",
-								  "format": "IP"
-								},
-								"maxAddress": {
-								  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-								  "type": "string",
-								  "format": "IP"
-								}
-							  }
-							},
-							"subnetId": {
-							  "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-							  "type": "string"
-							}
-						  }
-						}
-					  },
-					  "type": {
-						"description": "The type of the IP addresses\n",
-						"type": "string",
-						"enum": [
-						  "PV4",
-						  "PV6"
-						]
-					  },
-					  "addresses": {
-						"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-						"type": "string",
-						"format": "IP"
-					  },
-					  "isDynamic": {
-						"description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
-						"type": "boolean"
-					  },
-					  "addressRange": {
-						"description": "An IP address range used, e.g. in case of egress connections. See note.\n",
-						"type": "object",
-						"required": [
-						  "minAddress",
-						  "maxAddress"
-						],
-						"properties": {
-						  "minAddress": {
-							"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-							"type": "string",
-							"format": "IP"
-						  },
-						  "maxAddress": {
-							"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-							"type": "string",
-							"format": "IP"
-						  }
-						}
-					  },
-					  "minAddress": {
-						"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-						"type": "string",
-						"format": "IP"
-					  },
-					  "maxAddress": {
-						"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-						"type": "string",
-						"format": "IP"
-					  },
-					  "subnetId": {
-						"description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-						"type": "string"
-					  }
-					}
-				  },
-				  "virtualCpAddress": {
-					"description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
-					"type": "object",
-					"required": [
-					  "type"
-					],
-					"properties": {
-					  "type": {
-						"description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
-						"type": "string",
-						"enum": [
-						  "IPV4",
-						  "IPV6"
-						]
-					  },
-					  "loadBalancerIp": {
-						"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-						"type": "string",
-						"format": "IP"
-					  },
-					  "addressPoolName": {
-						"description": "Name of an address pool from which an IP address is assigned to the virtual CP.",
-						"type": "string"
-					  }
-					}
-				  }
-				}
-			  }
-			}
-		  }
-		}
-	  },
-	  "nestedNsInstanceId": {
-		"description": "Identifier of the nested NS(s) of the NS instance.\n",
-		"type": "array",
-		"items": {
-		  "description": "An identifier with the intention of being globally unique.\n",
-		  "type": "string"
-		}
-	  },
-	  "vnfSnapshotInfoIds": {
-		"description": "Identifier of information on VNF snapshots of VNF instances that are part of this NS instance.\n",
-		"type": "array",
-		"items": {
-		  "description": "An identifier with the intention of being globally unique.\n",
-		  "type": "string"
-		}
-	  },
-	  "nsState": {
-		"description": "The state of the NS instance. Permitted values: NOT_INSTANTIATED: The NS instance is terminated or not instantiated. INSTANTIATED: The NS instance is instantiated.\n",
-		"type": "string",
-		"enum": [
-		  "NOT_INSTANTIATED",
-		  "INSTANTIATED"
-		]
-	  },
-	  "monitoringParameter": {
-		"description": "Performance metrics tracked by the NFVO (e.g. for auto-scaling purposes) as identified by the NS designer in the NSD.\n",
-		"type": "array",
-		"items": {
-		  "description": "This type represents a monitoring parameter that is tracked by the NFVO, for example,  for auto-scaling purposes. It shall comply with the provisions defined in Table 6.5.3.68-1.\n",
-		  "type": "object",
-		  "required": [
-			"id",
-			"performanceMetric"
-		  ],
-		  "properties": {
-			"id": {
-			  "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-			  "type": "string"
-			},
-			"name": {
-			  "description": "Human readable name of the monitoring parameter, as defined in the NSD.\n",
-			  "type": "string"
-			},
-			"performanceMetric": {
-			  "description": "Performance metric that is monitored. This attribute shall contain the related  \"Measurement Name\" value as defined in clause 7.2 of ETSI GS NFV-IFA 027.\n",
-			  "type": "string"
-			}
-		  }
-		}
-	  },
-	  "nsScaleStatus": {
-		"description": "Status of each NS scaling aspect declared in the applicable DF, how \"big\" the NS instance has been scaled w.r.t. that aspect. This attribute shall be present if the nsState attribute value is INSTANTIATED.\n",
-		"type": "array",
-		"items": {
-		  "description": "This type represents the target NS Scale level for each NS scaling aspect of the current deployment flavor.\n",
-		  "type": "object",
-		  "required": [
-			"nsScalingAspectId",
-			"nsScaleLevelId"
-		  ],
-		  "properties": {
-			"nsScalingAspectId": {
-			  "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-			  "type": "string"
-			},
-			"nsScaleLevelId": {
-			  "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-			  "type": "string"
-			}
-		  }
-		}
-	  },
-	  "additionalAffinityOrAntiAffinityRule": {
-		"description": "Information on the additional affinity or anti-affinity rule from NS instantiation operation. Shall not conflict with rules already specified in the NSD.\n",
-		"type": "array",
-		"items": {
-		  "description": "This type describes the additional affinity or anti-affinity rule applicable between the VNF instances to be instantiated in the NS instantiation operation request or between the VNF instances to be instantiated in the NS instantiation operation request and the existing VNF instances..\n",
-		  "type": "object",
-		  "required": [
-			"affinityOrAntiAffiinty",
-			"scope"
-		  ],
-		  "properties": {
-			"vnfdId": {
-			  "description": "Reference to a VNFD. When the VNFD which is not used to instantiate VNF, it presents all VNF instances of this type as the subjects of the affinity or anti-affinity rule. The VNF instance which the VNFD presents is not necessary as a part of the NS to be instantiated.\n",
-			  "type": "array",
-			  "items": {
-				"description": "An identifier with the intention of being globally unique.\n",
-				"type": "string"
-			  }
-			},
-			"vnfProfileId": {
-			  "description": "Reference to a vnfProfile defined in the NSD. At least one VnfProfile which is used to instantiate VNF for the NS to be instantiated as the subject of the affinity or anti-affinity rule shall be present. When the VnfProfile which is not used to instantiate VNF, it presents all VNF instances of this type as the subjects of the affinity or anti-affinity rule. The VNF instance which the VnfProfile presents is not necessary as a part of the NS to be instantiated.\n",
-			  "type": "array",
-			  "items": {
-				"description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-				"type": "string"
-			  }
-			},
-			"vnfInstanceId": {
-			  "description": "Reference to the existing VNF instance as the subject of the affinity or anti-affinity rule. The existing VNF instance is not necessary as a part of the NS to be instantiated.\n",
-			  "type": "array",
-			  "items": {
-				"description": "An identifier with the intention of being globally unique.\n",
-				"type": "string"
-			  }
-			},
-			"affinityOrAntiAffiinty": {
-			  "description": "The type of the constraint. Permitted values: AFFINITY ANTI_AFFINITY.\n",
-			  "type": "string",
-			  "enum": [
-				"AFFINITY",
-				"ANTI_AFFINITY"
-			  ]
-			},
-			"scope": {
-			  "description": "Specifies the scope of the rule where the placement constraint applies. Permitted values: NFVI_POP ZONE ZONE_GROUP NFVI_NODE.\n",
-			  "type": "string",
-			  "enum": [
-				"NFVI_POP",
-				"ZONE",
-				"ZONE_GROUP",
-				"NFVI_NODE"
-			  ]
-			}
-		  }
-		}
-	  },
-	  "wanConnectionInfo": {
-		"description": "Information about WAN related connectivity enabling multi-site VLs.\n",
-		"type": "array",
-		"items": {
-		  "description": "This type provides information about the connectivity to the WAN of network resources realizing a VL, e.g.,\nwhen the VL is deployed on several sites across a WAN. It shall comply with the provisions defined in table 6.5.3.90-1.\nNOTE: Either a \"nsVirtualLinkInfoId\" or a \"vnfVirtualLinkResourceInfoId\" shall be provided, but not both.\n",
-		  "type": "object",
-		  "required": [
-			"wanConnectionInfoId"
-		  ],
-		  "oneOf": [
-			{
-			  "required": [
-				"nsVirtualLinkInfoId"
-			  ]
-			},
-			{
-			  "required": [
-				"vnfVirtualLinkResourceInfoId"
-			  ]
-			}
-		  ],
-		  "properties": {
-			"wanConnectionInfoId": {
-			  "description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
-			  "type": "string"
-			},
-			"nsVirtualLinkInfoId": {
-			  "description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
-			  "type": "string"
-			},
-			"vnfVirtualLinkResourceInfoId": {
-			  "description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
-			  "type": "string"
-			},
-			"protocolInfo": {
-			  "description": "This type provides protocol specific information about the connectivity to the WAN of network resources realizing\na VL, e.g., when the VL is deployed on several sites and across a WAN, and the related multi-site connectivity\nservice (MSCS) enabling the connectivity through the WAN. This type supports providing information about both\npre-provisioned WAN connectivity realized by external entities to NFV-MANO but parts of such connectivity is known\nto the NFVO, as well as information about MSCS created under NFV-MANO responsibility (i.e., connectivity is realized\nwhen NFVO communicates with the WIM).  It shall comply with the provisions defined in table 6.5.3.91-1.\n",
-			  "type": "object",
-			  "properties": {
-				"mscsInfo": {
-				  "description": "This type provides information about an already provisioned multi-site connectivity service (MSCS) deployed across a WAN. It shall comply with the provisions defined in Table 6.5.3.82-1.\n",
-				  "type": "object",
-				  "required": [
-					"mscsId",
-					"mscsType"
-				  ],
-				  "properties": {
-					"mscsId": {
-					  "description": "An identifier with the intention of being globally unique.\n",
-					  "type": "string"
-					},
-					"mscsName": {
-					  "description": "Human readable name of the MSCS.\n",
-					  "type": "string"
-					},
-					"mscsDescription": {
-					  "description": "Human readable description of the MSCS.\n",
-					  "type": "string"
-					},
-					"mscsType": {
-					  "description": "The type of connectivity that is provided to the virtualized networks in the NFVI-PoP and characterizes the connectivity service across the WAN. Permitted values: - L2 - L3\n",
-					  "type": "string",
-					  "enum": [
-						"L2VPN",
-						"L3VPN"
-					  ]
-					},
-					"mscsLayerProtocol": {
-					  "description": "Type of underlying connectivity service and protocol associated to the MSCS. Permitted values are as listed below and restricted by the type of MSCS: - EVPN_BGP_MPLS: as specified in IETF RFC 7432. Only applicable for mscsType=\"L2\". - EVPN_VPWS: as specified in IETF RFC 8214. Only applicable for mscsType=\"L2\". - VPLS_BGP: as specified in IETF RFC 4761 and IETF RFC 6624. Only applicable for mscsType=\"L2\". - VPLS_LDP_L2TP: as specified in IETF RFC 4762. Only applicable for mscsType=\"L2\". - VPWS_LDP_L2TP: as specified in IETF RFC 6074. Only applicable for mscsType=\"L2\". - BGP_IP_VPN: BGP/MPLS based IP VPN as specified in IETF RFC 4364. Only applicable for mscsType=\"L3\".\n",
-					  "type": "string",
-					  "enum": [
-						"EVPN_BGP_MPLS",
-						"EVPN_VPWS",
-						"VPLS_BGP",
-						"VPLS_LDP",
-						"VPWS",
-						"BGP_IP_VPN"
-					  ]
-					},
-					"siteAccessProtectionSchemes": {
-					  "description": "Information to determine the proper MSCS endpoints configuration to fulfil certain resiliency/protection requirements, e.g., by considering certain availability and redundancy of connectivity service endpoints in between NFVI-PoP and WAN.\n",
-					  "type": "array",
-					  "items": {
-						"type": "object",
-						"properties": {
-						  "locationConstraints": {
-							"description": "This type represents location constraints for a VNF to be instantiated. The location constraints can be represented as follows: • as a country code • as a civic address combined with a country code • as an area, conditionally combined with a country code\nNOTE: If both \"countryCode\" and \"area\" are present, no conflicts should exist between the values of these two attributes. In case of conflicts, the API producer (i.e. the NFVO) shall disregard parts of the geographic area signalled by \"area\" that are outside the boundaries of the country signalled by \"countryCode\". If \"countryCode\" is absent, it is solely the \"area\" attribute that defines the location constraint.\n",
-							"type": "object",
-							"properties": {
-							  "countryCode": {
-								"description": "The two-letter ISO 3166 country code in capital letters. Shall be present in case the \"area\" attribute is absent. May be absent if the \"area\" attribute is present (see note).\n",
-								"type": "string"
-							  },
-							  "civicAddressElement": {
-								"description": "Zero or more elements comprising the civic address. Shall be absent if the \"area\" attribute is present.\n",
-								"type": "array",
-								"items": {
-								  "type": "object",
-								  "required": [
-									"caType",
-									"caValue"
-								  ],
-								  "properties": {
-									"caType": {
-									  "description": "Describe the content type of caValue. The value of caType shall comply with Section 3.4 of IETF RFC 4776 [13].\n",
-									  "type": "integer"
-									},
-									"caValue": {
-									  "description": "Content of civic address element corresponding to the caType. The format caValue shall comply with Section 3.4 of IETF RFC 4776 [13].\n",
-									  "type": "string"
-									}
-								  }
-								}
-							  },
-							  "area": {
-								"description": "Geographic area. Shall be absent if the \"civicAddressElement\" attribute is present. The content of this attribute shall follow the provisions for the \"Polygon\" geometry object as defined in IETF RFC 7946, for which the \"type\" member shall be set to the value \"Polygon\". See note.\n",
-								"type": "object"
-							  }
-							}
-						  },
-						  "protectionScheme": {
-							"description": "Defines the protection scheme. Permitted values: - UNPROTECTED: to indicate no protection. - ONE_TO_ONE: to indicate an active-passive access protection. - ONE_PLUS_ONE: to indicate an active-active access protection. - ONE_TO_N: to indicate an N active to 1 passive access protection.\n",
-							"type": "string",
-							"enum": [
-							  "UNPROTECTED",
-							  "ONE_TO_ONE",
-							  "ONE_PLUS_ONE",
-							  "ONE_TO_N"
-							]
-						  }
-						}
-					  }
-					},
-					"mtuMscs": {
-					  "description": "Maximum Transmission Unit (MTU) that can be forwarded over the MSCS (in bytes). Default value is \"1500\" (bytes).\n",
-					  "type": "number"
-					},
-					"mscsEndpoints": {
-					  "description": "Information about the MSCS endpoints of the MSCS.\n",
-					  "type": "array",
-					  "items": {
-						"description": "This type provides encapsulates information about an MSCS endpoint of the MSCS. It shall comply with the provisions defined in table 6.5.3.83-1.\n",
-						"type": "object",
-						"required": [
-						  "mscsEndpointId",
-						  "directionality",
-						  "connectivityServiceEndpoinId"
-						],
-						"properties": {
-						  "mscsEndpointId": {
-							"description": "An identifier with the intention of being globally unique.\n",
-							"type": "string"
-						  },
-						  "directionality": {
-							"description": "Directionality of the data traffic in the context of the terminating MSCS endpoint from WAN’s perspective. Permitted values: - INBOUND: to indicate into the WAN. - OUTBOUND: to indicate from the WAN. - BOTH: to indicate bidirectional data traffic to/from the WAN.\n",
-							"type": "string",
-							"enum": [
-							  "INBOUND",
-							  "OUTBOUND",
-							  "BOTH"
-							]
-						  },
-						  "connectivityServiceEndpoinId": {
-							"description": "References the connectivity service endpoint configuration information applicable to support the MSCS endpoint. More than one connectivity service endpoint can be referred when endpoints are in LAG mode.\n",
-							"type": "array",
-							"items": {
-							  "description": "An identifier with the intention of being globally unique.\n",
-							  "type": "string"
-							}
-						  }
-						}
-					  }
-					}
-				  }
-				},
-				"connectivityServiceEndpoints": {
-				  "description": "Configuration information about the network resources in the NFVI-PoP and their connectivity to the WAN.\n",
-				  "type": "array",
-				  "items": {
-					"description": "This type provides configuration data for the NFVI-PoP network gateway providing connectivity service endpoints. The connectivity service endpoints are used as endpoints by an MSCS. It shall comply with the provisions defined in Table 6.5.3.84-1.\n",
-					"type": "object",
-					"required": [
-					  "connectivityServiceEndpointId",
-					  "vimId"
-					],
-					"properties": {
-					  "connectivityServiceEndpointId": {
-						"description": "An identifier with the intention of being globally unique.\n",
-						"type": "string"
-					  },
-					  "vimId": {
-						"description": "An identifier with the intention of being globally unique.\n",
-						"type": "string"
-					  },
-					  "siteToWanLayer2ProtocolData": {
-						"description": "This type provides information about Layer 2 protocol specific information for the configuration of the NFVI-PoP network gateway to enable the stitching of the intra-site VN to the MSCS over the WAN. It shall comply with the provisions defined in Table 6.5.3.85-1. NOTE: Either \"networkResources\" or \"vnSegmentsIds\" shall be provided, but not both.\n",
-						"type": "object",
-						"required": [
-						  "layer2ConnectionInfo"
-						],
-						"properties": {
-						  "layer2ConnectionInfo": {
-							"description": "Layer 2 protocol parameters of the connectivity service endpoint (CSE).\n",
-							"type": "object",
-							"required": [
-							  "connectionType",
-							  "interfaceType",
-							  "interfaceTagging",
-							  "encapsulationType"
-							],
-							"properties": {
-							  "connectionType": {
-								"description": "The type of connection to be established on the connectivity service point. Permitted values: - CSE: defined by the characteristics of the existing referred connectivity service point. - AGGREGATE_CSE: create an aggregation of the connectivity service endpoints.\n",
-								"type": "string",
-								"enum": [
-								  "CSE",
-								  "AGGREGATE_CSE"
-								]
-							  },
-							  "interfaceType": {
-								"description": "To indicate whether to create logical interfaces on the referred connectivity service endpoint or new aggregated connectivity service endpoint. Permitted values: - PARENT: use the mapped interface to the connectivity service endpoint as is, i.e., do not create logical interfaces. - LOGICAL: create logical interfaces.\n",
-								"type": "string",
-								"enum": [
-								  "PARENT",
-								  "LOGICAL"
-								]
-							  },
-							  "interfaceTagging": {
-								"description": "The type of frames to forward on the connectivity service point. Permitted values: - UNTAGGED: an interface where frames are not tagged. - TAGGED: an interface configured to forward tagged frames (i.e., enabled for VLAN tagging).\n",
-								"type": "string",
-								"enum": [
-								  "UNTAGGED",
-								  "TAGGED"
-								]
-							  },
-							  "encapsulationType": {
-								"description": "The type of encapsulation. If the interfaceTagging=\"TAGGED\", either \"VLAN\" or \"VXLAN\" shall be set. Permitted values: - ETH: generic Ethernet encapsulation. - VLAN: encapsulation based on VLAN. - VXLAN: encapsulation based on VXLAN.\n",
-								"type": "string",
-								"enum": [
-								  "ETH",
-								  "VLAN",
-								  "VXLAN"
-								]
-							  },
-							  "vlanTaggingType": {
-								"description": "Type of encapsulation method for VLAN tagging. Shall be present if interfaceTagging=\"TAGGED\" and encapsulationType=\"VLAN\". Permitted values: - DOT1Q: used when packets on the CSE are encapsulated with one or a set of customer VLAN identifiers. - QINQ: used when packets on the CSE are encapsulated with multiple customer VLAN identifiers and a single\n  service VLAN identifier.\n- QINANY: used when packets on the CSE have no specific customer VLAN and a service VLAN identifier is used.\n",
-								"type": "string",
-								"enum": [
-								  "DOT1Q",
-								  "QINQ",
-								  "QINANY"
-								]
-							  },
-							  "wanSegmentIds": {
-								"description": "Segment identifiers to pass on the tagged interface. Shall be present if encapsulationType=\"VLAN\" or “VXLAN\".\n",
-								"type": "object",
-								"required": [
-								  "wanSegmentIdValue"
-								],
-								"properties": {
-								  "wanSegmentIdValue": {
-									"description": "Identifier of the network segment (e.g., VLAN id or VNI).\n",
-									"type": "string"
-								  },
-								  "wanSegmentIdUpperRange": {
-									"description": "Identifier of the upper range network segment, in case the \"wanSegmentIds\" is used to define a range.\n",
-									"type": "string"
-								  }
-								}
-							  },
-							  "vxlanConfig": {
-								"description": "Additional configuration needed when using VXLAN encapsulation. Shall be present if interfaceTagging=\"TAGGED\" and encapsulationType=\"VXLAN\".\n",
-								"type": "object",
-								"required": [
-								  "peerMode"
-								],
-								"properties": {
-								  "peerMode": {
-									"description": "Type of VXLAN access mode. Default value is \"STATIC\".\nPermitted values: - STATIC - BGP_EVPN\n",
-									"type": "string",
-									"enum": [
-									  "STATIC",
-									  "BGP_EVPN"
-									]
-								  },
-								  "peers": {
-									"description": "List of IP addresses of VTEP peers when using static mode.\n",
-									"type": "array",
-									"items": {
-									  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									  "type": "string",
-									  "format": "IP"
-									}
-								  }
-								}
-							  },
-							  "lagInterfaceData": {
-								"description": "Information for setting up a LAG interface aggregating multiple connectivity service endpoints.\n",
-								"type": "object",
-								"required": [
-								  "aggregatedEndpoints",
-								  "lacpActivation",
-								  "lacpConfig"
-								],
-								"properties": {
-								  "aggregatedEndpoints": {
-									"description": "List of the connectivity service endpoints that are to be aggregated. Shall be present if connectionType=\"AGGREGATE_CSE\". In case of aggregating connectivity service endpoints, only one SiteToWanLayer2ProtocolData shall be provided for the whole set of aggregated endpoints.\n",
-									"type": "array",
-									"items": {
-									  "description": "An identifier with the intention of being globally unique.\n",
-									  "type": "string"
-									}
-								  },
-								  "lacpActivation": {
-									"description": "Indicates whether to activate LACP on the interface. If \"TRUE\", the LACP is to be activated, or \"FALSE\" otherwise. Default value is \"FALSE\".\n",
-									"type": "boolean"
-								  },
-								  "lacpConfig": {
-									"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-									"type": "object"
-								  }
-								}
-							  },
-							  "layer2ControlProtocol": {
-								"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-								"type": "object"
-							  }
-							}
-						  },
-						  "mtuL2": {
-							"description": "Maximum Transmission Unit (MTU) that can be forwarded at layer 2 (in bytes). Default value is \"1500\" (bytes).\n",
-							"type": "number"
-						  },
-						  "virtualRoutingAndForwarding": {
-							"description": "Configuration related to the L2 virtual routing and forwarding (MAC-VRF).\n",
-							"type": "object",
-							"required": [
-							  "macVrfName"
-							],
-							"properties": {
-							  "macVrfName": {
-								"description": "Name (or identifier) of the MAC-VRF instance.\n",
-								"type": "string"
-							  }
-							}
-						  },
-						  "forwardingConfig": {
-							"description": "Information related to the forwarding of the VN in the NFVI-PoP to the connectivity service endpoint, if information about the VN to \"stitch\" is already known. . by the OSS/BSS. Shall not be provided otherwise, in which case the NFVO will infer the forwarding configuration based on the NS VL, or external VL, or externally-managed VL provisioning.\n",
-							"type": "object",
-							"oneOf": [
-							  {
-								"required": [
-								  "networkResources"
-								]
-							  },
-							  {
-								"required": [
-								  "vnSegmentIds"
-								]
-							  }
-							],
-							"properties": {
-							  "networkResources": {
-								"description": "Reference to the VN resource to be forwarded into/from the MSCS. See note.\n",
-								"type": "array",
-								"items": {
-								  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
-								  "type": "object",
-								  "required": [
-									"resourceId"
-								  ],
-								  "properties": {
-									"vimId": {
-									  "description": "An identifier with the intention of being globally unique.\n",
-									  "type": "string"
-									},
-									"resourceProviderId": {
-									  "description": "An identifier with the intention of being globally unique.\n",
-									  "type": "string"
-									},
-									"resourceId": {
-									  "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-									  "type": "string"
-									},
-									"vimLevelResourceType": {
-									  "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
-									  "type": "string"
-									},
-									"vimLevelAdditionalResourceInfo": {
-									  "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
-									  "type": "object",
-									  "properties": {
-										"hostName": {
-										  "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
-										  "type": "string"
-										},
-										"persistentVolume": {
-										  "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
-										  "type": "string"
-										},
-										"additionalInfo": {
-										  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-										  "type": "object"
-										}
-									  }
-									},
-									"containerNamespace": {
-									  "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
-									  "type": "string"
-									}
-								  }
-								}
-							  },
-							  "vnSegmentIds": {
-								"description": "Identifiers of the network segments of the VN resources to be forwarded into/from the MSCS.\n",
-								"type": "object",
-								"required": [
-								  "vnSegmentIdValue"
-								],
-								"properties": {
-								  "vnSegmentIdValue": {
-									"description": "Identifier of the network segment.\n",
-									"type": "string"
-								  },
-								  "vnSegmentIdUpperRange": {
-									"description": "Identifier of the upper range network segment, in case the \"vnSegmentIds\" is used to define a range.\n",
-									"type": "string"
-								  }
-								}
-							  }
-							}
-						  }
-						}
-					  },
-					  "siteToWanLayer3ProtocolData": {
-						"description": "This type provides information about Layer 3 protocol specific information for the stitching of the intra-site VN to the multi-site connectivity service over the WAN. It shall comply with the provisions defined in Table 6.5.3.86-1.\n",
-						"type": "object",
-						"required": [
-						  "routingInfo"
-						],
-						"properties": {
-						  "logicalInterfaceIpAddress": {
-							"description": "IP addressing information associated to a logical interface. Shall be present if the \"interfaceType\" of the SiteToWanLayer2ProtocolData is equal to \"LOGICAL\".\n",
-							"type": "object",
-							"required": [
-							  "ipAddress",
-							  "associatedSegmentId"
-							],
-							"properties": {
-							  "ipAddress": {
-								"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-								"type": "string",
-								"format": "IP"
-							  },
-							  "associatedSegmentId": {
-								"description": "The associated segment identifier that has triggered the creation of the logical interface. The value shall be one of the values listed in the \"wanSegmentIds\" of the \"siteToWanLayer2ProtocolData\".\n",
-								"type": "string"
-							  }
-							}
-						  },
-						  "routingInfo": {
-							"description": "The routing information that is activated on the connectivity service endpoint. More than one \"routingInfo\" is allowed to enable stacking different routing protocols (e.g., one routing protocol for IPv4 and another one for IPv6).\n",
-							"type": "object",
-							"required": [
-							  "routingProtocol",
-							  "routingAddressFamily"
-							],
-							"properties": {
-							  "routingProtocol": {
-								"description": "The routing protocol that is activated on the connectivity service endpoint. Permitted values: - BGP: used for dynamic routing BGPv4. - RIP: used for dynamic routing RIPv2. - OSPF: used for dynamic routing (OSPF version 2 for IPv4; and OSPF version 3 for IPv6). - STATIC: used for static routing. - DIRECT: used when the NFVI-PoP network is directly connected to the WAN provider network. - VRRP: used when the NFVI-PoP network is directly connected to the WAN provider network with virtual\n  router redundancy protocol support (VRRP).\n",
-								"type": "string",
-								"enum": [
-								  "BGP",
-								  "RIP",
-								  "OSPF",
-								  "STATIC",
-								  "DIRECT",
-								  "VRRP"
-								]
-							  },
-							  "staticRouting": {
-								"description": "Defines a static route. It shall only be present if the routingProtocol=\"STATIC\".\n",
-								"type": "object",
-								"required": [
-								  "ipVersion",
-								  "ipPrefix",
-								  "prefixSize",
-								  "nextHop"
-								],
-								"properties": {
-								  "ipVersion": {
-									"description": "The IP version applicable to the routing entry. Permitted values: - IPV4 - IPV6\n",
-									"type": "string",
-									"enum": [
-									  "IPV4",
-									  "IPV6"
-									]
-								  },
-								  "ipPrefix": {
-									"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									"type": "string",
-									"format": "IP"
-								  },
-								  "prefixSize": {
-									"description": "The IP prefix size.\n",
-									"type": "number"
-								  },
-								  "nextHop": {
-									"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									"type": "string",
-									"format": "IP"
-								  }
-								}
-							  },
-							  "routingAddressFamily": {
-								"description": "The IP version applicable to the dynamic routing protocol. Shall be present for dynamic routing protocols. Permitted values: - IPV4 - IPV6\n",
-								"type": "string",
-								"enum": [
-								  "IPV4",
-								  "IPv6"
-								]
-							  },
-							  "ospfRouting": {
-								"description": "Defines parameters for OSPF routing. It shall only be present if the routingProtocol=\"OSPF\".\n",
-								"type": "object",
-								"required": [
-								  "areaId"
-								],
-								"properties": {
-								  "areaId": {
-									"description": "The routing area identifier, e.g., a number or an IP address.\n",
-									"type": "string"
-								  }
-								}
-							  },
-							  "bgpRouting": {
-								"description": "Defines parameters for BGP routing. It shall only be present if the routingProtocol=\"BGP\".\n",
-								"type": "object",
-								"required": [
-								  "bgpAs"
-								],
-								"properties": {
-								  "bgpAs": {
-									"description": "The Autonomous System (AS) identification applicable to the BGP routing info entry.\n",
-									"type": "object"
-								  },
-								  "bgpNeighbour": {
-									"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									"type": "string",
-									"format": "IP"
-								  },
-								  "bgpAdditionalParam": {
-									"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-									"type": "object"
-								  }
-								}
-							  },
-							  "routeMapsDistribution": {
-								"description": "Maps of routes that are permitted or denied for redistribution.\n",
-								"type": "object",
-								"required": [
-								  "policy",
-								  "sequence",
-								  "matchAndSetRule"
-								],
-								"properties": {
-								  "policy": {
-									"description": "The policy to apply to the route distribution.\nPermitted values: - PERMIT - DENY\n",
-									"type": "string",
-									"enum": [
-									  "PERMIT",
-									  "DENY"
-									]
-								  },
-								  "sequence": {
-									"description": "Sequence or index number assigned to the route-map.\n",
-									"type": "number"
-								  },
-								  "matchAndSetRule": {
-									"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-									"type": "object"
-								  }
-								}
-							  }
-							}
-						  },
-						  "mtuL3": {
-							"description": "Maximum Transmission Unit (MTU) that can be forwarded at layer 3 (in bytes). Default value is \"1500\" (bytes).\n",
-							"type": "number"
-						  },
-						  "virtualRoutingAndForwarding": {
-							"description": "Configuration related to the virtual routing and forwarding (VRF).\n",
-							"type": "object",
-							"required": [
-							  "vrfName"
-							],
-							"properties": {
-							  "vrfName": {
-								"description": "Name (or identifier) of the VRF instance.\n",
-								"type": "string"
-							  }
-							}
-						  },
-						  "bfdConfig": {
-							"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-							"type": "object"
-						  }
-						}
-					  }
-					}
-				  }
-				}
-			  }
-			}
-		  }
-		}
-	  },
-	  "_links": {
-		"type": "object",
-		"description": "Links to resources related to this resource.",
-		"required": [
-		  "self"
-		],
-		"properties": {
-		  "self": {
-			"description": "This type represents a link to a resource.\n",
-			"type": "object",
-			"required": [
-			  "href"
-			],
-			"properties": {
-			  "href": {
-				"description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
-				"type": "string",
-				"format": "url"
-			  }
-			}
-		  },
-		  "nestedNsInstances": {
-			"description": "Links to resources related to this notification.\n",
-			"type": "array",
-			"items": {
-			  "description": "This type represents a link to a resource.\n",
-			  "type": "object",
-			  "required": [
-				"href"
-			  ],
-			  "properties": {
-				"href": {
-				  "description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
-				  "type": "string",
-				  "format": "url"
-				}
-			  }
-			}
-		  },
-		  "vnfSnapshotInfos": {
-			"description": "Links to the VNF snapshots associated to VNF instances which are part of this NS instance.\n",
-			"type": "array",
-			"items": {
-			  "description": "This type represents a link to a resource.\n",
-			  "type": "object",
-			  "required": [
-				"href"
-			  ],
-			  "properties": {
-				"href": {
-				  "description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
-				  "type": "string",
-				  "format": "url"
-				}
-			  }
-			}
-		  },
-		  "instantiate": {
-			"description": "This type represents a link to a resource.\n",
-			"type": "object",
-			"required": [
-			  "href"
-			],
-			"properties": {
-			  "href": {
-				"description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
-				"type": "string",
-				"format": "url"
-			  }
-			}
-		  },
-		  "terminate": {
-			"description": "This type represents a link to a resource.\n",
-			"type": "object",
-			"required": [
-			  "href"
-			],
-			"properties": {
-			  "href": {
-				"description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
-				"type": "string",
-				"format": "url"
-			  }
-			}
-		  },
-		  "update": {
-			"description": "This type represents a link to a resource.\n",
-			"type": "object",
-			"required": [
-			  "href"
-			],
-			"properties": {
-			  "href": {
-				"description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
-				"type": "string",
-				"format": "url"
-			  }
-			}
-		  },
-		  "scale": {
-			"description": "This type represents a link to a resource.\n",
-			"type": "object",
-			"required": [
-			  "href"
-			],
-			"properties": {
-			  "href": {
-				"description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
-				"type": "string",
-				"format": "url"
-			  }
-			}
-		  },
-		  "heal": {
-			"description": "This type represents a link to a resource.\n",
-			"type": "object",
-			"required": [
-			  "href"
-			],
-			"properties": {
-			  "href": {
-				"description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
-				"type": "string",
-				"format": "url"
-			  }
-			}
-		  }
-		}
-	  }
-	}
-  }
\ No newline at end of file
+    "description": "This type represents a response for Query NS operation.  It shall comply with the provisions defined in Table 6.5.2.10-1.\nNOTE 1: Void.\n          \"vnfInstance\" attribute or one \"nestedNsInstanceId\" attribute shall be present.\nNOTE 2: The “priority” attribute of the NS instance is configured in the NSD in the NsDf structure.\n          The mapping from application-specific priority values to a value in the NsDf is under OSS/BSS responsibility.\n          The \"zero\" value expresses the highest priority and the fact that the NS instance based on this DF cannot be\n          pre-empted during resource allocation.\nNOTE 3: Examples for the usage of priority include conflict resolution in case of resource shortage\nNOTE 4: Information about PaaS Services assigned to VNF instances shall only be included in the corresponding\n        VnfInstance (see clause 6.5.3.57)\n",
+    "type": "object",
+    "required": [
+        "id",
+        "nsInstanceName",
+        "nsInstanceDescription",
+        "nsdId",
+        "nsdInfoId",
+        "nsState",
+        "_links"
+    ],
+    "properties": {
+        "id": {
+            "description": "An identifier with the intention of being globally unique.\n",
+            "type": "string"
+        },
+        "nsInstanceName": {
+            "description": "Human readable name of the NS instance.\n",
+            "type": "string"
+        },
+        "nsInstanceDescription": {
+            "description": "Human readable description of the NS instance.\n",
+            "type": "string"
+        },
+        "nsdId": {
+            "description": "An identifier with the intention of being globally unique.\n",
+            "type": "string"
+        },
+        "versionDependency": {
+            "description": "Describes version dependencies currently valid for the nested NS instance. Identifies versions  of descriptors of other constituents in the NSD upon which the nested NS depends.  The dependencies may be described for the NSD referenced in this NsInstance with nsdId and for  NSDs with the same \"nsdExtInvariantId\". There shall not be more than one versionDependency present with the same dependentConstituentId. It may be present for the NsInstance of a nested NS. It shall not be present otherwise.\n",
+            "type": "array",
+            "items": {
+                "description": "This type represents the information related to all dependencies that an NSD constituent has on the versions of other NSD constituents.  It shall comply with the provisions defined in table 6.5.3.112-1.\n",
+                "type": "object",
+                "required": [
+                    "dependentConstituentId"
+                ],
+                "properties": {
+                    "dependentConstituentId": {
+                        "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                        "type": "string"
+                    },
+                    "versionDependencyStatement": {
+                        "description": "Identifies one or multiple versions of an NSD constituents upon which the dependent constituent identified by  dependentConstituentId has a dependency. Cardinality 0 is used to remove an existing version dependency in a profile.\n",
+                        "type": "array",
+                        "items": {
+                            "description": "This type represents the information related to one or more VNF, NS or PNF descriptor identifiers which describe one  single dependency. When more than one descriptor is indicated, they correspond to different versions of the same VNF,  NS or PNF and they represent alternatives to fulfil the dependency. It shall comply with the provisions defined in  table 6.5.3.113-1.\n",
+                            "type": "object",
+                            "required": [
+                                "descriptorId"
+                            ],
+                            "properties": {
+                                "descriptorId": {
+                                    "description": "Identifies a VNFD, NSD or PNFD upon which the entity using this data type depends. When more than one descriptor is indicated, they shall correspond to versions of the same VNF, NS or PNF and they represent alternatives, i.e. the presence of one of them fulfills the dependency.",
+                                    "type": "array",
+                                    "items": {
+                                        "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                                        "type": "string"
+                                    }
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+        },
+        "nsdInfoId": {
+            "description": "An identifier with the intention of being globally unique.\n",
+            "type": "string"
+        },
+        "flavourId": {
+            "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+            "type": "string"
+        },
+        "priority": {
+            "description": "A number as defined in IETF RFC 8259.\n",
+            "type": "number"
+        },
+        "vnfInstance": {
+            "description": "Information on constituent VNF(s) of the NS instance.\n",
+            "type": "array",
+            "items": {
+                "description": "This type represents a VNF instance. It shall comply with the provisions defined in table 6.5.3.57-1.\nNOTE: Clause B.3.2 of ETSI GS NFV-SOL 003 provides examples illustrating the relationship among the \n      different run-time data types (CP, VL and link ports) used to represent the connectivity \n      of a VNF.\n\nNOTE 1: Modifying the value of this attribute shall not be performed when conflicts exist between the \n        previous and the newly referred VNF package, i.e. when the new VNFD is changed with respect to \n        the previous VNFD in other aspects than merely referencing to other VNF software images. \n        In order to avoid misalignment of the VnfInstance with the current VNF's on-boarded VNF Package, \n        the values of attributes in the VnfInstance that have corresponding attributes in the VNFD shall \n        be kept in sync with the values in the VNFD.\nNOTE 2: ETSI GS NFV-SOL 001 specifies the structure and format of the VNFD based on TOSCA specifications. NOTE 3: These attributes are sometimes also referred to as configuration parameters applicable \n        to a VNF. Some of these are set prior to instantiation and cannot be modified if the VNF is instantiated, \n        some are set prior to instantiation (are part of initial configuration) and can be modified later, \n        and others can be set only after instantiation. The applicability of certain configuration may depend \n        on the VNF and the required operation of the VNF at a certain point in time.\nNOTE 4: It is possible to have several ExtManagedVirtualLinkInfo for the same VNF internal VL in case of a \n        multi-site VNF spanning several VIMs. The set of ExtManagedVirtualLinkInfo corresponding to the same \n        VNF internal VL shall indicate so by referencing to the same VnfVirtualLinkDesc and externally-managed \n        multi-site VL instance (refer to clause 6.5.3.59).\nNOTE 5: Even though externally-managed internal VLs are also used for VNF-internal connectivity, they shall not \n        be listed in the \"vnfVirtualLinkResourceInfo\" attribute as this would be redundant.\nNOTE 6: The scale level indicated in “scaleStatus” for a scaling aspect that has not been deployed due to the selection\n        of deployable modules will be used to instantiate the related VNFCs if a VNF LCM operation changes the\n        selected deployable modules and the related VNFCs are instantiated, unless the VNF LCM operation explicitly\n        indicates the scale level for the aspect.\n",
+                "type": "object",
+                "required": [
+                    "id",
+                    "vnfdId",
+                    "vnfProvider",
+                    "vnfProductName",
+                    "vnfSoftwareVersion",
+                    "vnfdVersion",
+                    "vnfPkgId",
+                    "instantiationState"
+                ],
+                "properties": {
+                    "id": {
+                        "description": "An identifier with the intention of being globally unique.\n",
+                        "type": "string"
+                    },
+                    "vnfInstanceName": {
+                        "description": "Name of the VNF instance. Modifications to this attribute can be requested using the \"ModifyVnfInfoData\" structure.\n",
+                        "type": "string"
+                    },
+                    "vnfInstanceDescription": {
+                        "description": "Human-readable description of the VNF instance. Modifications to this attribute can be requested using the \"ModifyVnfInfoData\" structure.\n",
+                        "type": "string"
+                    },
+                    "vnfdId": {
+                        "description": "An identifier with the intention of being globally unique.\n",
+                        "type": "string"
+                    },
+                    "vnfProvider": {
+                        "description": "Provider of the VNF and the VNFD. The value is copied from the VNFD.\n",
+                        "type": "string"
+                    },
+                    "vnfProductName": {
+                        "description": "Name to identify the VNF Product. The value is copied from the VNFD.\n",
+                        "type": "string"
+                    },
+                    "vnfSoftwareVersion": {
+                        "description": "A Version. Representation: string of variable length.\n",
+                        "type": "string"
+                    },
+                    "vnfdVersion": {
+                        "description": "A Version. Representation: string of variable length.\n",
+                        "type": "string"
+                    },
+                    "versionDependency": {
+                        "description": "Describes version dependencies currently valid for the VNF instance. Identifies versions of descriptors of other constituents in the NSD upon which the VNF depends. The dependencies may be described for the VNFD referenced in this VnfInfo with \"vnfdId\" and for VNFDs with the same \"vnfdExtInvariantId\". There shall not be more than one \"versionDependency\" present with the same dependentConstituentId.\n",
+                        "type": "array",
+                        "items": {
+                            "description": "This type represents the information related to all dependencies that an NSD constituent has on the versions of other NSD constituents.  It shall comply with the provisions defined in table 6.5.3.112-1.\n",
+                            "type": "object",
+                            "required": [
+                                "dependentConstituentId"
+                            ],
+                            "properties": {
+                                "dependentConstituentId": {
+                                    "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                                    "type": "string"
+                                },
+                                "versionDependencyStatement": {
+                                    "description": "Identifies one or multiple versions of an NSD constituents upon which the dependent constituent identified by  dependentConstituentId has a dependency. Cardinality 0 is used to remove an existing version dependency in a profile.\n",
+                                    "type": "array",
+                                    "items": {
+                                        "description": "This type represents the information related to one or more VNF, NS or PNF descriptor identifiers which describe one  single dependency. When more than one descriptor is indicated, they correspond to different versions of the same VNF,  NS or PNF and they represent alternatives to fulfil the dependency. It shall comply with the provisions defined in  table 6.5.3.113-1.\n",
+                                        "type": "object",
+                                        "required": [
+                                            "descriptorId"
+                                        ],
+                                        "properties": {
+                                            "descriptorId": {
+                                                "description": "Identifies a VNFD, NSD or PNFD upon which the entity using this data type depends. When more than one descriptor is indicated, they shall correspond to versions of the same VNF, NS or PNF and they represent alternatives, i.e. the presence of one of them fulfills the dependency.",
+                                                "type": "array",
+                                                "items": {
+                                                    "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                                                    "type": "string"
+                                                }
+                                            }
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    },
+                    "vnfPkgId": {
+                        "description": "An identifier with the intention of being globally unique.\n",
+                        "type": "string"
+                    },
+                    "vnfConfigurableProperties": {
+                        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                        "type": "object"
+                    },
+                    "certificateInfo": {
+                        "description": "This type provides input information related to certificate and certificate management.\n",
+                        "type": "object",
+                        "required": [
+                            "id"
+                        ],
+                        "properties": {
+                            "id": {
+                                "description": "An identifier with the intention of being globally unique.\n",
+                                "type": "string"
+                            },
+                            "certificateConfigurationInfo": {
+                                "description": "This type provides input information related to certificate management\n",
+                                "type": "object",
+                                "required": [
+                                    "securityPolicy"
+                                ],
+                                "properties": {
+                                    "certificateBaseProfile": {
+                                        "description": "Information for certificate profile.",
+                                        "type": "array",
+                                        "items": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        }
+                                    },
+                                    "securityPolicy": {
+                                        "description": "Information for security policy to be satisfied for certificate.",
+                                        "type": "array",
+                                        "items": {
+                                            "type": "object",
+                                            "description": "This type represents the input information related to certificate management.\n",
+                                            "required": [
+                                                "id"
+                                            ],
+                                            "properties": {
+                                                "id": {
+                                                    "description": "An identifier with the intention of being globally unique.\n",
+                                                    "type": "string"
+                                                },
+                                                "maxValidityPeriod": {
+                                                    "description": "A number as defined in IETF RFC 8259.\n",
+                                                    "type": "number"
+                                                },
+                                                "allowedAlgorithm": {
+                                                    "description": "Allowed signature algorithm.\n",
+                                                    "type": "string"
+                                                },
+                                                "minimumKeyLength": {
+                                                    "description": "A number as defined in IETF RFC 8259.\n",
+                                                    "type": "number"
+                                                }
+                                            }
+                                        }
+                                    },
+                                    "delegationSupportedCertificateManagements": {
+                                        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                        "type": "object"
+                                    },
+                                    "cmfInfo": {
+                                        "type": "object",
+                                        "description": "This type provides input information related to CMF for certificate management\n",
+                                        "required": [
+                                            "id",
+                                            "endPoint",
+                                            "supportedProtocol"
+                                        ],
+                                        "properties": {
+                                            "id": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "endPoint": {
+                                                "description": "End point of CMF instance.\n",
+                                                "type": "object",
+                                                "required": [
+                                                    "ipAddress",
+                                                    "link"
+                                                ],
+                                                "properties": {
+                                                    "ipAddress": {
+                                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                        "type": "string",
+                                                        "format": "IP"
+                                                    },
+                                                    "link": {
+                                                        "description": "This type represents a link to a resource.\n",
+                                                        "type": "object",
+                                                        "required": [
+                                                            "href"
+                                                        ],
+                                                        "properties": {
+                                                            "href": {
+                                                                "description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
+                                                                "type": "string",
+                                                                "format": "url"
+                                                            }
+                                                        }
+                                                    }
+                                                }
+                                            },
+                                            "supportedProtocol": {
+                                                "type": "array",
+                                                "description": "Supported protocol by CMF instance. Permitted values:\n  CMP\n  CMPv2\n  EST\n  SCEP\n",
+                                                "minItems": 1,
+                                                "items": {
+                                                    "type": "string",
+                                                    "enum": [
+                                                        "CMP",
+                                                        "CMPv2",
+                                                        "EST",
+                                                        "SCEP"
+                                                    ]
+                                                }
+                                            },
+                                            "certificateChain": {
+                                                "description": "Certificate chain that this CMF provides.",
+                                                "type": "array",
+                                                "items": {
+                                                    "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                    "type": "object"
+                                                }
+                                            }
+                                        }
+                                    }
+                                }
+                            },
+                            "certificateContents": {
+                                "description": "Information for contents of issued certificates. The information contained in this attribute may be updated over time during the VNF LCM, e.g. certificate(s) renewal.\n",
+                                "type": "array",
+                                "items": {
+                                    "description": "This type provides input information related to certificate content. \nNOTE : The CertificateDesc data type is defined in clause 7.1.19.2 of  ETSI GS NFV IFA 011\n",
+                                    "type": "object",
+                                    "required": [
+                                        "id",
+                                        "certficateDescId",
+                                        "certificateType"
+                                    ],
+                                    "properties": {
+                                        "id": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "certficateDescId": {
+                                            "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                            "type": "string"
+                                        },
+                                        "certificateType": {
+                                            "description": "Type of this certificate. Values: * VNFCI_CERT * VNFOAM_CERT\n",
+                                            "type": "string",
+                                            "enum": [
+                                                "VNFCI_CERT",
+                                                "NFOAM_CERT"
+                                            ]
+                                        },
+                                        "supportedCertificateManagement": {
+                                            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                            "type": "object"
+                                        },
+                                        "version": {
+                                            "description": "A Version. Representation: string of variable length.\n",
+                                            "type": "string"
+                                        },
+                                        "serialNumber": {
+                                            "description": "Serial number of this certificate\n",
+                                            "type": "integer"
+                                        },
+                                        "signatureAlgorithm": {
+                                            "description": "Algorithm of this certificate’s signature.\n",
+                                            "type": "string"
+                                        },
+                                        "issuer": {
+                                            "description": "Issuer of this certificate.\n",
+                                            "type": "string"
+                                        },
+                                        "notBefore": {
+                                            "description": "Date-time stamp. Representation: String formatted according toas defined by the date-time production in IETF RFC 3339.\n",
+                                            "type": "string",
+                                            "format": "date-time"
+                                        },
+                                        "notAfter": {
+                                            "description": "Date-time stamp. Representation: String formatted according toas defined by the date-time production in IETF RFC 3339.\n",
+                                            "type": "string",
+                                            "format": "date-time"
+                                        },
+                                        "subject": {
+                                            "description": "Subject of this certificate.\n",
+                                            "type": "string"
+                                        },
+                                        "publicKeyAlgorithm": {
+                                            "description": "Algorithm of this certificate’s public key\n",
+                                            "type": "string"
+                                        },
+                                        "certificateExtensions": {
+                                            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                            "type": "object"
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    },
+                    "vimId": {
+                        "description": "An identifier with the intention of being globally unique.\n",
+                        "type": "string"
+                    },
+                    "instantiationState": {
+                        "description": "The instantiation state of the VNF.\nPermitted values: - NOT_INSTANTIATED: The VNF instance is terminated or not instantiated. - INSTANTIATED: The VNF instance is instantiated.\n",
+                        "type": "string",
+                        "enum": [
+                            "NOT_INSTANTIATED",
+                            "INSTANTIATED"
+                        ]
+                    },
+                    "instantiatedVnfInfo": {
+                        "description": "Information specific to an instantiated VNF instance. This attribute shall be present if the instantiateState attribute value is INSTANTIATED.\n",
+                        "type": "object",
+                        "required": [
+                            "flavourId",
+                            "vnfState",
+                            "extCpInfo"
+                        ],
+                        "properties": {
+                            "flavourId": {
+                                "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                "type": "string"
+                            },
+                            "vnfState": {
+                                "type": "string",
+                                "enum": [
+                                    "STARTED",
+                                    "STOPPED"
+                                ]
+                            },
+                            "scaleStatus": {
+                                "description": "Scale status of the VNF, one entry per aspect. Represents for every scaling aspect how \"big\" the VNF has been scaled w.r.t. that aspect. This attribute shall be present if the VNF supports scaling. For an aspect that has not been deployed because it consists of VDUs that  belong to a deployable module that has not been selected (or to multiple deployable modules, none of which have been selected), it indicates the scale level that has been requested in the instantiation or in a scaling operation, or, if none has been requested in any of them, the scale level applicable to the aspect based on the default instantiation level. See note 6. See clause B.2 of ETSI GS NFV-SOL 003 for an explanation of VNF scaling.\n",
+                                "type": "array",
+                                "items": {
+                                    "required": [
+                                        "aspectId",
+                                        "scaleLevel"
+                                    ],
+                                    "type": "object",
+                                    "properties": {
+                                        "aspectId": {
+                                            "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                            "type": "string"
+                                        },
+                                        "vnfdId": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "scaleLevel": {
+                                            "description": "Indicates the scale level. The minimum value shall be 0 and the maximum value shall be <= maxScaleLevel as described in the VNFD.\n",
+                                            "type": "integer"
+                                        }
+                                    }
+                                }
+                            },
+                            "maxScaleLevels": {
+                                "description": "Maximum allowed scale levels of the VNF, one entry per aspect. This attribute shall be present if the VNF supports scaling.\n",
+                                "type": "array",
+                                "items": {
+                                    "required": [
+                                        "aspectId",
+                                        "scaleLevel"
+                                    ],
+                                    "type": "object",
+                                    "properties": {
+                                        "aspectId": {
+                                            "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                            "type": "string"
+                                        },
+                                        "vnfdId": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "scaleLevel": {
+                                            "description": "Indicates the scale level. The minimum value shall be 0 and the maximum value shall be <= maxScaleLevel as described in the VNFD.\n",
+                                            "type": "integer"
+                                        }
+                                    }
+                                }
+                            },
+                            "selectedDeployableModule": {
+                                "description": "References a currently selected deployable module, as defined in the VNFD, that has already completed the instantiation of its VNFCs.\n",
+                                "type": "array",
+                                "items": {
+                                    "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                    "type": "string"
+                                }
+                            },
+                            "extCpInfo": {
+                                "description": "Information about the external CPs exposed by the VNF instance. When trunking is enabled, the list of entries includes both, external CPs corresponding to parent ports of a trunk, and external CPs associated to sub-ports of a trunk.\n",
+                                "type": "array",
+                                "minItems": 1,
+                                "items": {
+                                    "description": "This type represents information about an external CP of a VNF. It shall comply  with the provisions defined in Table 6.5.3.70-1. NOTE 1: The attributes attributes \"associatedVnfcCpId\", \"associatedVipCpId\", \"associatedVirtualCpId\" and \"associatedVnfVirtualLinkId\" are mutually exclusive. Exactly one shall be present. NOTE 2: An external CP instance is not associated to a link port in the cases indicated for the “extLinkPorts” attribute in clause 6.5.3.26. NOTE 3:  Cardinality greater than 1 is only applicable for specific cases where more than one network attachment definition resource is needed to fulfil the connectivity requirements of the external CP, e.g. to build a link redundant mated pair in SR-IOV cases. NOTE 4:  When more than one \"netAttDefResourceId\" is indicated, all shall belong to the same namespace.\n",
+                                    "type": "object",
+                                    "required": [
+                                        "id",
+                                        "cpdId",
+                                        "cpProtocolInfo"
+                                    ],
+                                    "oneOf": [
+                                        {
+                                            "required": [
+                                                "associatedVnfcCpId"
+                                            ]
+                                        },
+                                        {
+                                            "required": [
+                                                "associatedVipCpId"
+                                            ]
+                                        },
+                                        {
+                                            "required": [
+                                                "associatedVirtualCpId"
+                                            ]
+                                        },
+                                        {
+                                            "required": [
+                                                "associatedVnfVirtualLinkId"
+                                            ]
+                                        }
+                                    ],
+                                    "properties": {
+                                        "id": {
+                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "cpdId": {
+                                            "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                            "type": "string"
+                                        },
+                                        "cpConfigId": {
+                                            "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                            "type": "string"
+                                        },
+                                        "vnfdId": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "cpProtocolInfo": {
+                                            "description": "Network protocol information for this CP.\n",
+                                            "type": "array",
+                                            "minItems": 1,
+                                            "items": {
+                                                "description": "This type describes the protocol layer(s) that a CP or SAP uses together with protocol-related information, like addresses. It shall comply with the provisions defined in Table 6.5.3.58-1. NOTE: This attribute allows to signal the addition of further types of layer and protocol in future versions of the present document in a backwards-compatible way. In the current version of the present document, only IP over Ethernet is supported.\n",
+                                                "type": "object",
+                                                "required": [
+                                                    "layerProtocol",
+                                                    "ipOverEthernet"
+                                                ],
+                                                "properties": {
+                                                    "layerProtocol": {
+                                                        "description": "The identifier of layer(s) and protocol(s) associated to the network address information. Permitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
+                                                        "type": "string",
+                                                        "enum": [
+                                                            "IP_OVER_ETHERNET",
+                                                            "IP_FOR_VIRTUAL_CP"
+                                                        ]
+                                                    },
+                                                    "ipOverEthernet": {
+                                                        "description": "This type represents information about a network address that has been assigned.\nNOTE 1: At least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2: Exactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3: If the Cp instance represents a subport in a trunk, \"segmentationId\" shall be present. Otherwise it shall not be present. NOTE 4: Depending on the NFVI networking infrastructure, the \"segmentationId\" may indicate the actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header of the packets or it may be an identifier used between the application and the NFVI networking infrastructure to identify the network sub-interface of the trunk port in question. In the latter case the NFVI infrastructure will map this local \"segmentationId\" to whatever \"segmentationId\" is actually used by the NFVI's transport technology.\n",
+                                                        "type": "object",
+                                                        "anyOf": [
+                                                            {
+                                                                "required": [
+                                                                    "macAddress"
+                                                                ]
+                                                            },
+                                                            {
+                                                                "required": [
+                                                                    "ipAddresses"
+                                                                ]
+                                                            }
+                                                        ],
+                                                        "properties": {
+                                                            "macAddress": {
+                                                                "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
+                                                                "type": "string",
+                                                                "format": "MAC"
+                                                            },
+                                                            "segmentationId": {
+                                                                "description": "Identification of the network segment to which the Cp instance connects to. See note 3 and note 4.\n",
+                                                                "type": "string"
+                                                            },
+                                                            "ipAddresses": {
+                                                                "description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or dynamic IP address assignment per subnet. See note 1.\n",
+                                                                "type": "array",
+                                                                "items": {
+                                                                    "type": "object",
+                                                                    "required": [
+                                                                        "type"
+                                                                    ],
+                                                                    "oneOf": [
+                                                                        {
+                                                                            "required": [
+                                                                                "addresses"
+                                                                            ]
+                                                                        },
+                                                                        {
+                                                                            "required": [
+                                                                                "addressRange"
+                                                                            ]
+                                                                        }
+                                                                    ],
+                                                                    "properties": {
+                                                                        "type": {
+                                                                            "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
+                                                                            "type": "string",
+                                                                            "enum": [
+                                                                                "IPV4",
+                                                                                "IPV6"
+                                                                            ]
+                                                                        },
+                                                                        "addresses": {
+                                                                            "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
+                                                                            "type": "array",
+                                                                            "items": {
+                                                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                "type": "string",
+                                                                                "format": "IP"
+                                                                            }
+                                                                        },
+                                                                        "isDynamic": {
+                                                                            "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
+                                                                            "type": "boolean"
+                                                                        },
+                                                                        "addressRange": {
+                                                                            "description": "An IP address range used, e.g., in case of egress connections. Exactly one of \"addresses\" or \"addressRange\" shall be present. See note 2.\n",
+                                                                            "type": "object",
+                                                                            "required": [
+                                                                                "minAddress",
+                                                                                "maxAddress"
+                                                                            ],
+                                                                            "properties": {
+                                                                                "minAddress": {
+                                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                    "type": "string",
+                                                                                    "format": "IP"
+                                                                                },
+                                                                                "maxAddress": {
+                                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                    "type": "string",
+                                                                                    "format": "IP"
+                                                                                }
+                                                                            }
+                                                                        },
+                                                                        "subnetId": {
+                                                                            "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                            "type": "string"
+                                                                        }
+                                                                    }
+                                                                }
+                                                            },
+                                                            "type": {
+                                                                "description": "The type of the IP addresses\n",
+                                                                "type": "string",
+                                                                "enum": [
+                                                                    "PV4",
+                                                                    "PV6"
+                                                                ]
+                                                            },
+                                                            "addresses": {
+                                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                "type": "string",
+                                                                "format": "IP"
+                                                            },
+                                                            "isDynamic": {
+                                                                "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
+                                                                "type": "boolean"
+                                                            },
+                                                            "addressRange": {
+                                                                "description": "An IP address range used, e.g. in case of egress connections. See note.\n",
+                                                                "type": "object",
+                                                                "required": [
+                                                                    "minAddress",
+                                                                    "maxAddress"
+                                                                ],
+                                                                "properties": {
+                                                                    "minAddress": {
+                                                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                        "type": "string",
+                                                                        "format": "IP"
+                                                                    },
+                                                                    "maxAddress": {
+                                                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                        "type": "string",
+                                                                        "format": "IP"
+                                                                    }
+                                                                }
+                                                            },
+                                                            "minAddress": {
+                                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                "type": "string",
+                                                                "format": "IP"
+                                                            },
+                                                            "maxAddress": {
+                                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                "type": "string",
+                                                                "format": "IP"
+                                                            },
+                                                            "subnetId": {
+                                                                "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                "type": "string"
+                                                            }
+                                                        }
+                                                    },
+                                                    "virtualCpAddress": {
+                                                        "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
+                                                        "type": "object",
+                                                        "required": [
+                                                            "type"
+                                                        ],
+                                                        "properties": {
+                                                            "type": {
+                                                                "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
+                                                                "type": "string",
+                                                                "enum": [
+                                                                    "IPV4",
+                                                                    "IPV6"
+                                                                ]
+                                                            },
+                                                            "loadBalancerIp": {
+                                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                "type": "string",
+                                                                "format": "IP"
+                                                            },
+                                                            "addressPoolName": {
+                                                                "description": "Name of an address pool from which an IP address is assigned to the virtual CP.",
+                                                                "type": "string"
+                                                            }
+                                                        }
+                                                    }
+                                                }
+                                            }
+                                        },
+                                        "extLinkPortId": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "netAttDefResourceId": {
+                                            "description": "Identifier of the \"NetAttDefResourceInfo\" structure that provides the  specification of the interface to attach the connection point to a secondary container cluster network. See notes 3 and 4.\nIt shall be present if the external CP is associated to a VNFC realized  by one or a set of OS containers and is connected to a secondary container  cluster network. It shall not be present otherwise.\n",
+                                            "type": "array",
+                                            "items": {
+                                                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                "type": "string"
+                                            }
+                                        },
+                                        "metadata": {
+                                            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                            "type": "object"
+                                        },
+                                        "associatedVnfcCpId": {
+                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "associatedVipCpId": {
+                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "associatedVirtualCpId": {
+                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "associatedVnfVirtualLinkId": {
+                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "certificateContentId": {
+                                            "description": "The identifier of certificate that this VNF CP instance uses. Shall be present when using in delegation-mode. Otherwise shall not be present.\n",
+                                            "type": "array",
+                                            "items": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            }
+                                        }
+                                    }
+                                }
+                            },
+                            "vipCpInfo": {
+                                "description": "VIP CPs that are part of the VNF instance. Shall be present when that particular VIP CP of the VNFC instance is associated to an external CP of the VNF instance. May be present otherwise.\n",
+                                "type": "array",
+                                "items": {
+                                    "description": "This type provides information related to virtual IP (VIP) CP. It shall comply with the provisions defined in table 6.5.3.97 1. NOTE:   It is possible that there is no associated VnfcCp because the VIP CP is available but not associated yet.\n",
+                                    "type": "object",
+                                    "required": [
+                                        "cpInstanceId",
+                                        "cpdId"
+                                    ],
+                                    "properties": {
+                                        "cpInstanceId": {
+                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "cpdId": {
+                                            "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                            "type": "string"
+                                        },
+                                        "vnfdId": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "vnfExtCpId": {
+                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "cpProtocolInfo": {
+                                            "description": "Protocol information for this CP. There shall be one cpProtocolInfo for layer 3. There may be one cpProtocolInfo for layer 2.\n",
+                                            "type": "array",
+                                            "items": {
+                                                "description": "This type describes the protocol layer(s) that a CP or SAP uses together with protocol-related information, like addresses. It shall comply with the provisions defined in Table 6.5.3.58-1. NOTE: This attribute allows to signal the addition of further types of layer and protocol in future versions of the present document in a backwards-compatible way. In the current version of the present document, only IP over Ethernet is supported.\n",
+                                                "type": "object",
+                                                "required": [
+                                                    "layerProtocol",
+                                                    "ipOverEthernet"
+                                                ],
+                                                "properties": {
+                                                    "layerProtocol": {
+                                                        "description": "The identifier of layer(s) and protocol(s) associated to the network address information. Permitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
+                                                        "type": "string",
+                                                        "enum": [
+                                                            "IP_OVER_ETHERNET",
+                                                            "IP_FOR_VIRTUAL_CP"
+                                                        ]
+                                                    },
+                                                    "ipOverEthernet": {
+                                                        "description": "This type represents information about a network address that has been assigned.\nNOTE 1: At least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2: Exactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3: If the Cp instance represents a subport in a trunk, \"segmentationId\" shall be present. Otherwise it shall not be present. NOTE 4: Depending on the NFVI networking infrastructure, the \"segmentationId\" may indicate the actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header of the packets or it may be an identifier used between the application and the NFVI networking infrastructure to identify the network sub-interface of the trunk port in question. In the latter case the NFVI infrastructure will map this local \"segmentationId\" to whatever \"segmentationId\" is actually used by the NFVI's transport technology.\n",
+                                                        "type": "object",
+                                                        "anyOf": [
+                                                            {
+                                                                "required": [
+                                                                    "macAddress"
+                                                                ]
+                                                            },
+                                                            {
+                                                                "required": [
+                                                                    "ipAddresses"
+                                                                ]
+                                                            }
+                                                        ],
+                                                        "properties": {
+                                                            "macAddress": {
+                                                                "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
+                                                                "type": "string",
+                                                                "format": "MAC"
+                                                            },
+                                                            "segmentationId": {
+                                                                "description": "Identification of the network segment to which the Cp instance connects to. See note 3 and note 4.\n",
+                                                                "type": "string"
+                                                            },
+                                                            "ipAddresses": {
+                                                                "description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or dynamic IP address assignment per subnet. See note 1.\n",
+                                                                "type": "array",
+                                                                "items": {
+                                                                    "type": "object",
+                                                                    "required": [
+                                                                        "type"
+                                                                    ],
+                                                                    "oneOf": [
+                                                                        {
+                                                                            "required": [
+                                                                                "addresses"
+                                                                            ]
+                                                                        },
+                                                                        {
+                                                                            "required": [
+                                                                                "addressRange"
+                                                                            ]
+                                                                        }
+                                                                    ],
+                                                                    "properties": {
+                                                                        "type": {
+                                                                            "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
+                                                                            "type": "string",
+                                                                            "enum": [
+                                                                                "IPV4",
+                                                                                "IPV6"
+                                                                            ]
+                                                                        },
+                                                                        "addresses": {
+                                                                            "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
+                                                                            "type": "array",
+                                                                            "items": {
+                                                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                "type": "string",
+                                                                                "format": "IP"
+                                                                            }
+                                                                        },
+                                                                        "isDynamic": {
+                                                                            "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
+                                                                            "type": "boolean"
+                                                                        },
+                                                                        "addressRange": {
+                                                                            "description": "An IP address range used, e.g., in case of egress connections. Exactly one of \"addresses\" or \"addressRange\" shall be present. See note 2.\n",
+                                                                            "type": "object",
+                                                                            "required": [
+                                                                                "minAddress",
+                                                                                "maxAddress"
+                                                                            ],
+                                                                            "properties": {
+                                                                                "minAddress": {
+                                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                    "type": "string",
+                                                                                    "format": "IP"
+                                                                                },
+                                                                                "maxAddress": {
+                                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                    "type": "string",
+                                                                                    "format": "IP"
+                                                                                }
+                                                                            }
+                                                                        },
+                                                                        "subnetId": {
+                                                                            "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                            "type": "string"
+                                                                        }
+                                                                    }
+                                                                }
+                                                            },
+                                                            "type": {
+                                                                "description": "The type of the IP addresses\n",
+                                                                "type": "string",
+                                                                "enum": [
+                                                                    "PV4",
+                                                                    "PV6"
+                                                                ]
+                                                            },
+                                                            "addresses": {
+                                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                "type": "string",
+                                                                "format": "IP"
+                                                            },
+                                                            "isDynamic": {
+                                                                "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
+                                                                "type": "boolean"
+                                                            },
+                                                            "addressRange": {
+                                                                "description": "An IP address range used, e.g. in case of egress connections. See note.\n",
+                                                                "type": "object",
+                                                                "required": [
+                                                                    "minAddress",
+                                                                    "maxAddress"
+                                                                ],
+                                                                "properties": {
+                                                                    "minAddress": {
+                                                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                        "type": "string",
+                                                                        "format": "IP"
+                                                                    },
+                                                                    "maxAddress": {
+                                                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                        "type": "string",
+                                                                        "format": "IP"
+                                                                    }
+                                                                }
+                                                            },
+                                                            "minAddress": {
+                                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                "type": "string",
+                                                                "format": "IP"
+                                                            },
+                                                            "maxAddress": {
+                                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                "type": "string",
+                                                                "format": "IP"
+                                                            },
+                                                            "subnetId": {
+                                                                "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                "type": "string"
+                                                            }
+                                                        }
+                                                    },
+                                                    "virtualCpAddress": {
+                                                        "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
+                                                        "type": "object",
+                                                        "required": [
+                                                            "type"
+                                                        ],
+                                                        "properties": {
+                                                            "type": {
+                                                                "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
+                                                                "type": "string",
+                                                                "enum": [
+                                                                    "IPV4",
+                                                                    "IPV6"
+                                                                ]
+                                                            },
+                                                            "loadBalancerIp": {
+                                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                "type": "string",
+                                                                "format": "IP"
+                                                            },
+                                                            "addressPoolName": {
+                                                                "description": "Name of an address pool from which an IP address is assigned to the virtual CP.",
+                                                                "type": "string"
+                                                            }
+                                                        }
+                                                    }
+                                                }
+                                            }
+                                        },
+                                        "associatedVnfcCpIds": {
+                                            "description": "Identifiers of the VnfcCps that share the virtual IP addresse allocated to the VIP CP instance. See note.\n",
+                                            "type": "array",
+                                            "items": {
+                                                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                "type": "string"
+                                            }
+                                        },
+                                        "vnfLinkPortId": {
+                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "metadata": {
+                                            "description": "Allows the OSS/BSS to provide additional parameter(s) to the termination process at the NS level.\n",
+                                            "type": "array",
+                                            "items": {
+                                                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                "type": "object"
+                                            }
+                                        }
+                                    }
+                                }
+                            },
+                            "virtualCpInfo": {
+                                "description": "virtual CPs that are part of the VNF instance. Shall be present when a particular virtual CP is associated to an external CP of the VNF  instance. May be present otherwise.\n",
+                                "type": "array",
+                                "items": {
+                                    "description": "'This type represents the information related to a virtual CP instance of a VNF.\nNOTE 1: A consumer of the VNF LCM interface can learn the actual VNFC instances implementing  the service accessible via the virtual CP instance by querying the \"vnfcResourceInfo\" from the \"InstantiatedVnfInfo\" and filtering by corresponding \"vduId\" values.' NOTE 2: The information can be omitted because it is already available as part of the external CP information in the VnfExtCpInfo structure\n",
+                                    "type": "object",
+                                    "required": [
+                                        "cpInstanceId",
+                                        "cpdId",
+                                        "resourceHandle",
+                                        "vduId"
+                                    ],
+                                    "properties": {
+                                        "cpInstanceId": {
+                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "cpdId": {
+                                            "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                            "type": "string"
+                                        },
+                                        "resourceHandle": {
+                                            "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
+                                            "type": "object",
+                                            "required": [
+                                                "resourceId"
+                                            ],
+                                            "properties": {
+                                                "vimId": {
+                                                    "description": "An identifier with the intention of being globally unique.\n",
+                                                    "type": "string"
+                                                },
+                                                "resourceProviderId": {
+                                                    "description": "An identifier with the intention of being globally unique.\n",
+                                                    "type": "string"
+                                                },
+                                                "resourceId": {
+                                                    "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                    "type": "string"
+                                                },
+                                                "vimLevelResourceType": {
+                                                    "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
+                                                    "type": "string"
+                                                },
+                                                "vimLevelAdditionalResourceInfo": {
+                                                    "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
+                                                    "type": "object",
+                                                    "properties": {
+                                                        "hostName": {
+                                                            "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
+                                                            "type": "string"
+                                                        },
+                                                        "persistentVolume": {
+                                                            "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
+                                                            "type": "string"
+                                                        },
+                                                        "additionalInfo": {
+                                                            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                            "type": "object"
+                                                        }
+                                                    }
+                                                },
+                                                "containerNamespace": {
+                                                    "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
+                                                    "type": "string"
+                                                }
+                                            }
+                                        },
+                                        "vnfExtCpId": {
+                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "cpProtocolInfo": {
+                                            "description": "Protocol information for this CP. There shall be one cpProtocolInfo for each layer protocol supported. This attribute may be omitted if the virtual CP is exposed as an external CP. See note 2\n",
+                                            "type": "array",
+                                            "items": {
+                                                "description": "This type describes the protocol layer(s) that a CP or SAP uses together with protocol-related information, like addresses. It shall comply with the provisions defined in Table 6.5.3.58-1. NOTE: This attribute allows to signal the addition of further types of layer and protocol in future versions of the present document in a backwards-compatible way. In the current version of the present document, only IP over Ethernet is supported.\n",
+                                                "type": "object",
+                                                "required": [
+                                                    "layerProtocol",
+                                                    "ipOverEthernet"
+                                                ],
+                                                "properties": {
+                                                    "layerProtocol": {
+                                                        "description": "The identifier of layer(s) and protocol(s) associated to the network address information. Permitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
+                                                        "type": "string",
+                                                        "enum": [
+                                                            "IP_OVER_ETHERNET",
+                                                            "IP_FOR_VIRTUAL_CP"
+                                                        ]
+                                                    },
+                                                    "ipOverEthernet": {
+                                                        "description": "This type represents information about a network address that has been assigned.\nNOTE 1: At least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2: Exactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3: If the Cp instance represents a subport in a trunk, \"segmentationId\" shall be present. Otherwise it shall not be present. NOTE 4: Depending on the NFVI networking infrastructure, the \"segmentationId\" may indicate the actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header of the packets or it may be an identifier used between the application and the NFVI networking infrastructure to identify the network sub-interface of the trunk port in question. In the latter case the NFVI infrastructure will map this local \"segmentationId\" to whatever \"segmentationId\" is actually used by the NFVI's transport technology.\n",
+                                                        "type": "object",
+                                                        "anyOf": [
+                                                            {
+                                                                "required": [
+                                                                    "macAddress"
+                                                                ]
+                                                            },
+                                                            {
+                                                                "required": [
+                                                                    "ipAddresses"
+                                                                ]
+                                                            }
+                                                        ],
+                                                        "properties": {
+                                                            "macAddress": {
+                                                                "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
+                                                                "type": "string",
+                                                                "format": "MAC"
+                                                            },
+                                                            "segmentationId": {
+                                                                "description": "Identification of the network segment to which the Cp instance connects to. See note 3 and note 4.\n",
+                                                                "type": "string"
+                                                            },
+                                                            "ipAddresses": {
+                                                                "description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or dynamic IP address assignment per subnet. See note 1.\n",
+                                                                "type": "array",
+                                                                "items": {
+                                                                    "type": "object",
+                                                                    "required": [
+                                                                        "type"
+                                                                    ],
+                                                                    "oneOf": [
+                                                                        {
+                                                                            "required": [
+                                                                                "addresses"
+                                                                            ]
+                                                                        },
+                                                                        {
+                                                                            "required": [
+                                                                                "addressRange"
+                                                                            ]
+                                                                        }
+                                                                    ],
+                                                                    "properties": {
+                                                                        "type": {
+                                                                            "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
+                                                                            "type": "string",
+                                                                            "enum": [
+                                                                                "IPV4",
+                                                                                "IPV6"
+                                                                            ]
+                                                                        },
+                                                                        "addresses": {
+                                                                            "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
+                                                                            "type": "array",
+                                                                            "items": {
+                                                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                "type": "string",
+                                                                                "format": "IP"
+                                                                            }
+                                                                        },
+                                                                        "isDynamic": {
+                                                                            "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
+                                                                            "type": "boolean"
+                                                                        },
+                                                                        "addressRange": {
+                                                                            "description": "An IP address range used, e.g., in case of egress connections. Exactly one of \"addresses\" or \"addressRange\" shall be present. See note 2.\n",
+                                                                            "type": "object",
+                                                                            "required": [
+                                                                                "minAddress",
+                                                                                "maxAddress"
+                                                                            ],
+                                                                            "properties": {
+                                                                                "minAddress": {
+                                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                    "type": "string",
+                                                                                    "format": "IP"
+                                                                                },
+                                                                                "maxAddress": {
+                                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                    "type": "string",
+                                                                                    "format": "IP"
+                                                                                }
+                                                                            }
+                                                                        },
+                                                                        "subnetId": {
+                                                                            "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                            "type": "string"
+                                                                        }
+                                                                    }
+                                                                }
+                                                            },
+                                                            "type": {
+                                                                "description": "The type of the IP addresses\n",
+                                                                "type": "string",
+                                                                "enum": [
+                                                                    "PV4",
+                                                                    "PV6"
+                                                                ]
+                                                            },
+                                                            "addresses": {
+                                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                "type": "string",
+                                                                "format": "IP"
+                                                            },
+                                                            "isDynamic": {
+                                                                "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
+                                                                "type": "boolean"
+                                                            },
+                                                            "addressRange": {
+                                                                "description": "An IP address range used, e.g. in case of egress connections. See note.\n",
+                                                                "type": "object",
+                                                                "required": [
+                                                                    "minAddress",
+                                                                    "maxAddress"
+                                                                ],
+                                                                "properties": {
+                                                                    "minAddress": {
+                                                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                        "type": "string",
+                                                                        "format": "IP"
+                                                                    },
+                                                                    "maxAddress": {
+                                                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                        "type": "string",
+                                                                        "format": "IP"
+                                                                    }
+                                                                }
+                                                            },
+                                                            "minAddress": {
+                                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                "type": "string",
+                                                                "format": "IP"
+                                                            },
+                                                            "maxAddress": {
+                                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                "type": "string",
+                                                                "format": "IP"
+                                                            },
+                                                            "subnetId": {
+                                                                "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                "type": "string"
+                                                            }
+                                                        }
+                                                    },
+                                                    "virtualCpAddress": {
+                                                        "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
+                                                        "type": "object",
+                                                        "required": [
+                                                            "type"
+                                                        ],
+                                                        "properties": {
+                                                            "type": {
+                                                                "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
+                                                                "type": "string",
+                                                                "enum": [
+                                                                    "IPV4",
+                                                                    "IPV6"
+                                                                ]
+                                                            },
+                                                            "loadBalancerIp": {
+                                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                "type": "string",
+                                                                "format": "IP"
+                                                            },
+                                                            "addressPoolName": {
+                                                                "description": "Name of an address pool from which an IP address is assigned to the virtual CP.",
+                                                                "type": "string"
+                                                            }
+                                                        }
+                                                    }
+                                                }
+                                            }
+                                        },
+                                        "vduId": {
+                                            "description": "Reference to the VDU(s) which implement the service accessible via the virtual CP instance. See note.\n",
+                                            "type": "array",
+                                            "items": {
+                                                "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                                "type": "string"
+                                            }
+                                        },
+                                        "additionalServiceInfo": {
+                                            "description": "Additional service identification information of the virtual CP instance.\n",
+                                            "type": "array",
+                                            "items": {
+                                                "description": "This type represents the additional service information of the virtual CP instance used to expose properties of the virtual CP to NFV-MANO.\nNOTE: This attribute shall only be present if additional information is needed to identify the service termination within the VNF, such as for example a URL path information in an HTTP request required to allow a single virtual CP IP address to be used for several HTTP based services that use the same port number.",
+                                                "type": "object",
+                                                "required": [
+                                                    "portInfo"
+                                                ],
+                                                "properties": {
+                                                    "portInfo": {
+                                                        "description": "Service port numbers exposed by the virtual CP instance.\n",
+                                                        "type": "array",
+                                                        "items": {
+                                                            "description": "This type represents the information related to the service identifying port properties exposed by the virtual CP instance.",
+                                                            "type": "object",
+                                                            "required": [
+                                                                "name",
+                                                                "protocol",
+                                                                "port",
+                                                                "isPortConfigurable"
+                                                            ],
+                                                            "properties": {
+                                                                "name": {
+                                                                    "description": "The name of the port exposed by the virtual CP instance.\n",
+                                                                    "type": "string"
+                                                                },
+                                                                "protocol": {
+                                                                    "description": "The L4 protocol for this port exposed by the virtual CP instance.\n  Permitted values:\n  - TCP\n  - UDP\n  - SCTP\n",
+                                                                    "type": "string",
+                                                                    "enum": [
+                                                                        "TCP",
+                                                                        "UDP",
+                                                                        "SCTP"
+                                                                    ]
+                                                                },
+                                                                "port": {
+                                                                    "description": "The L4 port number exposed by the virtual CP instance.\n",
+                                                                    "type": "integer"
+                                                                },
+                                                                "isPortConfigurable": {
+                                                                    "description": "Specifies whether the port attribute value is allowed to be configurable.\n",
+                                                                    "type": "boolean"
+                                                                }
+                                                            }
+                                                        }
+                                                    },
+                                                    "serviceInfo": {
+                                                        "description": "Service matching information exposed by the virtual CP instance. See note.\n",
+                                                        "type": "array",
+                                                        "items": {
+                                                            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                            "type": "object"
+                                                        }
+                                                    }
+                                                }
+                                            }
+                                        },
+                                        "metadata": {
+                                            "description": "Metadata about this virtual CP instance.\n",
+                                            "type": "array",
+                                            "items": {
+                                                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                "type": "object"
+                                            }
+                                        }
+                                    }
+                                }
+                            },
+                            "extVirtualLinkInfo": {
+                                "description": "Information about the external VLs the VNF instance is connected to.\n",
+                                "type": "array",
+                                "items": {
+                                    "description": "This type represents information about an VNF external VL.",
+                                    "type": "object",
+                                    "required": [
+                                        "id",
+                                        "resourceHandle",
+                                        "currentVnfExtCpData"
+                                    ],
+                                    "properties": {
+                                        "id": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "resourceHandle": {
+                                            "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
+                                            "type": "object",
+                                            "required": [
+                                                "resourceId"
+                                            ],
+                                            "properties": {
+                                                "vimId": {
+                                                    "description": "An identifier with the intention of being globally unique.\n",
+                                                    "type": "string"
+                                                },
+                                                "resourceProviderId": {
+                                                    "description": "An identifier with the intention of being globally unique.\n",
+                                                    "type": "string"
+                                                },
+                                                "resourceId": {
+                                                    "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                    "type": "string"
+                                                },
+                                                "vimLevelResourceType": {
+                                                    "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
+                                                    "type": "string"
+                                                },
+                                                "vimLevelAdditionalResourceInfo": {
+                                                    "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
+                                                    "type": "object",
+                                                    "properties": {
+                                                        "hostName": {
+                                                            "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
+                                                            "type": "string"
+                                                        },
+                                                        "persistentVolume": {
+                                                            "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
+                                                            "type": "string"
+                                                        },
+                                                        "additionalInfo": {
+                                                            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                            "type": "object"
+                                                        }
+                                                    }
+                                                },
+                                                "containerNamespace": {
+                                                    "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
+                                                    "type": "string"
+                                                }
+                                            }
+                                        },
+                                        "extLinkPorts": {
+                                            "description": "Link ports of this VL.\n",
+                                            "type": "array",
+                                            "items": {
+                                                "description": "This type represents information about a link port of an external VL, i.e. a port providing connectivity for the VNF to an NS VL. NOTE 1: The use cases UC#4 and UC#5 in Annex A.4 of ETSI GS NFV-IFA 007 provide examples for such a configuration. NOTE 2: The value of \"trunkResourceId\" is scoped by the value of \"vimConnectionId\" in the \"resourceHandle\" attribute.\n",
+                                                "type": "object",
+                                                "required": [
+                                                    "id",
+                                                    "resourceHandle"
+                                                ],
+                                                "properties": {
+                                                    "id": {
+                                                        "description": "An identifier with the intention of being globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "resourceHandle": {
+                                                        "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
+                                                        "type": "object",
+                                                        "required": [
+                                                            "resourceId"
+                                                        ],
+                                                        "properties": {
+                                                            "vimId": {
+                                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                                "type": "string"
+                                                            },
+                                                            "resourceProviderId": {
+                                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                                "type": "string"
+                                                            },
+                                                            "resourceId": {
+                                                                "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                "type": "string"
+                                                            },
+                                                            "vimLevelResourceType": {
+                                                                "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
+                                                                "type": "string"
+                                                            },
+                                                            "vimLevelAdditionalResourceInfo": {
+                                                                "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
+                                                                "type": "object",
+                                                                "properties": {
+                                                                    "hostName": {
+                                                                        "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
+                                                                        "type": "string"
+                                                                    },
+                                                                    "persistentVolume": {
+                                                                        "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
+                                                                        "type": "string"
+                                                                    },
+                                                                    "additionalInfo": {
+                                                                        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                                        "type": "object"
+                                                                    }
+                                                                }
+                                                            },
+                                                            "containerNamespace": {
+                                                                "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
+                                                                "type": "string"
+                                                            }
+                                                        }
+                                                    },
+                                                    "cpInstanceId": {
+                                                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "secondaryCpInstanceId": {
+                                                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "trunkResourceId": {
+                                                        "description": "An identifier maintained by the VIM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                        "type": "string"
+                                                    }
+                                                }
+                                            }
+                                        },
+                                        "extNetAttDefResource": {
+                                            "description": "Network attachment definition resources that provide the specification of the interface to attach connection points to this VL.\n",
+                                            "type": "array",
+                                            "items": {
+                                                "description": "This type represents the information related to a network attachment definition resource that provides the specification of the interface used to connect one or multiple connection points to a secondary container cluster network\n",
+                                                "type": "object",
+                                                "required": [
+                                                    "netAttDefResourceInfoId",
+                                                    "netAttDefResource"
+                                                ],
+                                                "properties": {
+                                                    "netAttDefResourceInfoId": {
+                                                        "description": "An identifier with the intention of being globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "netAttDefResource": {
+                                                        "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
+                                                        "type": "object",
+                                                        "required": [
+                                                            "resourceId"
+                                                        ],
+                                                        "properties": {
+                                                            "vimId": {
+                                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                                "type": "string"
+                                                            },
+                                                            "resourceProviderId": {
+                                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                                "type": "string"
+                                                            },
+                                                            "resourceId": {
+                                                                "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                "type": "string"
+                                                            },
+                                                            "vimLevelResourceType": {
+                                                                "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
+                                                                "type": "string"
+                                                            },
+                                                            "vimLevelAdditionalResourceInfo": {
+                                                                "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
+                                                                "type": "object",
+                                                                "properties": {
+                                                                    "hostName": {
+                                                                        "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
+                                                                        "type": "string"
+                                                                    },
+                                                                    "persistentVolume": {
+                                                                        "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
+                                                                        "type": "string"
+                                                                    },
+                                                                    "additionalInfo": {
+                                                                        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                                        "type": "object"
+                                                                    }
+                                                                }
+                                                            },
+                                                            "containerNamespace": {
+                                                                "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
+                                                                "type": "string"
+                                                            }
+                                                        }
+                                                    },
+                                                    "associatedExtCpId": {
+                                                        "description": "Identifier of the external CP of the VNF associated to this network attachment definition resource.  Shall be present when the network attachment definition resource is used for external connectivity by the VNF\n",
+                                                        "type": "array",
+                                                        "items": {
+                                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                            "type": "string"
+                                                        }
+                                                    },
+                                                    "associatedVnfcCpId": {
+                                                        "description": "Identifier of the VNFC CP of the VNF associated to this network attachment definition resource.  May be present when the network attachment definition resource is used for internal connectivity by the VNF.\n",
+                                                        "type": "array",
+                                                        "items": {
+                                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                            "type": "string"
+                                                        }
+                                                    }
+                                                }
+                                            }
+                                        },
+                                        "currentVnfExtCpData": {
+                                            "description": "This type represents configuration information for external CPs created from a CPD.\nNOTE 1: In case this identifier refers to a CPD with trunking enabled, the external CP instances created from this CPD will represent ports in a trunk. NOTE 2:  The map entry value shall be set to \"null\" in order to delete a \"VnfExtCpConfig\" entry identified by a particular key value from the map, i.e. for the disconnection of an existing external CP instance addressed by cpInstanceId in the deleted map entry from a particular external virtual link, and deletion of that instance in case it represents a subport. Deleting the last key from the map removes the affected instance of the \"VnfExtCpData\" structure from its parent data structure. NOTE 3:  Within one VNF instance, all VNFC instances created from a particular VDU have the same external connectivity. Thus, given a particular value of the \"cpdId' attribute, there shall be one \"cpConfig\" entry for each VNFC instance that has been or can be created from a VDU which includes a CPD identified by the \"cpdId\" attribute. If the cpConfig represents a subport in a trunk, all \"cpConfig\" entries in this list shall have the same segmentationId, which means they are connected to the same set of external VLs via the trunk. NOTE 4: If, as defined by the input parameters of a \"ChangeVnfFlavour\", \"ChangeExtVnfConnectivity\"  or \"ChangeCurrentVnfPkg\" operation, a cpConfig map entry identified by a particular map key value is  moved into another \"ExtVirtualLinkData\" or \"VnfExtCpData\" structure, this particular cpConfig map entry  may be used by an external CP instance different than the one that has used it before the operation, or  by no external CP instance at all. Renaming a CPD identifier during the \"changeCurrentVnfPkg\" operation  does not count as moving the related \"cpConfig\" map entries to a new \"extCpData\" structure.\n",
+                                            "type": "object",
+                                            "required": [
+                                                "cpdId"
+                                            ],
+                                            "properties": {
+                                                "cpdId": {
+                                                    "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                                    "type": "string"
+                                                },
+                                                "cpConfig": {
+                                                    "description": "Map of instance data that need to be configured on the CP instances  created from the respective CPD. The key of the map which identifies  the individual VnfExtCpConfig entries is of type \"IdentifierInVnf\"  and is managed by the API consumer. The entries shall be applied by  the VNFM according to the rules of JSON Merge Patch (see IETF RFC 7396 [11]).  See notes 2, 3 and 4.\n",
+                                                    "type": "object",
+                                                    "additionalProperties": {
+                                                        "description": "This type represents an externally provided link port, or a network attachment definition resource of secondary container cluster network, or network address information per  instance of a VNF external connection point. In the case of VM-based deployment of the VNFC exposing the external CP: In case a link port is provided, the NFVO shall use that link port when connecting the VNF external CP to the external VL. • In case a link port is not provided, the NFVO or VNFM shall create a link port on the external VL, and use that link port to connect the VNF external CP to the external VL. In the case of  container-based deployment of the VNFC exposing the external CP, the NFVO and VNFM shall use the network attachment definition resource of secondary container cluster  network when connecting the CP to the external VL.\nNOTE 1:  The following conditions apply to the attributes \"linkPortId\" and \"cpProtocolData\"\n        for an external CP instance connected or to be connected to a virtual network not\n        categorized as secondary container cluster network:\n        - At least one of the \"linkPortId\" and \"cpProtocolData\" attributes shall be present for\n        an external CP instance representing a subport that is to be created, or an external CP instance\n        that is to be created by creating the corresponding VNFC or VNF instance during the current or\n        a subsequent LCM operation, or for an existing external CP instance that is to be re-configured\n        or added to a particular external virtual link.\n        - If the \"cpProtocolData\" attribute is absent, the \"linkPortId\" attribute shall be provided\n      referencing a pre-created link port with pre-configured address information.\n        - If both \"cpProtocolData\" and \"linkportId\" are provided, the API consumer shall ensure that\n        the cpProtocolData can be used with the pre-created link port referenced by \"linkPortId\".\nNOTE 2: In case the NFVO manages its own identifier space, the NFVO may remap this identifier\n        when communicating with the VNFM. If the NFVO knows that there can be an identifier collision\n        when communicating with the VNFM by using the identifier from the OSS/BSS, the NFVO shall remap it.\nNOTE 3: The following conditions apply to the attributes \"netAttDefResourceId\" and \"cpProtocolData\" for an external CP\n        instance connected or to be connected to a secondary container cluster network:\n        − Void.\n        − At least one of these attributes shall be present for a to-be-created external CP instance or an existing\n        external CP instance.\nNOTE 4: Cardinality greater than 1 is only applicable for specific cases where more than one network\n        attachment definition resource is needed to fulfil the connectivity requirements of the external CP,\n        e.g. to build a link redundant mated pair in SR-IOV cases. When more than one \"netAttDefResourceId\"\n        is indicated, all shall belong to the same namespace as defined by the corresponding \n        \"containerNamespace\" attribute in the \"resourceHandle\" attribute in the \"NetAttDefResourceData\".\nNOTE 5: Either \"linkPortId\" or \"netAttDefResourceId\" may be included, but not both.\n",
+                                                        "type": "object",
+                                                        "oneOf": [
+                                                            {
+                                                                "required": [
+                                                                    "linkPortId"
+                                                                ]
+                                                            },
+                                                            {
+                                                                "required": [
+                                                                    "cpProtocolData"
+                                                                ]
+                                                            }
+                                                        ],
+                                                        "properties": {
+                                                            "parentCpConfigId": {
+                                                                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                                "type": "string"
+                                                            },
+                                                            "linkPortId": {
+                                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                                "type": "string"
+                                                            },
+                                                            "createExtLinkPort": {
+                                                                "description": "Indicates the need to create a dedicated link port for the external CP. If set to True, a link port is created. If set to False, no link port is created. This attribute is only applicable for external CP instances without a floating IP address that expose a VIP CP instance for which a dedicated IP address is allocated. It shall be present in that case and shall be absent otherwise.\n",
+                                                                "type": "boolean"
+                                                            },
+                                                            "cpProtocolData": {
+                                                                "description": "Parameters for configuring the network protocols on the link port that connects the CP to a VL. See notes 1 and 3.\n",
+                                                                "type": "array",
+                                                                "items": {
+                                                                    "description": "This type represents network protocol data.\nNOTE:\tThis attribute allows to signal the addition of further types  of layer and protocol in future versions of the present document in  a backwards-compatible way. In the current version of the present  document, only IP over Ethernet is supported.\n",
+                                                                    "type": "object",
+                                                                    "required": [
+                                                                        "layerProtocol"
+                                                                    ],
+                                                                    "properties": {
+                                                                        "layerProtocol": {
+                                                                            "description": "Identifier of layer(s) and protocol(s). Permitted values:  - IP_OVER_ETHERNET - IP_FOR_VIRTUAL_CP See note.\n",
+                                                                            "type": "string",
+                                                                            "enum": [
+                                                                                "IP_OVER_ETHERNET",
+                                                                                "IP_FOR_VIRTUAL_CP"
+                                                                            ]
+                                                                        },
+                                                                        "ipOverEthernet": {
+                                                                            "description": "This type represents network address data for IP over Ethernet. NOTE 1: At least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2: Exactly one of \"fixedAddresses\", \"numDynamicAddresses\" or \"ipAddressRange\" shall be present. NOTE 3: If the CP instance represents a subport in a trunk, \"segmentationId\" shall be present. Otherwise it shall not be present. NOTE 4: Depending on the NFVI networking infrastructure, the \"segmentationId\" may indicate the actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header of the packets or it may be an identifier used between the application and the NFVI networking infrastructure to identify the network sub-interface of the trunk port in question. In the latter case the NFVI infrastructure will map this local \"segmentationId\" to whatever \"segmentationId\" is actually used by the NFVI's transport technology.\n",
+                                                                            "type": "object",
+                                                                            "anyOf": [
+                                                                                {
+                                                                                    "required": [
+                                                                                        "ipAddresses"
+                                                                                    ]
+                                                                                },
+                                                                                {
+                                                                                    "required": [
+                                                                                        "macAddress"
+                                                                                    ]
+                                                                                }
+                                                                            ],
+                                                                            "properties": {
+                                                                                "macAddress": {
+                                                                                    "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
+                                                                                    "type": "string",
+                                                                                    "format": "MAC"
+                                                                                },
+                                                                                "segmentationType": {
+                                                                                    "description": "Specifies the encapsulation type for the traffics coming in and out of the trunk subport. Permitted values are: - VLAN: The subport uses VLAN as encapsulation type. - INHERIT: The subport gets its segmentation type from the network it is connected to. This attribute may be present for CP instances that represent subports in a trunk and shall be absent otherwise. If this attribute is not present for a subport CP instance, default value VLAN shall be used.\n",
+                                                                                    "type": "string",
+                                                                                    "enum": [
+                                                                                        "VLAN",
+                                                                                        "INHERIT"
+                                                                                    ]
+                                                                                },
+                                                                                "segmentationId": {
+                                                                                    "description": "Identification of the network segment to which the CP instance connects to. See note 3 and note 4.\n",
+                                                                                    "type": "string"
+                                                                                },
+                                                                                "ipAddresses": {
+                                                                                    "description": "List of IP addresses to assign to the CP instance. Each entry represents IP address data for fixed or dynamic IP address assignment per subnet. If this attribute is not present, no IP address shall be assigned. See note 1.\n",
+                                                                                    "type": "array",
+                                                                                    "items": {
+                                                                                        "type": "object",
+                                                                                        "required": [
+                                                                                            "type"
+                                                                                        ],
+                                                                                        "oneOf": [
+                                                                                            {
+                                                                                                "required": [
+                                                                                                    "fixedAddresses"
+                                                                                                ]
+                                                                                            },
+                                                                                            {
+                                                                                                "required": [
+                                                                                                    "numDynamicAddresses"
+                                                                                                ]
+                                                                                            },
+                                                                                            {
+                                                                                                "required": [
+                                                                                                    "addressRange"
+                                                                                                ]
+                                                                                            }
+                                                                                        ],
+                                                                                        "properties": {
+                                                                                            "type": {
+                                                                                                "description": "The type of the IP addresses. Permitted values:\n  - IPV4\n  - IPV6\n",
+                                                                                                "type": "string",
+                                                                                                "enum": [
+                                                                                                    "IPV4",
+                                                                                                    "IPV6"
+                                                                                                ]
+                                                                                            },
+                                                                                            "fixedAddresses": {
+                                                                                                "description": "Fixed addresses to assign (from the subnet defined by \"subnetId\" if provided). Exactly one of \"fixedAddresses\", \"numDynamicAddresses\" or \"ipAddressRange\" shall be present.\n",
+                                                                                                "type": "array",
+                                                                                                "items": {
+                                                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                                    "type": "string",
+                                                                                                    "format": "IP"
+                                                                                                }
+                                                                                            },
+                                                                                            "numDynamicAddresses": {
+                                                                                                "description": "Number of dynamic addresses to assign (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
+                                                                                                "type": "integer"
+                                                                                            },
+                                                                                            "addressRange": {
+                                                                                                "description": "An IP address range to be used, e.g. in case of egress connections. In case this attribute is present, IP addresses from the range will be used.\n",
+                                                                                                "type": "object",
+                                                                                                "required": [
+                                                                                                    "minAddress",
+                                                                                                    "maxAddress"
+                                                                                                ],
+                                                                                                "properties": {
+                                                                                                    "minAddress": {
+                                                                                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                                        "type": "string",
+                                                                                                        "format": "IP"
+                                                                                                    },
+                                                                                                    "maxAddress": {
+                                                                                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                                        "type": "string",
+                                                                                                        "format": "IP"
+                                                                                                    }
+                                                                                                }
+                                                                                            },
+                                                                                            "subnetId": {
+                                                                                                "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                                                "type": "string"
+                                                                                            }
+                                                                                        }
+                                                                                    }
+                                                                                }
+                                                                            }
+                                                                        },
+                                                                        "virtualCpAddress": {
+                                                                            "description": "This type represents network address data for a virtual CP.  It shall comply with the provisions defined in table 6.5.3.12a-1.\nNOTE 1: If the container cluster is set up to be able to configure an external load balancer this address will be\n        used, otherwise it will be ignored by the CISM.\nNOTE 2: In case the cluster can configure an external load balancer but no loadBalancerIp is provided the\n        container cluster will assign an IP address.\nNOTE 3: The attribute is only relevant if the virtual CP is instantiated in a cluster that supports configuration of IP\n        address pools for virtual CPs. Otherwise it shall be ignored. MetalLB is an example of a solution for\n        Kubernetes® that supports configuration of address pools for load balancer services.\nNOTE 4: The loadBalancerIp and the addressPoolName attributes shall not be present at the same time.\n",
+                                                                            "type": "object",
+                                                                            "required": [
+                                                                                "type"
+                                                                            ],
+                                                                            "properties": {
+                                                                                "type": {
+                                                                                    "description": "Identifier of layer(s) and protocol(s). Permitted values: IP_OVER_ETHERNET.\n",
+                                                                                    "type": "string",
+                                                                                    "enum": [
+                                                                                        "IPV4",
+                                                                                        "IPV6"
+                                                                                    ]
+                                                                                },
+                                                                                "loadBalancerIp": {
+                                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                    "type": "string",
+                                                                                    "format": "IP"
+                                                                                },
+                                                                                "addressPoolName": {
+                                                                                    "description": "Name of an address pool from which the container cluster will assign an IP address to the virtual CP. See notes 3 and 4.\n",
+                                                                                    "type": "array",
+                                                                                    "items": {
+                                                                                        "type": "string"
+                                                                                    }
+                                                                                }
+                                                                            }
+                                                                        }
+                                                                    }
+                                                                }
+                                                            },
+                                                            "netAttDefResourceId": {
+                                                                "description": "Identifier of the \"NetAttDefResourceData\" structure that provides the specification of the interface to attach the external CP to a secondary container cluster network.  It is only applicable if the external CP is connected or to be connected to a secondary container cluster network. It shall not be present if the external CP is related to a virtual network not categorized as secondary container cluster network.  See notes 3, 4 and 5.\n",
+                                                                "type": "array",
+                                                                "items": {
+                                                                    "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                                    "type": "string"
+                                                                }
+                                                            }
+                                                        }
+                                                    }
+                                                }
+                                            }
+                                        }
+                                    }
+                                }
+                            },
+                            "extManagedVirtualLinkInfo": {
+                                "description": "Information about the externally-managed internal VLs of the VNF instance.  See note 4 and note 5.\n",
+                                "type": "array",
+                                "items": {
+                                    "description": "This type provides information about an externally-managed internal virtual link for VNFs\n",
+                                    "type": "object",
+                                    "required": [
+                                        "id",
+                                        "vnfVirtualLinkDescId",
+                                        "networkResource"
+                                    ],
+                                    "properties": {
+                                        "id": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "vnfdId": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "vnfVirtualLinkDescId": {
+                                            "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                            "type": "string"
+                                        },
+                                        "networkResource": {
+                                            "description": "Reference to the VirtualNetwork resource or multi-site connectivity service providing this VL.\n",
+                                            "type": "array",
+                                            "items": {
+                                                "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
+                                                "type": "object",
+                                                "required": [
+                                                    "resourceId"
+                                                ],
+                                                "properties": {
+                                                    "vimId": {
+                                                        "description": "An identifier with the intention of being globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "resourceProviderId": {
+                                                        "description": "An identifier with the intention of being globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "resourceId": {
+                                                        "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "vimLevelResourceType": {
+                                                        "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "vimLevelAdditionalResourceInfo": {
+                                                        "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
+                                                        "type": "object",
+                                                        "properties": {
+                                                            "hostName": {
+                                                                "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
+                                                                "type": "string"
+                                                            },
+                                                            "persistentVolume": {
+                                                                "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
+                                                                "type": "string"
+                                                            },
+                                                            "additionalInfo": {
+                                                                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                                "type": "object"
+                                                            }
+                                                        }
+                                                    },
+                                                    "containerNamespace": {
+                                                        "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
+                                                        "type": "string"
+                                                    }
+                                                }
+                                            }
+                                        },
+                                        "vnfLinkPorts": {
+                                            "description": "Link ports of this VL.\n",
+                                            "type": "array",
+                                            "items": {
+                                                "type": "object",
+                                                "description": "This type represents a link port of an internal VL of a VNF. It shall comply with the provisions defined in table 6.5.3.64-1.\nNOTE 1: Either cpInstanceId with cpInstanceType set to \"EXT_CP\" or any combination of cpInstanceId with cpInstanceType set to \"VNFC_CP\" and vipCpInstanceId (i.e. one or both of them) shall be present for a VnfLinkPortInfo. In case both cpInstanceId with cpInstanceType set to \"VNFC_CP\" and vipCpInstanceId are present, the two different CP instances share the linkport.\n",
+                                                "required": [
+                                                    "id",
+                                                    "resourceHandle"
+                                                ],
+                                                "properties": {
+                                                    "id": {
+                                                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "resourceHandle": {
+                                                        "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
+                                                        "type": "object",
+                                                        "required": [
+                                                            "resourceId"
+                                                        ],
+                                                        "properties": {
+                                                            "vimId": {
+                                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                                "type": "string"
+                                                            },
+                                                            "resourceProviderId": {
+                                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                                "type": "string"
+                                                            },
+                                                            "resourceId": {
+                                                                "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                "type": "string"
+                                                            },
+                                                            "vimLevelResourceType": {
+                                                                "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
+                                                                "type": "string"
+                                                            },
+                                                            "vimLevelAdditionalResourceInfo": {
+                                                                "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
+                                                                "type": "object",
+                                                                "properties": {
+                                                                    "hostName": {
+                                                                        "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
+                                                                        "type": "string"
+                                                                    },
+                                                                    "persistentVolume": {
+                                                                        "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
+                                                                        "type": "string"
+                                                                    },
+                                                                    "additionalInfo": {
+                                                                        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                                        "type": "object"
+                                                                    }
+                                                                }
+                                                            },
+                                                            "containerNamespace": {
+                                                                "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
+                                                                "type": "string"
+                                                            }
+                                                        }
+                                                    },
+                                                    "cpInstanceId": {
+                                                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "cpInstanceType": {
+                                                        "description": "Type of the CP instance that is identified by cpInstanceId. Shall be present if \"cpInstanceId\" is present, and shall be absent otherwise. Permitted values: * VNFC_CP: The link port is connected to a VNFC CP * EXT_CP: The link port is associated to an external CP. See note 1.\n",
+                                                        "type": "string",
+                                                        "enum": [
+                                                            "VNFC_CP",
+                                                            "EXT_CP"
+                                                        ]
+                                                    },
+                                                    "vipCpInstanceId": {
+                                                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "trunkResourceId": {
+                                                        "description": "An identifier maintained by the VIM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                        "type": "string"
+                                                    }
+                                                }
+                                            }
+                                        },
+                                        "vnfNetAttDefResource": {
+                                            "description": "This type represents the information related to a network attachment definition resource that provides the specification of the interface used to connect one or multiple connection points to a secondary container cluster network\n",
+                                            "type": "object",
+                                            "required": [
+                                                "netAttDefResourceInfoId",
+                                                "netAttDefResource"
+                                            ],
+                                            "properties": {
+                                                "netAttDefResourceInfoId": {
+                                                    "description": "An identifier with the intention of being globally unique.\n",
+                                                    "type": "string"
+                                                },
+                                                "netAttDefResource": {
+                                                    "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
+                                                    "type": "object",
+                                                    "required": [
+                                                        "resourceId"
+                                                    ],
+                                                    "properties": {
+                                                        "vimId": {
+                                                            "description": "An identifier with the intention of being globally unique.\n",
+                                                            "type": "string"
+                                                        },
+                                                        "resourceProviderId": {
+                                                            "description": "An identifier with the intention of being globally unique.\n",
+                                                            "type": "string"
+                                                        },
+                                                        "resourceId": {
+                                                            "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                            "type": "string"
+                                                        },
+                                                        "vimLevelResourceType": {
+                                                            "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
+                                                            "type": "string"
+                                                        },
+                                                        "vimLevelAdditionalResourceInfo": {
+                                                            "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
+                                                            "type": "object",
+                                                            "properties": {
+                                                                "hostName": {
+                                                                    "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
+                                                                    "type": "string"
+                                                                },
+                                                                "persistentVolume": {
+                                                                    "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
+                                                                    "type": "string"
+                                                                },
+                                                                "additionalInfo": {
+                                                                    "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                                    "type": "object"
+                                                                }
+                                                            }
+                                                        },
+                                                        "containerNamespace": {
+                                                            "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
+                                                            "type": "string"
+                                                        }
+                                                    }
+                                                },
+                                                "associatedExtCpId": {
+                                                    "description": "Identifier of the external CP of the VNF associated to this network attachment definition resource.  Shall be present when the network attachment definition resource is used for external connectivity by the VNF\n",
+                                                    "type": "array",
+                                                    "items": {
+                                                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                        "type": "string"
+                                                    }
+                                                },
+                                                "associatedVnfcCpId": {
+                                                    "description": "Identifier of the VNFC CP of the VNF associated to this network attachment definition resource.  May be present when the network attachment definition resource is used for internal connectivity by the VNF.\n",
+                                                    "type": "array",
+                                                    "items": {
+                                                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                        "type": "string"
+                                                    }
+                                                }
+                                            }
+                                        },
+                                        "extManagedMultisiteVirtualLinkId": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        }
+                                    }
+                                }
+                            },
+                            "monitoringParameters": {
+                                "description": "Performance metrics tracked by the VNFM (e.g. for  auto-scaling purposes) as identified by the VNF  provider in the VNFD.\n",
+                                "type": "array",
+                                "items": {
+                                    "description": "This type represents a monitoring parameter that is tracked by the VNFM, for example,  for auto-scaling purposes. It shall comply with the provisions defined in Table 6.5.3.69-1.\n",
+                                    "type": "object",
+                                    "required": [
+                                        "id",
+                                        "performanceMetric"
+                                    ],
+                                    "properties": {
+                                        "id": {
+                                            "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                                            "type": "string"
+                                        },
+                                        "vnfdId": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "name": {
+                                            "description": "Human readable name of the monitoring parameter, as defined in the VNFD.\n",
+                                            "type": "string"
+                                        },
+                                        "performanceMetric": {
+                                            "description": "Performance metric that is monitored. This attribute shall contain the related  \"Measurement Name\" value as defined in clause 7.2 of ETSI GS NFV-IFA 027.\n",
+                                            "type": "string"
+                                        }
+                                    }
+                                }
+                            },
+                            "localizationLanguage": {
+                                "description": "Information about localization language of the VNF (includes e.g. strings in the VNFD). The localization languages supported by a VNF can be declared in the VNFD, and localization language selection can take place at instantiation time. The value shall comply with the format defined in IETF RFC 5646.\n",
+                                "type": "string"
+                            },
+                            "vnfcResourceInfo": {
+                                "description": "Information about the virtualised compute and storage resources used by the VNFCs of the VNF instance.\n",
+                                "type": "array",
+                                "items": {
+                                    "description": "This type represents the information on virtualised compute and storage resources used by a VNFC in a VNF instance. This feature addresses the following capabilities: • NFV Architecture support for VNFs which follow “cloud-native” design principles. • Enhance NFV-MANO capabilities to support container technologies. • Enhance NFV-MANO capabilities for container management and orchestration. • Enhance information model for containerized VNFs both using bare metal or nested virtualization technologies.\nNOTE 1: ETSI GS NFV-SOL 001 specifies the structure and format of the VNFD based on TOSCA specifications. NOTE 2: A VNFC CP is \"connected to\" an external CP if the VNFC CP is connected to an internal VL that exposes an external CP. A VNFC CP is \"exposed as\" an external CP if it is connected directly to an external VL. NOTE 3: The information can be omitted because it is already available as part of the external CP information.  NOTE 4:  Cardinality greater than 1 is only applicable for specific cases where more than one network  attachment definition resource is needed to fulfil the connectivity requirements of the internal CP,  e.g. to build a link redundant mated pair in SR-IOV cases. NOTE 5:  When more than one \"netAttDefResourceId\" is indicated, all shall belong to the same namespace.\n",
+                                    "type": "object",
+                                    "required": [
+                                        "id",
+                                        "vduId",
+                                        "computeResource"
+                                    ],
+                                    "properties": {
+                                        "id": {
+                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "vnfdId": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "vduId": {
+                                            "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                            "type": "string"
+                                        },
+                                        "computeResource": {
+                                            "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
+                                            "type": "object",
+                                            "required": [
+                                                "resourceId"
+                                            ],
+                                            "properties": {
+                                                "vimId": {
+                                                    "description": "An identifier with the intention of being globally unique.\n",
+                                                    "type": "string"
+                                                },
+                                                "resourceProviderId": {
+                                                    "description": "An identifier with the intention of being globally unique.\n",
+                                                    "type": "string"
+                                                },
+                                                "resourceId": {
+                                                    "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                    "type": "string"
+                                                },
+                                                "vimLevelResourceType": {
+                                                    "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
+                                                    "type": "string"
+                                                },
+                                                "vimLevelAdditionalResourceInfo": {
+                                                    "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
+                                                    "type": "object",
+                                                    "properties": {
+                                                        "hostName": {
+                                                            "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
+                                                            "type": "string"
+                                                        },
+                                                        "persistentVolume": {
+                                                            "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
+                                                            "type": "string"
+                                                        },
+                                                        "additionalInfo": {
+                                                            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                            "type": "object"
+                                                        }
+                                                    }
+                                                },
+                                                "containerNamespace": {
+                                                    "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
+                                                    "type": "string"
+                                                }
+                                            }
+                                        },
+                                        "storageResourceIds": {
+                                            "description": "References to the VirtualStorage resources or references to Storage MCIOs.  The value refers to a VirtualStorageResourceInfo item in the VnfInstance.\n",
+                                            "type": "array",
+                                            "items": {
+                                                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                "type": "string"
+                                            }
+                                        },
+                                        "reservationId": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "vnfcCpInfo": {
+                                            "description": "CPs of the VNFC instance. Shall be present when that particular CP of the VNFC instance is exposed as an external CP of the VNF instance or is connected to an external CP of the VNF instance.See note 2. May be present otherwise.\n",
+                                            "type": "array",
+                                            "items": {
+                                                "type": "object",
+                                                "required": [
+                                                    "id",
+                                                    "cpdId"
+                                                ],
+                                                "properties": {
+                                                    "id": {
+                                                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "cpdId": {
+                                                        "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "vnfExtCpId": {
+                                                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "cpProtocolInfo": {
+                                                        "description": "Network protocol information for this CP. May be omitted if the VNFC CP is exposed as an external CP. See note 3.\n",
+                                                        "type": "array",
+                                                        "items": {
+                                                            "description": "This type describes the protocol layer(s) that a CP or SAP uses together with protocol-related information, like addresses. It shall comply with the provisions defined in Table 6.5.3.58-1. NOTE: This attribute allows to signal the addition of further types of layer and protocol in future versions of the present document in a backwards-compatible way. In the current version of the present document, only IP over Ethernet is supported.\n",
+                                                            "type": "object",
+                                                            "required": [
+                                                                "layerProtocol",
+                                                                "ipOverEthernet"
+                                                            ],
+                                                            "properties": {
+                                                                "layerProtocol": {
+                                                                    "description": "The identifier of layer(s) and protocol(s) associated to the network address information. Permitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
+                                                                    "type": "string",
+                                                                    "enum": [
+                                                                        "IP_OVER_ETHERNET",
+                                                                        "IP_FOR_VIRTUAL_CP"
+                                                                    ]
+                                                                },
+                                                                "ipOverEthernet": {
+                                                                    "description": "This type represents information about a network address that has been assigned.\nNOTE 1: At least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2: Exactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3: If the Cp instance represents a subport in a trunk, \"segmentationId\" shall be present. Otherwise it shall not be present. NOTE 4: Depending on the NFVI networking infrastructure, the \"segmentationId\" may indicate the actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header of the packets or it may be an identifier used between the application and the NFVI networking infrastructure to identify the network sub-interface of the trunk port in question. In the latter case the NFVI infrastructure will map this local \"segmentationId\" to whatever \"segmentationId\" is actually used by the NFVI's transport technology.\n",
+                                                                    "type": "object",
+                                                                    "anyOf": [
+                                                                        {
+                                                                            "required": [
+                                                                                "macAddress"
+                                                                            ]
+                                                                        },
+                                                                        {
+                                                                            "required": [
+                                                                                "ipAddresses"
+                                                                            ]
+                                                                        }
+                                                                    ],
+                                                                    "properties": {
+                                                                        "macAddress": {
+                                                                            "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
+                                                                            "type": "string",
+                                                                            "format": "MAC"
+                                                                        },
+                                                                        "segmentationId": {
+                                                                            "description": "Identification of the network segment to which the Cp instance connects to. See note 3 and note 4.\n",
+                                                                            "type": "string"
+                                                                        },
+                                                                        "ipAddresses": {
+                                                                            "description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or dynamic IP address assignment per subnet. See note 1.\n",
+                                                                            "type": "array",
+                                                                            "items": {
+                                                                                "type": "object",
+                                                                                "required": [
+                                                                                    "type"
+                                                                                ],
+                                                                                "oneOf": [
+                                                                                    {
+                                                                                        "required": [
+                                                                                            "addresses"
+                                                                                        ]
+                                                                                    },
+                                                                                    {
+                                                                                        "required": [
+                                                                                            "addressRange"
+                                                                                        ]
+                                                                                    }
+                                                                                ],
+                                                                                "properties": {
+                                                                                    "type": {
+                                                                                        "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
+                                                                                        "type": "string",
+                                                                                        "enum": [
+                                                                                            "IPV4",
+                                                                                            "IPV6"
+                                                                                        ]
+                                                                                    },
+                                                                                    "addresses": {
+                                                                                        "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
+                                                                                        "type": "array",
+                                                                                        "items": {
+                                                                                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                            "type": "string",
+                                                                                            "format": "IP"
+                                                                                        }
+                                                                                    },
+                                                                                    "isDynamic": {
+                                                                                        "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
+                                                                                        "type": "boolean"
+                                                                                    },
+                                                                                    "addressRange": {
+                                                                                        "description": "An IP address range used, e.g., in case of egress connections. Exactly one of \"addresses\" or \"addressRange\" shall be present. See note 2.\n",
+                                                                                        "type": "object",
+                                                                                        "required": [
+                                                                                            "minAddress",
+                                                                                            "maxAddress"
+                                                                                        ],
+                                                                                        "properties": {
+                                                                                            "minAddress": {
+                                                                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                                "type": "string",
+                                                                                                "format": "IP"
+                                                                                            },
+                                                                                            "maxAddress": {
+                                                                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                                "type": "string",
+                                                                                                "format": "IP"
+                                                                                            }
+                                                                                        }
+                                                                                    },
+                                                                                    "subnetId": {
+                                                                                        "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                                        "type": "string"
+                                                                                    }
+                                                                                }
+                                                                            }
+                                                                        },
+                                                                        "type": {
+                                                                            "description": "The type of the IP addresses\n",
+                                                                            "type": "string",
+                                                                            "enum": [
+                                                                                "PV4",
+                                                                                "PV6"
+                                                                            ]
+                                                                        },
+                                                                        "addresses": {
+                                                                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                            "type": "string",
+                                                                            "format": "IP"
+                                                                        },
+                                                                        "isDynamic": {
+                                                                            "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
+                                                                            "type": "boolean"
+                                                                        },
+                                                                        "addressRange": {
+                                                                            "description": "An IP address range used, e.g. in case of egress connections. See note.\n",
+                                                                            "type": "object",
+                                                                            "required": [
+                                                                                "minAddress",
+                                                                                "maxAddress"
+                                                                            ],
+                                                                            "properties": {
+                                                                                "minAddress": {
+                                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                    "type": "string",
+                                                                                    "format": "IP"
+                                                                                },
+                                                                                "maxAddress": {
+                                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                    "type": "string",
+                                                                                    "format": "IP"
+                                                                                }
+                                                                            }
+                                                                        },
+                                                                        "minAddress": {
+                                                                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                            "type": "string",
+                                                                            "format": "IP"
+                                                                        },
+                                                                        "maxAddress": {
+                                                                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                            "type": "string",
+                                                                            "format": "IP"
+                                                                        },
+                                                                        "subnetId": {
+                                                                            "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                            "type": "string"
+                                                                        }
+                                                                    }
+                                                                },
+                                                                "virtualCpAddress": {
+                                                                    "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
+                                                                    "type": "object",
+                                                                    "required": [
+                                                                        "type"
+                                                                    ],
+                                                                    "properties": {
+                                                                        "type": {
+                                                                            "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
+                                                                            "type": "string",
+                                                                            "enum": [
+                                                                                "IPV4",
+                                                                                "IPV6"
+                                                                            ]
+                                                                        },
+                                                                        "loadBalancerIp": {
+                                                                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                            "type": "string",
+                                                                            "format": "IP"
+                                                                        },
+                                                                        "addressPoolName": {
+                                                                            "description": "Name of an address pool from which an IP address is assigned to the virtual CP.",
+                                                                            "type": "string"
+                                                                        }
+                                                                    }
+                                                                }
+                                                            }
+                                                        }
+                                                    },
+                                                    "parentCpId": {
+                                                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "vnfLinkPortId": {
+                                                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "netAttDefResourceId": {
+                                                        "description": "Identifier of the \"NetAttDefResourceInfo\" structure that provides the specification of the interface to attach the connection point to a secondary container cluster network. See notes 4 and 5. It shall be present if the internal CP is associated to a VNFC realized by one or a set of OS containers and  is connected to a secondary container cluster network. It shall not be present otherwise.\n",
+                                                        "type": "array",
+                                                        "items": {
+                                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                            "type": "string"
+                                                        }
+                                                    },
+                                                    "metadata": {
+                                                        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                        "type": "object"
+                                                    },
+                                                    "certificateContentId": {
+                                                        "description": "The identifier of certificate that this VNFC CP instance uses. Shall be present when using in delegation-mode. Otherwise shall not be present.\n",
+                                                        "type": "array",
+                                                        "items": {
+                                                            "description": "An identifier with the intention of being globally unique.\n",
+                                                            "type": "string"
+                                                        }
+                                                    }
+                                                }
+                                            }
+                                        },
+                                        "metadata": {
+                                            "description": "Metadata about this resource.\n"
+                                        },
+                                        "certificateContentId": {
+                                            "description": "The identifier of certificate that this VNFC instance uses. Shall be present when using in delegation-mode. Otherwise shall not be present.\n",
+                                            "type": "array",
+                                            "items": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            }
+                                        }
+                                    }
+                                }
+                            },
+                            "vnfVirtualLinkResourceInfo": {
+                                "description": "Information about the virtualised network resources used by the VLs of the VNF instance. See note 5.\n",
+                                "type": "array",
+                                "items": {
+                                    "description": "This type represents the information that allows addressing a virtualised resource that is used by an internal VL instance in a VNF instance.\n",
+                                    "type": "object",
+                                    "required": [
+                                        "id",
+                                        "vnfVirtualLinkDescId",
+                                        "networkResource"
+                                    ],
+                                    "properties": {
+                                        "id": {
+                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "vnfdId": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "vnfVirtualLinkDescId": {
+                                            "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                            "type": "string"
+                                        },
+                                        "networkResource": {
+                                            "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
+                                            "type": "object",
+                                            "required": [
+                                                "resourceId"
+                                            ],
+                                            "properties": {
+                                                "vimId": {
+                                                    "description": "An identifier with the intention of being globally unique.\n",
+                                                    "type": "string"
+                                                },
+                                                "resourceProviderId": {
+                                                    "description": "An identifier with the intention of being globally unique.\n",
+                                                    "type": "string"
+                                                },
+                                                "resourceId": {
+                                                    "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                    "type": "string"
+                                                },
+                                                "vimLevelResourceType": {
+                                                    "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
+                                                    "type": "string"
+                                                },
+                                                "vimLevelAdditionalResourceInfo": {
+                                                    "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
+                                                    "type": "object",
+                                                    "properties": {
+                                                        "hostName": {
+                                                            "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
+                                                            "type": "string"
+                                                        },
+                                                        "persistentVolume": {
+                                                            "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
+                                                            "type": "string"
+                                                        },
+                                                        "additionalInfo": {
+                                                            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                            "type": "object"
+                                                        }
+                                                    }
+                                                },
+                                                "containerNamespace": {
+                                                    "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
+                                                    "type": "string"
+                                                }
+                                            }
+                                        },
+                                        "reservationId": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "vnfLinkPorts": {
+                                            "description": "Links ports of this VL. Shall be present when the linkPort is used for external connectivity by the VNF (refer to VnfLinkPortInfo). May be present otherwise.\n",
+                                            "type": "array",
+                                            "items": {
+                                                "type": "object",
+                                                "description": "This type represents a link port of an internal VL of a VNF. It shall comply with the provisions defined in table 6.5.3.64-1.\nNOTE 1: Either cpInstanceId with cpInstanceType set to \"EXT_CP\" or any combination of cpInstanceId with cpInstanceType set to \"VNFC_CP\" and vipCpInstanceId (i.e. one or both of them) shall be present for a VnfLinkPortInfo. In case both cpInstanceId with cpInstanceType set to \"VNFC_CP\" and vipCpInstanceId are present, the two different CP instances share the linkport.\n",
+                                                "required": [
+                                                    "id",
+                                                    "resourceHandle"
+                                                ],
+                                                "properties": {
+                                                    "id": {
+                                                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "resourceHandle": {
+                                                        "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
+                                                        "type": "object",
+                                                        "required": [
+                                                            "resourceId"
+                                                        ],
+                                                        "properties": {
+                                                            "vimId": {
+                                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                                "type": "string"
+                                                            },
+                                                            "resourceProviderId": {
+                                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                                "type": "string"
+                                                            },
+                                                            "resourceId": {
+                                                                "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                "type": "string"
+                                                            },
+                                                            "vimLevelResourceType": {
+                                                                "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
+                                                                "type": "string"
+                                                            },
+                                                            "vimLevelAdditionalResourceInfo": {
+                                                                "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
+                                                                "type": "object",
+                                                                "properties": {
+                                                                    "hostName": {
+                                                                        "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
+                                                                        "type": "string"
+                                                                    },
+                                                                    "persistentVolume": {
+                                                                        "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
+                                                                        "type": "string"
+                                                                    },
+                                                                    "additionalInfo": {
+                                                                        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                                        "type": "object"
+                                                                    }
+                                                                }
+                                                            },
+                                                            "containerNamespace": {
+                                                                "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
+                                                                "type": "string"
+                                                            }
+                                                        }
+                                                    },
+                                                    "cpInstanceId": {
+                                                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "cpInstanceType": {
+                                                        "description": "Type of the CP instance that is identified by cpInstanceId. Shall be present if \"cpInstanceId\" is present, and shall be absent otherwise. Permitted values: * VNFC_CP: The link port is connected to a VNFC CP * EXT_CP: The link port is associated to an external CP. See note 1.\n",
+                                                        "type": "string",
+                                                        "enum": [
+                                                            "VNFC_CP",
+                                                            "EXT_CP"
+                                                        ]
+                                                    },
+                                                    "vipCpInstanceId": {
+                                                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "trunkResourceId": {
+                                                        "description": "An identifier maintained by the VIM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                        "type": "string"
+                                                    }
+                                                }
+                                            }
+                                        },
+                                        "metadata": {
+                                            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                            "type": "object"
+                                        }
+                                    }
+                                }
+                            },
+                            "virtualStorageResourceInfo": {
+                                "description": "Information on the virtualised storage resource(s) used as storage for the VNF instance.\n",
+                                "type": "array",
+                                "items": {
+                                    "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance.\n",
+                                    "type": "object",
+                                    "required": [
+                                        "id",
+                                        "virtualStorageDescId",
+                                        "storageResource"
+                                    ],
+                                    "properties": {
+                                        "id": {
+                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "virtualStorageDescId": {
+                                            "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                            "type": "string"
+                                        },
+                                        "vnfdId": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "storageResource": {
+                                            "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
+                                            "type": "object",
+                                            "required": [
+                                                "resourceId"
+                                            ],
+                                            "properties": {
+                                                "vimId": {
+                                                    "description": "An identifier with the intention of being globally unique.\n",
+                                                    "type": "string"
+                                                },
+                                                "resourceProviderId": {
+                                                    "description": "An identifier with the intention of being globally unique.\n",
+                                                    "type": "string"
+                                                },
+                                                "resourceId": {
+                                                    "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                    "type": "string"
+                                                },
+                                                "vimLevelResourceType": {
+                                                    "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
+                                                    "type": "string"
+                                                },
+                                                "vimLevelAdditionalResourceInfo": {
+                                                    "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
+                                                    "type": "object",
+                                                    "properties": {
+                                                        "hostName": {
+                                                            "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
+                                                            "type": "string"
+                                                        },
+                                                        "persistentVolume": {
+                                                            "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
+                                                            "type": "string"
+                                                        },
+                                                        "additionalInfo": {
+                                                            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                            "type": "object"
+                                                        }
+                                                    }
+                                                },
+                                                "containerNamespace": {
+                                                    "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
+                                                    "type": "string"
+                                                }
+                                            }
+                                        },
+                                        "reservationId": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "metadata": {
+                                            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                            "type": "object"
+                                        }
+                                    }
+                                }
+                            },
+                            "mcioInfo": {
+                                "description": "Information on the MCIO(s) representing VNFC instance(s) realized by one or a set  of OS containers and created from the same VDU for the VNF instance.\n",
+                                "type": "array",
+                                "items": {
+                                    "description": "This type provides information about an MCIO representing the set of VNFC instances realized by one or a set of OS containers which have been created based on the same VDU.\nNOTE 1 The type of MCIO as specified in the declarative descriptor of the MCIO, and that can be read from the CISM. EXAMPLE: In case of MCIOs managed by Kubernetes, the type of MCIO corresponds to the “kind” property of the declarative descriptor. NOTE 2  If the attribute additionalInfo is present, it may contain runtime information on the actual and desired state of the MCIO(s). NOTE 3  When the container infrastructure service is a Kubernetes® instance, the mcioId is the combined values from the kind  and name fields of the Kubernetes® resource object, separated by a slash. Example: \"Deployment/abcd\". NOTE 4 When the container infrastructure service is a Kubernetes® instance, the mcioName is the name field of the resource object.",
+                                    "type": "object",
+                                    "required": [
+                                        "mcioId",
+                                        "mcioName",
+                                        "mcioNamespace",
+                                        "vduId",
+                                        "cismId",
+                                        "mcioType",
+                                        "desiredInstances",
+                                        "availableInstances"
+                                    ],
+                                    "properties": {
+                                        "mcioId": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "mcioName": {
+                                            "description": "Human readable name of this MCIO. See note 4. \n",
+                                            "type": "string"
+                                        },
+                                        "mcioNamespace": {
+                                            "description": "Namespace of this MCIO.\n",
+                                            "type": "string"
+                                        },
+                                        "vduId": {
+                                            "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                            "type": "string"
+                                        },
+                                        "cismId": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "mcioType": {
+                                            "description": "The type of MCIO. Specific values, their semantics and associated MCIO types are defined in clause 6.5.4.13. Additional values are also permitted. See note 1.\n",
+                                            "type": "string"
+                                        },
+                                        "desiredInstances": {
+                                            "description": "Number of desired MCIO instances.\n",
+                                            "type": "integer"
+                                        },
+                                        "availableInstances": {
+                                            "description": "Number of available MCIO instances\n",
+                                            "type": "integer"
+                                        },
+                                        "additionalInfo": {
+                                            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                            "type": "object"
+                                        },
+                                        "certificateContentId": {
+                                            "description": "The identifier of certificate that this MCIO instance uses. Shall be present when using in delegation- mode. Otherwise shall not be present.\n",
+                                            "type": "array",
+                                            "items": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            }
+                                        }
+                                    }
+                                }
+                            },
+                            "vnfPaasServiceInfo": {
+                                "description": "Information on the PaaS Services assigned and used by the VNF instance.\n",
+                                "type": "array",
+                                "items": {
+                                    "description": "This type provides information about a PaaS Service that is used  by a VNF instance or some other NS constituent. he PaasServiceInfo is  comprised of various sets of information. Some information comes from the  descriptors (e.g.,VNFD or NSD), other information comes from the PaaS Service assets provided by the NFVO to the VNFM, and other information is provided  as runtime information about the usage of the PaaS Service.\nNOTE: Either a \"nsPaasServiceRequestId\" or a \"vnfPaasServiceRequestId\" shall be provided, but not both.\n",
+                                    "type": "object",
+                                    "oneOf": [
+                                        {
+                                            "required": [
+                                                "paasServiceId",
+                                                "paasServiceType",
+                                                "paasServiceHandle",
+                                                "nsPaasServiceRequestId"
+                                            ]
+                                        },
+                                        {
+                                            "required": [
+                                                "paasServiceId",
+                                                "paasServiceType",
+                                                "paasServiceHandle",
+                                                "vnfPaasServiceRequestId"
+                                            ]
+                                        }
+                                    ],
+                                    "properties": {
+                                        "id": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "paasServiceId": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "paasServiceType": {
+                                            "description": "The type of PaaS Service. The value of this attribute is expected to be matched against values of the registered PaaS Services in the PSR.\n",
+                                            "type": "string"
+                                        },
+                                        "paasServiceVersion": {
+                                            "description": "A Version. Representation: string of variable length.\n",
+                                            "type": "string"
+                                        },
+                                        "nsPaasServiceRequestId": {
+                                            "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                                            "type": "string"
+                                        },
+                                        "vnfPaasServiceRequestId": {
+                                            "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                            "type": "string"
+                                        },
+                                        "paasServiceHandle": {
+                                            "description": "This type provides information enabling the access and use of the PaaS Service by a VNF instance  or some other NS constituent. The type and format of the handle depends on the form that the PaaS  Service is formed.\n",
+                                            "type": "object",
+                                            "required": [
+                                                "id"
+                                            ],
+                                            "properties": {
+                                                "id": {
+                                                    "description": "An identifier with the intention of being globally unique.\n",
+                                                    "type": "string"
+                                                },
+                                                "interfaceInfo": {
+                                                    "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                    "type": "object"
+                                                },
+                                                "accessInfo": {
+                                                    "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                    "type": "object"
+                                                },
+                                                "extra": {
+                                                    "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                    "type": "object"
+                                                }
+                                            }
+                                        },
+                                        "additionalInfo": {
+                                            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                            "type": "object"
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    },
+                    "metadata": {
+                        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                        "type": "object"
+                    },
+                    "extensions": {
+                        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                        "type": "object"
+                    }
+                }
+            }
+        },
+        "pnfInfo": {
+            "description": "Information on the PNF(s) that are part of the NS instance.\n",
+            "type": "array",
+            "items": {
+                "description": "This type represents the information about a PNF that is part of an NS instance.  It shall comply with the provisions defined in Table 6.5.3.13-1.\n",
+                "type": "object",
+                "required": [
+                    "pnfId",
+                    "pnfdId",
+                    "pnfdInfoId",
+                    "pnfProfileId"
+                ],
+                "properties": {
+                    "pnfId": {
+                        "description": "An identifier with the intention of being globally unique.\n",
+                        "type": "string"
+                    },
+                    "pnfName": {
+                        "description": "Name of the PNF.\n",
+                        "type": "string"
+                    },
+                    "pnfdId": {
+                        "description": "An identifier with the intention of being globally unique.\n",
+                        "type": "string"
+                    },
+                    "versionDependency": {
+                        "description": "Describes version dependencies currently valid for the PNF.  Identifies versions of descriptors of other constituents in the NSD upon which the PNF depends. The dependencies may be described for the PNFD referenced in this PnfInfo with pnfdId and for PNFDs with the same \"pnfdExtInvariantId\". There shall not be more than one versionDependency present with the same dependentConstituentId.\n",
+                        "type": "array",
+                        "items": {
+                            "description": "This type represents the information related to all dependencies that an NSD constituent has on the versions of other NSD constituents.  It shall comply with the provisions defined in table 6.5.3.112-1.\n",
+                            "type": "object",
+                            "required": [
+                                "dependentConstituentId"
+                            ],
+                            "properties": {
+                                "dependentConstituentId": {
+                                    "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                                    "type": "string"
+                                },
+                                "versionDependencyStatement": {
+                                    "description": "Identifies one or multiple versions of an NSD constituents upon which the dependent constituent identified by  dependentConstituentId has a dependency. Cardinality 0 is used to remove an existing version dependency in a profile.\n",
+                                    "type": "array",
+                                    "items": {
+                                        "description": "This type represents the information related to one or more VNF, NS or PNF descriptor identifiers which describe one  single dependency. When more than one descriptor is indicated, they correspond to different versions of the same VNF,  NS or PNF and they represent alternatives to fulfil the dependency. It shall comply with the provisions defined in  table 6.5.3.113-1.\n",
+                                        "type": "object",
+                                        "required": [
+                                            "descriptorId"
+                                        ],
+                                        "properties": {
+                                            "descriptorId": {
+                                                "description": "Identifies a VNFD, NSD or PNFD upon which the entity using this data type depends. When more than one descriptor is indicated, they shall correspond to versions of the same VNF, NS or PNF and they represent alternatives, i.e. the presence of one of them fulfills the dependency.",
+                                                "type": "array",
+                                                "items": {
+                                                    "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                                                    "type": "string"
+                                                }
+                                            }
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    },
+                    "pnfdInfoId": {
+                        "description": "An identifier with the intention of being globally unique.\n",
+                        "type": "string"
+                    },
+                    "pnfProfileId": {
+                        "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                        "type": "string"
+                    },
+                    "cpInfo": {
+                        "description": "This type represents the information about the external CP of the PNF.  It shall comply with the provisions defined in Table 6.5.3.17-1.\n",
+                        "type": "object",
+                        "required": [
+                            "cpInstanceId",
+                            "cpdId"
+                        ],
+                        "properties": {
+                            "cpInstanceId": {
+                                "description": "An Identifier that is unique within respect to a PNF. Representation: string of variable length.\n",
+                                "type": "string"
+                            },
+                            "cpdId": {
+                                "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                                "type": "string"
+                            },
+                            "cpProtocolData": {
+                                "description": "Parameters for configuring the network protocols on the CP.\n",
+                                "type": "array",
+                                "items": {
+                                    "description": "This type represents network protocol data.\nNOTE:\tThis attribute allows to signal the addition of further types  of layer and protocol in future versions of the present document in  a backwards-compatible way. In the current version of the present  document, only IP over Ethernet is supported.\n",
+                                    "type": "object",
+                                    "required": [
+                                        "layerProtocol"
+                                    ],
+                                    "properties": {
+                                        "layerProtocol": {
+                                            "description": "Identifier of layer(s) and protocol(s). Permitted values:  - IP_OVER_ETHERNET - IP_FOR_VIRTUAL_CP See note.\n",
+                                            "type": "string",
+                                            "enum": [
+                                                "IP_OVER_ETHERNET",
+                                                "IP_FOR_VIRTUAL_CP"
+                                            ]
+                                        },
+                                        "ipOverEthernet": {
+                                            "description": "This type represents network address data for IP over Ethernet. NOTE 1: At least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2: Exactly one of \"fixedAddresses\", \"numDynamicAddresses\" or \"ipAddressRange\" shall be present. NOTE 3: If the CP instance represents a subport in a trunk, \"segmentationId\" shall be present. Otherwise it shall not be present. NOTE 4: Depending on the NFVI networking infrastructure, the \"segmentationId\" may indicate the actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header of the packets or it may be an identifier used between the application and the NFVI networking infrastructure to identify the network sub-interface of the trunk port in question. In the latter case the NFVI infrastructure will map this local \"segmentationId\" to whatever \"segmentationId\" is actually used by the NFVI's transport technology.\n",
+                                            "type": "object",
+                                            "anyOf": [
+                                                {
+                                                    "required": [
+                                                        "ipAddresses"
+                                                    ]
+                                                },
+                                                {
+                                                    "required": [
+                                                        "macAddress"
+                                                    ]
+                                                }
+                                            ],
+                                            "properties": {
+                                                "macAddress": {
+                                                    "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
+                                                    "type": "string",
+                                                    "format": "MAC"
+                                                },
+                                                "segmentationType": {
+                                                    "description": "Specifies the encapsulation type for the traffics coming in and out of the trunk subport. Permitted values are: - VLAN: The subport uses VLAN as encapsulation type. - INHERIT: The subport gets its segmentation type from the network it is connected to. This attribute may be present for CP instances that represent subports in a trunk and shall be absent otherwise. If this attribute is not present for a subport CP instance, default value VLAN shall be used.\n",
+                                                    "type": "string",
+                                                    "enum": [
+                                                        "VLAN",
+                                                        "INHERIT"
+                                                    ]
+                                                },
+                                                "segmentationId": {
+                                                    "description": "Identification of the network segment to which the CP instance connects to. See note 3 and note 4.\n",
+                                                    "type": "string"
+                                                },
+                                                "ipAddresses": {
+                                                    "description": "List of IP addresses to assign to the CP instance. Each entry represents IP address data for fixed or dynamic IP address assignment per subnet. If this attribute is not present, no IP address shall be assigned. See note 1.\n",
+                                                    "type": "array",
+                                                    "items": {
+                                                        "type": "object",
+                                                        "required": [
+                                                            "type"
+                                                        ],
+                                                        "oneOf": [
+                                                            {
+                                                                "required": [
+                                                                    "fixedAddresses"
+                                                                ]
+                                                            },
+                                                            {
+                                                                "required": [
+                                                                    "numDynamicAddresses"
+                                                                ]
+                                                            },
+                                                            {
+                                                                "required": [
+                                                                    "addressRange"
+                                                                ]
+                                                            }
+                                                        ],
+                                                        "properties": {
+                                                            "type": {
+                                                                "description": "The type of the IP addresses. Permitted values:\n  - IPV4\n  - IPV6\n",
+                                                                "type": "string",
+                                                                "enum": [
+                                                                    "IPV4",
+                                                                    "IPV6"
+                                                                ]
+                                                            },
+                                                            "fixedAddresses": {
+                                                                "description": "Fixed addresses to assign (from the subnet defined by \"subnetId\" if provided). Exactly one of \"fixedAddresses\", \"numDynamicAddresses\" or \"ipAddressRange\" shall be present.\n",
+                                                                "type": "array",
+                                                                "items": {
+                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                    "type": "string",
+                                                                    "format": "IP"
+                                                                }
+                                                            },
+                                                            "numDynamicAddresses": {
+                                                                "description": "Number of dynamic addresses to assign (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
+                                                                "type": "integer"
+                                                            },
+                                                            "addressRange": {
+                                                                "description": "An IP address range to be used, e.g. in case of egress connections. In case this attribute is present, IP addresses from the range will be used.\n",
+                                                                "type": "object",
+                                                                "required": [
+                                                                    "minAddress",
+                                                                    "maxAddress"
+                                                                ],
+                                                                "properties": {
+                                                                    "minAddress": {
+                                                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                        "type": "string",
+                                                                        "format": "IP"
+                                                                    },
+                                                                    "maxAddress": {
+                                                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                        "type": "string",
+                                                                        "format": "IP"
+                                                                    }
+                                                                }
+                                                            },
+                                                            "subnetId": {
+                                                                "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                "type": "string"
+                                                            }
+                                                        }
+                                                    }
+                                                }
+                                            }
+                                        },
+                                        "virtualCpAddress": {
+                                            "description": "This type represents network address data for a virtual CP.  It shall comply with the provisions defined in table 6.5.3.12a-1.\nNOTE 1: If the container cluster is set up to be able to configure an external load balancer this address will be\n        used, otherwise it will be ignored by the CISM.\nNOTE 2: In case the cluster can configure an external load balancer but no loadBalancerIp is provided the\n        container cluster will assign an IP address.\nNOTE 3: The attribute is only relevant if the virtual CP is instantiated in a cluster that supports configuration of IP\n        address pools for virtual CPs. Otherwise it shall be ignored. MetalLB is an example of a solution for\n        Kubernetes® that supports configuration of address pools for load balancer services.\nNOTE 4: The loadBalancerIp and the addressPoolName attributes shall not be present at the same time.\n",
+                                            "type": "object",
+                                            "required": [
+                                                "type"
+                                            ],
+                                            "properties": {
+                                                "type": {
+                                                    "description": "Identifier of layer(s) and protocol(s). Permitted values: IP_OVER_ETHERNET.\n",
+                                                    "type": "string",
+                                                    "enum": [
+                                                        "IPV4",
+                                                        "IPV6"
+                                                    ]
+                                                },
+                                                "loadBalancerIp": {
+                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                    "type": "string",
+                                                    "format": "IP"
+                                                },
+                                                "addressPoolName": {
+                                                    "description": "Name of an address pool from which the container cluster will assign an IP address to the virtual CP. See notes 3 and 4.\n",
+                                                    "type": "array",
+                                                    "items": {
+                                                        "type": "string"
+                                                    }
+                                                }
+                                            }
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+        },
+        "virtualLinkInfo": {
+            "description": "Information on the VL(s) of the NS instance. This attribute shall be present if the nsState attribute value is INSTANTIATED and if the NS instance has specified connectivity.\n",
+            "type": "array",
+            "items": {
+                "description": "This type specifies the information about an NS VL instance.  It shall comply with the provisions defined in Table 6.5.3.53-1.\nNOTE: As an NS can include NFs deployed in NFVI PoPs under the control of several different VIMs, therefore deploying an NS VL can involve several VIMs, each allocating different virtualised network resources, as well as WIMs handling the connectivity in between the NFVI-PoPs in the form of multi-site connectivity services. When this NsVirtualLink is provided as an ExtVirtualLink as input of a VNF LCM operation, the id of the ExtVirtualLink shall be the same as the corresponding NsVirtualLink.\n",
+                "type": "object",
+                "required": [
+                    "id",
+                    "nsVirtualLinkDescId",
+                    "nsVirtualLinkProfileId"
+                ],
+                "properties": {
+                    "id": {
+                        "description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
+                        "type": "string"
+                    },
+                    "nsVirtualLinkDescId": {
+                        "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                        "type": "string"
+                    },
+                    "nsVirtualLinkProfileId": {
+                        "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                        "type": "string"
+                    },
+                    "resourceHandle": {
+                        "description": "Identifier(s) of the virtualised network resource(s) and/or multi-site connectivity service(s) realizing the VL instance. See note.\n",
+                        "type": "array",
+                        "items": {
+                            "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
+                            "type": "object",
+                            "required": [
+                                "resourceId"
+                            ],
+                            "properties": {
+                                "vimId": {
+                                    "description": "An identifier with the intention of being globally unique.\n",
+                                    "type": "string"
+                                },
+                                "resourceProviderId": {
+                                    "description": "An identifier with the intention of being globally unique.\n",
+                                    "type": "string"
+                                },
+                                "resourceId": {
+                                    "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                    "type": "string"
+                                },
+                                "vimLevelResourceType": {
+                                    "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
+                                    "type": "string"
+                                },
+                                "vimLevelAdditionalResourceInfo": {
+                                    "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
+                                    "type": "object",
+                                    "properties": {
+                                        "hostName": {
+                                            "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
+                                            "type": "string"
+                                        },
+                                        "persistentVolume": {
+                                            "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
+                                            "type": "string"
+                                        },
+                                        "additionalInfo": {
+                                            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                            "type": "object"
+                                        }
+                                    }
+                                },
+                                "containerNamespace": {
+                                    "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
+                                    "type": "string"
+                                }
+                            }
+                        }
+                    },
+                    "linkPort": {
+                        "description": "Link ports of the VL instance. Cardinality of zero indicates that no port has yet been created for the VL instance.\n",
+                        "type": "array",
+                        "items": {
+                            "description": "This type represents information about a link port of a VL instance. It shall comply with the provisions defined in Table 6.5.3.55-1. NOTE: When the NsVirtualLink, from which the present NsLinkPort is part of, is provided as an ExtVirtualLink as input of a VNF LCM operation, the id of the ExtLinkPort shall be the same as the corresponding NsLinkPort.\n",
+                            "type": "object",
+                            "required": [
+                                "id",
+                                "resourceHandle"
+                            ],
+                            "properties": {
+                                "id": {
+                                    "description": "An identifier with the intention of being globally unique.\n",
+                                    "type": "string"
+                                },
+                                "resourceHandle": {
+                                    "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
+                                    "type": "object",
+                                    "required": [
+                                        "resourceId"
+                                    ],
+                                    "properties": {
+                                        "vimId": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "resourceProviderId": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "resourceId": {
+                                            "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                            "type": "string"
+                                        },
+                                        "vimLevelResourceType": {
+                                            "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
+                                            "type": "string"
+                                        },
+                                        "vimLevelAdditionalResourceInfo": {
+                                            "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
+                                            "type": "object",
+                                            "properties": {
+                                                "hostName": {
+                                                    "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
+                                                    "type": "string"
+                                                },
+                                                "persistentVolume": {
+                                                    "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
+                                                    "type": "string"
+                                                },
+                                                "additionalInfo": {
+                                                    "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                    "type": "object"
+                                                }
+                                            }
+                                        },
+                                        "containerNamespace": {
+                                            "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
+                                            "type": "string"
+                                        }
+                                    }
+                                },
+                                "nsCpHandle": {
+                                    "description": "This type represents an identifier of the CP or SAP instance.  It shall comply with the provisions defined in Table 6.5.3.56-1. NOTE 1: For the VNF external CP instance, both vnfInstanceId and vnfExtCpInstanceId shall be present as a pair. NOTE 2: For the PNF external CP instance, both pnfInfoId and PnfExtCpInstanceId shall be present as a pair. NOTE 3: For the SAP instance, both nsInstanceId and nsSapInstanceId shall be present as a pair. NOTE 4: One pair of identifiers (VNF external CP, PNF external CP or SAP) shall be present.\n",
+                                    "type": "object",
+                                    "oneOf": [
+                                        {
+                                            "required": [
+                                                "vnfInstanceId",
+                                                "vnfExtCpInstanceId"
+                                            ]
+                                        },
+                                        {
+                                            "required": [
+                                                "pnfInfoId",
+                                                "pnfExtCpInstanceId"
+                                            ]
+                                        },
+                                        {
+                                            "required": [
+                                                "nsInstanceId",
+                                                "nsSapInstanceId"
+                                            ]
+                                        }
+                                    ],
+                                    "properties": {
+                                        "vnfInstanceId": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "vnfExtCpInstanceId": {
+                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "pnfInfoId": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "pnfExtCpInstanceId": {
+                                            "description": "An Identifier that is unique within respect to a PNF. Representation: string of variable length.\n",
+                                            "type": "string"
+                                        },
+                                        "nsInstanceId": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "nsSapInstanceId": {
+                                            "description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
+                                            "type": "string"
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+        },
+        "vnffgInfo": {
+            "description": "Information on the VNFFG(s) of the NS instance.\n",
+            "type": "array",
+            "items": {
+                "description": "Information on the VNFFG(s) of the NS instance. NOTE: It indicates an exhaustive list of all the CP instances and SAP instances of the VNFFG.\n",
+                "type": "object",
+                "required": [
+                    "id",
+                    "vnffgdId",
+                    "vnfInstanceId",
+                    "pnfInfoId"
+                ],
+                "properties": {
+                    "id": {
+                        "description": "An identifier with the intention of being globally unique.\n",
+                        "type": "string"
+                    },
+                    "vnffgdId": {
+                        "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                        "type": "string"
+                    },
+                    "vnfInstanceId": {
+                        "description": "Identifier(s) of the constituent VNF instance(s) of this VNFFG instance.\n",
+                        "type": "array",
+                        "items": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                        }
+                    },
+                    "pnfdInfoId": {
+                        "description": "Identifier(s) of the constituent PNF instance(s) of this VNFFG instance.\n",
+                        "type": "array",
+                        "items": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                        }
+                    },
+                    "nsVirtualLinkInfoId": {
+                        "description": "Identifier(s) of the constituent VL instance(s) of this VNFFG instance.\n",
+                        "type": "array",
+                        "items": {
+                            "description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
+                            "type": "string"
+                        }
+                    },
+                    "nsCpHandle": {
+                        "description": "This type represents an identifier of the CP or SAP instance.  It shall comply with the provisions defined in Table 6.5.3.56-1. NOTE 1: For the VNF external CP instance, both vnfInstanceId and vnfExtCpInstanceId shall be present as a pair. NOTE 2: For the PNF external CP instance, both pnfInfoId and PnfExtCpInstanceId shall be present as a pair. NOTE 3: For the SAP instance, both nsInstanceId and nsSapInstanceId shall be present as a pair. NOTE 4: One pair of identifiers (VNF external CP, PNF external CP or SAP) shall be present.\n",
+                        "type": "object",
+                        "oneOf": [
+                            {
+                                "required": [
+                                    "vnfInstanceId",
+                                    "vnfExtCpInstanceId"
+                                ]
+                            },
+                            {
+                                "required": [
+                                    "pnfInfoId",
+                                    "pnfExtCpInstanceId"
+                                ]
+                            },
+                            {
+                                "required": [
+                                    "nsInstanceId",
+                                    "nsSapInstanceId"
+                                ]
+                            }
+                        ],
+                        "properties": {
+                            "vnfInstanceId": {
+                                "description": "An identifier with the intention of being globally unique.\n",
+                                "type": "string"
+                            },
+                            "vnfExtCpInstanceId": {
+                                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                "type": "string"
+                            },
+                            "pnfInfoId": {
+                                "description": "An identifier with the intention of being globally unique.\n",
+                                "type": "string"
+                            },
+                            "pnfExtCpInstanceId": {
+                                "description": "An Identifier that is unique within respect to a PNF. Representation: string of variable length.\n",
+                                "type": "string"
+                            },
+                            "nsInstanceId": {
+                                "description": "An identifier with the intention of being globally unique.\n",
+                                "type": "string"
+                            },
+                            "nsSapInstanceId": {
+                                "description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
+                                "type": "string"
+                            }
+                        }
+                    }
+                }
+            }
+        },
+        "sapInfo": {
+            "description": "Information on the SAP(s) of the NS instance.\n",
+            "type": "array",
+            "items": {
+                "description": "This type represents an SAP instance. It shall comply with the provisions defined in Table 6.5.3.67-1.\n",
+                "type": "object",
+                "required": [
+                    "id",
+                    "sapdId",
+                    "sapName",
+                    "sapProtocolInfo"
+                ],
+                "properties": {
+                    "id": {
+                        "description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
+                        "type": "string"
+                    },
+                    "sapdId": {
+                        "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                        "type": "string"
+                    },
+                    "sapName": {
+                        "description": "Human readable name for the SAP instance.\n",
+                        "type": "string"
+                    },
+                    "description": {
+                        "description": "Human readable description for the SAP instance.\n",
+                        "type": "string"
+                    },
+                    "sapProtocolInfo": {
+                        "description": "Network protocol information for this SAP.\n",
+                        "type": "array",
+                        "items": {
+                            "description": "This type describes the protocol layer(s) that a CP or SAP uses together with protocol-related information, like addresses. It shall comply with the provisions defined in Table 6.5.3.58-1. NOTE: This attribute allows to signal the addition of further types of layer and protocol in future versions of the present document in a backwards-compatible way. In the current version of the present document, only IP over Ethernet is supported.\n",
+                            "type": "object",
+                            "required": [
+                                "layerProtocol",
+                                "ipOverEthernet"
+                            ],
+                            "properties": {
+                                "layerProtocol": {
+                                    "description": "The identifier of layer(s) and protocol(s) associated to the network address information. Permitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
+                                    "type": "string",
+                                    "enum": [
+                                        "IP_OVER_ETHERNET",
+                                        "IP_FOR_VIRTUAL_CP"
+                                    ]
+                                },
+                                "ipOverEthernet": {
+                                    "description": "This type represents information about a network address that has been assigned.\nNOTE 1: At least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2: Exactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3: If the Cp instance represents a subport in a trunk, \"segmentationId\" shall be present. Otherwise it shall not be present. NOTE 4: Depending on the NFVI networking infrastructure, the \"segmentationId\" may indicate the actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header of the packets or it may be an identifier used between the application and the NFVI networking infrastructure to identify the network sub-interface of the trunk port in question. In the latter case the NFVI infrastructure will map this local \"segmentationId\" to whatever \"segmentationId\" is actually used by the NFVI's transport technology.\n",
+                                    "type": "object",
+                                    "anyOf": [
+                                        {
+                                            "required": [
+                                                "macAddress"
+                                            ]
+                                        },
+                                        {
+                                            "required": [
+                                                "ipAddresses"
+                                            ]
+                                        }
+                                    ],
+                                    "properties": {
+                                        "macAddress": {
+                                            "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
+                                            "type": "string",
+                                            "format": "MAC"
+                                        },
+                                        "segmentationId": {
+                                            "description": "Identification of the network segment to which the Cp instance connects to. See note 3 and note 4.\n",
+                                            "type": "string"
+                                        },
+                                        "ipAddresses": {
+                                            "description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or dynamic IP address assignment per subnet. See note 1.\n",
+                                            "type": "array",
+                                            "items": {
+                                                "type": "object",
+                                                "required": [
+                                                    "type"
+                                                ],
+                                                "oneOf": [
+                                                    {
+                                                        "required": [
+                                                            "addresses"
+                                                        ]
+                                                    },
+                                                    {
+                                                        "required": [
+                                                            "addressRange"
+                                                        ]
+                                                    }
+                                                ],
+                                                "properties": {
+                                                    "type": {
+                                                        "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
+                                                        "type": "string",
+                                                        "enum": [
+                                                            "IPV4",
+                                                            "IPV6"
+                                                        ]
+                                                    },
+                                                    "addresses": {
+                                                        "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
+                                                        "type": "array",
+                                                        "items": {
+                                                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                            "type": "string",
+                                                            "format": "IP"
+                                                        }
+                                                    },
+                                                    "isDynamic": {
+                                                        "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
+                                                        "type": "boolean"
+                                                    },
+                                                    "addressRange": {
+                                                        "description": "An IP address range used, e.g., in case of egress connections. Exactly one of \"addresses\" or \"addressRange\" shall be present. See note 2.\n",
+                                                        "type": "object",
+                                                        "required": [
+                                                            "minAddress",
+                                                            "maxAddress"
+                                                        ],
+                                                        "properties": {
+                                                            "minAddress": {
+                                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                "type": "string",
+                                                                "format": "IP"
+                                                            },
+                                                            "maxAddress": {
+                                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                "type": "string",
+                                                                "format": "IP"
+                                                            }
+                                                        }
+                                                    },
+                                                    "subnetId": {
+                                                        "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                        "type": "string"
+                                                    }
+                                                }
+                                            }
+                                        },
+                                        "type": {
+                                            "description": "The type of the IP addresses\n",
+                                            "type": "string",
+                                            "enum": [
+                                                "PV4",
+                                                "PV6"
+                                            ]
+                                        },
+                                        "addresses": {
+                                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                            "type": "string",
+                                            "format": "IP"
+                                        },
+                                        "isDynamic": {
+                                            "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
+                                            "type": "boolean"
+                                        },
+                                        "addressRange": {
+                                            "description": "An IP address range used, e.g. in case of egress connections. See note.\n",
+                                            "type": "object",
+                                            "required": [
+                                                "minAddress",
+                                                "maxAddress"
+                                            ],
+                                            "properties": {
+                                                "minAddress": {
+                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                    "type": "string",
+                                                    "format": "IP"
+                                                },
+                                                "maxAddress": {
+                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                    "type": "string",
+                                                    "format": "IP"
+                                                }
+                                            }
+                                        },
+                                        "minAddress": {
+                                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                            "type": "string",
+                                            "format": "IP"
+                                        },
+                                        "maxAddress": {
+                                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                            "type": "string",
+                                            "format": "IP"
+                                        },
+                                        "subnetId": {
+                                            "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                            "type": "string"
+                                        }
+                                    }
+                                },
+                                "virtualCpAddress": {
+                                    "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
+                                    "type": "object",
+                                    "required": [
+                                        "type"
+                                    ],
+                                    "properties": {
+                                        "type": {
+                                            "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
+                                            "type": "string",
+                                            "enum": [
+                                                "IPV4",
+                                                "IPV6"
+                                            ]
+                                        },
+                                        "loadBalancerIp": {
+                                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                            "type": "string",
+                                            "format": "IP"
+                                        },
+                                        "addressPoolName": {
+                                            "description": "Name of an address pool from which an IP address is assigned to the virtual CP.",
+                                            "type": "string"
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+        },
+        "nestedNsInstanceId": {
+            "description": "Identifier of the nested NS(s) of the NS instance.\n",
+            "type": "array",
+            "items": {
+                "description": "An identifier with the intention of being globally unique.\n",
+                "type": "string"
+            }
+        },
+        "vnfSnapshotInfoIds": {
+            "description": "Identifier of information on VNF snapshots of VNF instances that are part of this NS instance.\n",
+            "type": "array",
+            "items": {
+                "description": "An identifier with the intention of being globally unique.\n",
+                "type": "string"
+            }
+        },
+        "nsState": {
+            "description": "The state of the NS instance. Permitted values: NOT_INSTANTIATED: The NS instance is terminated or not instantiated. INSTANTIATED: The NS instance is instantiated.\n",
+            "type": "string",
+            "enum": [
+                "NOT_INSTANTIATED",
+                "INSTANTIATED"
+            ]
+        },
+        "monitoringParameter": {
+            "description": "Performance metrics tracked by the NFVO (e.g. for auto-scaling purposes) as identified by the NS designer in the NSD.\n",
+            "type": "array",
+            "items": {
+                "description": "This type represents a monitoring parameter that is tracked by the NFVO, for example,  for auto-scaling purposes. It shall comply with the provisions defined in Table 6.5.3.68-1.\n",
+                "type": "object",
+                "required": [
+                    "id",
+                    "performanceMetric"
+                ],
+                "properties": {
+                    "id": {
+                        "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                        "type": "string"
+                    },
+                    "name": {
+                        "description": "Human readable name of the monitoring parameter, as defined in the NSD.\n",
+                        "type": "string"
+                    },
+                    "performanceMetric": {
+                        "description": "Performance metric that is monitored. This attribute shall contain the related  \"Measurement Name\" value as defined in clause 7.2 of ETSI GS NFV-IFA 027.\n",
+                        "type": "string"
+                    }
+                }
+            }
+        },
+        "nsScaleStatus": {
+            "description": "Status of each NS scaling aspect declared in the applicable DF, how \"big\" the NS instance has been scaled w.r.t. that aspect. This attribute shall be present if the nsState attribute value is INSTANTIATED.\n",
+            "type": "array",
+            "items": {
+                "description": "This type represents the target NS Scale level for each NS scaling aspect of the current deployment flavor.\n",
+                "type": "object",
+                "required": [
+                    "nsScalingAspectId",
+                    "nsScaleLevelId"
+                ],
+                "properties": {
+                    "nsScalingAspectId": {
+                        "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                        "type": "string"
+                    },
+                    "nsScaleLevelId": {
+                        "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                        "type": "string"
+                    }
+                }
+            }
+        },
+        "additionalAffinityOrAntiAffinityRule": {
+            "description": "Information on the additional affinity or anti-affinity rule from NS instantiation operation. Shall not conflict with rules already specified in the NSD.\n",
+            "type": "array",
+            "items": {
+                "description": "This type describes the additional affinity or anti-affinity rule applicable between the VNF instances to be instantiated in the NS instantiation operation request or between the VNF instances to be instantiated in the NS instantiation operation request and the existing VNF instances..\n",
+                "type": "object",
+                "required": [
+                    "affinityOrAntiAffiinty",
+                    "scope"
+                ],
+                "properties": {
+                    "vnfdId": {
+                        "description": "Reference to a VNFD. When the VNFD which is not used to instantiate VNF, it presents all VNF instances of this type as the subjects of the affinity or anti-affinity rule. The VNF instance which the VNFD presents is not necessary as a part of the NS to be instantiated.\n",
+                        "type": "array",
+                        "items": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                        }
+                    },
+                    "vnfProfileId": {
+                        "description": "Reference to a vnfProfile defined in the NSD. At least one VnfProfile which is used to instantiate VNF for the NS to be instantiated as the subject of the affinity or anti-affinity rule shall be present. When the VnfProfile which is not used to instantiate VNF, it presents all VNF instances of this type as the subjects of the affinity or anti-affinity rule. The VNF instance which the VnfProfile presents is not necessary as a part of the NS to be instantiated.\n",
+                        "type": "array",
+                        "items": {
+                            "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                            "type": "string"
+                        }
+                    },
+                    "vnfInstanceId": {
+                        "description": "Reference to the existing VNF instance as the subject of the affinity or anti-affinity rule. The existing VNF instance is not necessary as a part of the NS to be instantiated.\n",
+                        "type": "array",
+                        "items": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                        }
+                    },
+                    "affinityOrAntiAffiinty": {
+                        "description": "The type of the constraint. Permitted values: AFFINITY ANTI_AFFINITY.\n",
+                        "type": "string",
+                        "enum": [
+                            "AFFINITY",
+                            "ANTI_AFFINITY"
+                        ]
+                    },
+                    "scope": {
+                        "description": "Specifies the scope of the rule where the placement constraint applies. Permitted values: NFVI_POP ZONE ZONE_GROUP NFVI_NODE.\n",
+                        "type": "string",
+                        "enum": [
+                            "NFVI_POP",
+                            "ZONE",
+                            "ZONE_GROUP",
+                            "NFVI_NODE"
+                        ]
+                    }
+                }
+            }
+        },
+        "wanConnectionInfo": {
+            "description": "Information about WAN related connectivity enabling multi-site VLs.\n",
+            "type": "array",
+            "items": {
+                "description": "This type provides information about the connectivity to the WAN of network resources realizing a VL, e.g.,\nwhen the VL is deployed on several sites across a WAN. It shall comply with the provisions defined in table 6.5.3.90-1.\nNOTE: Either a \"nsVirtualLinkInfoId\" or a \"vnfVirtualLinkResourceInfoId\" shall be provided, but not both.\n",
+                "type": "object",
+                "required": [
+                    "wanConnectionInfoId"
+                ],
+                "oneOf": [
+                    {
+                        "required": [
+                            "nsVirtualLinkInfoId"
+                        ]
+                    },
+                    {
+                        "required": [
+                            "vnfVirtualLinkResourceInfoId"
+                        ]
+                    }
+                ],
+                "properties": {
+                    "wanConnectionInfoId": {
+                        "description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
+                        "type": "string"
+                    },
+                    "nsVirtualLinkInfoId": {
+                        "description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
+                        "type": "string"
+                    },
+                    "vnfVirtualLinkResourceInfoId": {
+                        "description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
+                        "type": "string"
+                    },
+                    "protocolInfo": {
+                        "description": "This type provides protocol specific information about the connectivity to the WAN of network resources realizing\na VL, e.g., when the VL is deployed on several sites and across a WAN, and the related multi-site connectivity\nservice (MSCS) enabling the connectivity through the WAN. This type supports providing information about both\npre-provisioned WAN connectivity realized by external entities to NFV-MANO but parts of such connectivity is known\nto the NFVO, as well as information about MSCS created under NFV-MANO responsibility (i.e., connectivity is realized\nwhen NFVO communicates with the WIM).  It shall comply with the provisions defined in table 6.5.3.91-1.\n",
+                        "type": "object",
+                        "properties": {
+                            "mscsInfo": {
+                                "description": "This type provides information about an already provisioned multi-site connectivity service (MSCS) deployed across a WAN. It shall comply with the provisions defined in Table 6.5.3.82-1.\n",
+                                "type": "object",
+                                "required": [
+                                    "mscsId",
+                                    "mscsType"
+                                ],
+                                "properties": {
+                                    "mscsId": {
+                                        "description": "An identifier with the intention of being globally unique.\n",
+                                        "type": "string"
+                                    },
+                                    "mscsName": {
+                                        "description": "Human readable name of the MSCS.\n",
+                                        "type": "string"
+                                    },
+                                    "mscsDescription": {
+                                        "description": "Human readable description of the MSCS.\n",
+                                        "type": "string"
+                                    },
+                                    "mscsType": {
+                                        "description": "The type of connectivity that is provided to the virtualized networks in the NFVI-PoP and characterizes the connectivity service across the WAN. Permitted values: - L2 - L3\n",
+                                        "type": "string",
+                                        "enum": [
+                                            "L2VPN",
+                                            "L3VPN"
+                                        ]
+                                    },
+                                    "mscsLayerProtocol": {
+                                        "description": "Type of underlying connectivity service and protocol associated to the MSCS. Permitted values are as listed below and restricted by the type of MSCS: - EVPN_BGP_MPLS: as specified in IETF RFC 7432. Only applicable for mscsType=\"L2\". - EVPN_VPWS: as specified in IETF RFC 8214. Only applicable for mscsType=\"L2\". - VPLS_BGP: as specified in IETF RFC 4761 and IETF RFC 6624. Only applicable for mscsType=\"L2\". - VPLS_LDP_L2TP: as specified in IETF RFC 4762. Only applicable for mscsType=\"L2\". - VPWS_LDP_L2TP: as specified in IETF RFC 6074. Only applicable for mscsType=\"L2\". - BGP_IP_VPN: BGP/MPLS based IP VPN as specified in IETF RFC 4364. Only applicable for mscsType=\"L3\".\n",
+                                        "type": "string",
+                                        "enum": [
+                                            "EVPN_BGP_MPLS",
+                                            "EVPN_VPWS",
+                                            "VPLS_BGP",
+                                            "VPLS_LDP",
+                                            "VPWS",
+                                            "BGP_IP_VPN"
+                                        ]
+                                    },
+                                    "siteAccessProtectionSchemes": {
+                                        "description": "Information to determine the proper MSCS endpoints configuration to fulfil certain resiliency/protection requirements, e.g., by considering certain availability and redundancy of connectivity service endpoints in between NFVI-PoP and WAN.\n",
+                                        "type": "array",
+                                        "items": {
+                                            "type": "object",
+                                            "properties": {
+                                                "locationConstraints": {
+                                                    "description": "This type represents location constraints for a VNF to be instantiated. The location constraints can be represented as follows: • as a country code • as a civic address combined with a country code • as an area, conditionally combined with a country code\nNOTE: If both \"countryCode\" and \"area\" are present, no conflicts should exist between the values of these two attributes. In case of conflicts, the API producer (i.e. the NFVO) shall disregard parts of the geographic area signalled by \"area\" that are outside the boundaries of the country signalled by \"countryCode\". If \"countryCode\" is absent, it is solely the \"area\" attribute that defines the location constraint.\n",
+                                                    "type": "object",
+                                                    "properties": {
+                                                        "countryCode": {
+                                                            "description": "The two-letter ISO 3166 country code in capital letters. Shall be present in case the \"area\" attribute is absent. May be absent if the \"area\" attribute is present (see note).\n",
+                                                            "type": "string"
+                                                        },
+                                                        "civicAddressElement": {
+                                                            "description": "Zero or more elements comprising the civic address. Shall be absent if the \"area\" attribute is present.\n",
+                                                            "type": "array",
+                                                            "items": {
+                                                                "type": "object",
+                                                                "required": [
+                                                                    "caType",
+                                                                    "caValue"
+                                                                ],
+                                                                "properties": {
+                                                                    "caType": {
+                                                                        "description": "Describe the content type of caValue. The value of caType shall comply with Section 3.4 of IETF RFC 4776 [13].\n",
+                                                                        "type": "integer"
+                                                                    },
+                                                                    "caValue": {
+                                                                        "description": "Content of civic address element corresponding to the caType. The format caValue shall comply with Section 3.4 of IETF RFC 4776 [13].\n",
+                                                                        "type": "string"
+                                                                    }
+                                                                }
+                                                            }
+                                                        },
+                                                        "area": {
+                                                            "description": "Geographic area. Shall be absent if the \"civicAddressElement\" attribute is present. The content of this attribute shall follow the provisions for the \"Polygon\" geometry object as defined in IETF RFC 7946, for which the \"type\" member shall be set to the value \"Polygon\". See note.\n",
+                                                            "type": "object"
+                                                        }
+                                                    }
+                                                },
+                                                "protectionScheme": {
+                                                    "description": "Defines the protection scheme. Permitted values: - UNPROTECTED: to indicate no protection. - ONE_TO_ONE: to indicate an active-passive access protection. - ONE_PLUS_ONE: to indicate an active-active access protection. - ONE_TO_N: to indicate an N active to 1 passive access protection.\n",
+                                                    "type": "string",
+                                                    "enum": [
+                                                        "UNPROTECTED",
+                                                        "ONE_TO_ONE",
+                                                        "ONE_PLUS_ONE",
+                                                        "ONE_TO_N"
+                                                    ]
+                                                }
+                                            }
+                                        }
+                                    },
+                                    "mtuMscs": {
+                                        "description": "Maximum Transmission Unit (MTU) that can be forwarded over the MSCS (in bytes). Default value is \"1500\" (bytes).\n",
+                                        "type": "number"
+                                    },
+                                    "mscsEndpoints": {
+                                        "description": "Information about the MSCS endpoints of the MSCS.\n",
+                                        "type": "array",
+                                        "items": {
+                                            "description": "This type provides encapsulates information about an MSCS endpoint of the MSCS. It shall comply with the provisions defined in table 6.5.3.83-1.\n",
+                                            "type": "object",
+                                            "required": [
+                                                "mscsEndpointId",
+                                                "directionality",
+                                                "connectivityServiceEndpoinId"
+                                            ],
+                                            "properties": {
+                                                "mscsEndpointId": {
+                                                    "description": "An identifier with the intention of being globally unique.\n",
+                                                    "type": "string"
+                                                },
+                                                "directionality": {
+                                                    "description": "Directionality of the data traffic in the context of the terminating MSCS endpoint from WAN’s perspective. Permitted values: - INBOUND: to indicate into the WAN. - OUTBOUND: to indicate from the WAN. - BOTH: to indicate bidirectional data traffic to/from the WAN.\n",
+                                                    "type": "string",
+                                                    "enum": [
+                                                        "INBOUND",
+                                                        "OUTBOUND",
+                                                        "BOTH"
+                                                    ]
+                                                },
+                                                "connectivityServiceEndpoinId": {
+                                                    "description": "References the connectivity service endpoint configuration information applicable to support the MSCS endpoint. More than one connectivity service endpoint can be referred when endpoints are in LAG mode.\n",
+                                                    "type": "array",
+                                                    "items": {
+                                                        "description": "An identifier with the intention of being globally unique.\n",
+                                                        "type": "string"
+                                                    }
+                                                }
+                                            }
+                                        }
+                                    }
+                                }
+                            },
+                            "connectivityServiceEndpoints": {
+                                "description": "Configuration information about the network resources in the NFVI-PoP and their connectivity to the WAN.\n",
+                                "type": "array",
+                                "items": {
+                                    "description": "This type provides configuration data for the NFVI-PoP network gateway providing connectivity service endpoints. The connectivity service endpoints are used as endpoints by an MSCS. It shall comply with the provisions defined in Table 6.5.3.84-1.\n",
+                                    "type": "object",
+                                    "required": [
+                                        "connectivityServiceEndpointId",
+                                        "vimId"
+                                    ],
+                                    "properties": {
+                                        "connectivityServiceEndpointId": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "vimId": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "siteToWanLayer2ProtocolData": {
+                                            "description": "This type provides information about Layer 2 protocol specific information for the configuration of the NFVI-PoP network gateway to enable the stitching of the intra-site VN to the MSCS over the WAN. It shall comply with the provisions defined in Table 6.5.3.85-1. NOTE: Either \"networkResources\" or \"vnSegmentsIds\" shall be provided, but not both.\n",
+                                            "type": "object",
+                                            "required": [
+                                                "layer2ConnectionInfo"
+                                            ],
+                                            "properties": {
+                                                "layer2ConnectionInfo": {
+                                                    "description": "Layer 2 protocol parameters of the connectivity service endpoint (CSE).\n",
+                                                    "type": "object",
+                                                    "required": [
+                                                        "connectionType",
+                                                        "interfaceType",
+                                                        "interfaceTagging",
+                                                        "encapsulationType"
+                                                    ],
+                                                    "properties": {
+                                                        "connectionType": {
+                                                            "description": "The type of connection to be established on the connectivity service point. Permitted values: - CSE: defined by the characteristics of the existing referred connectivity service point. - AGGREGATE_CSE: create an aggregation of the connectivity service endpoints.\n",
+                                                            "type": "string",
+                                                            "enum": [
+                                                                "CSE",
+                                                                "AGGREGATE_CSE"
+                                                            ]
+                                                        },
+                                                        "interfaceType": {
+                                                            "description": "To indicate whether to create logical interfaces on the referred connectivity service endpoint or new aggregated connectivity service endpoint. Permitted values: - PARENT: use the mapped interface to the connectivity service endpoint as is, i.e., do not create logical interfaces. - LOGICAL: create logical interfaces.\n",
+                                                            "type": "string",
+                                                            "enum": [
+                                                                "PARENT",
+                                                                "LOGICAL"
+                                                            ]
+                                                        },
+                                                        "interfaceTagging": {
+                                                            "description": "The type of frames to forward on the connectivity service point. Permitted values: - UNTAGGED: an interface where frames are not tagged. - TAGGED: an interface configured to forward tagged frames (i.e., enabled for VLAN tagging).\n",
+                                                            "type": "string",
+                                                            "enum": [
+                                                                "UNTAGGED",
+                                                                "TAGGED"
+                                                            ]
+                                                        },
+                                                        "encapsulationType": {
+                                                            "description": "The type of encapsulation. If the interfaceTagging=\"TAGGED\", either \"VLAN\" or \"VXLAN\" shall be set. Permitted values: - ETH: generic Ethernet encapsulation. - VLAN: encapsulation based on VLAN. - VXLAN: encapsulation based on VXLAN.\n",
+                                                            "type": "string",
+                                                            "enum": [
+                                                                "ETH",
+                                                                "VLAN",
+                                                                "VXLAN"
+                                                            ]
+                                                        },
+                                                        "vlanTaggingType": {
+                                                            "description": "Type of encapsulation method for VLAN tagging. Shall be present if interfaceTagging=\"TAGGED\" and encapsulationType=\"VLAN\". Permitted values: - DOT1Q: used when packets on the CSE are encapsulated with one or a set of customer VLAN identifiers. - QINQ: used when packets on the CSE are encapsulated with multiple customer VLAN identifiers and a single\n  service VLAN identifier.\n- QINANY: used when packets on the CSE have no specific customer VLAN and a service VLAN identifier is used.\n",
+                                                            "type": "string",
+                                                            "enum": [
+                                                                "DOT1Q",
+                                                                "QINQ",
+                                                                "QINANY"
+                                                            ]
+                                                        },
+                                                        "wanSegmentIds": {
+                                                            "description": "Segment identifiers to pass on the tagged interface. Shall be present if encapsulationType=\"VLAN\" or “VXLAN\".\n",
+                                                            "type": "object",
+                                                            "required": [
+                                                                "wanSegmentIdValue"
+                                                            ],
+                                                            "properties": {
+                                                                "wanSegmentIdValue": {
+                                                                    "description": "Identifier of the network segment (e.g., VLAN id or VNI).\n",
+                                                                    "type": "string"
+                                                                },
+                                                                "wanSegmentIdUpperRange": {
+                                                                    "description": "Identifier of the upper range network segment, in case the \"wanSegmentIds\" is used to define a range.\n",
+                                                                    "type": "string"
+                                                                }
+                                                            }
+                                                        },
+                                                        "vxlanConfig": {
+                                                            "description": "Additional configuration needed when using VXLAN encapsulation. Shall be present if interfaceTagging=\"TAGGED\" and encapsulationType=\"VXLAN\".\n",
+                                                            "type": "object",
+                                                            "required": [
+                                                                "peerMode"
+                                                            ],
+                                                            "properties": {
+                                                                "peerMode": {
+                                                                    "description": "Type of VXLAN access mode. Default value is \"STATIC\".\nPermitted values: - STATIC - BGP_EVPN\n",
+                                                                    "type": "string",
+                                                                    "enum": [
+                                                                        "STATIC",
+                                                                        "BGP_EVPN"
+                                                                    ]
+                                                                },
+                                                                "peers": {
+                                                                    "description": "List of IP addresses of VTEP peers when using static mode.\n",
+                                                                    "type": "array",
+                                                                    "items": {
+                                                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                        "type": "string",
+                                                                        "format": "IP"
+                                                                    }
+                                                                }
+                                                            }
+                                                        },
+                                                        "lagInterfaceData": {
+                                                            "description": "Information for setting up a LAG interface aggregating multiple connectivity service endpoints.\n",
+                                                            "type": "object",
+                                                            "required": [
+                                                                "aggregatedEndpoints",
+                                                                "lacpActivation",
+                                                                "lacpConfig"
+                                                            ],
+                                                            "properties": {
+                                                                "aggregatedEndpoints": {
+                                                                    "description": "List of the connectivity service endpoints that are to be aggregated. Shall be present if connectionType=\"AGGREGATE_CSE\". In case of aggregating connectivity service endpoints, only one SiteToWanLayer2ProtocolData shall be provided for the whole set of aggregated endpoints.\n",
+                                                                    "type": "array",
+                                                                    "items": {
+                                                                        "description": "An identifier with the intention of being globally unique.\n",
+                                                                        "type": "string"
+                                                                    }
+                                                                },
+                                                                "lacpActivation": {
+                                                                    "description": "Indicates whether to activate LACP on the interface. If \"TRUE\", the LACP is to be activated, or \"FALSE\" otherwise. Default value is \"FALSE\".\n",
+                                                                    "type": "boolean"
+                                                                },
+                                                                "lacpConfig": {
+                                                                    "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                                    "type": "object"
+                                                                }
+                                                            }
+                                                        },
+                                                        "layer2ControlProtocol": {
+                                                            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                            "type": "object"
+                                                        }
+                                                    }
+                                                },
+                                                "mtuL2": {
+                                                    "description": "Maximum Transmission Unit (MTU) that can be forwarded at layer 2 (in bytes). Default value is \"1500\" (bytes).\n",
+                                                    "type": "number"
+                                                },
+                                                "virtualRoutingAndForwarding": {
+                                                    "description": "Configuration related to the L2 virtual routing and forwarding (MAC-VRF).\n",
+                                                    "type": "object",
+                                                    "required": [
+                                                        "macVrfName"
+                                                    ],
+                                                    "properties": {
+                                                        "macVrfName": {
+                                                            "description": "Name (or identifier) of the MAC-VRF instance.\n",
+                                                            "type": "string"
+                                                        }
+                                                    }
+                                                },
+                                                "forwardingConfig": {
+                                                    "description": "Information related to the forwarding of the VN in the NFVI-PoP to the connectivity service endpoint, if information about the VN to \"stitch\" is already known. . by the OSS/BSS. Shall not be provided otherwise, in which case the NFVO will infer the forwarding configuration based on the NS VL, or external VL, or externally-managed VL provisioning.\n",
+                                                    "type": "object",
+                                                    "oneOf": [
+                                                        {
+                                                            "required": [
+                                                                "networkResources"
+                                                            ]
+                                                        },
+                                                        {
+                                                            "required": [
+                                                                "vnSegmentIds"
+                                                            ]
+                                                        }
+                                                    ],
+                                                    "properties": {
+                                                        "networkResources": {
+                                                            "description": "Reference to the VN resource to be forwarded into/from the MSCS. See note.\n",
+                                                            "type": "array",
+                                                            "items": {
+                                                                "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
+                                                                "type": "object",
+                                                                "required": [
+                                                                    "resourceId"
+                                                                ],
+                                                                "properties": {
+                                                                    "vimId": {
+                                                                        "description": "An identifier with the intention of being globally unique.\n",
+                                                                        "type": "string"
+                                                                    },
+                                                                    "resourceProviderId": {
+                                                                        "description": "An identifier with the intention of being globally unique.\n",
+                                                                        "type": "string"
+                                                                    },
+                                                                    "resourceId": {
+                                                                        "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                        "type": "string"
+                                                                    },
+                                                                    "vimLevelResourceType": {
+                                                                        "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
+                                                                        "type": "string"
+                                                                    },
+                                                                    "vimLevelAdditionalResourceInfo": {
+                                                                        "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
+                                                                        "type": "object",
+                                                                        "properties": {
+                                                                            "hostName": {
+                                                                                "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
+                                                                                "type": "string"
+                                                                            },
+                                                                            "persistentVolume": {
+                                                                                "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
+                                                                                "type": "string"
+                                                                            },
+                                                                            "additionalInfo": {
+                                                                                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                                                "type": "object"
+                                                                            }
+                                                                        }
+                                                                    },
+                                                                    "containerNamespace": {
+                                                                        "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
+                                                                        "type": "string"
+                                                                    }
+                                                                }
+                                                            }
+                                                        },
+                                                        "vnSegmentIds": {
+                                                            "description": "Identifiers of the network segments of the VN resources to be forwarded into/from the MSCS.\n",
+                                                            "type": "object",
+                                                            "required": [
+                                                                "vnSegmentIdValue"
+                                                            ],
+                                                            "properties": {
+                                                                "vnSegmentIdValue": {
+                                                                    "description": "Identifier of the network segment.\n",
+                                                                    "type": "string"
+                                                                },
+                                                                "vnSegmentIdUpperRange": {
+                                                                    "description": "Identifier of the upper range network segment, in case the \"vnSegmentIds\" is used to define a range.\n",
+                                                                    "type": "string"
+                                                                }
+                                                            }
+                                                        }
+                                                    }
+                                                }
+                                            }
+                                        },
+                                        "siteToWanLayer3ProtocolData": {
+                                            "description": "This type provides information about Layer 3 protocol specific information for the stitching of the intra-site VN to the multi-site connectivity service over the WAN. It shall comply with the provisions defined in Table 6.5.3.86-1.\n",
+                                            "type": "object",
+                                            "required": [
+                                                "routingInfo"
+                                            ],
+                                            "properties": {
+                                                "logicalInterfaceIpAddress": {
+                                                    "description": "IP addressing information associated to a logical interface. Shall be present if the \"interfaceType\" of the SiteToWanLayer2ProtocolData is equal to \"LOGICAL\".\n",
+                                                    "type": "object",
+                                                    "required": [
+                                                        "ipAddress",
+                                                        "associatedSegmentId"
+                                                    ],
+                                                    "properties": {
+                                                        "ipAddress": {
+                                                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                            "type": "string",
+                                                            "format": "IP"
+                                                        },
+                                                        "associatedSegmentId": {
+                                                            "description": "The associated segment identifier that has triggered the creation of the logical interface. The value shall be one of the values listed in the \"wanSegmentIds\" of the \"siteToWanLayer2ProtocolData\".\n",
+                                                            "type": "string"
+                                                        }
+                                                    }
+                                                },
+                                                "routingInfo": {
+                                                    "description": "The routing information that is activated on the connectivity service endpoint. More than one \"routingInfo\" is allowed to enable stacking different routing protocols (e.g., one routing protocol for IPv4 and another one for IPv6).\n",
+                                                    "type": "object",
+                                                    "required": [
+                                                        "routingProtocol",
+                                                        "routingAddressFamily"
+                                                    ],
+                                                    "properties": {
+                                                        "routingProtocol": {
+                                                            "description": "The routing protocol that is activated on the connectivity service endpoint. Permitted values: - BGP: used for dynamic routing BGPv4. - RIP: used for dynamic routing RIPv2. - OSPF: used for dynamic routing (OSPF version 2 for IPv4; and OSPF version 3 for IPv6). - STATIC: used for static routing. - DIRECT: used when the NFVI-PoP network is directly connected to the WAN provider network. - VRRP: used when the NFVI-PoP network is directly connected to the WAN provider network with virtual\n  router redundancy protocol support (VRRP).\n",
+                                                            "type": "string",
+                                                            "enum": [
+                                                                "BGP",
+                                                                "RIP",
+                                                                "OSPF",
+                                                                "STATIC",
+                                                                "DIRECT",
+                                                                "VRRP"
+                                                            ]
+                                                        },
+                                                        "staticRouting": {
+                                                            "description": "Defines a static route. It shall only be present if the routingProtocol=\"STATIC\".\n",
+                                                            "type": "object",
+                                                            "required": [
+                                                                "ipVersion",
+                                                                "ipPrefix",
+                                                                "prefixSize",
+                                                                "nextHop"
+                                                            ],
+                                                            "properties": {
+                                                                "ipVersion": {
+                                                                    "description": "The IP version applicable to the routing entry. Permitted values: - IPV4 - IPV6\n",
+                                                                    "type": "string",
+                                                                    "enum": [
+                                                                        "IPV4",
+                                                                        "IPV6"
+                                                                    ]
+                                                                },
+                                                                "ipPrefix": {
+                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                    "type": "string",
+                                                                    "format": "IP"
+                                                                },
+                                                                "prefixSize": {
+                                                                    "description": "The IP prefix size.\n",
+                                                                    "type": "number"
+                                                                },
+                                                                "nextHop": {
+                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                    "type": "string",
+                                                                    "format": "IP"
+                                                                }
+                                                            }
+                                                        },
+                                                        "routingAddressFamily": {
+                                                            "description": "The IP version applicable to the dynamic routing protocol. Shall be present for dynamic routing protocols. Permitted values: - IPV4 - IPV6\n",
+                                                            "type": "string",
+                                                            "enum": [
+                                                                "IPV4",
+                                                                "IPv6"
+                                                            ]
+                                                        },
+                                                        "ospfRouting": {
+                                                            "description": "Defines parameters for OSPF routing. It shall only be present if the routingProtocol=\"OSPF\".\n",
+                                                            "type": "object",
+                                                            "required": [
+                                                                "areaId"
+                                                            ],
+                                                            "properties": {
+                                                                "areaId": {
+                                                                    "description": "The routing area identifier, e.g., a number or an IP address.\n",
+                                                                    "type": "string"
+                                                                }
+                                                            }
+                                                        },
+                                                        "bgpRouting": {
+                                                            "description": "Defines parameters for BGP routing. It shall only be present if the routingProtocol=\"BGP\".\n",
+                                                            "type": "object",
+                                                            "required": [
+                                                                "bgpAs"
+                                                            ],
+                                                            "properties": {
+                                                                "bgpAs": {
+                                                                    "description": "The Autonomous System (AS) identification applicable to the BGP routing info entry.\n",
+                                                                    "type": "object"
+                                                                },
+                                                                "bgpNeighbour": {
+                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                    "type": "string",
+                                                                    "format": "IP"
+                                                                },
+                                                                "bgpAdditionalParam": {
+                                                                    "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                                    "type": "object"
+                                                                }
+                                                            }
+                                                        },
+                                                        "routeMapsDistribution": {
+                                                            "description": "Maps of routes that are permitted or denied for redistribution.\n",
+                                                            "type": "object",
+                                                            "required": [
+                                                                "policy",
+                                                                "sequence",
+                                                                "matchAndSetRule"
+                                                            ],
+                                                            "properties": {
+                                                                "policy": {
+                                                                    "description": "The policy to apply to the route distribution.\nPermitted values: - PERMIT - DENY\n",
+                                                                    "type": "string",
+                                                                    "enum": [
+                                                                        "PERMIT",
+                                                                        "DENY"
+                                                                    ]
+                                                                },
+                                                                "sequence": {
+                                                                    "description": "Sequence or index number assigned to the route-map.\n",
+                                                                    "type": "number"
+                                                                },
+                                                                "matchAndSetRule": {
+                                                                    "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                                    "type": "object"
+                                                                }
+                                                            }
+                                                        }
+                                                    }
+                                                },
+                                                "mtuL3": {
+                                                    "description": "Maximum Transmission Unit (MTU) that can be forwarded at layer 3 (in bytes). Default value is \"1500\" (bytes).\n",
+                                                    "type": "number"
+                                                },
+                                                "virtualRoutingAndForwarding": {
+                                                    "description": "Configuration related to the virtual routing and forwarding (VRF).\n",
+                                                    "type": "object",
+                                                    "required": [
+                                                        "vrfName"
+                                                    ],
+                                                    "properties": {
+                                                        "vrfName": {
+                                                            "description": "Name (or identifier) of the VRF instance.\n",
+                                                            "type": "string"
+                                                        }
+                                                    }
+                                                },
+                                                "bfdConfig": {
+                                                    "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                    "type": "object"
+                                                }
+                                            }
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+        },
+        "dataFlowMirroringInfo": {
+            "description": "Information related to Data Flow Mirroring associated to this NS instance\n",
+            "type": "array",
+            "items": {
+                "description": "This type represents the runtime information that the NFVO holds about a Data Flow Mirroring. \nNOTE: It is responsibility of the NFVO to map the mirroringIds exposed towards the API consumer on the Os-Ma-nfvo reference point with the corresponding identifiers of the data flow mirroring that are created towards the VIM.\n",
+                "type": "object",
+                "required": [
+                    "mirroringId",
+                    "mirroringName",
+                    "description",
+                    "collectorDetails",
+                    "vnfInstanceId",
+                    "cpInstanceId",
+                    "dataFlowData"
+                ],
+                "properties": {
+                    "mirroringId": {
+                        "description": "An identifier with the intention of being globally unique.\n",
+                        "type": "string"
+                    },
+                    "mirroringName": {
+                        "description": "Name of Data Flow Mirroring.\n",
+                        "type": "string"
+                    },
+                    "description": {
+                        "description": "Information description of Data Flow Mirroring\n",
+                        "type": "string"
+                    },
+                    "collectorDetails": {
+                        "description": "This type represents the information about where the mirrored flow is to be delivered.  It shall comply with the provisions defined in table 6.5.3.103-1. NOTE: The collector which is attached to this port can be a virtual machine that uses the mirrored\n     data for analysis purpose. The collector is not managed by VIM.\n",
+                        "type": "object",
+                        "required": [
+                            "collectorId",
+                            "collectorName"
+                        ],
+                        "properties": {
+                            "collectorId": {
+                                "description": "An identifier with the intention of being globally unique.\n",
+                                "type": "string"
+                            },
+                            "collectorName": {
+                                "description": "Name of the collector where the mirrored flow is to be delivered.\n",
+                                "type": "string"
+                            },
+                            "portId": {
+                                "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                "type": "string"
+                            }
+                        }
+                    },
+                    "vnfInstanceId": {
+                        "description": "Identifier of the VNF instance from where the data flows are requested to be mirrored.\n",
+                        "type": "array",
+                        "minItems": 1,
+                        "items": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                        }
+                    },
+                    "cpInstanceId": {
+                        "description": "Identifier of the CP instance from where the data flows are mirrored.\n",
+                        "type": "array",
+                        "minItems": 1,
+                        "items": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                        }
+                    },
+                    "dataFlowData": {
+                        "description": "Information about the data flows to be mirrored\n",
+                        "type": "array",
+                        "minItems": 1,
+                        "items": {
+                            "description": "This type represents the information about the data flows to be mirrored.  It shall comply with the provisions defined in table 6.5.3.101-1. NOTE: A value need not be provided at runtime if the APIconsumer does not  intend to refer to a data flow defined in the NSD.\n",
+                            "type": "object",
+                            "required": [
+                                "DataFlowDetails"
+                            ],
+                            "properties": {
+                                "dataFlowInfoId": {
+                                    "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                                    "type": "string"
+                                },
+                                "dataFlowDetails": {
+                                    "description": "This type represents the detailed information about the data flows that are requested to be mirrored. It shall comply with the provisions defined in table 6.5.3.102-1.\nNOTE 1: It shall be present when dataFlowInfoId in DataFlowData is not provided. NOTE 2: Depends on the value of the direction of the data flow to be mirrored, this attribute defines whether the data flow from the connection point to the target IP address or the data flow from the target IP address to the connection point or both shall be mirrored.\n",
+                                    "type": "object",
+                                    "properties": {
+                                        "description": {
+                                            "description": "Information description of the data flow.\n",
+                                            "type": "string"
+                                        },
+                                        "cpdId": {
+                                            "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                                            "type": "string"
+                                        },
+                                        "direction": {
+                                            "type": "string",
+                                            "description": "The enumeration DirectionType represents the direction of the data flow that are requested to be mirrored. It shall comply with the provisions defined in table 6.5.4.12-1.",
+                                            "enum": [
+                                                "IN",
+                                                "OUT",
+                                                "BOTH"
+                                            ]
+                                        },
+                                        "targetIpAddress": {
+                                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                            "type": "string",
+                                            "format": "IP"
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+        },
+        "nsPaasServiceInfo": {
+            "description": "Information on the PaaS Services assigned and used by an NS constituent  other than VNF instances. See note 4. \n",
+            "type": "array",
+            "items": {
+                "description": "This type provides information about a PaaS Service that is used  by a VNF instance or some other NS constituent. he PaasServiceInfo is  comprised of various sets of information. Some information comes from the  descriptors (e.g.,VNFD or NSD), other information comes from the PaaS Service assets provided by the NFVO to the VNFM, and other information is provided  as runtime information about the usage of the PaaS Service.\nNOTE: Either a \"nsPaasServiceRequestId\" or a \"vnfPaasServiceRequestId\" shall be provided, but not both.\n",
+                "type": "object",
+                "oneOf": [
+                    {
+                        "required": [
+                            "paasServiceId",
+                            "paasServiceType",
+                            "paasServiceHandle",
+                            "nsPaasServiceRequestId"
+                        ]
+                    },
+                    {
+                        "required": [
+                            "paasServiceId",
+                            "paasServiceType",
+                            "paasServiceHandle",
+                            "vnfPaasServiceRequestId"
+                        ]
+                    }
+                ],
+                "properties": {
+                    "id": {
+                        "description": "An identifier with the intention of being globally unique.\n",
+                        "type": "string"
+                    },
+                    "paasServiceId": {
+                        "description": "An identifier with the intention of being globally unique.\n",
+                        "type": "string"
+                    },
+                    "paasServiceType": {
+                        "description": "The type of PaaS Service. The value of this attribute is expected to be matched against values of the registered PaaS Services in the PSR.\n",
+                        "type": "string"
+                    },
+                    "paasServiceVersion": {
+                        "description": "A Version. Representation: string of variable length.\n",
+                        "type": "string"
+                    },
+                    "nsPaasServiceRequestId": {
+                        "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                        "type": "string"
+                    },
+                    "vnfPaasServiceRequestId": {
+                        "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                        "type": "string"
+                    },
+                    "paasServiceHandle": {
+                        "description": "This type provides information enabling the access and use of the PaaS Service by a VNF instance  or some other NS constituent. The type and format of the handle depends on the form that the PaaS  Service is formed.\n",
+                        "type": "object",
+                        "required": [
+                            "id"
+                        ],
+                        "properties": {
+                            "id": {
+                                "description": "An identifier with the intention of being globally unique.\n",
+                                "type": "string"
+                            },
+                            "interfaceInfo": {
+                                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                "type": "object"
+                            },
+                            "accessInfo": {
+                                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                "type": "object"
+                            },
+                            "extra": {
+                                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                "type": "object"
+                            }
+                        }
+                    },
+                    "additionalInfo": {
+                        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                        "type": "object"
+                    }
+                }
+            }
+        },
+        "_links": {
+            "type": "object",
+            "description": "Links to resources related to this resource.",
+            "required": [
+                "self"
+            ],
+            "properties": {
+                "self": {
+                    "description": "This type represents a link to a resource.\n",
+                    "type": "object",
+                    "required": [
+                        "href"
+                    ],
+                    "properties": {
+                        "href": {
+                            "description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
+                            "type": "string",
+                            "format": "url"
+                        }
+                    }
+                },
+                "nestedNsInstances": {
+                    "description": "Links to resources related to this notification.\n",
+                    "type": "array",
+                    "items": {
+                        "description": "This type represents a link to a resource.\n",
+                        "type": "object",
+                        "required": [
+                            "href"
+                        ],
+                        "properties": {
+                            "href": {
+                                "description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
+                                "type": "string",
+                                "format": "url"
+                            }
+                        }
+                    }
+                },
+                "vnfSnapshotInfos": {
+                    "description": "Links to the VNF snapshots associated to VNF instances which are part of this NS instance.\n",
+                    "type": "array",
+                    "items": {
+                        "description": "This type represents a link to a resource.\n",
+                        "type": "object",
+                        "required": [
+                            "href"
+                        ],
+                        "properties": {
+                            "href": {
+                                "description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
+                                "type": "string",
+                                "format": "url"
+                            }
+                        }
+                    }
+                },
+                "instantiate": {
+                    "description": "This type represents a link to a resource.\n",
+                    "type": "object",
+                    "required": [
+                        "href"
+                    ],
+                    "properties": {
+                        "href": {
+                            "description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
+                            "type": "string",
+                            "format": "url"
+                        }
+                    }
+                },
+                "terminate": {
+                    "description": "This type represents a link to a resource.\n",
+                    "type": "object",
+                    "required": [
+                        "href"
+                    ],
+                    "properties": {
+                        "href": {
+                            "description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
+                            "type": "string",
+                            "format": "url"
+                        }
+                    }
+                },
+                "update": {
+                    "description": "This type represents a link to a resource.\n",
+                    "type": "object",
+                    "required": [
+                        "href"
+                    ],
+                    "properties": {
+                        "href": {
+                            "description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
+                            "type": "string",
+                            "format": "url"
+                        }
+                    }
+                },
+                "scale": {
+                    "description": "This type represents a link to a resource.\n",
+                    "type": "object",
+                    "required": [
+                        "href"
+                    ],
+                    "properties": {
+                        "href": {
+                            "description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
+                            "type": "string",
+                            "format": "url"
+                        }
+                    }
+                },
+                "heal": {
+                    "description": "This type represents a link to a resource.\n",
+                    "type": "object",
+                    "required": [
+                        "href"
+                    ],
+                    "properties": {
+                        "href": {
+                            "description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
+                            "type": "string",
+                            "format": "url"
+                        }
+                    }
+                }
+            }
+        }
+    }
+}
\ No newline at end of file
diff --git a/SOL005/NSLifecycleManagement-API/schemas/NsInstances.schema.json b/SOL005/NSLifecycleManagement-API/schemas/NsInstances.schema.json
index 02cd47bc19ee18fcf3aa911e883ff986250136e1..f0d5530849ad7129cf6490c498153c6ebdcb1519 100644
--- a/SOL005/NSLifecycleManagement-API/schemas/NsInstances.schema.json
+++ b/SOL005/NSLifecycleManagement-API/schemas/NsInstances.schema.json
@@ -1,4138 +1,4658 @@
 {
-	"type": "array",
-	"items": {
-	  "description": "This type represents a response for Query NS operation.  It shall comply with the provisions defined in Table 6.5.2.10-1.\nNOTE 1: Void.\n          \"vnfInstance\" attribute or one \"nestedNsInstanceId\" attribute shall be present.\nNOTE 2: The “priority” attribute of the NS instance is configured in the NSD in the NsDf structure.\n          The mapping from application-specific priority values to a value in the NsDf is under OSS/BSS responsibility.\n          The \"zero\" value expresses the highest priority and the fact that the NS instance based on this DF cannot be\n          pre-empted during resource allocation.\nNOTE 3: Examples for the usage of priority include conflict resolution in case of resource shortage\n",
-	  "type": "object",
-	  "required": [
-		"id",
-		"nsInstanceName",
-		"nsInstanceDescription",
-		"nsdId",
-		"nsdInfoId",
-		"nsState",
-		"_links"
-	  ],
-	  "properties": {
-		"id": {
-		  "description": "An identifier with the intention of being globally unique.\n",
-		  "type": "string"
-		},
-		"nsInstanceName": {
-		  "description": "Human readable name of the NS instance.\n",
-		  "type": "string"
-		},
-		"nsInstanceDescription": {
-		  "description": "Human readable description of the NS instance.\n",
-		  "type": "string"
-		},
-		"nsdId": {
-		  "description": "An identifier with the intention of being globally unique.\n",
-		  "type": "string"
-		},
-		"versionDependency": {
-		  "description": "Describes version dependencies currently valid for the nested NS instance. Identifies versions  of descriptors of other constituents in the NSD upon which the nested NS depends.  The dependencies may be described for the NSD referenced in this NsInfo with nsdId and for  NSDs with the same \"nsdExtInvariantId\". There shall not be more than one versionDependency present with the same dependentConstituentId. It may be present for the NsInfo of a nested NS. It shall not be present otherwise.\n",
-		  "type": "array",
-		  "items": {
-			"description": "This type represents the information related to all dependencies that an NSD constituent has on the versions of other NSD constituents.  It shall comply with the provisions defined in table 6.5.3.112-1.\n",
-			"type": "object",
-			"required": [
-			  "dependentConstituentId"
-			],
-			"properties": {
-			  "dependentConstituentId": {
-				"description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-				"type": "string"
-			  },
-			  "versionDependencyStatement": {
-				"description": "Identifies one or multiple versions of an NSD constituents upon which the dependent constituent identified by  dependentConstituentId has a dependency. Cardinality 0 is used to remove an existing version dependency in a profile.\n",
-				"type": "array",
-				"items": {
-				  "description": "This type represents the information related to one or more VNF, NS or PNF descriptor identifiers which describe one  single dependency. When more than one descriptor is indicated, they correspond to different versions of the same VNF,  NS or PNF and they represent alternatives to fulfil the dependency. It shall comply with the provisions defined in  table 6.5.3.113-1.\n",
-				  "type": "object",
-				  "required": [
-					"descriptorId"
-				  ],
-				  "properties": {
-					"descriptorId": {
-					  "description": "Identifies a VNFD, NSD or PNFD upon which the entity using this data type depends. When more than one descriptor is indicated, they shall correspond to versions of the same VNF, NS or PNF and they represent alternatives, i.e. the presence of one of them fulfills the dependency.",
-					  "type": "array",
-					  "items": {
-						"description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-						"type": "string"
-					  }
-					}
-				  }
-				}
-			  }
-			}
-		  }
-		},
-		"nsdInfoId": {
-		  "description": "An identifier with the intention of being globally unique.\n",
-		  "type": "string"
-		},
-		"flavourId": {
-		  "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-		  "type": "string"
-		},
-		"priority": {
-		  "description": "A number as defined in IETF RFC 8259.\n",
-		  "type": "number"
-		},
-		"vnfInstance": {
-		  "description": "Information on constituent VNF(s) of the NS instance.\n",
-		  "type": "array",
-		  "items": {
-			"description": "This type represents a VNF instance. It shall comply with the provisions defined in table 6.5.3.57-1.\nNOTE: Clause B.3.2 of ETSI GS NFV-SOL 003 provides examples illustrating the relationship among the \n      different run-time data types (CP, VL and link ports) used to represent the connectivity \n      of a VNF.\n\nNOTE 1: Modifying the value of this attribute shall not be performed when conflicts exist between the \n        previous and the newly referred VNF package, i.e. when the new VNFD is changed with respect to \n        the previous VNFD in other aspects than merely referencing to other VNF software images. \n        In order to avoid misalignment of the VnfInstance with the current VNF's on-boarded VNF Package, \n        the values of attributes in the VnfInstance that have corresponding attributes in the VNFD shall \n        be kept in sync with the values in the VNFD.\nNOTE 2: ETSI GS NFV-SOL 001 specifies the structure and format of the VNFD based on TOSCA specifications. NOTE 3: VNF configurable properties are sometimes also referred to as configuration parameters applicable \n        to a VNF. Some of these are set prior to instantiation and cannot be modified if the VNF is instantiated, \n        some are set prior to instantiation (are part of initial configuration) and can be modified later, \n        and others can be set only after instantiation. The applicability of certain configuration may depend \n        on the VNF and the required operation of the VNF at a certain point in time.\nNOTE 4: It is possible to have several ExtManagedVirtualLinkInfo for the same VNF internal VL in case of a \n        multi-site VNF spanning several VIMs. The set of ExtManagedVirtualLinkInfo corresponding to the same \n        VNF internal VL shall indicate so by referencing to the same VnfVirtualLinkDesc and externally-managed \n        multi-site VL instance (refer to clause 6.5.3.59).\nNOTE 5: Even though externally-managed internal VLs are also used for VNF-internal connectivity, they shall not \n        be listed in the \"vnfVirtualLinkResourceInfo\" attribute as this would be redundant.\n",
-			"type": "object",
-			"required": [
-			  "id",
-			  "vnfdId",
-			  "vnfProvider",
-			  "vnfProductName",
-			  "vnfSoftwareVersion",
-			  "vnfdVersion",
-			  "vnfPkgId",
-			  "instantiationState"
-			],
-			"properties": {
-			  "id": {
-				"description": "An identifier with the intention of being globally unique.\n",
-				"type": "string"
-			  },
-			  "vnfInstanceName": {
-				"description": "Name of the VNF instance. Modifications to this attribute can be requested using the \"ModifyVnfInfoData\" structure.\n",
-				"type": "string"
-			  },
-			  "vnfInstanceDescription": {
-				"description": "Human-readable description of the VNF instance. Modifications to this attribute can be requested using the \"ModifyVnfInfoData\" structure.\n",
-				"type": "string"
-			  },
-			  "vnfdId": {
-				"description": "An identifier with the intention of being globally unique.\n",
-				"type": "string"
-			  },
-			  "vnfProvider": {
-				"description": "Provider of the VNF and the VNFD. The value is copied from the VNFD.\n",
-				"type": "string"
-			  },
-			  "vnfProductName": {
-				"description": "Name to identify the VNF Product. The value is copied from the VNFD.\n",
-				"type": "string"
-			  },
-			  "vnfSoftwareVersion": {
-				"description": "A Version. Representation: string of variable length.\n",
-				"type": "string"
-			  },
-			  "vnfdVersion": {
-				"description": "A Version. Representation: string of variable length.\n",
-				"type": "string"
-			  },
-			  "versionDependency": {
-				"description": "Describes version dependencies currently valid for the VNF instance. Identifies versions of descriptors of other constituents in the NSD upon which the VNF depends. The dependencies may be described for the VNFD referenced in this VnfInfo with \"vnfdId\" and for VNFDs with the same \"vnfdExtInvariantId\". There shall not be more than one \"versionDependency\" present with the same dependentConstituentId.\n",
-				"type": "array",
-				"items": {
-				  "description": "This type represents the information related to all dependencies that an NSD constituent has on the versions of other NSD constituents.  It shall comply with the provisions defined in table 6.5.3.112-1.\n",
-				  "type": "object",
-				  "required": [
-					"dependentConstituentId"
-				  ],
-				  "properties": {
-					"dependentConstituentId": {
-					  "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-					  "type": "string"
-					},
-					"versionDependencyStatement": {
-					  "description": "Identifies one or multiple versions of an NSD constituents upon which the dependent constituent identified by  dependentConstituentId has a dependency. Cardinality 0 is used to remove an existing version dependency in a profile.\n",
-					  "type": "array",
-					  "items": {
-						"description": "This type represents the information related to one or more VNF, NS or PNF descriptor identifiers which describe one  single dependency. When more than one descriptor is indicated, they correspond to different versions of the same VNF,  NS or PNF and they represent alternatives to fulfil the dependency. It shall comply with the provisions defined in  table 6.5.3.113-1.\n",
-						"type": "object",
-						"required": [
-						  "descriptorId"
-						],
-						"properties": {
-						  "descriptorId": {
-							"description": "Identifies a VNFD, NSD or PNFD upon which the entity using this data type depends. When more than one descriptor is indicated, they shall correspond to versions of the same VNF, NS or PNF and they represent alternatives, i.e. the presence of one of them fulfills the dependency.",
-							"type": "array",
-							"items": {
-							  "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-							  "type": "string"
-							}
-						  }
-						}
-					  }
-					}
-				  }
-				}
-			  },
-			  "vnfPkgId": {
-				"description": "An identifier with the intention of being globally unique.\n",
-				"type": "string"
-			  },
-			  "vnfConfigurableProperties": {
-				"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-				"type": "object"
-			  },
-			  "vimId": {
-				"description": "An identifier with the intention of being globally unique.\n",
-				"type": "string"
-			  },
-			  "instantiationState": {
-				"description": "The instantiation state of the VNF.\nPermitted values: - NOT_INSTANTIATED: The VNF instance is terminated or not instantiated. - INSTANTIATED: The VNF instance is instantiated.\n",
-				"type": "string",
-				"enum": [
-				  "NOT_INSTANTIATED",
-				  "INSTANTIATED"
-				]
-			  },
-			  "instantiatedVnfInfo": {
-				"description": "Information specific to an instantiated VNF instance. This attribute shall be present if the instantiateState attribute value is INSTANTIATED.\n",
-				"type": "object",
-				"required": [
-				  "flavourId",
-				  "vnfState",
-				  "extCpInfo"
-				],
-				"properties": {
-				  "flavourId": {
-					"description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-					"type": "string"
-				  },
-				  "vnfState": {
-					"type": "string",
-					"enum": [
-					  "STARTED",
-					  "STOPPED"
-					]
-				  },
-				  "scaleStatus": {
-					"description": "Scale status of the VNF, one entry per aspect. Represents for every scaling aspect how \"big\" the VNF has been scaled w.r.t. that aspect.\n",
-					"type": "array",
-					"items": {
-					  "required": [
-						"aspectId",
-						"scaleLevel"
-					  ],
-					  "type": "object",
-					  "properties": {
-						"aspectId": {
-						  "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-						  "type": "string"
-						},
-						"vnfdId": {
-						  "description": "An identifier with the intention of being globally unique.\n",
-						  "type": "string"
-						},
-						"scaleLevel": {
-						  "description": "Indicates the scale level. The minimum value shall be 0 and the maximum value shall be <= maxScaleLevel as described in the VNFD.\n",
-						  "type": "integer"
-						}
-					  }
-					}
-				  },
-				  "maxScaleLevels": {
-					"description": "Maximum allowed scale levels of the VNF, one entry per aspect. This attribute shall be present if the VNF supports scaling.\n",
-					"type": "array",
-					"items": {
-					  "required": [
-						"aspectId",
-						"scaleLevel"
-					  ],
-					  "type": "object",
-					  "properties": {
-						"aspectId": {
-						  "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-						  "type": "string"
-						},
-						"vnfdId": {
-						  "description": "An identifier with the intention of being globally unique.\n",
-						  "type": "string"
-						},
-						"scaleLevel": {
-						  "description": "Indicates the scale level. The minimum value shall be 0 and the maximum value shall be <= maxScaleLevel as described in the VNFD.\n",
-						  "type": "integer"
-						}
-					  }
-					}
-				  },
-				  "extCpInfo": {
-					"description": "Information about the external CPs exposed by the VNF instance. When trunking is enabled, the list of entries includes both, external CPs corresponding to parent ports of a trunk, and external CPs associated to sub-ports of a trunk.\n",
-					"type": "array",
-					"minItems": 1,
-					"items": {
-					  "description": "This type represents information about an external CP of a VNF. It shall comply  with the provisions defined in Table 6.5.3.70-1. NOTE 1: The attributes attributes \"associatedVnfcCpId\", \"associatedVipCpId\", \"associatedVirtualCpId\" and \"associatedVnfVirtualLinkId\" are mutually exclusive. Exactly one shall be present. NOTE 2: An external CP instance is not associated to a link port in the cases indicated for the “extLinkPorts” attribute in clause 6.5.3.26. NOTE 3:  Cardinality greater than 1 is only applicable for specific cases where more than one network attachment definition resource is needed to fulfil the connectivity requirements of the external CP, e.g. to build a link redundant mated pair in SR-IOV cases. NOTE 4:  When more than one \"netAttDefResourceId\" is indicated, all shall belong to the same namespace.\n",
-					  "type": "object",
-					  "required": [
-						"id",
-						"cpdId",
-						"cpProtocolInfo"
-					  ],
-					  "oneOf": [
-						{
-						  "required": [
-							"associatedVnfcCpId"
-						  ]
-						},
-						{
-						  "required": [
-							"associatedVipCpId"
-						  ]
-						},
-						{
-						  "required": [
-							"associatedVirtualCpId"
-						  ]
-						},
-						{
-						  "required": [
-							"associatedVnfVirtualLinkId"
-						  ]
-						}
-					  ],
-					  "properties": {
-						"id": {
-						  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						  "type": "string"
-						},
-						"cpdId": {
-						  "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-						  "type": "string"
-						},
-						"cpConfigId": {
-						  "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-						  "type": "string"
-						},
-						"vnfdId": {
-						  "description": "An identifier with the intention of being globally unique.\n",
-						  "type": "string"
-						},
-						"cpProtocolInfo": {
-						  "description": "Network protocol information for this CP.\n",
-						  "type": "array",
-						  "minItems": 1,
-						  "items": {
-							"description": "This type describes the protocol layer(s) that a CP or SAP uses together with protocol-related information, like addresses. It shall comply with the provisions defined in Table 6.5.3.58-1. NOTE: This attribute allows to signal the addition of further types of layer and protocol in future versions of the present document in a backwards-compatible way. In the current version of the present document, only IP over Ethernet is supported.\n",
-							"type": "object",
-							"required": [
-							  "layerProtocol",
-							  "ipOverEthernet"
-							],
-							"properties": {
-							  "layerProtocol": {
-								"description": "The identifier of layer(s) and protocol(s) associated to the network address information. Permitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
-								"type": "string",
-								"enum": [
-								  "IP_OVER_ETHERNET",
-								  "IP_FOR_VIRTUAL_CP"
-								]
-							  },
-							  "ipOverEthernet": {
-								"description": "This type represents information about a network address that has been assigned.\nNOTE 1: At least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2: Exactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3: If the Cp instance represents a subport in a trunk, \"segmentationId\" shall be present. Otherwise it shall not be present. NOTE 4: Depending on the NFVI networking infrastructure, the \"segmentationId\" may indicate the actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header of the packets or it may be an identifier used between the application and the NFVI networking infrastructure to identify the network sub-interface of the trunk port in question. In the latter case the NFVI infrastructure will map this local \"segmentationId\" to whatever \"segmentationId\" is actually used by the NFVI's transport technology.\n",
-								"type": "object",
-								"anyOf": [
-								  {
-									"required": [
-									  "macAddress"
-									]
-								  },
-								  {
-									"required": [
-									  "ipAddresses"
-									]
-								  }
-								],
-								"properties": {
-								  "macAddress": {
-									"description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
-									"type": "string",
-									"format": "MAC"
-								  },
-								  "segmentationId": {
-									"description": "Identification of the network segment to which the Cp instance connects to. See note 3 and note 4.\n",
-									"type": "string"
-								  },
-								  "ipAddresses": {
-									"description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or dynamic IP address assignment per subnet. See note 1.\n",
-									"type": "array",
-									"items": {
-									  "type": "object",
-									  "required": [
-										"type"
-									  ],
-									  "oneOf": [
-										{
-										  "required": [
-											"addresses"
-										  ]
-										},
-										{
-										  "required": [
-											"addressRange"
-										  ]
-										}
-									  ],
-									  "properties": {
-										"type": {
-										  "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
-										  "type": "string",
-										  "enum": [
-											"IPV4",
-											"IPV6"
-										  ]
-										},
-										"addresses": {
-										  "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
-										  "type": "array",
-										  "items": {
-											"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-											"type": "string",
-											"format": "IP"
-										  }
-										},
-										"isDynamic": {
-										  "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
-										  "type": "boolean"
-										},
-										"addressRange": {
-										  "description": "An IP address range used, e.g., in case of egress connections. Exactly one of \"addresses\" or \"addressRange\" shall be present. See note 2.\n",
-										  "type": "object",
-										  "required": [
-											"minAddress",
-											"maxAddress"
-										  ],
-										  "properties": {
-											"minAddress": {
-											  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-											  "type": "string",
-											  "format": "IP"
-											},
-											"maxAddress": {
-											  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-											  "type": "string",
-											  "format": "IP"
-											}
-										  }
-										},
-										"subnetId": {
-										  "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-										  "type": "string"
-										}
-									  }
-									}
-								  },
-								  "type": {
-									"description": "The type of the IP addresses\n",
-									"type": "string",
-									"enum": [
-									  "PV4",
-									  "PV6"
-									]
-								  },
-								  "addresses": {
-									"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									"type": "string",
-									"format": "IP"
-								  },
-								  "isDynamic": {
-									"description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
-									"type": "boolean"
-								  },
-								  "addressRange": {
-									"description": "An IP address range used, e.g. in case of egress connections. See note.\n",
-									"type": "object",
-									"required": [
-									  "minAddress",
-									  "maxAddress"
-									],
-									"properties": {
-									  "minAddress": {
-										"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-										"type": "string",
-										"format": "IP"
-									  },
-									  "maxAddress": {
-										"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-										"type": "string",
-										"format": "IP"
-									  }
-									}
-								  },
-								  "minAddress": {
-									"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									"type": "string",
-									"format": "IP"
-								  },
-								  "maxAddress": {
-									"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									"type": "string",
-									"format": "IP"
-								  },
-								  "subnetId": {
-									"description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-									"type": "string"
-								  }
-								}
-							  },
-							  "virtualCpAddress": {
-								"description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
-								"type": "object",
-								"required": [
-								  "type"
-								],
-								"properties": {
-								  "type": {
-									"description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
-									"type": "string",
-									"enum": [
-									  "IPV4",
-									  "IPV6"
-									]
-								  },
-								  "loadBalancerIp": {
-									"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									"type": "string",
-									"format": "IP"
-								  },
-								  "addressPoolName": {
-									"description": "Name of an address pool from which an IP address is assigned to the virtual CP.",
-									"type": "string"
-								  }
-								}
-							  }
-							}
-						  }
-						},
-						"extLinkPortId": {
-						  "description": "An identifier with the intention of being globally unique.\n",
-						  "type": "string"
-						},
-						"netAttDefResourceId": {
-						  "description": "Identifier of the \"NetAttDefResourceInfo\" structure that provides the  specification of the interface to attach the connection point to a secondary container cluster network. See notes 3 and 4.\nIt shall be present if the external CP is associated to a VNFC realized  by one or a set of OS containers and is connected to a secondary container  cluster network. It shall not be present otherwise.\n",
-						  "type": "array",
-						  "items": {
-							"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-							"type": "string"
-						  }
-						},
-						"metadata": {
-						  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-						  "type": "object"
-						},
-						"associatedVnfcCpId": {
-						  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						  "type": "string"
-						},
-						"associatedVipCpId": {
-						  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						  "type": "string"
-						},
-						"associatedVirtualCpId": {
-						  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						  "type": "string"
-						},
-						"associatedVnfVirtualLinkId": {
-						  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						  "type": "string"
-						}
-					  }
-					}
-				  },
-				  "vipCpInfo": {
-					"description": "VIP CPs that are part of the VNF instance. Shall be present when that particular VIP CP of the VNFC instance is associated to an external CP of the VNF instance. May be present otherwise.\n",
-					"type": "array",
-					"items": {
-					  "description": "This type provides information related to virtual IP (VIP) CP. It shall comply with the provisions defined in table 6.5.3.97 1. NOTE:   It is possible that there is no associated VnfcCp because the VIP CP is available but not associated yet.\n",
-					  "type": "object",
-					  "required": [
-						"cpInstanceId",
-						"cpdId"
-					  ],
-					  "properties": {
-						"cpInstanceId": {
-						  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						  "type": "string"
-						},
-						"cpdId": {
-						  "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-						  "type": "string"
-						},
-						"vnfdId": {
-						  "description": "An identifier with the intention of being globally unique.\n",
-						  "type": "string"
-						},
-						"vnfExtCpId": {
-						  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						  "type": "string"
-						},
-						"cpProtocolInfo": {
-						  "description": "Protocol information for this CP. There shall be one cpProtocolInfo for layer 3. There may be one cpProtocolInfo for layer 2.\n",
-						  "type": "array",
-						  "items": {
-							"description": "This type describes the protocol layer(s) that a CP or SAP uses together with protocol-related information, like addresses. It shall comply with the provisions defined in Table 6.5.3.58-1. NOTE: This attribute allows to signal the addition of further types of layer and protocol in future versions of the present document in a backwards-compatible way. In the current version of the present document, only IP over Ethernet is supported.\n",
-							"type": "object",
-							"required": [
-							  "layerProtocol",
-							  "ipOverEthernet"
-							],
-							"properties": {
-							  "layerProtocol": {
-								"description": "The identifier of layer(s) and protocol(s) associated to the network address information. Permitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
-								"type": "string",
-								"enum": [
-								  "IP_OVER_ETHERNET",
-								  "IP_FOR_VIRTUAL_CP"
-								]
-							  },
-							  "ipOverEthernet": {
-								"description": "This type represents information about a network address that has been assigned.\nNOTE 1: At least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2: Exactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3: If the Cp instance represents a subport in a trunk, \"segmentationId\" shall be present. Otherwise it shall not be present. NOTE 4: Depending on the NFVI networking infrastructure, the \"segmentationId\" may indicate the actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header of the packets or it may be an identifier used between the application and the NFVI networking infrastructure to identify the network sub-interface of the trunk port in question. In the latter case the NFVI infrastructure will map this local \"segmentationId\" to whatever \"segmentationId\" is actually used by the NFVI's transport technology.\n",
-								"type": "object",
-								"anyOf": [
-								  {
-									"required": [
-									  "macAddress"
-									]
-								  },
-								  {
-									"required": [
-									  "ipAddresses"
-									]
-								  }
-								],
-								"properties": {
-								  "macAddress": {
-									"description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
-									"type": "string",
-									"format": "MAC"
-								  },
-								  "segmentationId": {
-									"description": "Identification of the network segment to which the Cp instance connects to. See note 3 and note 4.\n",
-									"type": "string"
-								  },
-								  "ipAddresses": {
-									"description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or dynamic IP address assignment per subnet. See note 1.\n",
-									"type": "array",
-									"items": {
-									  "type": "object",
-									  "required": [
-										"type"
-									  ],
-									  "oneOf": [
-										{
-										  "required": [
-											"addresses"
-										  ]
-										},
-										{
-										  "required": [
-											"addressRange"
-										  ]
-										}
-									  ],
-									  "properties": {
-										"type": {
-										  "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
-										  "type": "string",
-										  "enum": [
-											"IPV4",
-											"IPV6"
-										  ]
-										},
-										"addresses": {
-										  "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
-										  "type": "array",
-										  "items": {
-											"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-											"type": "string",
-											"format": "IP"
-										  }
-										},
-										"isDynamic": {
-										  "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
-										  "type": "boolean"
-										},
-										"addressRange": {
-										  "description": "An IP address range used, e.g., in case of egress connections. Exactly one of \"addresses\" or \"addressRange\" shall be present. See note 2.\n",
-										  "type": "object",
-										  "required": [
-											"minAddress",
-											"maxAddress"
-										  ],
-										  "properties": {
-											"minAddress": {
-											  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-											  "type": "string",
-											  "format": "IP"
-											},
-											"maxAddress": {
-											  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-											  "type": "string",
-											  "format": "IP"
-											}
-										  }
-										},
-										"subnetId": {
-										  "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-										  "type": "string"
-										}
-									  }
-									}
-								  },
-								  "type": {
-									"description": "The type of the IP addresses\n",
-									"type": "string",
-									"enum": [
-									  "PV4",
-									  "PV6"
-									]
-								  },
-								  "addresses": {
-									"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									"type": "string",
-									"format": "IP"
-								  },
-								  "isDynamic": {
-									"description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
-									"type": "boolean"
-								  },
-								  "addressRange": {
-									"description": "An IP address range used, e.g. in case of egress connections. See note.\n",
-									"type": "object",
-									"required": [
-									  "minAddress",
-									  "maxAddress"
-									],
-									"properties": {
-									  "minAddress": {
-										"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-										"type": "string",
-										"format": "IP"
-									  },
-									  "maxAddress": {
-										"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-										"type": "string",
-										"format": "IP"
-									  }
-									}
-								  },
-								  "minAddress": {
-									"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									"type": "string",
-									"format": "IP"
-								  },
-								  "maxAddress": {
-									"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									"type": "string",
-									"format": "IP"
-								  },
-								  "subnetId": {
-									"description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-									"type": "string"
-								  }
-								}
-							  },
-							  "virtualCpAddress": {
-								"description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
-								"type": "object",
-								"required": [
-								  "type"
-								],
-								"properties": {
-								  "type": {
-									"description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
-									"type": "string",
-									"enum": [
-									  "IPV4",
-									  "IPV6"
-									]
-								  },
-								  "loadBalancerIp": {
-									"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									"type": "string",
-									"format": "IP"
-								  },
-								  "addressPoolName": {
-									"description": "Name of an address pool from which an IP address is assigned to the virtual CP.",
-									"type": "string"
-								  }
-								}
-							  }
-							}
-						  }
-						},
-						"associatedVnfcCpIds": {
-						  "description": "Identifiers of the VnfcCps that share the virtual IP addresse allocated to the VIP CP instance. See note.\n",
-						  "type": "array",
-						  "items": {
-							"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-							"type": "string"
-						  }
-						},
-						"vnfLinkPortId": {
-						  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						  "type": "string"
-						},
-						"metadata": {
-						  "description": "Allows the OSS/BSS to provide additional parameter(s) to the termination process at the NS level.\n",
-						  "type": "array",
-						  "items": {
-							"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-							"type": "object"
-						  }
-						}
-					  }
-					}
-				  },
-				  "virtualCpInfo": {
-					"description": "virtual CPs that are part of the VNF instance. Shall be present when a particular virtual CP is associated to an external CP of the VNF  instance. May be present otherwise.\n",
-					"type": "array",
-					"items": {
-					  "description": "This type represents the information related to a virtual CP instance of a VNF. NOTE: A consumer of the VNF LCM interface can learn the actual VNFC instances implementing  the service accessible via the virtual CP instance by querying the \"vnfcResourceInfo\" from the \"InstantiatedVnfInfo\" and filtering by corresponding \"vduId\" values.",
-					  "type": "object",
-					  "required": [
-						"cpInstanceId",
-						"cpdId",
-						"resourceHandle",
-						"vduId"
-					  ],
-					  "properties": {
-						"cpInstanceId": {
-						  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						  "type": "string"
-						},
-						"cpdId": {
-						  "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-						  "type": "string"
-						},
-						"resourceHandle": {
-						  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
-						  "type": "object",
-						  "required": [
-							"resourceId"
-						  ],
-						  "properties": {
-							"vimId": {
-							  "description": "An identifier with the intention of being globally unique.\n",
-							  "type": "string"
-							},
-							"resourceProviderId": {
-							  "description": "An identifier with the intention of being globally unique.\n",
-							  "type": "string"
-							},
-							"resourceId": {
-							  "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-							  "type": "string"
-							},
-							"vimLevelResourceType": {
-							  "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
-							  "type": "string"
-							},
-							"vimLevelAdditionalResourceInfo": {
-							  "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
-							  "type": "object",
-							  "properties": {
-								"hostName": {
-								  "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
-								  "type": "string"
-								},
-								"persistentVolume": {
-								  "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
-								  "type": "string"
-								},
-								"additionalInfo": {
-								  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-								  "type": "object"
-								}
-							  }
-							},
-							"containerNamespace": {
-							  "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
-							  "type": "string"
-							}
-						  }
-						},
-						"vnfExtCpId": {
-						  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						  "type": "string"
-						},
-						"cpProtocolInfo": {
-						  "description": "Protocol information for this CP. There shall be one cpProtocolInfo for each layer protocol supported.\n",
-						  "type": "array",
-						  "items": {
-							"description": "This type describes the protocol layer(s) that a CP or SAP uses together with protocol-related information, like addresses. It shall comply with the provisions defined in Table 6.5.3.58-1. NOTE: This attribute allows to signal the addition of further types of layer and protocol in future versions of the present document in a backwards-compatible way. In the current version of the present document, only IP over Ethernet is supported.\n",
-							"type": "object",
-							"required": [
-							  "layerProtocol",
-							  "ipOverEthernet"
-							],
-							"properties": {
-							  "layerProtocol": {
-								"description": "The identifier of layer(s) and protocol(s) associated to the network address information. Permitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
-								"type": "string",
-								"enum": [
-								  "IP_OVER_ETHERNET",
-								  "IP_FOR_VIRTUAL_CP"
-								]
-							  },
-							  "ipOverEthernet": {
-								"description": "This type represents information about a network address that has been assigned.\nNOTE 1: At least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2: Exactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3: If the Cp instance represents a subport in a trunk, \"segmentationId\" shall be present. Otherwise it shall not be present. NOTE 4: Depending on the NFVI networking infrastructure, the \"segmentationId\" may indicate the actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header of the packets or it may be an identifier used between the application and the NFVI networking infrastructure to identify the network sub-interface of the trunk port in question. In the latter case the NFVI infrastructure will map this local \"segmentationId\" to whatever \"segmentationId\" is actually used by the NFVI's transport technology.\n",
-								"type": "object",
-								"anyOf": [
-								  {
-									"required": [
-									  "macAddress"
-									]
-								  },
-								  {
-									"required": [
-									  "ipAddresses"
-									]
-								  }
-								],
-								"properties": {
-								  "macAddress": {
-									"description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
-									"type": "string",
-									"format": "MAC"
-								  },
-								  "segmentationId": {
-									"description": "Identification of the network segment to which the Cp instance connects to. See note 3 and note 4.\n",
-									"type": "string"
-								  },
-								  "ipAddresses": {
-									"description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or dynamic IP address assignment per subnet. See note 1.\n",
-									"type": "array",
-									"items": {
-									  "type": "object",
-									  "required": [
-										"type"
-									  ],
-									  "oneOf": [
-										{
-										  "required": [
-											"addresses"
-										  ]
-										},
-										{
-										  "required": [
-											"addressRange"
-										  ]
-										}
-									  ],
-									  "properties": {
-										"type": {
-										  "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
-										  "type": "string",
-										  "enum": [
-											"IPV4",
-											"IPV6"
-										  ]
-										},
-										"addresses": {
-										  "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
-										  "type": "array",
-										  "items": {
-											"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-											"type": "string",
-											"format": "IP"
-										  }
-										},
-										"isDynamic": {
-										  "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
-										  "type": "boolean"
-										},
-										"addressRange": {
-										  "description": "An IP address range used, e.g., in case of egress connections. Exactly one of \"addresses\" or \"addressRange\" shall be present. See note 2.\n",
-										  "type": "object",
-										  "required": [
-											"minAddress",
-											"maxAddress"
-										  ],
-										  "properties": {
-											"minAddress": {
-											  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-											  "type": "string",
-											  "format": "IP"
-											},
-											"maxAddress": {
-											  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-											  "type": "string",
-											  "format": "IP"
-											}
-										  }
-										},
-										"subnetId": {
-										  "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-										  "type": "string"
-										}
-									  }
-									}
-								  },
-								  "type": {
-									"description": "The type of the IP addresses\n",
-									"type": "string",
-									"enum": [
-									  "PV4",
-									  "PV6"
-									]
-								  },
-								  "addresses": {
-									"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									"type": "string",
-									"format": "IP"
-								  },
-								  "isDynamic": {
-									"description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
-									"type": "boolean"
-								  },
-								  "addressRange": {
-									"description": "An IP address range used, e.g. in case of egress connections. See note.\n",
-									"type": "object",
-									"required": [
-									  "minAddress",
-									  "maxAddress"
-									],
-									"properties": {
-									  "minAddress": {
-										"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-										"type": "string",
-										"format": "IP"
-									  },
-									  "maxAddress": {
-										"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-										"type": "string",
-										"format": "IP"
-									  }
-									}
-								  },
-								  "minAddress": {
-									"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									"type": "string",
-									"format": "IP"
-								  },
-								  "maxAddress": {
-									"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									"type": "string",
-									"format": "IP"
-								  },
-								  "subnetId": {
-									"description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-									"type": "string"
-								  }
-								}
-							  },
-							  "virtualCpAddress": {
-								"description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
-								"type": "object",
-								"required": [
-								  "type"
-								],
-								"properties": {
-								  "type": {
-									"description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
-									"type": "string",
-									"enum": [
-									  "IPV4",
-									  "IPV6"
-									]
-								  },
-								  "loadBalancerIp": {
-									"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									"type": "string",
-									"format": "IP"
-								  },
-								  "addressPoolName": {
-									"description": "Name of an address pool from which an IP address is assigned to the virtual CP.",
-									"type": "string"
-								  }
-								}
-							  }
-							}
-						  }
-						},
-						"vduId": {
-						  "description": "Reference to the VDU(s) which implement the service accessible via the virtual CP instance. See note.\n",
-						  "type": "array",
-						  "items": {
-							"description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-							"type": "string"
-						  }
-						},
-						"additionalServiceInfo": {
-						  "description": "Additional service identification information of the virtual CP instance.\n",
-						  "type": "array",
-						  "items": {
-							"description": "This type represents the additional service information of the virtual CP instance used to expose properties of the virtual CP to NFV-MANO.\nNOTE: This attribute shall only be present if additional information is needed to identify the service termination within the VNF, such as for example a URL path information in an HTTP request required to allow a single virtual CP IP address to be used for several HTTP based services that use the same port number.",
-							"type": "object",
-							"required": [
-							  "portInfo"
-							],
-							"properties": {
-							  "portInfo": {
-								"description": "Service port numbers exposed by the virtual CP instance.\n",
-								"type": "array",
-								"items": {
-								  "description": "This type represents the information related to the service identifying port properties exposed by the virtual CP instance.",
-								  "type": "object",
-								  "required": [
-									"name",
-									"protocol",
-									"port",
-									"isPortConfigurable"
-								  ],
-								  "properties": {
-									"name": {
-									  "description": "The name of the port exposed by the virtual CP instance.\n",
-									  "type": "string"
-									},
-									"protocol": {
-									  "description": "The L4 protocol for this port exposed by the virtual CP instance.\n  Permitted values:\n  - TCP\n  - UDP\n  - SCTP\n",
-									  "type": "string",
-									  "enum": [
-										"TCP",
-										"UDP",
-										"SCTP"
-									  ]
-									},
-									"port": {
-									  "description": "The L4 port number exposed by the virtual CP instance.\n",
-									  "type": "integer"
-									},
-									"isPortConfigurable": {
-									  "description": "Specifies whether the port attribute value is allowed to be configurable.\n",
-									  "type": "boolean"
-									}
-								  }
-								}
-							  },
-							  "serviceInfo": {
-								"description": "Service matching information exposed by the virtual CP instance. See note.\n",
-								"type": "array",
-								"items": {
-								  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-								  "type": "object"
-								}
-							  }
-							}
-						  }
-						},
-						"metadata": {
-						  "description": "Metadata about this virtual CP instance.\n",
-						  "type": "array",
-						  "items": {
-							"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-							"type": "object"
-						  }
-						}
-					  }
-					}
-				  },
-				  "extVirtualLinkInfo": {
-					"description": "Information about the external VLs the VNF instance is connected to.\n",
-					"type": "array",
-					"items": {
-					  "description": "This type represents information about an VNF external VL.",
-					  "type": "object",
-					  "required": [
-						"id",
-						"resourceHandle",
-						"currentVnfExtCpData"
-					  ],
-					  "properties": {
-						"id": {
-						  "description": "An identifier with the intention of being globally unique.\n",
-						  "type": "string"
-						},
-						"resourceHandle": {
-						  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
-						  "type": "object",
-						  "required": [
-							"resourceId"
-						  ],
-						  "properties": {
-							"vimId": {
-							  "description": "An identifier with the intention of being globally unique.\n",
-							  "type": "string"
-							},
-							"resourceProviderId": {
-							  "description": "An identifier with the intention of being globally unique.\n",
-							  "type": "string"
-							},
-							"resourceId": {
-							  "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-							  "type": "string"
-							},
-							"vimLevelResourceType": {
-							  "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
-							  "type": "string"
-							},
-							"vimLevelAdditionalResourceInfo": {
-							  "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
-							  "type": "object",
-							  "properties": {
-								"hostName": {
-								  "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
-								  "type": "string"
-								},
-								"persistentVolume": {
-								  "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
-								  "type": "string"
-								},
-								"additionalInfo": {
-								  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-								  "type": "object"
-								}
-							  }
-							},
-							"containerNamespace": {
-							  "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
-							  "type": "string"
-							}
-						  }
-						},
-						"extLinkPorts": {
-						  "description": "Link ports of this VL.\n",
-						  "type": "array",
-						  "items": {
-							"description": "This type represents information about a link port of an external VL, i.e. a port providing connectivity for the VNF to an NS VL. NOTE 1: The use cases UC#4 and UC#5 in Annex A.4 of ETSI GS NFV-IFA 007 provide examples for such a configuration. NOTE 2: The value of \"trunkResourceId\" is scoped by the value of \"vimConnectionId\" in the \"resourceHandle\" attribute.\n",
-							"type": "object",
-							"required": [
-							  "id",
-							  "resourceHandle"
-							],
-							"properties": {
-							  "id": {
-								"description": "An identifier with the intention of being globally unique.\n",
-								"type": "string"
-							  },
-							  "resourceHandle": {
-								"description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
-								"type": "object",
-								"required": [
-								  "resourceId"
-								],
-								"properties": {
-								  "vimId": {
-									"description": "An identifier with the intention of being globally unique.\n",
-									"type": "string"
-								  },
-								  "resourceProviderId": {
-									"description": "An identifier with the intention of being globally unique.\n",
-									"type": "string"
-								  },
-								  "resourceId": {
-									"description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-									"type": "string"
-								  },
-								  "vimLevelResourceType": {
-									"description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
-									"type": "string"
-								  },
-								  "vimLevelAdditionalResourceInfo": {
-									"description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
-									"type": "object",
-									"properties": {
-									  "hostName": {
-										"description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
-										"type": "string"
-									  },
-									  "persistentVolume": {
-										"description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
-										"type": "string"
-									  },
-									  "additionalInfo": {
-										"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-										"type": "object"
-									  }
-									}
-								  },
-								  "containerNamespace": {
-									"description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
-									"type": "string"
-								  }
-								}
-							  },
-							  "cpInstanceId": {
-								"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-								"type": "string"
-							  },
-							  "secondaryCpInstanceId": {
-								"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-								"type": "string"
-							  },
-							  "trunkResourceId": {
-								"description": "An identifier maintained by the VIM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-								"type": "string"
-							  }
-							}
-						  }
-						},
-						"extNetAttDefResource": {
-						  "description": "Network attachment definition resources that provide the specification of the interface to attach connection points to this VL.\n",
-						  "type": "array",
-						  "items": {
-							"description": "This type represents the information related to a network attachment definition resource that provides the specification of the interface used to connect one or multiple connection points to a secondary container cluster network\n",
-							"type": "object",
-							"required": [
-							  "netAttDefResourceInfoId",
-							  "netAttDefResource"
-							],
-							"properties": {
-							  "netAttDefResourceInfoId": {
-								"description": "An identifier with the intention of being globally unique.\n",
-								"type": "string"
-							  },
-							  "netAttDefResource": {
-								"description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
-								"type": "object",
-								"required": [
-								  "resourceId"
-								],
-								"properties": {
-								  "vimId": {
-									"description": "An identifier with the intention of being globally unique.\n",
-									"type": "string"
-								  },
-								  "resourceProviderId": {
-									"description": "An identifier with the intention of being globally unique.\n",
-									"type": "string"
-								  },
-								  "resourceId": {
-									"description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-									"type": "string"
-								  },
-								  "vimLevelResourceType": {
-									"description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
-									"type": "string"
-								  },
-								  "vimLevelAdditionalResourceInfo": {
-									"description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
-									"type": "object",
-									"properties": {
-									  "hostName": {
-										"description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
-										"type": "string"
-									  },
-									  "persistentVolume": {
-										"description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
-										"type": "string"
-									  },
-									  "additionalInfo": {
-										"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-										"type": "object"
-									  }
-									}
-								  },
-								  "containerNamespace": {
-									"description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
-									"type": "string"
-								  }
-								}
-							  },
-							  "associatedExtCpId": {
-								"description": "Identifier of the external CP of the VNF associated to this network attachment definition resource.  Shall be present when the network attachment definition resource is used for external connectivity by the VNF\n",
-								"type": "array",
-								"items": {
-								  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-								  "type": "string"
-								}
-							  },
-							  "associatedVnfcCpId": {
-								"description": "Identifier of the VNFC CP of the VNF associated to this network attachment definition resource.  May be present when the network attachment definition resource is used for internal connectivity by the VNF.\n",
-								"type": "array",
-								"items": {
-								  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-								  "type": "string"
-								}
-							  }
-							}
-						  }
-						},
-						"currentVnfExtCpData": {
-						  "description": "This type represents configuration information for external CPs created from a CPD.\nNOTE 1: In case this identifier refers to a CPD with trunking enabled, the external CP instances created from this CPD will represent ports in a trunk. NOTE 2:  The map entry value shall be set to \"null\" in order to delete a \"VnfExtCpConfig\" entry identified by a particular key value from the map, i.e. for the disconnection of an existing external CP instance addressed by cpInstanceId in the deleted map entry from a particular external virtual link, and deletion of that instance in case it represents a subport. Deleting the last key from the map removes the affected instance of the \"VnfExtCpData\" structure from its parent data structure. NOTE 3:  Within one VNF instance, all VNFC instances created from a particular VDU have the same external connectivity. Thus, given a particular value of the \"cpdId' attribute, there shall be one \"cpConfig\" entry for each VNFC instance that has been or can be created from a VDU which includes a CPD identified by the \"cpdId\" attribute. If the cpConfig represents a subport in a trunk, all \"cpConfig\" entries in this list shall have the same segmentationId, which means they are connected to the same set of external VLs via the trunk. NOTE 4: If, as defined by the input parameters of a \"ChangeVnfFlavour\", \"ChangeExtVnfConnectivity\"  or \"ChangeCurrentVnfPkg\" operation, a cpConfig map entry identified by a particular map key value is  moved into another \"ExtVirtualLinkData\" or \"VnfExtCpData\" structure, this particular cpConfig map entry  may be used by an external CP instance different than the one that has used it before the operation, or  by no external CP instance at all. Renaming a CPD identifier during the \"changeCurrentVnfPkg\" operation  does not count as moving the related \"cpConfig\" map entries to a new \"extCpData\" structure.\n",
-						  "type": "object",
-						  "required": [
-							"cpdId"
-						  ],
-						  "properties": {
-							"cpdId": {
-							  "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-							  "type": "string"
-							},
-							"cpConfig": {
-							  "description": "Map of instance data that need to be configured on the CP instances  created from the respective CPD. The key of the map which identifies  the individual VnfExtCpConfig entries is of type \"IdentifierInVnf\"  and is managed by the API consumer. The entries shall be applied by  the VNFM according to the rules of JSON Merge Patch (see IETF RFC 7396 [11]).  See notes 2, 3 and 4.\n",
-							  "type": "object",
-							  "additionalProperties": {
-								"description": "This type represents an externally provided link port, or a network attachment definition resource of secondary container cluster network, or network address information per  instance of a VNF external connection point. In the case of VM-based deployment of the VNFC exposing the external CP: In case a link port is provided, the NFVO shall use that link port when connecting the VNF external CP to the external VL. • In case a link port is not provided, the NFVO or VNFM shall create a link port on the external VL, and use that link port to connect the VNF external CP to the external VL. In the case of  container-based deployment of the VNFC exposing the external CP, the NFVO and VNFM shall use the network attachment definition resource of secondary container cluster  network when connecting the CP to the external VL.\nNOTE 1:  The following conditions apply to the attributes \"linkPortId\" and \"cpProtocolData\"\n        for an external CP instance connected or to be connected to a virtual network not\n        categorized as secondary container cluster network:\n        - At least one of the \"linkPortId\" and \"cpProtocolData\" attributes shall be present for\n        an external CP instance representing a subport that is to be created, or an external CP instance\n        that is to be created by creating the corresponding VNFC or VNF instance during the current or\n        a subsequent LCM operation, or for an existing external CP instance that is to be re-configured\n        or added to a particular external virtual link.\n        - If the \"cpProtocolData\" attribute is absent, the \"linkPortId\" attribute shall be provided\n      referencing a pre-created link port with pre-configured address information.\n        - If both \"cpProtocolData\" and \"linkportId\" are provided, the API consumer shall ensure that\n        the cpProtocolData can be used with the pre-created link port referenced by \"linkPortId\".\nNOTE 2: In case the NFVO manages its own identifier space, the NFVO may remap this identifier\n        when communicating with the VNFM. If the NFVO knows that there can be an identifier collision\n        when communicating with the VNFM by using the identifier from the OSS/BSS, the NFVO shall remap it.\nNOTE 3: The following conditions apply to the attributes \"netAttDefResourceId\" and \"cpProtocolData\" for an external CP\n        instance connected or to be connected to a secondary container cluster network:\n        − Void.\n        − At least one of these attributes shall be present for a to-be-created external CP instance or an existing\n        external CP instance.\nNOTE 4: Cardinality greater than 1 is only applicable for specific cases where more than one network\n        attachment definition resource is needed to fulfil the connectivity requirements of the external CP,\n        e.g. to build a link redundant mated pair in SR-IOV cases. When more than one \"netAttDefResourceId\"\n        is indicated, all shall belong to the same namespace as defined by the corresponding \n        \"containerNamespace\" attribute in the \"resourceHandle\" attribute in the \"NetAttDefResourceData\".\nNOTE 5: Either \"linkPortId\" or \"netAttDefResourceId\" may be included, but not both.\n",
-								"type": "object",
-								"oneOf": [
-								  {
-									"required": [
-									  "linkPortId"
-									]
-								  },
-								  {
-									"required": [
-									  "cpProtocolData"
-									]
-								  }
-								],
-								"properties": {
-								  "parentCpConfigId": {
-									"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-									"type": "string"
-								  },
-								  "linkPortId": {
-									"description": "An identifier with the intention of being globally unique.\n",
-									"type": "string"
-								  },
-								  "createExtLinkPort": {
-									"description": "Indicates the need to create a dedicated link port for the external CP. If set to True, a link port is created. If set to False, no link port is created. This attribute is only applicable for external CP instances without a floating IP address that expose a VIP CP instance for which a dedicated IP address is allocated. It shall be present in that case and shall be absent otherwise.\n",
-									"type": "boolean"
-								  },
-								  "cpProtocolData": {
-									"description": "Parameters for configuring the network protocols on the link port that connects the CP to a VL. See notes 1 and 3.\n",
-									"type": "array",
-									"items": {
-									  "description": "This type represents network protocol data.\nNOTE:\tThis attribute allows to signal the addition of further types  of layer and protocol in future versions of the present document in  a backwards-compatible way. In the current version of the present  document, only IP over Ethernet is supported.\n",
-									  "type": "object",
-									  "required": [
-										"layerProtocol"
-									  ],
-									  "properties": {
-										"layerProtocol": {
-										  "description": "Identifier of layer(s) and protocol(s). Permitted values:  - IP_OVER_ETHERNET - IP_FOR_VIRTUAL_CP See note.\n",
-										  "type": "string",
-										  "enum": [
-											"IP_OVER_ETHERNET",
-											"IP_FOR_VIRTUAL_CP"
-										  ]
-										},
-										"ipOverEthernet": {
-										  "description": "This type represents network address data for IP over Ethernet. NOTE 1: At least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2: Exactly one of \"fixedAddresses\", \"numDynamicAddresses\" or \"ipAddressRange\" shall be present. NOTE 3: If the CP instance represents a subport in a trunk, \"segmentationId\" shall be present. Otherwise it shall not be present. NOTE 4: Depending on the NFVI networking infrastructure, the \"segmentationId\" may indicate the actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header of the packets or it may be an identifier used between the application and the NFVI networking infrastructure to identify the network sub-interface of the trunk port in question. In the latter case the NFVI infrastructure will map this local \"segmentationId\" to whatever \"segmentationId\" is actually used by the NFVI's transport technology.\n",
-										  "type": "object",
-										  "anyOf": [
-											{
-											  "required": [
-												"ipAddresses"
-											  ]
-											},
-											{
-											  "required": [
-												"macAddress"
-											  ]
-											}
-										  ],
-										  "properties": {
-											"macAddress": {
-											  "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
-											  "type": "string",
-											  "format": "MAC"
-											},
-											"segmentationType": {
-											  "description": "Specifies the encapsulation type for the traffics coming in and out of the trunk subport. Permitted values are: - VLAN: The subport uses VLAN as encapsulation type. - INHERIT: The subport gets its segmentation type from the network it is connected to. This attribute may be present for CP instances that represent subports in a trunk and shall be absent otherwise. If this attribute is not present for a subport CP instance, default value VLAN shall be used.\n",
-											  "type": "string",
-											  "enum": [
-												"VLAN",
-												"INHERIT"
-											  ]
-											},
-											"segmentationId": {
-											  "description": "Identification of the network segment to which the CP instance connects to. See note 3 and note 4.\n",
-											  "type": "string"
-											},
-											"ipAddresses": {
-											  "description": "List of IP addresses to assign to the CP instance. Each entry represents IP address data for fixed or dynamic IP address assignment per subnet. If this attribute is not present, no IP address shall be assigned. See note 1.\n",
-											  "type": "array",
-											  "items": {
-												"type": "object",
-												"required": [
-												  "type"
-												],
-												"oneOf": [
-												  {
-													"required": [
-													  "fixedAddresses"
-													]
-												  },
-												  {
-													"required": [
-													  "numDynamicAddresses"
-													]
-												  },
-												  {
-													"required": [
-													  "addressRange"
-													]
-												  }
-												],
-												"properties": {
-												  "type": {
-													"description": "The type of the IP addresses. Permitted values:\n  - IPV4\n  - IPV6\n",
-													"type": "string",
-													"enum": [
-													  "IPV4",
-													  "IPV6"
-													]
-												  },
-												  "fixedAddresses": {
-													"description": "Fixed addresses to assign (from the subnet defined by \"subnetId\" if provided). Exactly one of \"fixedAddresses\", \"numDynamicAddresses\" or \"ipAddressRange\" shall be present.\n",
-													"type": "array",
-													"items": {
-													  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-													  "type": "string",
-													  "format": "IP"
-													}
-												  },
-												  "numDynamicAddresses": {
-													"description": "Number of dynamic addresses to assign (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
-													"type": "integer"
-												  },
-												  "addressRange": {
-													"description": "An IP address range to be used, e.g. in case of egress connections. In case this attribute is present, IP addresses from the range will be used.\n",
-													"type": "object",
-													"required": [
-													  "minAddress",
-													  "maxAddress"
-													],
-													"properties": {
-													  "minAddress": {
-														"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-														"type": "string",
-														"format": "IP"
-													  },
-													  "maxAddress": {
-														"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-														"type": "string",
-														"format": "IP"
-													  }
-													}
-												  },
-												  "subnetId": {
-													"description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-													"type": "string"
-												  }
-												}
-											  }
-											}
-										  }
-										},
-										"virtualCpAddress": {
-										  "description": "This type represents network address data for a virtual CP.  It shall comply with the provisions defined in table 6.5.3.12a-1.\nNOTE 1: If the container cluster is set up to be able to configure an external load balancer this address will be\n        used, otherwise it will be ignored by the CISM.\nNOTE 2: In case the cluster can configure an external load balancer but no loadBalancerIp is provided the\n        container cluster will assign an IP address.\nNOTE 3: The attribute is only relevant if the virtual CP is instantiated in a cluster that supports configuration of IP\n        address pools for virtual CPs. Otherwise it shall be ignored. MetalLB is an example of a solution for\n        Kubernetes® that supports configuration of address pools for load balancer services.\nNOTE 4: The loadBalancerIp and the addressPoolName attributes shall not be present at the same time.\n",
-										  "type": "object",
-										  "required": [
-											"type"
-										  ],
-										  "properties": {
-											"type": {
-											  "description": "Identifier of layer(s) and protocol(s). Permitted values: IP_OVER_ETHERNET.\n",
-											  "type": "string",
-											  "enum": [
-												"IPV4",
-												"IPV6"
-											  ]
-											},
-											"loadBalancerIp": {
-											  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-											  "type": "string",
-											  "format": "IP"
-											},
-											"addressPoolName": {
-											  "description": "Name of an address pool from which the container cluster will assign an IP address to the virtual CP. See notes 3 and 4.\n",
-											  "type": "array",
-											  "items": {
-												"type": "string"
-											  }
-											}
-										  }
-										}
-									  }
-									}
-								  },
-								  "netAttDefResourceId": {
-									"description": "Identifier of the \"NetAttDefResourceData\" structure that provides the specification of the interface to attach the external CP to a secondary container cluster network.  It is only applicable if the external CP is connected or to be connected to a secondary container cluster network. It shall not be present if the external CP is related to a virtual network not categorized as secondary container cluster network.  See notes 3, 4 and 5.\n",
-									"type": "array",
-									"items": {
-									  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-									  "type": "string"
-									}
-								  }
-								}
-							  }
-							}
-						  }
-						}
-					  }
-					}
-				  },
-				  "extManagedVirtualLinkInfo": {
-					"description": "Information about the externally-managed internal VLs of the VNF instance.  See note 4 and note 5.\n",
-					"type": "array",
-					"items": {
-					  "description": "This type provides information about an externally-managed internal virtual link for VNFs\n",
-					  "type": "object",
-					  "required": [
-						"id",
-						"vnfVirtualLinkDescId",
-						"networkResource"
-					  ],
-					  "properties": {
-						"id": {
-						  "description": "An identifier with the intention of being globally unique.\n",
-						  "type": "string"
-						},
-						"vnfdId": {
-						  "description": "An identifier with the intention of being globally unique.\n",
-						  "type": "string"
-						},
-						"vnfVirtualLinkDescId": {
-						  "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-						  "type": "string"
-						},
-						"networkResource": {
-						  "description": "Reference to the VirtualNetwork resource or multi-site connectivity service providing this VL.\n",
-						  "type": "array",
-						  "items": {
-							"description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
-							"type": "object",
-							"required": [
-							  "resourceId"
-							],
-							"properties": {
-							  "vimId": {
-								"description": "An identifier with the intention of being globally unique.\n",
-								"type": "string"
-							  },
-							  "resourceProviderId": {
-								"description": "An identifier with the intention of being globally unique.\n",
-								"type": "string"
-							  },
-							  "resourceId": {
-								"description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-								"type": "string"
-							  },
-							  "vimLevelResourceType": {
-								"description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
-								"type": "string"
-							  },
-							  "vimLevelAdditionalResourceInfo": {
-								"description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
-								"type": "object",
-								"properties": {
-								  "hostName": {
-									"description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
-									"type": "string"
-								  },
-								  "persistentVolume": {
-									"description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
-									"type": "string"
-								  },
-								  "additionalInfo": {
-									"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-									"type": "object"
-								  }
-								}
-							  },
-							  "containerNamespace": {
-								"description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
-								"type": "string"
-							  }
-							}
-						  }
-						},
-						"vnfLinkPorts": {
-						  "description": "Link ports of this VL.\n",
-						  "type": "array",
-						  "items": {
-							"type": "object",
-							"description": "This type represents a link port of an internal VL of a VNF. It shall comply with the provisions defined in table 6.5.3.64-1.\nNOTE 1: Either cpInstanceId with cpInstanceType set to \"EXT_CP\" or any combination of cpInstanceId with cpInstanceType set to \"VNFC_CP\" and vipCpInstanceId (i.e. one or both of them) shall be present for a VnfLinkPortInfo. In case both cpInstanceId with cpInstanceType set to \"VNFC_CP\" and vipCpInstanceId are present, the two different CP instances share the linkport.\n",
-							"required": [
-							  "id",
-							  "resourceHandle"
-							],
-							"properties": {
-							  "id": {
-								"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-								"type": "string"
-							  },
-							  "resourceHandle": {
-								"description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
-								"type": "object",
-								"required": [
-								  "resourceId"
-								],
-								"properties": {
-								  "vimId": {
-									"description": "An identifier with the intention of being globally unique.\n",
-									"type": "string"
-								  },
-								  "resourceProviderId": {
-									"description": "An identifier with the intention of being globally unique.\n",
-									"type": "string"
-								  },
-								  "resourceId": {
-									"description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-									"type": "string"
-								  },
-								  "vimLevelResourceType": {
-									"description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
-									"type": "string"
-								  },
-								  "vimLevelAdditionalResourceInfo": {
-									"description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
-									"type": "object",
-									"properties": {
-									  "hostName": {
-										"description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
-										"type": "string"
-									  },
-									  "persistentVolume": {
-										"description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
-										"type": "string"
-									  },
-									  "additionalInfo": {
-										"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-										"type": "object"
-									  }
-									}
-								  },
-								  "containerNamespace": {
-									"description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
-									"type": "string"
-								  }
-								}
-							  },
-							  "cpInstanceId": {
-								"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-								"type": "string"
-							  },
-							  "cpInstanceType": {
-								"description": "Type of the CP instance that is identified by cpInstanceId. Shall be present if \"cpInstanceId\" is present, and shall be absent otherwise. Permitted values: * VNFC_CP: The link port is connected to a VNFC CP * EXT_CP: The link port is associated to an external CP. See note 1.\n",
-								"type": "string",
-								"enum": [
-								  "VNFC_CP",
-								  "EXT_CP"
-								]
-							  },
-							  "vipCpInstanceId": {
-								"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-								"type": "string"
-							  },
-							  "trunkResourceId": {
-								"description": "An identifier maintained by the VIM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-								"type": "string"
-							  }
-							}
-						  }
-						},
-						"vnfNetAttDefResource": {
-						  "description": "This type represents the information related to a network attachment definition resource that provides the specification of the interface used to connect one or multiple connection points to a secondary container cluster network\n",
-						  "type": "object",
-						  "required": [
-							"netAttDefResourceInfoId",
-							"netAttDefResource"
-						  ],
-						  "properties": {
-							"netAttDefResourceInfoId": {
-							  "description": "An identifier with the intention of being globally unique.\n",
-							  "type": "string"
-							},
-							"netAttDefResource": {
-							  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
-							  "type": "object",
-							  "required": [
-								"resourceId"
-							  ],
-							  "properties": {
-								"vimId": {
-								  "description": "An identifier with the intention of being globally unique.\n",
-								  "type": "string"
-								},
-								"resourceProviderId": {
-								  "description": "An identifier with the intention of being globally unique.\n",
-								  "type": "string"
-								},
-								"resourceId": {
-								  "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-								  "type": "string"
-								},
-								"vimLevelResourceType": {
-								  "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
-								  "type": "string"
-								},
-								"vimLevelAdditionalResourceInfo": {
-								  "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
-								  "type": "object",
-								  "properties": {
-									"hostName": {
-									  "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
-									  "type": "string"
-									},
-									"persistentVolume": {
-									  "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
-									  "type": "string"
-									},
-									"additionalInfo": {
-									  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-									  "type": "object"
-									}
-								  }
-								},
-								"containerNamespace": {
-								  "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
-								  "type": "string"
-								}
-							  }
-							},
-							"associatedExtCpId": {
-							  "description": "Identifier of the external CP of the VNF associated to this network attachment definition resource.  Shall be present when the network attachment definition resource is used for external connectivity by the VNF\n",
-							  "type": "array",
-							  "items": {
-								"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-								"type": "string"
-							  }
-							},
-							"associatedVnfcCpId": {
-							  "description": "Identifier of the VNFC CP of the VNF associated to this network attachment definition resource.  May be present when the network attachment definition resource is used for internal connectivity by the VNF.\n",
-							  "type": "array",
-							  "items": {
-								"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-								"type": "string"
-							  }
-							}
-						  }
-						},
-						"extManagedMultisiteVirtualLinkId": {
-						  "description": "An identifier with the intention of being globally unique.\n",
-						  "type": "string"
-						}
-					  }
-					}
-				  },
-				  "monitoringParameters": {
-					"description": "Performance metrics tracked by the VNFM (e.g. for  auto-scaling purposes) as identified by the VNF  provider in the VNFD.\n",
-					"type": "array",
-					"items": {
-					  "description": "This type represents a monitoring parameter that is tracked by the VNFM, for example,  for auto-scaling purposes. It shall comply with the provisions defined in Table 6.5.3.69-1.\n",
-					  "type": "object",
-					  "required": [
-						"id",
-						"performanceMetric"
-					  ],
-					  "properties": {
-						"id": {
-						  "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-						  "type": "string"
-						},
-						"vnfdId": {
-						  "description": "An identifier with the intention of being globally unique.\n",
-						  "type": "string"
-						},
-						"name": {
-						  "description": "Human readable name of the monitoring parameter, as defined in the VNFD.\n",
-						  "type": "string"
-						},
-						"performanceMetric": {
-						  "description": "Performance metric that is monitored. This attribute shall contain the related  \"Measurement Name\" value as defined in clause 7.2 of ETSI GS NFV-IFA 027.\n",
-						  "type": "string"
-						}
-					  }
-					}
-				  },
-				  "localizationLanguage": {
-					"description": "Information about localization language of the VNF (includes e.g. strings in the VNFD). The localization languages supported by a VNF can be declared in the VNFD, and localization language selection can take place at instantiation time. The value shall comply with the format defined in IETF RFC 5646.\n",
-					"type": "string"
-				  },
-				  "vnfcResourceInfo": {
-					"description": "Information about the virtualised compute and storage resources used by the VNFCs of the VNF instance.\n",
-					"type": "array",
-					"items": {
-					  "description": "This type represents the information on virtualised compute and storage resources used by a VNFC in a VNF instance. This feature addresses the following capabilities: • NFV Architecture support for VNFs which follow “cloud-native” design principles. • Enhance NFV-MANO capabilities to support container technologies. • Enhance NFV-MANO capabilities for container management and orchestration. • Enhance information model for containerized VNFs both using bare metal or nested virtualization technologies.\nNOTE 1: ETSI GS NFV-SOL 001 specifies the structure and format of the VNFD based on TOSCA specifications. NOTE 2: A VNFC CP is \"connected to\" an external CP if the VNFC CP is connected to an internal VL that exposes an external CP. A VNFC CP is \"exposed as\" an external CP if it is connected directly to an external VL. NOTE 3: The information can be omitted because it is already available as part of the external CP information.  NOTE 4:  Cardinality greater than 1 is only applicable for specific cases where more than one network  attachment definition resource is needed to fulfil the connectivity requirements of the internal CP,  e.g. to build a link redundant mated pair in SR-IOV cases. NOTE 5:  When more than one \"netAttDefResourceId\" is indicated, all shall belong to the same namespace.\n",
-					  "type": "object",
-					  "required": [
-						"id",
-						"vduId",
-						"computeResource"
-					  ],
-					  "properties": {
-						"id": {
-						  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						  "type": "string"
-						},
-						"vnfdId": {
-						  "description": "An identifier with the intention of being globally unique.\n",
-						  "type": "string"
-						},
-						"vduId": {
-						  "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-						  "type": "string"
-						},
-						"computeResource": {
-						  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
-						  "type": "object",
-						  "required": [
-							"resourceId"
-						  ],
-						  "properties": {
-							"vimId": {
-							  "description": "An identifier with the intention of being globally unique.\n",
-							  "type": "string"
-							},
-							"resourceProviderId": {
-							  "description": "An identifier with the intention of being globally unique.\n",
-							  "type": "string"
-							},
-							"resourceId": {
-							  "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-							  "type": "string"
-							},
-							"vimLevelResourceType": {
-							  "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
-							  "type": "string"
-							},
-							"vimLevelAdditionalResourceInfo": {
-							  "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
-							  "type": "object",
-							  "properties": {
-								"hostName": {
-								  "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
-								  "type": "string"
-								},
-								"persistentVolume": {
-								  "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
-								  "type": "string"
-								},
-								"additionalInfo": {
-								  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-								  "type": "object"
-								}
-							  }
-							},
-							"containerNamespace": {
-							  "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
-							  "type": "string"
-							}
-						  }
-						},
-						"storageResourceIds": {
-						  "description": "References to the VirtualStorage resources or references to Storage MCIOs.  The value refers to a VirtualStorageResourceInfo item in the VnfInstance.\n",
-						  "type": "array",
-						  "items": {
-							"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-							"type": "string"
-						  }
-						},
-						"reservationId": {
-						  "description": "An identifier with the intention of being globally unique.\n",
-						  "type": "string"
-						},
-						"vnfcCpInfo": {
-						  "description": "CPs of the VNFC instance. Shall be present when that particular CP of the VNFC instance is exposed as an external CP of the VNF instance or is connected to an external CP of the VNF instance.See note 2. May be present otherwise.\n",
-						  "type": "array",
-						  "items": {
-							"type": "object",
-							"required": [
-							  "id",
-							  "cpdId"
-							],
-							"properties": {
-							  "id": {
-								"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-								"type": "string"
-							  },
-							  "cpdId": {
-								"description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-								"type": "string"
-							  },
-							  "vnfExtCpId": {
-								"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-								"type": "string"
-							  },
-							  "cpProtocolInfo": {
-								"description": "Network protocol information for this CP. May be omitted if the VNFC CP is exposed as an external CP. See note 3.\n",
-								"type": "array",
-								"items": {
-								  "description": "This type describes the protocol layer(s) that a CP or SAP uses together with protocol-related information, like addresses. It shall comply with the provisions defined in Table 6.5.3.58-1. NOTE: This attribute allows to signal the addition of further types of layer and protocol in future versions of the present document in a backwards-compatible way. In the current version of the present document, only IP over Ethernet is supported.\n",
-								  "type": "object",
-								  "required": [
-									"layerProtocol",
-									"ipOverEthernet"
-								  ],
-								  "properties": {
-									"layerProtocol": {
-									  "description": "The identifier of layer(s) and protocol(s) associated to the network address information. Permitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
-									  "type": "string",
-									  "enum": [
-										"IP_OVER_ETHERNET",
-										"IP_FOR_VIRTUAL_CP"
-									  ]
-									},
-									"ipOverEthernet": {
-									  "description": "This type represents information about a network address that has been assigned.\nNOTE 1: At least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2: Exactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3: If the Cp instance represents a subport in a trunk, \"segmentationId\" shall be present. Otherwise it shall not be present. NOTE 4: Depending on the NFVI networking infrastructure, the \"segmentationId\" may indicate the actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header of the packets or it may be an identifier used between the application and the NFVI networking infrastructure to identify the network sub-interface of the trunk port in question. In the latter case the NFVI infrastructure will map this local \"segmentationId\" to whatever \"segmentationId\" is actually used by the NFVI's transport technology.\n",
-									  "type": "object",
-									  "anyOf": [
-										{
-										  "required": [
-											"macAddress"
-										  ]
-										},
-										{
-										  "required": [
-											"ipAddresses"
-										  ]
-										}
-									  ],
-									  "properties": {
-										"macAddress": {
-										  "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
-										  "type": "string",
-										  "format": "MAC"
-										},
-										"segmentationId": {
-										  "description": "Identification of the network segment to which the Cp instance connects to. See note 3 and note 4.\n",
-										  "type": "string"
-										},
-										"ipAddresses": {
-										  "description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or dynamic IP address assignment per subnet. See note 1.\n",
-										  "type": "array",
-										  "items": {
-											"type": "object",
-											"required": [
-											  "type"
-											],
-											"oneOf": [
-											  {
-												"required": [
-												  "addresses"
-												]
-											  },
-											  {
-												"required": [
-												  "addressRange"
-												]
-											  }
-											],
-											"properties": {
-											  "type": {
-												"description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
-												"type": "string",
-												"enum": [
-												  "IPV4",
-												  "IPV6"
-												]
-											  },
-											  "addresses": {
-												"description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
-												"type": "array",
-												"items": {
-												  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-												  "type": "string",
-												  "format": "IP"
-												}
-											  },
-											  "isDynamic": {
-												"description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
-												"type": "boolean"
-											  },
-											  "addressRange": {
-												"description": "An IP address range used, e.g., in case of egress connections. Exactly one of \"addresses\" or \"addressRange\" shall be present. See note 2.\n",
-												"type": "object",
-												"required": [
-												  "minAddress",
-												  "maxAddress"
-												],
-												"properties": {
-												  "minAddress": {
-													"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-													"type": "string",
-													"format": "IP"
-												  },
-												  "maxAddress": {
-													"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-													"type": "string",
-													"format": "IP"
-												  }
-												}
-											  },
-											  "subnetId": {
-												"description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-												"type": "string"
-											  }
-											}
-										  }
-										},
-										"type": {
-										  "description": "The type of the IP addresses\n",
-										  "type": "string",
-										  "enum": [
-											"PV4",
-											"PV6"
-										  ]
-										},
-										"addresses": {
-										  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-										  "type": "string",
-										  "format": "IP"
-										},
-										"isDynamic": {
-										  "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
-										  "type": "boolean"
-										},
-										"addressRange": {
-										  "description": "An IP address range used, e.g. in case of egress connections. See note.\n",
-										  "type": "object",
-										  "required": [
-											"minAddress",
-											"maxAddress"
-										  ],
-										  "properties": {
-											"minAddress": {
-											  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-											  "type": "string",
-											  "format": "IP"
-											},
-											"maxAddress": {
-											  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-											  "type": "string",
-											  "format": "IP"
-											}
-										  }
-										},
-										"minAddress": {
-										  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-										  "type": "string",
-										  "format": "IP"
-										},
-										"maxAddress": {
-										  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-										  "type": "string",
-										  "format": "IP"
-										},
-										"subnetId": {
-										  "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-										  "type": "string"
-										}
-									  }
-									},
-									"virtualCpAddress": {
-									  "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
-									  "type": "object",
-									  "required": [
-										"type"
-									  ],
-									  "properties": {
-										"type": {
-										  "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
-										  "type": "string",
-										  "enum": [
-											"IPV4",
-											"IPV6"
-										  ]
-										},
-										"loadBalancerIp": {
-										  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-										  "type": "string",
-										  "format": "IP"
-										},
-										"addressPoolName": {
-										  "description": "Name of an address pool from which an IP address is assigned to the virtual CP.",
-										  "type": "string"
-										}
-									  }
-									}
-								  }
-								}
-							  },
-							  "parentCpId": {
-								"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-								"type": "string"
-							  },
-							  "vnfLinkPortId": {
-								"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-								"type": "string"
-							  },
-							  "netAttDefResourceId": {
-								"description": "Identifier of the \"NetAttDefResourceInfo\" structure that provides the specification of the interface to attach the connection point to a secondary container cluster network. See notes 4 and 5. It shall be present if the internal CP is associated to a VNFC realized by one or a set of OS containers and  is connected to a secondary container cluster network. It shall not be present otherwise.\n",
-								"type": "array",
-								"items": {
-								  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-								  "type": "string"
-								}
-							  },
-							  "metadata": {
-								"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-								"type": "object"
-							  }
-							}
-						  }
-						},
-						"metadata": {
-						  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-						  "type": "object"
-						}
-					  }
-					}
-				  },
-				  "vnfVirtualLinkResourceInfo": {
-					"description": "Information about the virtualised network resources used by the VLs of the VNF instance. See note 5.\n",
-					"type": "array",
-					"items": {
-					  "description": "This type represents the information that allows addressing a virtualised resource that is used by an internal VL instance in a VNF instance.\n",
-					  "type": "object",
-					  "required": [
-						"id",
-						"vnfVirtualLinkDescId",
-						"networkResource"
-					  ],
-					  "properties": {
-						"id": {
-						  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						  "type": "string"
-						},
-						"vnfdId": {
-						  "description": "An identifier with the intention of being globally unique.\n",
-						  "type": "string"
-						},
-						"vnfVirtualLinkDescId": {
-						  "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-						  "type": "string"
-						},
-						"networkResource": {
-						  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
-						  "type": "object",
-						  "required": [
-							"resourceId"
-						  ],
-						  "properties": {
-							"vimId": {
-							  "description": "An identifier with the intention of being globally unique.\n",
-							  "type": "string"
-							},
-							"resourceProviderId": {
-							  "description": "An identifier with the intention of being globally unique.\n",
-							  "type": "string"
-							},
-							"resourceId": {
-							  "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-							  "type": "string"
-							},
-							"vimLevelResourceType": {
-							  "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
-							  "type": "string"
-							},
-							"vimLevelAdditionalResourceInfo": {
-							  "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
-							  "type": "object",
-							  "properties": {
-								"hostName": {
-								  "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
-								  "type": "string"
-								},
-								"persistentVolume": {
-								  "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
-								  "type": "string"
-								},
-								"additionalInfo": {
-								  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-								  "type": "object"
-								}
-							  }
-							},
-							"containerNamespace": {
-							  "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
-							  "type": "string"
-							}
-						  }
-						},
-						"reservationId": {
-						  "description": "An identifier with the intention of being globally unique.\n",
-						  "type": "string"
-						},
-						"vnfLinkPorts": {
-						  "description": "Links ports of this VL. Shall be present when the linkPort is used for external connectivity by the VNF (refer to VnfLinkPortInfo). May be present otherwise.\n",
-						  "type": "array",
-						  "items": {
-							"type": "object",
-							"description": "This type represents a link port of an internal VL of a VNF. It shall comply with the provisions defined in table 6.5.3.64-1.\nNOTE 1: Either cpInstanceId with cpInstanceType set to \"EXT_CP\" or any combination of cpInstanceId with cpInstanceType set to \"VNFC_CP\" and vipCpInstanceId (i.e. one or both of them) shall be present for a VnfLinkPortInfo. In case both cpInstanceId with cpInstanceType set to \"VNFC_CP\" and vipCpInstanceId are present, the two different CP instances share the linkport.\n",
-							"required": [
-							  "id",
-							  "resourceHandle"
-							],
-							"properties": {
-							  "id": {
-								"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-								"type": "string"
-							  },
-							  "resourceHandle": {
-								"description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
-								"type": "object",
-								"required": [
-								  "resourceId"
-								],
-								"properties": {
-								  "vimId": {
-									"description": "An identifier with the intention of being globally unique.\n",
-									"type": "string"
-								  },
-								  "resourceProviderId": {
-									"description": "An identifier with the intention of being globally unique.\n",
-									"type": "string"
-								  },
-								  "resourceId": {
-									"description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-									"type": "string"
-								  },
-								  "vimLevelResourceType": {
-									"description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
-									"type": "string"
-								  },
-								  "vimLevelAdditionalResourceInfo": {
-									"description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
-									"type": "object",
-									"properties": {
-									  "hostName": {
-										"description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
-										"type": "string"
-									  },
-									  "persistentVolume": {
-										"description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
-										"type": "string"
-									  },
-									  "additionalInfo": {
-										"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-										"type": "object"
-									  }
-									}
-								  },
-								  "containerNamespace": {
-									"description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
-									"type": "string"
-								  }
-								}
-							  },
-							  "cpInstanceId": {
-								"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-								"type": "string"
-							  },
-							  "cpInstanceType": {
-								"description": "Type of the CP instance that is identified by cpInstanceId. Shall be present if \"cpInstanceId\" is present, and shall be absent otherwise. Permitted values: * VNFC_CP: The link port is connected to a VNFC CP * EXT_CP: The link port is associated to an external CP. See note 1.\n",
-								"type": "string",
-								"enum": [
-								  "VNFC_CP",
-								  "EXT_CP"
-								]
-							  },
-							  "vipCpInstanceId": {
-								"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-								"type": "string"
-							  },
-							  "trunkResourceId": {
-								"description": "An identifier maintained by the VIM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-								"type": "string"
-							  }
-							}
-						  }
-						},
-						"metadata": {
-						  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-						  "type": "object"
-						}
-					  }
-					}
-				  },
-				  "virtualStorageResourceInfo": {
-					"description": "Information on the virtualised storage resource(s) used as storage for the VNF instance.\n",
-					"type": "array",
-					"items": {
-					  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance.\n",
-					  "type": "object",
-					  "required": [
-						"id",
-						"virtualStorageDescId",
-						"storageResource"
-					  ],
-					  "properties": {
-						"id": {
-						  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						  "type": "string"
-						},
-						"virtualStorageDescId": {
-						  "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-						  "type": "string"
-						},
-						"vnfdId": {
-						  "description": "An identifier with the intention of being globally unique.\n",
-						  "type": "string"
-						},
-						"storageResource": {
-						  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
-						  "type": "object",
-						  "required": [
-							"resourceId"
-						  ],
-						  "properties": {
-							"vimId": {
-							  "description": "An identifier with the intention of being globally unique.\n",
-							  "type": "string"
-							},
-							"resourceProviderId": {
-							  "description": "An identifier with the intention of being globally unique.\n",
-							  "type": "string"
-							},
-							"resourceId": {
-							  "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-							  "type": "string"
-							},
-							"vimLevelResourceType": {
-							  "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
-							  "type": "string"
-							},
-							"vimLevelAdditionalResourceInfo": {
-							  "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
-							  "type": "object",
-							  "properties": {
-								"hostName": {
-								  "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
-								  "type": "string"
-								},
-								"persistentVolume": {
-								  "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
-								  "type": "string"
-								},
-								"additionalInfo": {
-								  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-								  "type": "object"
-								}
-							  }
-							},
-							"containerNamespace": {
-							  "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
-							  "type": "string"
-							}
-						  }
-						},
-						"reservationId": {
-						  "description": "An identifier with the intention of being globally unique.\n",
-						  "type": "string"
-						},
-						"metadata": {
-						  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-						  "type": "object"
-						}
-					  }
-					}
-				  },
-				  "mcioInfo": {
-					"description": "Information on the MCIO(s) representing VNFC instance(s) realized by one or a set  of OS containers and created from the same VDU for the VNF instance.\n",
-					"type": "array",
-					"items": {
-					  "description": "This type provides information about an MCIO representing the set of VNFC instances realized by one or a set of OS containers which have been created based on the same VDU.\nNOTE 1 The type of MCIO as specified in the declarative descriptor of the MCIO, and that can be read from the CISM. EXAMPLE: In case of MCIOs managed by Kubernetes, the type of MCIO corresponds to the “kind” property of the declarative descriptor. NOTE 2  If the attribute additionalInfo is present, it may contain runtime information on the actual and desired state of the MCIO(s). NOTE 3  When the container infrastructure service is a Kubernetes® instance, the mcioId is the combined values from the kind  and name fields of the Kubernetes® resource object, separated by a slash. Example: \"Deployment/abcd\". NOTE 4 When the container infrastructure service is a Kubernetes® instance, the mcioName is the name field of the resource object.",
-					  "type": "object",
-					  "required": [
-						"mcioId",
-						"mcioName",
-						"mcioNamespace",
-						"vduId",
-						"cismId",
-						"mcioType",
-						"desiredInstances",
-						"availableInstances"
-					  ],
-					  "properties": {
-						"mcioId": {
-						  "description": "An identifier with the intention of being globally unique.\n",
-						  "type": "string"
-						},
-						"mcioName": {
-						  "description": "Human readable name of this MCIO. See note 4. \n",
-						  "type": "string"
-						},
-						"mcioNamespace": {
-						  "description": "Namespace of this MCIO.\n",
-						  "type": "string"
-						},
-						"vduId": {
-						  "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
-						  "type": "string"
-						},
-						"cismId": {
-						  "description": "An identifier with the intention of being globally unique.\n",
-						  "type": "string"
-						},
-						"mcioType": {
-						  "description": "The type of MCIO. Specific values, their semantics and associated MCIO types are defined in clause 6.5.4.13. Additional values are also permitted. See note 1.\n",
-						  "type": "string"
-						},
-						"desiredInstances": {
-						  "description": "Number of desired MCIO instances.\n",
-						  "type": "integer"
-						},
-						"availableInstances": {
-						  "description": "Number of available MCIO instances\n",
-						  "type": "integer"
-						},
-						"additionalInfo": {
-						  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-						  "type": "object"
-						}
-					  }
-					}
-				  }
-				}
-			  },
-			  "metadata": {
-				"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-				"type": "object"
-			  },
-			  "extensions": {
-				"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-				"type": "object"
-			  }
-			}
-		  }
-		},
-		"pnfInfo": {
-		  "description": "Information on the PNF(s) that are part of the NS instance.\n",
-		  "type": "array",
-		  "items": {
-			"description": "This type represents the information about a PNF that is part of an NS instance.  It shall comply with the provisions defined in Table 6.5.3.13-1.\n",
-			"type": "object",
-			"required": [
-			  "pnfId",
-			  "pnfdId",
-			  "pnfdInfoId",
-			  "pnfProfileId"
-			],
-			"properties": {
-			  "pnfId": {
-				"description": "An identifier with the intention of being globally unique.\n",
-				"type": "string"
-			  },
-			  "pnfName": {
-				"description": "Name of the PNF.\n",
-				"type": "string"
-			  },
-			  "pnfdId": {
-				"description": "An identifier with the intention of being globally unique.\n",
-				"type": "string"
-			  },
-			  "versionDependency": {
-				"description": "Describes version dependencies currently valid for the PNF.  Identifies versions of descriptors of other constituents in the NSD upon which the PNF depends. The dependencies may be described for the PNFD referenced in this PnfInfo with pnfdId and for PNFDs with the same \"pnfdExtInvariantId\". There shall not be more than one versionDependency present with the same dependentConstituentId.\n",
-				"type": "array",
-				"items": {
-				  "description": "This type represents the information related to all dependencies that an NSD constituent has on the versions of other NSD constituents.  It shall comply with the provisions defined in table 6.5.3.112-1.\n",
-				  "type": "object",
-				  "required": [
-					"dependentConstituentId"
-				  ],
-				  "properties": {
-					"dependentConstituentId": {
-					  "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-					  "type": "string"
-					},
-					"versionDependencyStatement": {
-					  "description": "Identifies one or multiple versions of an NSD constituents upon which the dependent constituent identified by  dependentConstituentId has a dependency. Cardinality 0 is used to remove an existing version dependency in a profile.\n",
-					  "type": "array",
-					  "items": {
-						"description": "This type represents the information related to one or more VNF, NS or PNF descriptor identifiers which describe one  single dependency. When more than one descriptor is indicated, they correspond to different versions of the same VNF,  NS or PNF and they represent alternatives to fulfil the dependency. It shall comply with the provisions defined in  table 6.5.3.113-1.\n",
-						"type": "object",
-						"required": [
-						  "descriptorId"
-						],
-						"properties": {
-						  "descriptorId": {
-							"description": "Identifies a VNFD, NSD or PNFD upon which the entity using this data type depends. When more than one descriptor is indicated, they shall correspond to versions of the same VNF, NS or PNF and they represent alternatives, i.e. the presence of one of them fulfills the dependency.",
-							"type": "array",
-							"items": {
-							  "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-							  "type": "string"
-							}
-						  }
-						}
-					  }
-					}
-				  }
-				}
-			  },
-			  "pnfdInfoId": {
-				"description": "An identifier with the intention of being globally unique.\n",
-				"type": "string"
-			  },
-			  "pnfProfileId": {
-				"description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-				"type": "string"
-			  },
-			  "cpInfo": {
-				"description": "This type represents the information about the external CP of the PNF.  It shall comply with the provisions defined in Table 6.5.3.17-1.\n",
-				"type": "object",
-				"required": [
-				  "cpInstanceId",
-				  "cpdId"
-				],
-				"properties": {
-				  "cpInstanceId": {
-					"description": "An Identifier that is unique within respect to a PNF. Representation: string of variable length.\n",
-					"type": "string"
-				  },
-				  "cpdId": {
-					"description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-					"type": "string"
-				  },
-				  "cpProtocolData": {
-					"description": "Parameters for configuring the network protocols on the CP.\n",
-					"type": "array",
-					"items": {
-					  "description": "This type represents network protocol data.\nNOTE:\tThis attribute allows to signal the addition of further types  of layer and protocol in future versions of the present document in  a backwards-compatible way. In the current version of the present  document, only IP over Ethernet is supported.\n",
-					  "type": "object",
-					  "required": [
-						"layerProtocol"
-					  ],
-					  "properties": {
-						"layerProtocol": {
-						  "description": "Identifier of layer(s) and protocol(s). Permitted values:  - IP_OVER_ETHERNET - IP_FOR_VIRTUAL_CP See note.\n",
-						  "type": "string",
-						  "enum": [
-							"IP_OVER_ETHERNET",
-							"IP_FOR_VIRTUAL_CP"
-						  ]
-						},
-						"ipOverEthernet": {
-						  "description": "This type represents network address data for IP over Ethernet. NOTE 1: At least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2: Exactly one of \"fixedAddresses\", \"numDynamicAddresses\" or \"ipAddressRange\" shall be present. NOTE 3: If the CP instance represents a subport in a trunk, \"segmentationId\" shall be present. Otherwise it shall not be present. NOTE 4: Depending on the NFVI networking infrastructure, the \"segmentationId\" may indicate the actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header of the packets or it may be an identifier used between the application and the NFVI networking infrastructure to identify the network sub-interface of the trunk port in question. In the latter case the NFVI infrastructure will map this local \"segmentationId\" to whatever \"segmentationId\" is actually used by the NFVI's transport technology.\n",
-						  "type": "object",
-						  "anyOf": [
-							{
-							  "required": [
-								"ipAddresses"
-							  ]
-							},
-							{
-							  "required": [
-								"macAddress"
-							  ]
-							}
-						  ],
-						  "properties": {
-							"macAddress": {
-							  "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
-							  "type": "string",
-							  "format": "MAC"
-							},
-							"segmentationType": {
-							  "description": "Specifies the encapsulation type for the traffics coming in and out of the trunk subport. Permitted values are: - VLAN: The subport uses VLAN as encapsulation type. - INHERIT: The subport gets its segmentation type from the network it is connected to. This attribute may be present for CP instances that represent subports in a trunk and shall be absent otherwise. If this attribute is not present for a subport CP instance, default value VLAN shall be used.\n",
-							  "type": "string",
-							  "enum": [
-								"VLAN",
-								"INHERIT"
-							  ]
-							},
-							"segmentationId": {
-							  "description": "Identification of the network segment to which the CP instance connects to. See note 3 and note 4.\n",
-							  "type": "string"
-							},
-							"ipAddresses": {
-							  "description": "List of IP addresses to assign to the CP instance. Each entry represents IP address data for fixed or dynamic IP address assignment per subnet. If this attribute is not present, no IP address shall be assigned. See note 1.\n",
-							  "type": "array",
-							  "items": {
-								"type": "object",
-								"required": [
-								  "type"
-								],
-								"oneOf": [
-								  {
-									"required": [
-									  "fixedAddresses"
-									]
-								  },
-								  {
-									"required": [
-									  "numDynamicAddresses"
-									]
-								  },
-								  {
-									"required": [
-									  "addressRange"
-									]
-								  }
-								],
-								"properties": {
-								  "type": {
-									"description": "The type of the IP addresses. Permitted values:\n  - IPV4\n  - IPV6\n",
-									"type": "string",
-									"enum": [
-									  "IPV4",
-									  "IPV6"
-									]
-								  },
-								  "fixedAddresses": {
-									"description": "Fixed addresses to assign (from the subnet defined by \"subnetId\" if provided). Exactly one of \"fixedAddresses\", \"numDynamicAddresses\" or \"ipAddressRange\" shall be present.\n",
-									"type": "array",
-									"items": {
-									  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									  "type": "string",
-									  "format": "IP"
-									}
-								  },
-								  "numDynamicAddresses": {
-									"description": "Number of dynamic addresses to assign (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
-									"type": "integer"
-								  },
-								  "addressRange": {
-									"description": "An IP address range to be used, e.g. in case of egress connections. In case this attribute is present, IP addresses from the range will be used.\n",
-									"type": "object",
-									"required": [
-									  "minAddress",
-									  "maxAddress"
-									],
-									"properties": {
-									  "minAddress": {
-										"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-										"type": "string",
-										"format": "IP"
-									  },
-									  "maxAddress": {
-										"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-										"type": "string",
-										"format": "IP"
-									  }
-									}
-								  },
-								  "subnetId": {
-									"description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-									"type": "string"
-								  }
-								}
-							  }
-							}
-						  }
-						},
-						"virtualCpAddress": {
-						  "description": "This type represents network address data for a virtual CP.  It shall comply with the provisions defined in table 6.5.3.12a-1.\nNOTE 1: If the container cluster is set up to be able to configure an external load balancer this address will be\n        used, otherwise it will be ignored by the CISM.\nNOTE 2: In case the cluster can configure an external load balancer but no loadBalancerIp is provided the\n        container cluster will assign an IP address.\nNOTE 3: The attribute is only relevant if the virtual CP is instantiated in a cluster that supports configuration of IP\n        address pools for virtual CPs. Otherwise it shall be ignored. MetalLB is an example of a solution for\n        Kubernetes® that supports configuration of address pools for load balancer services.\nNOTE 4: The loadBalancerIp and the addressPoolName attributes shall not be present at the same time.\n",
-						  "type": "object",
-						  "required": [
-							"type"
-						  ],
-						  "properties": {
-							"type": {
-							  "description": "Identifier of layer(s) and protocol(s). Permitted values: IP_OVER_ETHERNET.\n",
-							  "type": "string",
-							  "enum": [
-								"IPV4",
-								"IPV6"
-							  ]
-							},
-							"loadBalancerIp": {
-							  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-							  "type": "string",
-							  "format": "IP"
-							},
-							"addressPoolName": {
-							  "description": "Name of an address pool from which the container cluster will assign an IP address to the virtual CP. See notes 3 and 4.\n",
-							  "type": "array",
-							  "items": {
-								"type": "string"
-							  }
-							}
-						  }
-						}
-					  }
-					}
-				  }
-				}
-			  }
-			}
-		  }
-		},
-		"virtualLinkInfo": {
-		  "description": "Information on the VL(s) of the NS instance. This attribute shall be present if the nsState attribute value is INSTANTIATED and if the NS instance has specified connectivity.\n",
-		  "type": "array",
-		  "items": {
-			"description": "This type specifies the information about an NS VL instance.  It shall comply with the provisions defined in Table 6.5.3.53-1.\nNOTE: As an NS can include NFs deployed in NFVI PoPs under the control of several different VIMs, therefore deploying an NS VL can involve several VIMs, each allocating different virtualised network resources, as well as WIMs handling the connectivity in between the NFVI-PoPs in the form of multi-site connectivity services. When this NsVirtualLink is provided as an ExtVirtualLink as input of a VNF LCM operation, the id of the ExtVirtualLink shall be the same as the corresponding NsVirtualLink.\n",
-			"type": "object",
-			"required": [
-			  "id",
-			  "nsVirtualLinkDescId",
-			  "nsVirtualLinkProfileId"
-			],
-			"properties": {
-			  "id": {
-				"description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
-				"type": "string"
-			  },
-			  "nsVirtualLinkDescId": {
-				"description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-				"type": "string"
-			  },
-			  "nsVirtualLinkProfileId": {
-				"description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-				"type": "string"
-			  },
-			  "resourceHandle": {
-				"description": "Identifier(s) of the virtualised network resource(s) and/or multi-site connectivity service(s) realizing the VL instance. See note.\n",
-				"type": "array",
-				"items": {
-				  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
-				  "type": "object",
-				  "required": [
-					"resourceId"
-				  ],
-				  "properties": {
-					"vimId": {
-					  "description": "An identifier with the intention of being globally unique.\n",
-					  "type": "string"
-					},
-					"resourceProviderId": {
-					  "description": "An identifier with the intention of being globally unique.\n",
-					  "type": "string"
-					},
-					"resourceId": {
-					  "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-					  "type": "string"
-					},
-					"vimLevelResourceType": {
-					  "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
-					  "type": "string"
-					},
-					"vimLevelAdditionalResourceInfo": {
-					  "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
-					  "type": "object",
-					  "properties": {
-						"hostName": {
-						  "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
-						  "type": "string"
-						},
-						"persistentVolume": {
-						  "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
-						  "type": "string"
-						},
-						"additionalInfo": {
-						  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-						  "type": "object"
-						}
-					  }
-					},
-					"containerNamespace": {
-					  "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
-					  "type": "string"
-					}
-				  }
-				}
-			  },
-			  "linkPort": {
-				"description": "Link ports of the VL instance. Cardinality of zero indicates that no port has yet been created for the VL instance.\n",
-				"type": "array",
-				"items": {
-				  "description": "This type represents information about a link port of a VL instance. It shall comply with the provisions defined in Table 6.5.3.55-1. NOTE: When the NsVirtualLink, from which the present NsLinkPort is part of, is provided as an ExtVirtualLink as input of a VNF LCM operation, the id of the ExtLinkPort shall be the same as the corresponding NsLinkPort.\n",
-				  "type": "object",
-				  "required": [
-					"id",
-					"resourceHandle"
-				  ],
-				  "properties": {
-					"id": {
-					  "description": "An identifier with the intention of being globally unique.\n",
-					  "type": "string"
-					},
-					"resourceHandle": {
-					  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
-					  "type": "object",
-					  "required": [
-						"resourceId"
-					  ],
-					  "properties": {
-						"vimId": {
-						  "description": "An identifier with the intention of being globally unique.\n",
-						  "type": "string"
-						},
-						"resourceProviderId": {
-						  "description": "An identifier with the intention of being globally unique.\n",
-						  "type": "string"
-						},
-						"resourceId": {
-						  "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-						  "type": "string"
-						},
-						"vimLevelResourceType": {
-						  "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
-						  "type": "string"
-						},
-						"vimLevelAdditionalResourceInfo": {
-						  "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
-						  "type": "object",
-						  "properties": {
-							"hostName": {
-							  "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
-							  "type": "string"
-							},
-							"persistentVolume": {
-							  "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
-							  "type": "string"
-							},
-							"additionalInfo": {
-							  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-							  "type": "object"
-							}
-						  }
-						},
-						"containerNamespace": {
-						  "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
-						  "type": "string"
-						}
-					  }
-					},
-					"nsCpHandle": {
-					  "description": "This type represents an identifier of the CP or SAP instance.  It shall comply with the provisions defined in Table 6.5.3.56-1. NOTE 1: For the VNF external CP instance, both vnfInstanceId and vnfExtCpInstanceId shall be present as a pair. NOTE 2: For the PNF external CP instance, both pnfInfoId and PnfExtCpInstanceId shall be present as a pair. NOTE 3: For the SAP instance, both nsInstanceId and nsSapInstanceId shall be present as a pair. NOTE 4: One pair of identifiers (VNF external CP, PNF external CP or SAP) shall be present.\n",
-					  "type": "object",
-					  "oneOf": [
-						{
-						  "required": [
-							"vnfInstanceId",
-							"vnfExtCpInstanceId"
-						  ]
-						},
-						{
-						  "required": [
-							"pnfInfoId",
-							"pnfExtCpInstanceId"
-						  ]
-						},
-						{
-						  "required": [
-							"nsInstanceId",
-							"nsSapInstanceId"
-						  ]
-						}
-					  ],
-					  "properties": {
-						"vnfInstanceId": {
-						  "description": "An identifier with the intention of being globally unique.\n",
-						  "type": "string"
-						},
-						"vnfExtCpInstanceId": {
-						  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-						  "type": "string"
-						},
-						"pnfInfoId": {
-						  "description": "An identifier with the intention of being globally unique.\n",
-						  "type": "string"
-						},
-						"pnfExtCpInstanceId": {
-						  "description": "An Identifier that is unique within respect to a PNF. Representation: string of variable length.\n",
-						  "type": "string"
-						},
-						"nsInstanceId": {
-						  "description": "An identifier with the intention of being globally unique.\n",
-						  "type": "string"
-						},
-						"nsSapInstanceId": {
-						  "description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
-						  "type": "string"
-						}
-					  }
-					}
-				  }
-				}
-			  }
-			}
-		  }
-		},
-		"vnffgInfo": {
-		  "description": "Information on the VNFFG(s) of the NS instance.\n",
-		  "type": "array",
-		  "items": {
-			"description": "Information on the VNFFG(s) of the NS instance. NOTE: It indicates an exhaustive list of all the CP instances and SAP instances of the VNFFG.\n",
-			"type": "object",
-			"required": [
-			  "id",
-			  "vnffgdId",
-			  "vnfInstanceId",
-			  "pnfInfoId"
-			],
-			"properties": {
-			  "id": {
-				"description": "An identifier with the intention of being globally unique.\n",
-				"type": "string"
-			  },
-			  "vnffgdId": {
-				"description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-				"type": "string"
-			  },
-			  "vnfInstanceId": {
-				"description": "Identifier(s) of the constituent VNF instance(s) of this VNFFG instance.\n",
-				"type": "array",
-				"items": {
-				  "description": "An identifier with the intention of being globally unique.\n",
-				  "type": "string"
-				}
-			  },
-			  "pnfdInfoId": {
-				"description": "Identifier(s) of the constituent PNF instance(s) of this VNFFG instance.\n",
-				"type": "array",
-				"items": {
-				  "description": "An identifier with the intention of being globally unique.\n",
-				  "type": "string"
-				}
-			  },
-			  "nsVirtualLinkInfoId": {
-				"description": "Identifier(s) of the constituent VL instance(s) of this VNFFG instance.\n",
-				"type": "array",
-				"items": {
-				  "description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
-				  "type": "string"
-				}
-			  },
-			  "nsCpHandle": {
-				"description": "This type represents an identifier of the CP or SAP instance.  It shall comply with the provisions defined in Table 6.5.3.56-1. NOTE 1: For the VNF external CP instance, both vnfInstanceId and vnfExtCpInstanceId shall be present as a pair. NOTE 2: For the PNF external CP instance, both pnfInfoId and PnfExtCpInstanceId shall be present as a pair. NOTE 3: For the SAP instance, both nsInstanceId and nsSapInstanceId shall be present as a pair. NOTE 4: One pair of identifiers (VNF external CP, PNF external CP or SAP) shall be present.\n",
-				"type": "object",
-				"oneOf": [
-				  {
-					"required": [
-					  "vnfInstanceId",
-					  "vnfExtCpInstanceId"
-					]
-				  },
-				  {
-					"required": [
-					  "pnfInfoId",
-					  "pnfExtCpInstanceId"
-					]
-				  },
-				  {
-					"required": [
-					  "nsInstanceId",
-					  "nsSapInstanceId"
-					]
-				  }
-				],
-				"properties": {
-				  "vnfInstanceId": {
-					"description": "An identifier with the intention of being globally unique.\n",
-					"type": "string"
-				  },
-				  "vnfExtCpInstanceId": {
-					"description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
-					"type": "string"
-				  },
-				  "pnfInfoId": {
-					"description": "An identifier with the intention of being globally unique.\n",
-					"type": "string"
-				  },
-				  "pnfExtCpInstanceId": {
-					"description": "An Identifier that is unique within respect to a PNF. Representation: string of variable length.\n",
-					"type": "string"
-				  },
-				  "nsInstanceId": {
-					"description": "An identifier with the intention of being globally unique.\n",
-					"type": "string"
-				  },
-				  "nsSapInstanceId": {
-					"description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
-					"type": "string"
-				  }
-				}
-			  }
-			}
-		  }
-		},
-		"sapInfo": {
-		  "description": "Information on the SAP(s) of the NS instance.\n",
-		  "type": "array",
-		  "items": {
-			"description": "This type represents an SAP instance. It shall comply with the provisions defined in Table 6.5.3.67-1.\n",
-			"type": "object",
-			"required": [
-			  "id",
-			  "sapdId",
-			  "sapName",
-			  "sapProtocolInfo"
-			],
-			"properties": {
-			  "id": {
-				"description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
-				"type": "string"
-			  },
-			  "sapdId": {
-				"description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-				"type": "string"
-			  },
-			  "sapName": {
-				"description": "Human readable name for the SAP instance.\n",
-				"type": "string"
-			  },
-			  "description": {
-				"description": "Human readable description for the SAP instance.\n",
-				"type": "string"
-			  },
-			  "sapProtocolInfo": {
-				"description": "Network protocol information for this SAP.\n",
-				"type": "array",
-				"items": {
-				  "description": "This type describes the protocol layer(s) that a CP or SAP uses together with protocol-related information, like addresses. It shall comply with the provisions defined in Table 6.5.3.58-1. NOTE: This attribute allows to signal the addition of further types of layer and protocol in future versions of the present document in a backwards-compatible way. In the current version of the present document, only IP over Ethernet is supported.\n",
-				  "type": "object",
-				  "required": [
-					"layerProtocol",
-					"ipOverEthernet"
-				  ],
-				  "properties": {
-					"layerProtocol": {
-					  "description": "The identifier of layer(s) and protocol(s) associated to the network address information. Permitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
-					  "type": "string",
-					  "enum": [
-						"IP_OVER_ETHERNET",
-						"IP_FOR_VIRTUAL_CP"
-					  ]
-					},
-					"ipOverEthernet": {
-					  "description": "This type represents information about a network address that has been assigned.\nNOTE 1: At least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2: Exactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3: If the Cp instance represents a subport in a trunk, \"segmentationId\" shall be present. Otherwise it shall not be present. NOTE 4: Depending on the NFVI networking infrastructure, the \"segmentationId\" may indicate the actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header of the packets or it may be an identifier used between the application and the NFVI networking infrastructure to identify the network sub-interface of the trunk port in question. In the latter case the NFVI infrastructure will map this local \"segmentationId\" to whatever \"segmentationId\" is actually used by the NFVI's transport technology.\n",
-					  "type": "object",
-					  "anyOf": [
-						{
-						  "required": [
-							"macAddress"
-						  ]
-						},
-						{
-						  "required": [
-							"ipAddresses"
-						  ]
-						}
-					  ],
-					  "properties": {
-						"macAddress": {
-						  "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
-						  "type": "string",
-						  "format": "MAC"
-						},
-						"segmentationId": {
-						  "description": "Identification of the network segment to which the Cp instance connects to. See note 3 and note 4.\n",
-						  "type": "string"
-						},
-						"ipAddresses": {
-						  "description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or dynamic IP address assignment per subnet. See note 1.\n",
-						  "type": "array",
-						  "items": {
-							"type": "object",
-							"required": [
-							  "type"
-							],
-							"oneOf": [
-							  {
-								"required": [
-								  "addresses"
-								]
-							  },
-							  {
-								"required": [
-								  "addressRange"
-								]
-							  }
-							],
-							"properties": {
-							  "type": {
-								"description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
-								"type": "string",
-								"enum": [
-								  "IPV4",
-								  "IPV6"
-								]
-							  },
-							  "addresses": {
-								"description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
-								"type": "array",
-								"items": {
-								  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-								  "type": "string",
-								  "format": "IP"
-								}
-							  },
-							  "isDynamic": {
-								"description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
-								"type": "boolean"
-							  },
-							  "addressRange": {
-								"description": "An IP address range used, e.g., in case of egress connections. Exactly one of \"addresses\" or \"addressRange\" shall be present. See note 2.\n",
-								"type": "object",
-								"required": [
-								  "minAddress",
-								  "maxAddress"
-								],
-								"properties": {
-								  "minAddress": {
-									"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									"type": "string",
-									"format": "IP"
-								  },
-								  "maxAddress": {
-									"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									"type": "string",
-									"format": "IP"
-								  }
-								}
-							  },
-							  "subnetId": {
-								"description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-								"type": "string"
-							  }
-							}
-						  }
-						},
-						"type": {
-						  "description": "The type of the IP addresses\n",
-						  "type": "string",
-						  "enum": [
-							"PV4",
-							"PV6"
-						  ]
-						},
-						"addresses": {
-						  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-						  "type": "string",
-						  "format": "IP"
-						},
-						"isDynamic": {
-						  "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
-						  "type": "boolean"
-						},
-						"addressRange": {
-						  "description": "An IP address range used, e.g. in case of egress connections. See note.\n",
-						  "type": "object",
-						  "required": [
-							"minAddress",
-							"maxAddress"
-						  ],
-						  "properties": {
-							"minAddress": {
-							  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-							  "type": "string",
-							  "format": "IP"
-							},
-							"maxAddress": {
-							  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-							  "type": "string",
-							  "format": "IP"
-							}
-						  }
-						},
-						"minAddress": {
-						  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-						  "type": "string",
-						  "format": "IP"
-						},
-						"maxAddress": {
-						  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-						  "type": "string",
-						  "format": "IP"
-						},
-						"subnetId": {
-						  "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-						  "type": "string"
-						}
-					  }
-					},
-					"virtualCpAddress": {
-					  "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
-					  "type": "object",
-					  "required": [
-						"type"
-					  ],
-					  "properties": {
-						"type": {
-						  "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
-						  "type": "string",
-						  "enum": [
-							"IPV4",
-							"IPV6"
-						  ]
-						},
-						"loadBalancerIp": {
-						  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-						  "type": "string",
-						  "format": "IP"
-						},
-						"addressPoolName": {
-						  "description": "Name of an address pool from which an IP address is assigned to the virtual CP.",
-						  "type": "string"
-						}
-					  }
-					}
-				  }
-				}
-			  }
-			}
-		  }
-		},
-		"nestedNsInstanceId": {
-		  "description": "Identifier of the nested NS(s) of the NS instance.\n",
-		  "type": "array",
-		  "items": {
-			"description": "An identifier with the intention of being globally unique.\n",
-			"type": "string"
-		  }
-		},
-		"vnfSnapshotInfoIds": {
-		  "description": "Identifier of information on VNF snapshots of VNF instances that are part of this NS instance.\n",
-		  "type": "array",
-		  "items": {
-			"description": "An identifier with the intention of being globally unique.\n",
-			"type": "string"
-		  }
-		},
-		"nsState": {
-		  "description": "The state of the NS instance. Permitted values: NOT_INSTANTIATED: The NS instance is terminated or not instantiated. INSTANTIATED: The NS instance is instantiated.\n",
-		  "type": "string",
-		  "enum": [
-			"NOT_INSTANTIATED",
-			"INSTANTIATED"
-		  ]
-		},
-		"monitoringParameter": {
-		  "description": "Performance metrics tracked by the NFVO (e.g. for auto-scaling purposes) as identified by the NS designer in the NSD.\n",
-		  "type": "array",
-		  "items": {
-			"description": "This type represents a monitoring parameter that is tracked by the NFVO, for example,  for auto-scaling purposes. It shall comply with the provisions defined in Table 6.5.3.68-1.\n",
-			"type": "object",
-			"required": [
-			  "id",
-			  "performanceMetric"
-			],
-			"properties": {
-			  "id": {
-				"description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-				"type": "string"
-			  },
-			  "name": {
-				"description": "Human readable name of the monitoring parameter, as defined in the NSD.\n",
-				"type": "string"
-			  },
-			  "performanceMetric": {
-				"description": "Performance metric that is monitored. This attribute shall contain the related  \"Measurement Name\" value as defined in clause 7.2 of ETSI GS NFV-IFA 027.\n",
-				"type": "string"
-			  }
-			}
-		  }
-		},
-		"nsScaleStatus": {
-		  "description": "Status of each NS scaling aspect declared in the applicable DF, how \"big\" the NS instance has been scaled w.r.t. that aspect. This attribute shall be present if the nsState attribute value is INSTANTIATED.\n",
-		  "type": "array",
-		  "items": {
-			"description": "This type represents the target NS Scale level for each NS scaling aspect of the current deployment flavor.\n",
-			"type": "object",
-			"required": [
-			  "nsScalingAspectId",
-			  "nsScaleLevelId"
-			],
-			"properties": {
-			  "nsScalingAspectId": {
-				"description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-				"type": "string"
-			  },
-			  "nsScaleLevelId": {
-				"description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-				"type": "string"
-			  }
-			}
-		  }
-		},
-		"additionalAffinityOrAntiAffinityRule": {
-		  "description": "Information on the additional affinity or anti-affinity rule from NS instantiation operation. Shall not conflict with rules already specified in the NSD.\n",
-		  "type": "array",
-		  "items": {
-			"description": "This type describes the additional affinity or anti-affinity rule applicable between the VNF instances to be instantiated in the NS instantiation operation request or between the VNF instances to be instantiated in the NS instantiation operation request and the existing VNF instances..\n",
-			"type": "object",
-			"required": [
-			  "affinityOrAntiAffiinty",
-			  "scope"
-			],
-			"properties": {
-			  "vnfdId": {
-				"description": "Reference to a VNFD. When the VNFD which is not used to instantiate VNF, it presents all VNF instances of this type as the subjects of the affinity or anti-affinity rule. The VNF instance which the VNFD presents is not necessary as a part of the NS to be instantiated.\n",
-				"type": "array",
-				"items": {
-				  "description": "An identifier with the intention of being globally unique.\n",
-				  "type": "string"
-				}
-			  },
-			  "vnfProfileId": {
-				"description": "Reference to a vnfProfile defined in the NSD. At least one VnfProfile which is used to instantiate VNF for the NS to be instantiated as the subject of the affinity or anti-affinity rule shall be present. When the VnfProfile which is not used to instantiate VNF, it presents all VNF instances of this type as the subjects of the affinity or anti-affinity rule. The VNF instance which the VnfProfile presents is not necessary as a part of the NS to be instantiated.\n",
-				"type": "array",
-				"items": {
-				  "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
-				  "type": "string"
-				}
-			  },
-			  "vnfInstanceId": {
-				"description": "Reference to the existing VNF instance as the subject of the affinity or anti-affinity rule. The existing VNF instance is not necessary as a part of the NS to be instantiated.\n",
-				"type": "array",
-				"items": {
-				  "description": "An identifier with the intention of being globally unique.\n",
-				  "type": "string"
-				}
-			  },
-			  "affinityOrAntiAffiinty": {
-				"description": "The type of the constraint. Permitted values: AFFINITY ANTI_AFFINITY.\n",
-				"type": "string",
-				"enum": [
-				  "AFFINITY",
-				  "ANTI_AFFINITY"
-				]
-			  },
-			  "scope": {
-				"description": "Specifies the scope of the rule where the placement constraint applies. Permitted values: NFVI_POP ZONE ZONE_GROUP NFVI_NODE.\n",
-				"type": "string",
-				"enum": [
-				  "NFVI_POP",
-				  "ZONE",
-				  "ZONE_GROUP",
-				  "NFVI_NODE"
-				]
-			  }
-			}
-		  }
-		},
-		"wanConnectionInfo": {
-		  "description": "Information about WAN related connectivity enabling multi-site VLs.\n",
-		  "type": "array",
-		  "items": {
-			"description": "This type provides information about the connectivity to the WAN of network resources realizing a VL, e.g.,\nwhen the VL is deployed on several sites across a WAN. It shall comply with the provisions defined in table 6.5.3.90-1.\nNOTE: Either a \"nsVirtualLinkInfoId\" or a \"vnfVirtualLinkResourceInfoId\" shall be provided, but not both.\n",
-			"type": "object",
-			"required": [
-			  "wanConnectionInfoId"
-			],
-			"oneOf": [
-			  {
-				"required": [
-				  "nsVirtualLinkInfoId"
-				]
-			  },
-			  {
-				"required": [
-				  "vnfVirtualLinkResourceInfoId"
-				]
-			  }
-			],
-			"properties": {
-			  "wanConnectionInfoId": {
-				"description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
-				"type": "string"
-			  },
-			  "nsVirtualLinkInfoId": {
-				"description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
-				"type": "string"
-			  },
-			  "vnfVirtualLinkResourceInfoId": {
-				"description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
-				"type": "string"
-			  },
-			  "protocolInfo": {
-				"description": "This type provides protocol specific information about the connectivity to the WAN of network resources realizing\na VL, e.g., when the VL is deployed on several sites and across a WAN, and the related multi-site connectivity\nservice (MSCS) enabling the connectivity through the WAN. This type supports providing information about both\npre-provisioned WAN connectivity realized by external entities to NFV-MANO but parts of such connectivity is known\nto the NFVO, as well as information about MSCS created under NFV-MANO responsibility (i.e., connectivity is realized\nwhen NFVO communicates with the WIM).  It shall comply with the provisions defined in table 6.5.3.91-1.\n",
-				"type": "object",
-				"properties": {
-				  "mscsInfo": {
-					"description": "This type provides information about an already provisioned multi-site connectivity service (MSCS) deployed across a WAN. It shall comply with the provisions defined in Table 6.5.3.82-1.\n",
-					"type": "object",
-					"required": [
-					  "mscsId",
-					  "mscsType"
-					],
-					"properties": {
-					  "mscsId": {
-						"description": "An identifier with the intention of being globally unique.\n",
-						"type": "string"
-					  },
-					  "mscsName": {
-						"description": "Human readable name of the MSCS.\n",
-						"type": "string"
-					  },
-					  "mscsDescription": {
-						"description": "Human readable description of the MSCS.\n",
-						"type": "string"
-					  },
-					  "mscsType": {
-						"description": "The type of connectivity that is provided to the virtualized networks in the NFVI-PoP and characterizes the connectivity service across the WAN. Permitted values: - L2 - L3\n",
-						"type": "string",
-						"enum": [
-						  "L2VPN",
-						  "L3VPN"
-						]
-					  },
-					  "mscsLayerProtocol": {
-						"description": "Type of underlying connectivity service and protocol associated to the MSCS. Permitted values are as listed below and restricted by the type of MSCS: - EVPN_BGP_MPLS: as specified in IETF RFC 7432. Only applicable for mscsType=\"L2\". - EVPN_VPWS: as specified in IETF RFC 8214. Only applicable for mscsType=\"L2\". - VPLS_BGP: as specified in IETF RFC 4761 and IETF RFC 6624. Only applicable for mscsType=\"L2\". - VPLS_LDP_L2TP: as specified in IETF RFC 4762. Only applicable for mscsType=\"L2\". - VPWS_LDP_L2TP: as specified in IETF RFC 6074. Only applicable for mscsType=\"L2\". - BGP_IP_VPN: BGP/MPLS based IP VPN as specified in IETF RFC 4364. Only applicable for mscsType=\"L3\".\n",
-						"type": "string",
-						"enum": [
-						  "EVPN_BGP_MPLS",
-						  "EVPN_VPWS",
-						  "VPLS_BGP",
-						  "VPLS_LDP",
-						  "VPWS",
-						  "BGP_IP_VPN"
-						]
-					  },
-					  "siteAccessProtectionSchemes": {
-						"description": "Information to determine the proper MSCS endpoints configuration to fulfil certain resiliency/protection requirements, e.g., by considering certain availability and redundancy of connectivity service endpoints in between NFVI-PoP and WAN.\n",
-						"type": "array",
-						"items": {
-						  "type": "object",
-						  "properties": {
-							"locationConstraints": {
-							  "description": "This type represents location constraints for a VNF to be instantiated. The location constraints can be represented as follows: • as a country code • as a civic address combined with a country code • as an area, conditionally combined with a country code\nNOTE: If both \"countryCode\" and \"area\" are present, no conflicts should exist between the values of these two attributes. In case of conflicts, the API producer (i.e. the NFVO) shall disregard parts of the geographic area signalled by \"area\" that are outside the boundaries of the country signalled by \"countryCode\". If \"countryCode\" is absent, it is solely the \"area\" attribute that defines the location constraint.\n",
-							  "type": "object",
-							  "properties": {
-								"countryCode": {
-								  "description": "The two-letter ISO 3166 country code in capital letters. Shall be present in case the \"area\" attribute is absent. May be absent if the \"area\" attribute is present (see note).\n",
-								  "type": "string"
-								},
-								"civicAddressElement": {
-								  "description": "Zero or more elements comprising the civic address. Shall be absent if the \"area\" attribute is present.\n",
-								  "type": "array",
-								  "items": {
-									"type": "object",
-									"required": [
-									  "caType",
-									  "caValue"
-									],
-									"properties": {
-									  "caType": {
-										"description": "Describe the content type of caValue. The value of caType shall comply with Section 3.4 of IETF RFC 4776 [13].\n",
-										"type": "integer"
-									  },
-									  "caValue": {
-										"description": "Content of civic address element corresponding to the caType. The format caValue shall comply with Section 3.4 of IETF RFC 4776 [13].\n",
-										"type": "string"
-									  }
-									}
-								  }
-								},
-								"area": {
-								  "description": "Geographic area. Shall be absent if the \"civicAddressElement\" attribute is present. The content of this attribute shall follow the provisions for the \"Polygon\" geometry object as defined in IETF RFC 7946, for which the \"type\" member shall be set to the value \"Polygon\". See note.\n",
-								  "type": "object"
-								}
-							  }
-							},
-							"protectionScheme": {
-							  "description": "Defines the protection scheme. Permitted values: - UNPROTECTED: to indicate no protection. - ONE_TO_ONE: to indicate an active-passive access protection. - ONE_PLUS_ONE: to indicate an active-active access protection. - ONE_TO_N: to indicate an N active to 1 passive access protection.\n",
-							  "type": "string",
-							  "enum": [
-								"UNPROTECTED",
-								"ONE_TO_ONE",
-								"ONE_PLUS_ONE",
-								"ONE_TO_N"
-							  ]
-							}
-						  }
-						}
-					  },
-					  "mtuMscs": {
-						"description": "Maximum Transmission Unit (MTU) that can be forwarded over the MSCS (in bytes). Default value is \"1500\" (bytes).\n",
-						"type": "number"
-					  },
-					  "mscsEndpoints": {
-						"description": "Information about the MSCS endpoints of the MSCS.\n",
-						"type": "array",
-						"items": {
-						  "description": "This type provides encapsulates information about an MSCS endpoint of the MSCS. It shall comply with the provisions defined in table 6.5.3.83-1.\n",
-						  "type": "object",
-						  "required": [
-							"mscsEndpointId",
-							"directionality",
-							"connectivityServiceEndpoinId"
-						  ],
-						  "properties": {
-							"mscsEndpointId": {
-							  "description": "An identifier with the intention of being globally unique.\n",
-							  "type": "string"
-							},
-							"directionality": {
-							  "description": "Directionality of the data traffic in the context of the terminating MSCS endpoint from WAN’s perspective. Permitted values: - INBOUND: to indicate into the WAN. - OUTBOUND: to indicate from the WAN. - BOTH: to indicate bidirectional data traffic to/from the WAN.\n",
-							  "type": "string",
-							  "enum": [
-								"INBOUND",
-								"OUTBOUND",
-								"BOTH"
-							  ]
-							},
-							"connectivityServiceEndpoinId": {
-							  "description": "References the connectivity service endpoint configuration information applicable to support the MSCS endpoint. More than one connectivity service endpoint can be referred when endpoints are in LAG mode.\n",
-							  "type": "array",
-							  "items": {
-								"description": "An identifier with the intention of being globally unique.\n",
-								"type": "string"
-							  }
-							}
-						  }
-						}
-					  }
-					}
-				  },
-				  "connectivityServiceEndpoints": {
-					"description": "Configuration information about the network resources in the NFVI-PoP and their connectivity to the WAN.\n",
-					"type": "array",
-					"items": {
-					  "description": "This type provides configuration data for the NFVI-PoP network gateway providing connectivity service endpoints. The connectivity service endpoints are used as endpoints by an MSCS. It shall comply with the provisions defined in Table 6.5.3.84-1.\n",
-					  "type": "object",
-					  "required": [
-						"connectivityServiceEndpointId",
-						"vimId"
-					  ],
-					  "properties": {
-						"connectivityServiceEndpointId": {
-						  "description": "An identifier with the intention of being globally unique.\n",
-						  "type": "string"
-						},
-						"vimId": {
-						  "description": "An identifier with the intention of being globally unique.\n",
-						  "type": "string"
-						},
-						"siteToWanLayer2ProtocolData": {
-						  "description": "This type provides information about Layer 2 protocol specific information for the configuration of the NFVI-PoP network gateway to enable the stitching of the intra-site VN to the MSCS over the WAN. It shall comply with the provisions defined in Table 6.5.3.85-1. NOTE: Either \"networkResources\" or \"vnSegmentsIds\" shall be provided, but not both.\n",
-						  "type": "object",
-						  "required": [
-							"layer2ConnectionInfo"
-						  ],
-						  "properties": {
-							"layer2ConnectionInfo": {
-							  "description": "Layer 2 protocol parameters of the connectivity service endpoint (CSE).\n",
-							  "type": "object",
-							  "required": [
-								"connectionType",
-								"interfaceType",
-								"interfaceTagging",
-								"encapsulationType"
-							  ],
-							  "properties": {
-								"connectionType": {
-								  "description": "The type of connection to be established on the connectivity service point. Permitted values: - CSE: defined by the characteristics of the existing referred connectivity service point. - AGGREGATE_CSE: create an aggregation of the connectivity service endpoints.\n",
-								  "type": "string",
-								  "enum": [
-									"CSE",
-									"AGGREGATE_CSE"
-								  ]
-								},
-								"interfaceType": {
-								  "description": "To indicate whether to create logical interfaces on the referred connectivity service endpoint or new aggregated connectivity service endpoint. Permitted values: - PARENT: use the mapped interface to the connectivity service endpoint as is, i.e., do not create logical interfaces. - LOGICAL: create logical interfaces.\n",
-								  "type": "string",
-								  "enum": [
-									"PARENT",
-									"LOGICAL"
-								  ]
-								},
-								"interfaceTagging": {
-								  "description": "The type of frames to forward on the connectivity service point. Permitted values: - UNTAGGED: an interface where frames are not tagged. - TAGGED: an interface configured to forward tagged frames (i.e., enabled for VLAN tagging).\n",
-								  "type": "string",
-								  "enum": [
-									"UNTAGGED",
-									"TAGGED"
-								  ]
-								},
-								"encapsulationType": {
-								  "description": "The type of encapsulation. If the interfaceTagging=\"TAGGED\", either \"VLAN\" or \"VXLAN\" shall be set. Permitted values: - ETH: generic Ethernet encapsulation. - VLAN: encapsulation based on VLAN. - VXLAN: encapsulation based on VXLAN.\n",
-								  "type": "string",
-								  "enum": [
-									"ETH",
-									"VLAN",
-									"VXLAN"
-								  ]
-								},
-								"vlanTaggingType": {
-								  "description": "Type of encapsulation method for VLAN tagging. Shall be present if interfaceTagging=\"TAGGED\" and encapsulationType=\"VLAN\". Permitted values: - DOT1Q: used when packets on the CSE are encapsulated with one or a set of customer VLAN identifiers. - QINQ: used when packets on the CSE are encapsulated with multiple customer VLAN identifiers and a single\n  service VLAN identifier.\n- QINANY: used when packets on the CSE have no specific customer VLAN and a service VLAN identifier is used.\n",
-								  "type": "string",
-								  "enum": [
-									"DOT1Q",
-									"QINQ",
-									"QINANY"
-								  ]
-								},
-								"wanSegmentIds": {
-								  "description": "Segment identifiers to pass on the tagged interface. Shall be present if encapsulationType=\"VLAN\" or “VXLAN\".\n",
-								  "type": "object",
-								  "required": [
-									"wanSegmentIdValue"
-								  ],
-								  "properties": {
-									"wanSegmentIdValue": {
-									  "description": "Identifier of the network segment (e.g., VLAN id or VNI).\n",
-									  "type": "string"
-									},
-									"wanSegmentIdUpperRange": {
-									  "description": "Identifier of the upper range network segment, in case the \"wanSegmentIds\" is used to define a range.\n",
-									  "type": "string"
-									}
-								  }
-								},
-								"vxlanConfig": {
-								  "description": "Additional configuration needed when using VXLAN encapsulation. Shall be present if interfaceTagging=\"TAGGED\" and encapsulationType=\"VXLAN\".\n",
-								  "type": "object",
-								  "required": [
-									"peerMode"
-								  ],
-								  "properties": {
-									"peerMode": {
-									  "description": "Type of VXLAN access mode. Default value is \"STATIC\".\nPermitted values: - STATIC - BGP_EVPN\n",
-									  "type": "string",
-									  "enum": [
-										"STATIC",
-										"BGP_EVPN"
-									  ]
-									},
-									"peers": {
-									  "description": "List of IP addresses of VTEP peers when using static mode.\n",
-									  "type": "array",
-									  "items": {
-										"description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-										"type": "string",
-										"format": "IP"
-									  }
-									}
-								  }
-								},
-								"lagInterfaceData": {
-								  "description": "Information for setting up a LAG interface aggregating multiple connectivity service endpoints.\n",
-								  "type": "object",
-								  "required": [
-									"aggregatedEndpoints",
-									"lacpActivation",
-									"lacpConfig"
-								  ],
-								  "properties": {
-									"aggregatedEndpoints": {
-									  "description": "List of the connectivity service endpoints that are to be aggregated. Shall be present if connectionType=\"AGGREGATE_CSE\". In case of aggregating connectivity service endpoints, only one SiteToWanLayer2ProtocolData shall be provided for the whole set of aggregated endpoints.\n",
-									  "type": "array",
-									  "items": {
-										"description": "An identifier with the intention of being globally unique.\n",
-										"type": "string"
-									  }
-									},
-									"lacpActivation": {
-									  "description": "Indicates whether to activate LACP on the interface. If \"TRUE\", the LACP is to be activated, or \"FALSE\" otherwise. Default value is \"FALSE\".\n",
-									  "type": "boolean"
-									},
-									"lacpConfig": {
-									  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-									  "type": "object"
-									}
-								  }
-								},
-								"layer2ControlProtocol": {
-								  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-								  "type": "object"
-								}
-							  }
-							},
-							"mtuL2": {
-							  "description": "Maximum Transmission Unit (MTU) that can be forwarded at layer 2 (in bytes). Default value is \"1500\" (bytes).\n",
-							  "type": "number"
-							},
-							"virtualRoutingAndForwarding": {
-							  "description": "Configuration related to the L2 virtual routing and forwarding (MAC-VRF).\n",
-							  "type": "object",
-							  "required": [
-								"macVrfName"
-							  ],
-							  "properties": {
-								"macVrfName": {
-								  "description": "Name (or identifier) of the MAC-VRF instance.\n",
-								  "type": "string"
-								}
-							  }
-							},
-							"forwardingConfig": {
-							  "description": "Information related to the forwarding of the VN in the NFVI-PoP to the connectivity service endpoint, if information about the VN to \"stitch\" is already known. . by the OSS/BSS. Shall not be provided otherwise, in which case the NFVO will infer the forwarding configuration based on the NS VL, or external VL, or externally-managed VL provisioning.\n",
-							  "type": "object",
-							  "oneOf": [
-								{
-								  "required": [
-									"networkResources"
-								  ]
-								},
-								{
-								  "required": [
-									"vnSegmentIds"
-								  ]
-								}
-							  ],
-							  "properties": {
-								"networkResources": {
-								  "description": "Reference to the VN resource to be forwarded into/from the MSCS. See note.\n",
-								  "type": "array",
-								  "items": {
-									"description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
-									"type": "object",
-									"required": [
-									  "resourceId"
-									],
-									"properties": {
-									  "vimId": {
-										"description": "An identifier with the intention of being globally unique.\n",
-										"type": "string"
-									  },
-									  "resourceProviderId": {
-										"description": "An identifier with the intention of being globally unique.\n",
-										"type": "string"
-									  },
-									  "resourceId": {
-										"description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
-										"type": "string"
-									  },
-									  "vimLevelResourceType": {
-										"description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
-										"type": "string"
-									  },
-									  "vimLevelAdditionalResourceInfo": {
-										"description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
-										"type": "object",
-										"properties": {
-										  "hostName": {
-											"description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
-											"type": "string"
-										  },
-										  "persistentVolume": {
-											"description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
-											"type": "string"
-										  },
-										  "additionalInfo": {
-											"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-											"type": "object"
-										  }
-										}
-									  },
-									  "containerNamespace": {
-										"description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
-										"type": "string"
-									  }
-									}
-								  }
-								},
-								"vnSegmentIds": {
-								  "description": "Identifiers of the network segments of the VN resources to be forwarded into/from the MSCS.\n",
-								  "type": "object",
-								  "required": [
-									"vnSegmentIdValue"
-								  ],
-								  "properties": {
-									"vnSegmentIdValue": {
-									  "description": "Identifier of the network segment.\n",
-									  "type": "string"
-									},
-									"vnSegmentIdUpperRange": {
-									  "description": "Identifier of the upper range network segment, in case the \"vnSegmentIds\" is used to define a range.\n",
-									  "type": "string"
-									}
-								  }
-								}
-							  }
-							}
-						  }
-						},
-						"siteToWanLayer3ProtocolData": {
-						  "description": "This type provides information about Layer 3 protocol specific information for the stitching of the intra-site VN to the multi-site connectivity service over the WAN. It shall comply with the provisions defined in Table 6.5.3.86-1.\n",
-						  "type": "object",
-						  "required": [
-							"routingInfo"
-						  ],
-						  "properties": {
-							"logicalInterfaceIpAddress": {
-							  "description": "IP addressing information associated to a logical interface. Shall be present if the \"interfaceType\" of the SiteToWanLayer2ProtocolData is equal to \"LOGICAL\".\n",
-							  "type": "object",
-							  "required": [
-								"ipAddress",
-								"associatedSegmentId"
-							  ],
-							  "properties": {
-								"ipAddress": {
-								  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-								  "type": "string",
-								  "format": "IP"
-								},
-								"associatedSegmentId": {
-								  "description": "The associated segment identifier that has triggered the creation of the logical interface. The value shall be one of the values listed in the \"wanSegmentIds\" of the \"siteToWanLayer2ProtocolData\".\n",
-								  "type": "string"
-								}
-							  }
-							},
-							"routingInfo": {
-							  "description": "The routing information that is activated on the connectivity service endpoint. More than one \"routingInfo\" is allowed to enable stacking different routing protocols (e.g., one routing protocol for IPv4 and another one for IPv6).\n",
-							  "type": "object",
-							  "required": [
-								"routingProtocol",
-								"routingAddressFamily"
-							  ],
-							  "properties": {
-								"routingProtocol": {
-								  "description": "The routing protocol that is activated on the connectivity service endpoint. Permitted values: - BGP: used for dynamic routing BGPv4. - RIP: used for dynamic routing RIPv2. - OSPF: used for dynamic routing (OSPF version 2 for IPv4; and OSPF version 3 for IPv6). - STATIC: used for static routing. - DIRECT: used when the NFVI-PoP network is directly connected to the WAN provider network. - VRRP: used when the NFVI-PoP network is directly connected to the WAN provider network with virtual\n  router redundancy protocol support (VRRP).\n",
-								  "type": "string",
-								  "enum": [
-									"BGP",
-									"RIP",
-									"OSPF",
-									"STATIC",
-									"DIRECT",
-									"VRRP"
-								  ]
-								},
-								"staticRouting": {
-								  "description": "Defines a static route. It shall only be present if the routingProtocol=\"STATIC\".\n",
-								  "type": "object",
-								  "required": [
-									"ipVersion",
-									"ipPrefix",
-									"prefixSize",
-									"nextHop"
-								  ],
-								  "properties": {
-									"ipVersion": {
-									  "description": "The IP version applicable to the routing entry. Permitted values: - IPV4 - IPV6\n",
-									  "type": "string",
-									  "enum": [
-										"IPV4",
-										"IPV6"
-									  ]
-									},
-									"ipPrefix": {
-									  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									  "type": "string",
-									  "format": "IP"
-									},
-									"prefixSize": {
-									  "description": "The IP prefix size.\n",
-									  "type": "number"
-									},
-									"nextHop": {
-									  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									  "type": "string",
-									  "format": "IP"
-									}
-								  }
-								},
-								"routingAddressFamily": {
-								  "description": "The IP version applicable to the dynamic routing protocol. Shall be present for dynamic routing protocols. Permitted values: - IPV4 - IPV6\n",
-								  "type": "string",
-								  "enum": [
-									"IPV4",
-									"IPv6"
-								  ]
-								},
-								"ospfRouting": {
-								  "description": "Defines parameters for OSPF routing. It shall only be present if the routingProtocol=\"OSPF\".\n",
-								  "type": "object",
-								  "required": [
-									"areaId"
-								  ],
-								  "properties": {
-									"areaId": {
-									  "description": "The routing area identifier, e.g., a number or an IP address.\n",
-									  "type": "string"
-									}
-								  }
-								},
-								"bgpRouting": {
-								  "description": "Defines parameters for BGP routing. It shall only be present if the routingProtocol=\"BGP\".\n",
-								  "type": "object",
-								  "required": [
-									"bgpAs"
-								  ],
-								  "properties": {
-									"bgpAs": {
-									  "description": "The Autonomous System (AS) identification applicable to the BGP routing info entry.\n",
-									  "type": "object"
-									},
-									"bgpNeighbour": {
-									  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
-									  "type": "string",
-									  "format": "IP"
-									},
-									"bgpAdditionalParam": {
-									  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-									  "type": "object"
-									}
-								  }
-								},
-								"routeMapsDistribution": {
-								  "description": "Maps of routes that are permitted or denied for redistribution.\n",
-								  "type": "object",
-								  "required": [
-									"policy",
-									"sequence",
-									"matchAndSetRule"
-								  ],
-								  "properties": {
-									"policy": {
-									  "description": "The policy to apply to the route distribution.\nPermitted values: - PERMIT - DENY\n",
-									  "type": "string",
-									  "enum": [
-										"PERMIT",
-										"DENY"
-									  ]
-									},
-									"sequence": {
-									  "description": "Sequence or index number assigned to the route-map.\n",
-									  "type": "number"
-									},
-									"matchAndSetRule": {
-									  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-									  "type": "object"
-									}
-								  }
-								}
-							  }
-							},
-							"mtuL3": {
-							  "description": "Maximum Transmission Unit (MTU) that can be forwarded at layer 3 (in bytes). Default value is \"1500\" (bytes).\n",
-							  "type": "number"
-							},
-							"virtualRoutingAndForwarding": {
-							  "description": "Configuration related to the virtual routing and forwarding (VRF).\n",
-							  "type": "object",
-							  "required": [
-								"vrfName"
-							  ],
-							  "properties": {
-								"vrfName": {
-								  "description": "Name (or identifier) of the VRF instance.\n",
-								  "type": "string"
-								}
-							  }
-							},
-							"bfdConfig": {
-							  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
-							  "type": "object"
-							}
-						  }
-						}
-					  }
-					}
-				  }
-				}
-			  }
-			}
-		  }
-		},
-		"_links": {
-		  "type": "object",
-		  "description": "Links to resources related to this resource.",
-		  "required": [
-			"self"
-		  ],
-		  "properties": {
-			"self": {
-			  "description": "This type represents a link to a resource.\n",
-			  "type": "object",
-			  "required": [
-				"href"
-			  ],
-			  "properties": {
-				"href": {
-				  "description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
-				  "type": "string",
-				  "format": "url"
-				}
-			  }
-			},
-			"nestedNsInstances": {
-			  "description": "Links to resources related to this notification.\n",
-			  "type": "array",
-			  "items": {
-				"description": "This type represents a link to a resource.\n",
-				"type": "object",
-				"required": [
-				  "href"
-				],
-				"properties": {
-				  "href": {
-					"description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
-					"type": "string",
-					"format": "url"
-				  }
-				}
-			  }
-			},
-			"vnfSnapshotInfos": {
-			  "description": "Links to the VNF snapshots associated to VNF instances which are part of this NS instance.\n",
-			  "type": "array",
-			  "items": {
-				"description": "This type represents a link to a resource.\n",
-				"type": "object",
-				"required": [
-				  "href"
-				],
-				"properties": {
-				  "href": {
-					"description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
-					"type": "string",
-					"format": "url"
-				  }
-				}
-			  }
-			},
-			"instantiate": {
-			  "description": "This type represents a link to a resource.\n",
-			  "type": "object",
-			  "required": [
-				"href"
-			  ],
-			  "properties": {
-				"href": {
-				  "description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
-				  "type": "string",
-				  "format": "url"
-				}
-			  }
-			},
-			"terminate": {
-			  "description": "This type represents a link to a resource.\n",
-			  "type": "object",
-			  "required": [
-				"href"
-			  ],
-			  "properties": {
-				"href": {
-				  "description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
-				  "type": "string",
-				  "format": "url"
-				}
-			  }
-			},
-			"update": {
-			  "description": "This type represents a link to a resource.\n",
-			  "type": "object",
-			  "required": [
-				"href"
-			  ],
-			  "properties": {
-				"href": {
-				  "description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
-				  "type": "string",
-				  "format": "url"
-				}
-			  }
-			},
-			"scale": {
-			  "description": "This type represents a link to a resource.\n",
-			  "type": "object",
-			  "required": [
-				"href"
-			  ],
-			  "properties": {
-				"href": {
-				  "description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
-				  "type": "string",
-				  "format": "url"
-				}
-			  }
-			},
-			"heal": {
-			  "description": "This type represents a link to a resource.\n",
-			  "type": "object",
-			  "required": [
-				"href"
-			  ],
-			  "properties": {
-				"href": {
-				  "description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
-				  "type": "string",
-				  "format": "url"
-				}
-			  }
-			}
-		  }
-		}
-	  }
-	}
-  }
\ No newline at end of file
+    "type": "array",
+    "items": {
+        "description": "This type represents a response for Query NS operation.  It shall comply with the provisions defined in Table 6.5.2.10-1.\nNOTE 1: Void.\n          \"vnfInstance\" attribute or one \"nestedNsInstanceId\" attribute shall be present.\nNOTE 2: The “priority” attribute of the NS instance is configured in the NSD in the NsDf structure.\n          The mapping from application-specific priority values to a value in the NsDf is under OSS/BSS responsibility.\n          The \"zero\" value expresses the highest priority and the fact that the NS instance based on this DF cannot be\n          pre-empted during resource allocation.\nNOTE 3: Examples for the usage of priority include conflict resolution in case of resource shortage\nNOTE 4: Information about PaaS Services assigned to VNF instances shall only be included in the corresponding\n        VnfInstance (see clause 6.5.3.57)\n",
+        "type": "object",
+        "required": [
+            "id",
+            "nsInstanceName",
+            "nsInstanceDescription",
+            "nsdId",
+            "nsdInfoId",
+            "nsState",
+            "_links"
+        ],
+        "properties": {
+            "id": {
+                "description": "An identifier with the intention of being globally unique.\n",
+                "type": "string"
+            },
+            "nsInstanceName": {
+                "description": "Human readable name of the NS instance.\n",
+                "type": "string"
+            },
+            "nsInstanceDescription": {
+                "description": "Human readable description of the NS instance.\n",
+                "type": "string"
+            },
+            "nsdId": {
+                "description": "An identifier with the intention of being globally unique.\n",
+                "type": "string"
+            },
+            "versionDependency": {
+                "description": "Describes version dependencies currently valid for the nested NS instance. Identifies versions  of descriptors of other constituents in the NSD upon which the nested NS depends.  The dependencies may be described for the NSD referenced in this NsInstance with nsdId and for  NSDs with the same \"nsdExtInvariantId\". There shall not be more than one versionDependency present with the same dependentConstituentId. It may be present for the NsInstance of a nested NS. It shall not be present otherwise.\n",
+                "type": "array",
+                "items": {
+                    "description": "This type represents the information related to all dependencies that an NSD constituent has on the versions of other NSD constituents.  It shall comply with the provisions defined in table 6.5.3.112-1.\n",
+                    "type": "object",
+                    "required": [
+                        "dependentConstituentId"
+                    ],
+                    "properties": {
+                        "dependentConstituentId": {
+                            "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                            "type": "string"
+                        },
+                        "versionDependencyStatement": {
+                            "description": "Identifies one or multiple versions of an NSD constituents upon which the dependent constituent identified by  dependentConstituentId has a dependency. Cardinality 0 is used to remove an existing version dependency in a profile.\n",
+                            "type": "array",
+                            "items": {
+                                "description": "This type represents the information related to one or more VNF, NS or PNF descriptor identifiers which describe one  single dependency. When more than one descriptor is indicated, they correspond to different versions of the same VNF,  NS or PNF and they represent alternatives to fulfil the dependency. It shall comply with the provisions defined in  table 6.5.3.113-1.\n",
+                                "type": "object",
+                                "required": [
+                                    "descriptorId"
+                                ],
+                                "properties": {
+                                    "descriptorId": {
+                                        "description": "Identifies a VNFD, NSD or PNFD upon which the entity using this data type depends. When more than one descriptor is indicated, they shall correspond to versions of the same VNF, NS or PNF and they represent alternatives, i.e. the presence of one of them fulfills the dependency.",
+                                        "type": "array",
+                                        "items": {
+                                            "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                                            "type": "string"
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    }
+                }
+            },
+            "nsdInfoId": {
+                "description": "An identifier with the intention of being globally unique.\n",
+                "type": "string"
+            },
+            "flavourId": {
+                "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                "type": "string"
+            },
+            "priority": {
+                "description": "A number as defined in IETF RFC 8259.\n",
+                "type": "number"
+            },
+            "vnfInstance": {
+                "description": "Information on constituent VNF(s) of the NS instance.\n",
+                "type": "array",
+                "items": {
+                    "description": "This type represents a VNF instance. It shall comply with the provisions defined in table 6.5.3.57-1.\nNOTE: Clause B.3.2 of ETSI GS NFV-SOL 003 provides examples illustrating the relationship among the \n      different run-time data types (CP, VL and link ports) used to represent the connectivity \n      of a VNF.\n\nNOTE 1: Modifying the value of this attribute shall not be performed when conflicts exist between the \n        previous and the newly referred VNF package, i.e. when the new VNFD is changed with respect to \n        the previous VNFD in other aspects than merely referencing to other VNF software images. \n        In order to avoid misalignment of the VnfInstance with the current VNF's on-boarded VNF Package, \n        the values of attributes in the VnfInstance that have corresponding attributes in the VNFD shall \n        be kept in sync with the values in the VNFD.\nNOTE 2: ETSI GS NFV-SOL 001 specifies the structure and format of the VNFD based on TOSCA specifications. NOTE 3: These attributes are sometimes also referred to as configuration parameters applicable \n        to a VNF. Some of these are set prior to instantiation and cannot be modified if the VNF is instantiated, \n        some are set prior to instantiation (are part of initial configuration) and can be modified later, \n        and others can be set only after instantiation. The applicability of certain configuration may depend \n        on the VNF and the required operation of the VNF at a certain point in time.\nNOTE 4: It is possible to have several ExtManagedVirtualLinkInfo for the same VNF internal VL in case of a \n        multi-site VNF spanning several VIMs. The set of ExtManagedVirtualLinkInfo corresponding to the same \n        VNF internal VL shall indicate so by referencing to the same VnfVirtualLinkDesc and externally-managed \n        multi-site VL instance (refer to clause 6.5.3.59).\nNOTE 5: Even though externally-managed internal VLs are also used for VNF-internal connectivity, they shall not \n        be listed in the \"vnfVirtualLinkResourceInfo\" attribute as this would be redundant.\nNOTE 6: The scale level indicated in “scaleStatus” for a scaling aspect that has not been deployed due to the selection\n        of deployable modules will be used to instantiate the related VNFCs if a VNF LCM operation changes the\n        selected deployable modules and the related VNFCs are instantiated, unless the VNF LCM operation explicitly\n        indicates the scale level for the aspect.\n",
+                    "type": "object",
+                    "required": [
+                        "id",
+                        "vnfdId",
+                        "vnfProvider",
+                        "vnfProductName",
+                        "vnfSoftwareVersion",
+                        "vnfdVersion",
+                        "vnfPkgId",
+                        "instantiationState"
+                    ],
+                    "properties": {
+                        "id": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                        },
+                        "vnfInstanceName": {
+                            "description": "Name of the VNF instance. Modifications to this attribute can be requested using the \"ModifyVnfInfoData\" structure.\n",
+                            "type": "string"
+                        },
+                        "vnfInstanceDescription": {
+                            "description": "Human-readable description of the VNF instance. Modifications to this attribute can be requested using the \"ModifyVnfInfoData\" structure.\n",
+                            "type": "string"
+                        },
+                        "vnfdId": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                        },
+                        "vnfProvider": {
+                            "description": "Provider of the VNF and the VNFD. The value is copied from the VNFD.\n",
+                            "type": "string"
+                        },
+                        "vnfProductName": {
+                            "description": "Name to identify the VNF Product. The value is copied from the VNFD.\n",
+                            "type": "string"
+                        },
+                        "vnfSoftwareVersion": {
+                            "description": "A Version. Representation: string of variable length.\n",
+                            "type": "string"
+                        },
+                        "vnfdVersion": {
+                            "description": "A Version. Representation: string of variable length.\n",
+                            "type": "string"
+                        },
+                        "versionDependency": {
+                            "description": "Describes version dependencies currently valid for the VNF instance. Identifies versions of descriptors of other constituents in the NSD upon which the VNF depends. The dependencies may be described for the VNFD referenced in this VnfInfo with \"vnfdId\" and for VNFDs with the same \"vnfdExtInvariantId\". There shall not be more than one \"versionDependency\" present with the same dependentConstituentId.\n",
+                            "type": "array",
+                            "items": {
+                                "description": "This type represents the information related to all dependencies that an NSD constituent has on the versions of other NSD constituents.  It shall comply with the provisions defined in table 6.5.3.112-1.\n",
+                                "type": "object",
+                                "required": [
+                                    "dependentConstituentId"
+                                ],
+                                "properties": {
+                                    "dependentConstituentId": {
+                                        "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                                        "type": "string"
+                                    },
+                                    "versionDependencyStatement": {
+                                        "description": "Identifies one or multiple versions of an NSD constituents upon which the dependent constituent identified by  dependentConstituentId has a dependency. Cardinality 0 is used to remove an existing version dependency in a profile.\n",
+                                        "type": "array",
+                                        "items": {
+                                            "description": "This type represents the information related to one or more VNF, NS or PNF descriptor identifiers which describe one  single dependency. When more than one descriptor is indicated, they correspond to different versions of the same VNF,  NS or PNF and they represent alternatives to fulfil the dependency. It shall comply with the provisions defined in  table 6.5.3.113-1.\n",
+                                            "type": "object",
+                                            "required": [
+                                                "descriptorId"
+                                            ],
+                                            "properties": {
+                                                "descriptorId": {
+                                                    "description": "Identifies a VNFD, NSD or PNFD upon which the entity using this data type depends. When more than one descriptor is indicated, they shall correspond to versions of the same VNF, NS or PNF and they represent alternatives, i.e. the presence of one of them fulfills the dependency.",
+                                                    "type": "array",
+                                                    "items": {
+                                                        "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                                                        "type": "string"
+                                                    }
+                                                }
+                                            }
+                                        }
+                                    }
+                                }
+                            }
+                        },
+                        "vnfPkgId": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                        },
+                        "vnfConfigurableProperties": {
+                            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                            "type": "object"
+                        },
+                        "certificateInfo": {
+                            "description": "This type provides input information related to certificate and certificate management.\n",
+                            "type": "object",
+                            "required": [
+                                "id"
+                            ],
+                            "properties": {
+                                "id": {
+                                    "description": "An identifier with the intention of being globally unique.\n",
+                                    "type": "string"
+                                },
+                                "certificateConfigurationInfo": {
+                                    "description": "This type provides input information related to certificate management\n",
+                                    "type": "object",
+                                    "required": [
+                                        "securityPolicy"
+                                    ],
+                                    "properties": {
+                                        "certificateBaseProfile": {
+                                            "description": "Information for certificate profile.",
+                                            "type": "array",
+                                            "items": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            }
+                                        },
+                                        "securityPolicy": {
+                                            "description": "Information for security policy to be satisfied for certificate.",
+                                            "type": "array",
+                                            "items": {
+                                                "type": "object",
+                                                "description": "This type represents the input information related to certificate management.\n",
+                                                "required": [
+                                                    "id"
+                                                ],
+                                                "properties": {
+                                                    "id": {
+                                                        "description": "An identifier with the intention of being globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "maxValidityPeriod": {
+                                                        "description": "A number as defined in IETF RFC 8259.\n",
+                                                        "type": "number"
+                                                    },
+                                                    "allowedAlgorithm": {
+                                                        "description": "Allowed signature algorithm.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "minimumKeyLength": {
+                                                        "description": "A number as defined in IETF RFC 8259.\n",
+                                                        "type": "number"
+                                                    }
+                                                }
+                                            }
+                                        },
+                                        "delegationSupportedCertificateManagements": {
+                                            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                            "type": "object"
+                                        },
+                                        "cmfInfo": {
+                                            "type": "object",
+                                            "description": "This type provides input information related to CMF for certificate management\n",
+                                            "required": [
+                                                "id",
+                                                "endPoint",
+                                                "supportedProtocol"
+                                            ],
+                                            "properties": {
+                                                "id": {
+                                                    "description": "An identifier with the intention of being globally unique.\n",
+                                                    "type": "string"
+                                                },
+                                                "endPoint": {
+                                                    "description": "End point of CMF instance.\n",
+                                                    "type": "object",
+                                                    "required": [
+                                                        "ipAddress",
+                                                        "link"
+                                                    ],
+                                                    "properties": {
+                                                        "ipAddress": {
+                                                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                            "type": "string",
+                                                            "format": "IP"
+                                                        },
+                                                        "link": {
+                                                            "description": "This type represents a link to a resource.\n",
+                                                            "type": "object",
+                                                            "required": [
+                                                                "href"
+                                                            ],
+                                                            "properties": {
+                                                                "href": {
+                                                                    "description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
+                                                                    "type": "string",
+                                                                    "format": "url"
+                                                                }
+                                                            }
+                                                        }
+                                                    }
+                                                },
+                                                "supportedProtocol": {
+                                                    "type": "array",
+                                                    "description": "Supported protocol by CMF instance. Permitted values:\n  CMP\n  CMPv2\n  EST\n  SCEP\n",
+                                                    "minItems": 1,
+                                                    "items": {
+                                                        "type": "string",
+                                                        "enum": [
+                                                            "CMP",
+                                                            "CMPv2",
+                                                            "EST",
+                                                            "SCEP"
+                                                        ]
+                                                    }
+                                                },
+                                                "certificateChain": {
+                                                    "description": "Certificate chain that this CMF provides.",
+                                                    "type": "array",
+                                                    "items": {
+                                                        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                        "type": "object"
+                                                    }
+                                                }
+                                            }
+                                        }
+                                    }
+                                },
+                                "certificateContents": {
+                                    "description": "Information for contents of issued certificates. The information contained in this attribute may be updated over time during the VNF LCM, e.g. certificate(s) renewal.\n",
+                                    "type": "array",
+                                    "items": {
+                                        "description": "This type provides input information related to certificate content. \nNOTE : The CertificateDesc data type is defined in clause 7.1.19.2 of  ETSI GS NFV IFA 011\n",
+                                        "type": "object",
+                                        "required": [
+                                            "id",
+                                            "certficateDescId",
+                                            "certificateType"
+                                        ],
+                                        "properties": {
+                                            "id": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "certficateDescId": {
+                                                "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                                "type": "string"
+                                            },
+                                            "certificateType": {
+                                                "description": "Type of this certificate. Values: * VNFCI_CERT * VNFOAM_CERT\n",
+                                                "type": "string",
+                                                "enum": [
+                                                    "VNFCI_CERT",
+                                                    "NFOAM_CERT"
+                                                ]
+                                            },
+                                            "supportedCertificateManagement": {
+                                                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                "type": "object"
+                                            },
+                                            "version": {
+                                                "description": "A Version. Representation: string of variable length.\n",
+                                                "type": "string"
+                                            },
+                                            "serialNumber": {
+                                                "description": "Serial number of this certificate\n",
+                                                "type": "integer"
+                                            },
+                                            "signatureAlgorithm": {
+                                                "description": "Algorithm of this certificate’s signature.\n",
+                                                "type": "string"
+                                            },
+                                            "issuer": {
+                                                "description": "Issuer of this certificate.\n",
+                                                "type": "string"
+                                            },
+                                            "notBefore": {
+                                                "description": "Date-time stamp. Representation: String formatted according toas defined by the date-time production in IETF RFC 3339.\n",
+                                                "type": "string",
+                                                "format": "date-time"
+                                            },
+                                            "notAfter": {
+                                                "description": "Date-time stamp. Representation: String formatted according toas defined by the date-time production in IETF RFC 3339.\n",
+                                                "type": "string",
+                                                "format": "date-time"
+                                            },
+                                            "subject": {
+                                                "description": "Subject of this certificate.\n",
+                                                "type": "string"
+                                            },
+                                            "publicKeyAlgorithm": {
+                                                "description": "Algorithm of this certificate’s public key\n",
+                                                "type": "string"
+                                            },
+                                            "certificateExtensions": {
+                                                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                "type": "object"
+                                            }
+                                        }
+                                    }
+                                }
+                            }
+                        },
+                        "vimId": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                        },
+                        "instantiationState": {
+                            "description": "The instantiation state of the VNF.\nPermitted values: - NOT_INSTANTIATED: The VNF instance is terminated or not instantiated. - INSTANTIATED: The VNF instance is instantiated.\n",
+                            "type": "string",
+                            "enum": [
+                                "NOT_INSTANTIATED",
+                                "INSTANTIATED"
+                            ]
+                        },
+                        "instantiatedVnfInfo": {
+                            "description": "Information specific to an instantiated VNF instance. This attribute shall be present if the instantiateState attribute value is INSTANTIATED.\n",
+                            "type": "object",
+                            "required": [
+                                "flavourId",
+                                "vnfState",
+                                "extCpInfo"
+                            ],
+                            "properties": {
+                                "flavourId": {
+                                    "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                    "type": "string"
+                                },
+                                "vnfState": {
+                                    "type": "string",
+                                    "enum": [
+                                        "STARTED",
+                                        "STOPPED"
+                                    ]
+                                },
+                                "scaleStatus": {
+                                    "description": "Scale status of the VNF, one entry per aspect. Represents for every scaling aspect how \"big\" the VNF has been scaled w.r.t. that aspect. This attribute shall be present if the VNF supports scaling. For an aspect that has not been deployed because it consists of VDUs that  belong to a deployable module that has not been selected (or to multiple deployable modules, none of which have been selected), it indicates the scale level that has been requested in the instantiation or in a scaling operation, or, if none has been requested in any of them, the scale level applicable to the aspect based on the default instantiation level. See note 6. See clause B.2 of ETSI GS NFV-SOL 003 for an explanation of VNF scaling.\n",
+                                    "type": "array",
+                                    "items": {
+                                        "required": [
+                                            "aspectId",
+                                            "scaleLevel"
+                                        ],
+                                        "type": "object",
+                                        "properties": {
+                                            "aspectId": {
+                                                "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                                "type": "string"
+                                            },
+                                            "vnfdId": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "scaleLevel": {
+                                                "description": "Indicates the scale level. The minimum value shall be 0 and the maximum value shall be <= maxScaleLevel as described in the VNFD.\n",
+                                                "type": "integer"
+                                            }
+                                        }
+                                    }
+                                },
+                                "maxScaleLevels": {
+                                    "description": "Maximum allowed scale levels of the VNF, one entry per aspect. This attribute shall be present if the VNF supports scaling.\n",
+                                    "type": "array",
+                                    "items": {
+                                        "required": [
+                                            "aspectId",
+                                            "scaleLevel"
+                                        ],
+                                        "type": "object",
+                                        "properties": {
+                                            "aspectId": {
+                                                "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                                "type": "string"
+                                            },
+                                            "vnfdId": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "scaleLevel": {
+                                                "description": "Indicates the scale level. The minimum value shall be 0 and the maximum value shall be <= maxScaleLevel as described in the VNFD.\n",
+                                                "type": "integer"
+                                            }
+                                        }
+                                    }
+                                },
+                                "selectedDeployableModule": {
+                                    "description": "References a currently selected deployable module, as defined in the VNFD, that has already completed the instantiation of its VNFCs.\n",
+                                    "type": "array",
+                                    "items": {
+                                        "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                        "type": "string"
+                                    }
+                                },
+                                "extCpInfo": {
+                                    "description": "Information about the external CPs exposed by the VNF instance. When trunking is enabled, the list of entries includes both, external CPs corresponding to parent ports of a trunk, and external CPs associated to sub-ports of a trunk.\n",
+                                    "type": "array",
+                                    "minItems": 1,
+                                    "items": {
+                                        "description": "This type represents information about an external CP of a VNF. It shall comply  with the provisions defined in Table 6.5.3.70-1. NOTE 1: The attributes attributes \"associatedVnfcCpId\", \"associatedVipCpId\", \"associatedVirtualCpId\" and \"associatedVnfVirtualLinkId\" are mutually exclusive. Exactly one shall be present. NOTE 2: An external CP instance is not associated to a link port in the cases indicated for the “extLinkPorts” attribute in clause 6.5.3.26. NOTE 3:  Cardinality greater than 1 is only applicable for specific cases where more than one network attachment definition resource is needed to fulfil the connectivity requirements of the external CP, e.g. to build a link redundant mated pair in SR-IOV cases. NOTE 4:  When more than one \"netAttDefResourceId\" is indicated, all shall belong to the same namespace.\n",
+                                        "type": "object",
+                                        "required": [
+                                            "id",
+                                            "cpdId",
+                                            "cpProtocolInfo"
+                                        ],
+                                        "oneOf": [
+                                            {
+                                                "required": [
+                                                    "associatedVnfcCpId"
+                                                ]
+                                            },
+                                            {
+                                                "required": [
+                                                    "associatedVipCpId"
+                                                ]
+                                            },
+                                            {
+                                                "required": [
+                                                    "associatedVirtualCpId"
+                                                ]
+                                            },
+                                            {
+                                                "required": [
+                                                    "associatedVnfVirtualLinkId"
+                                                ]
+                                            }
+                                        ],
+                                        "properties": {
+                                            "id": {
+                                                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "cpdId": {
+                                                "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                                "type": "string"
+                                            },
+                                            "cpConfigId": {
+                                                "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                                "type": "string"
+                                            },
+                                            "vnfdId": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "cpProtocolInfo": {
+                                                "description": "Network protocol information for this CP.\n",
+                                                "type": "array",
+                                                "minItems": 1,
+                                                "items": {
+                                                    "description": "This type describes the protocol layer(s) that a CP or SAP uses together with protocol-related information, like addresses. It shall comply with the provisions defined in Table 6.5.3.58-1. NOTE: This attribute allows to signal the addition of further types of layer and protocol in future versions of the present document in a backwards-compatible way. In the current version of the present document, only IP over Ethernet is supported.\n",
+                                                    "type": "object",
+                                                    "required": [
+                                                        "layerProtocol",
+                                                        "ipOverEthernet"
+                                                    ],
+                                                    "properties": {
+                                                        "layerProtocol": {
+                                                            "description": "The identifier of layer(s) and protocol(s) associated to the network address information. Permitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
+                                                            "type": "string",
+                                                            "enum": [
+                                                                "IP_OVER_ETHERNET",
+                                                                "IP_FOR_VIRTUAL_CP"
+                                                            ]
+                                                        },
+                                                        "ipOverEthernet": {
+                                                            "description": "This type represents information about a network address that has been assigned.\nNOTE 1: At least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2: Exactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3: If the Cp instance represents a subport in a trunk, \"segmentationId\" shall be present. Otherwise it shall not be present. NOTE 4: Depending on the NFVI networking infrastructure, the \"segmentationId\" may indicate the actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header of the packets or it may be an identifier used between the application and the NFVI networking infrastructure to identify the network sub-interface of the trunk port in question. In the latter case the NFVI infrastructure will map this local \"segmentationId\" to whatever \"segmentationId\" is actually used by the NFVI's transport technology.\n",
+                                                            "type": "object",
+                                                            "anyOf": [
+                                                                {
+                                                                    "required": [
+                                                                        "macAddress"
+                                                                    ]
+                                                                },
+                                                                {
+                                                                    "required": [
+                                                                        "ipAddresses"
+                                                                    ]
+                                                                }
+                                                            ],
+                                                            "properties": {
+                                                                "macAddress": {
+                                                                    "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
+                                                                    "type": "string",
+                                                                    "format": "MAC"
+                                                                },
+                                                                "segmentationId": {
+                                                                    "description": "Identification of the network segment to which the Cp instance connects to. See note 3 and note 4.\n",
+                                                                    "type": "string"
+                                                                },
+                                                                "ipAddresses": {
+                                                                    "description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or dynamic IP address assignment per subnet. See note 1.\n",
+                                                                    "type": "array",
+                                                                    "items": {
+                                                                        "type": "object",
+                                                                        "required": [
+                                                                            "type"
+                                                                        ],
+                                                                        "oneOf": [
+                                                                            {
+                                                                                "required": [
+                                                                                    "addresses"
+                                                                                ]
+                                                                            },
+                                                                            {
+                                                                                "required": [
+                                                                                    "addressRange"
+                                                                                ]
+                                                                            }
+                                                                        ],
+                                                                        "properties": {
+                                                                            "type": {
+                                                                                "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
+                                                                                "type": "string",
+                                                                                "enum": [
+                                                                                    "IPV4",
+                                                                                    "IPV6"
+                                                                                ]
+                                                                            },
+                                                                            "addresses": {
+                                                                                "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
+                                                                                "type": "array",
+                                                                                "items": {
+                                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                    "type": "string",
+                                                                                    "format": "IP"
+                                                                                }
+                                                                            },
+                                                                            "isDynamic": {
+                                                                                "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
+                                                                                "type": "boolean"
+                                                                            },
+                                                                            "addressRange": {
+                                                                                "description": "An IP address range used, e.g., in case of egress connections. Exactly one of \"addresses\" or \"addressRange\" shall be present. See note 2.\n",
+                                                                                "type": "object",
+                                                                                "required": [
+                                                                                    "minAddress",
+                                                                                    "maxAddress"
+                                                                                ],
+                                                                                "properties": {
+                                                                                    "minAddress": {
+                                                                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                        "type": "string",
+                                                                                        "format": "IP"
+                                                                                    },
+                                                                                    "maxAddress": {
+                                                                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                        "type": "string",
+                                                                                        "format": "IP"
+                                                                                    }
+                                                                                }
+                                                                            },
+                                                                            "subnetId": {
+                                                                                "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                                "type": "string"
+                                                                            }
+                                                                        }
+                                                                    }
+                                                                },
+                                                                "type": {
+                                                                    "description": "The type of the IP addresses\n",
+                                                                    "type": "string",
+                                                                    "enum": [
+                                                                        "PV4",
+                                                                        "PV6"
+                                                                    ]
+                                                                },
+                                                                "addresses": {
+                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                    "type": "string",
+                                                                    "format": "IP"
+                                                                },
+                                                                "isDynamic": {
+                                                                    "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
+                                                                    "type": "boolean"
+                                                                },
+                                                                "addressRange": {
+                                                                    "description": "An IP address range used, e.g. in case of egress connections. See note.\n",
+                                                                    "type": "object",
+                                                                    "required": [
+                                                                        "minAddress",
+                                                                        "maxAddress"
+                                                                    ],
+                                                                    "properties": {
+                                                                        "minAddress": {
+                                                                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                            "type": "string",
+                                                                            "format": "IP"
+                                                                        },
+                                                                        "maxAddress": {
+                                                                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                            "type": "string",
+                                                                            "format": "IP"
+                                                                        }
+                                                                    }
+                                                                },
+                                                                "minAddress": {
+                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                    "type": "string",
+                                                                    "format": "IP"
+                                                                },
+                                                                "maxAddress": {
+                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                    "type": "string",
+                                                                    "format": "IP"
+                                                                },
+                                                                "subnetId": {
+                                                                    "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                    "type": "string"
+                                                                }
+                                                            }
+                                                        },
+                                                        "virtualCpAddress": {
+                                                            "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
+                                                            "type": "object",
+                                                            "required": [
+                                                                "type"
+                                                            ],
+                                                            "properties": {
+                                                                "type": {
+                                                                    "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
+                                                                    "type": "string",
+                                                                    "enum": [
+                                                                        "IPV4",
+                                                                        "IPV6"
+                                                                    ]
+                                                                },
+                                                                "loadBalancerIp": {
+                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                    "type": "string",
+                                                                    "format": "IP"
+                                                                },
+                                                                "addressPoolName": {
+                                                                    "description": "Name of an address pool from which an IP address is assigned to the virtual CP.",
+                                                                    "type": "string"
+                                                                }
+                                                            }
+                                                        }
+                                                    }
+                                                }
+                                            },
+                                            "extLinkPortId": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "netAttDefResourceId": {
+                                                "description": "Identifier of the \"NetAttDefResourceInfo\" structure that provides the  specification of the interface to attach the connection point to a secondary container cluster network. See notes 3 and 4.\nIt shall be present if the external CP is associated to a VNFC realized  by one or a set of OS containers and is connected to a secondary container  cluster network. It shall not be present otherwise.\n",
+                                                "type": "array",
+                                                "items": {
+                                                    "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                    "type": "string"
+                                                }
+                                            },
+                                            "metadata": {
+                                                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                "type": "object"
+                                            },
+                                            "associatedVnfcCpId": {
+                                                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "associatedVipCpId": {
+                                                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "associatedVirtualCpId": {
+                                                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "associatedVnfVirtualLinkId": {
+                                                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "certificateContentId": {
+                                                "description": "The identifier of certificate that this VNF CP instance uses. Shall be present when using in delegation-mode. Otherwise shall not be present.\n",
+                                                "type": "array",
+                                                "items": {
+                                                    "description": "An identifier with the intention of being globally unique.\n",
+                                                    "type": "string"
+                                                }
+                                            }
+                                        }
+                                    }
+                                },
+                                "vipCpInfo": {
+                                    "description": "VIP CPs that are part of the VNF instance. Shall be present when that particular VIP CP of the VNFC instance is associated to an external CP of the VNF instance. May be present otherwise.\n",
+                                    "type": "array",
+                                    "items": {
+                                        "description": "This type provides information related to virtual IP (VIP) CP. It shall comply with the provisions defined in table 6.5.3.97 1. NOTE:   It is possible that there is no associated VnfcCp because the VIP CP is available but not associated yet.\n",
+                                        "type": "object",
+                                        "required": [
+                                            "cpInstanceId",
+                                            "cpdId"
+                                        ],
+                                        "properties": {
+                                            "cpInstanceId": {
+                                                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "cpdId": {
+                                                "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                                "type": "string"
+                                            },
+                                            "vnfdId": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "vnfExtCpId": {
+                                                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "cpProtocolInfo": {
+                                                "description": "Protocol information for this CP. There shall be one cpProtocolInfo for layer 3. There may be one cpProtocolInfo for layer 2.\n",
+                                                "type": "array",
+                                                "items": {
+                                                    "description": "This type describes the protocol layer(s) that a CP or SAP uses together with protocol-related information, like addresses. It shall comply with the provisions defined in Table 6.5.3.58-1. NOTE: This attribute allows to signal the addition of further types of layer and protocol in future versions of the present document in a backwards-compatible way. In the current version of the present document, only IP over Ethernet is supported.\n",
+                                                    "type": "object",
+                                                    "required": [
+                                                        "layerProtocol",
+                                                        "ipOverEthernet"
+                                                    ],
+                                                    "properties": {
+                                                        "layerProtocol": {
+                                                            "description": "The identifier of layer(s) and protocol(s) associated to the network address information. Permitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
+                                                            "type": "string",
+                                                            "enum": [
+                                                                "IP_OVER_ETHERNET",
+                                                                "IP_FOR_VIRTUAL_CP"
+                                                            ]
+                                                        },
+                                                        "ipOverEthernet": {
+                                                            "description": "This type represents information about a network address that has been assigned.\nNOTE 1: At least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2: Exactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3: If the Cp instance represents a subport in a trunk, \"segmentationId\" shall be present. Otherwise it shall not be present. NOTE 4: Depending on the NFVI networking infrastructure, the \"segmentationId\" may indicate the actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header of the packets or it may be an identifier used between the application and the NFVI networking infrastructure to identify the network sub-interface of the trunk port in question. In the latter case the NFVI infrastructure will map this local \"segmentationId\" to whatever \"segmentationId\" is actually used by the NFVI's transport technology.\n",
+                                                            "type": "object",
+                                                            "anyOf": [
+                                                                {
+                                                                    "required": [
+                                                                        "macAddress"
+                                                                    ]
+                                                                },
+                                                                {
+                                                                    "required": [
+                                                                        "ipAddresses"
+                                                                    ]
+                                                                }
+                                                            ],
+                                                            "properties": {
+                                                                "macAddress": {
+                                                                    "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
+                                                                    "type": "string",
+                                                                    "format": "MAC"
+                                                                },
+                                                                "segmentationId": {
+                                                                    "description": "Identification of the network segment to which the Cp instance connects to. See note 3 and note 4.\n",
+                                                                    "type": "string"
+                                                                },
+                                                                "ipAddresses": {
+                                                                    "description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or dynamic IP address assignment per subnet. See note 1.\n",
+                                                                    "type": "array",
+                                                                    "items": {
+                                                                        "type": "object",
+                                                                        "required": [
+                                                                            "type"
+                                                                        ],
+                                                                        "oneOf": [
+                                                                            {
+                                                                                "required": [
+                                                                                    "addresses"
+                                                                                ]
+                                                                            },
+                                                                            {
+                                                                                "required": [
+                                                                                    "addressRange"
+                                                                                ]
+                                                                            }
+                                                                        ],
+                                                                        "properties": {
+                                                                            "type": {
+                                                                                "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
+                                                                                "type": "string",
+                                                                                "enum": [
+                                                                                    "IPV4",
+                                                                                    "IPV6"
+                                                                                ]
+                                                                            },
+                                                                            "addresses": {
+                                                                                "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
+                                                                                "type": "array",
+                                                                                "items": {
+                                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                    "type": "string",
+                                                                                    "format": "IP"
+                                                                                }
+                                                                            },
+                                                                            "isDynamic": {
+                                                                                "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
+                                                                                "type": "boolean"
+                                                                            },
+                                                                            "addressRange": {
+                                                                                "description": "An IP address range used, e.g., in case of egress connections. Exactly one of \"addresses\" or \"addressRange\" shall be present. See note 2.\n",
+                                                                                "type": "object",
+                                                                                "required": [
+                                                                                    "minAddress",
+                                                                                    "maxAddress"
+                                                                                ],
+                                                                                "properties": {
+                                                                                    "minAddress": {
+                                                                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                        "type": "string",
+                                                                                        "format": "IP"
+                                                                                    },
+                                                                                    "maxAddress": {
+                                                                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                        "type": "string",
+                                                                                        "format": "IP"
+                                                                                    }
+                                                                                }
+                                                                            },
+                                                                            "subnetId": {
+                                                                                "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                                "type": "string"
+                                                                            }
+                                                                        }
+                                                                    }
+                                                                },
+                                                                "type": {
+                                                                    "description": "The type of the IP addresses\n",
+                                                                    "type": "string",
+                                                                    "enum": [
+                                                                        "PV4",
+                                                                        "PV6"
+                                                                    ]
+                                                                },
+                                                                "addresses": {
+                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                    "type": "string",
+                                                                    "format": "IP"
+                                                                },
+                                                                "isDynamic": {
+                                                                    "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
+                                                                    "type": "boolean"
+                                                                },
+                                                                "addressRange": {
+                                                                    "description": "An IP address range used, e.g. in case of egress connections. See note.\n",
+                                                                    "type": "object",
+                                                                    "required": [
+                                                                        "minAddress",
+                                                                        "maxAddress"
+                                                                    ],
+                                                                    "properties": {
+                                                                        "minAddress": {
+                                                                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                            "type": "string",
+                                                                            "format": "IP"
+                                                                        },
+                                                                        "maxAddress": {
+                                                                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                            "type": "string",
+                                                                            "format": "IP"
+                                                                        }
+                                                                    }
+                                                                },
+                                                                "minAddress": {
+                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                    "type": "string",
+                                                                    "format": "IP"
+                                                                },
+                                                                "maxAddress": {
+                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                    "type": "string",
+                                                                    "format": "IP"
+                                                                },
+                                                                "subnetId": {
+                                                                    "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                    "type": "string"
+                                                                }
+                                                            }
+                                                        },
+                                                        "virtualCpAddress": {
+                                                            "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
+                                                            "type": "object",
+                                                            "required": [
+                                                                "type"
+                                                            ],
+                                                            "properties": {
+                                                                "type": {
+                                                                    "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
+                                                                    "type": "string",
+                                                                    "enum": [
+                                                                        "IPV4",
+                                                                        "IPV6"
+                                                                    ]
+                                                                },
+                                                                "loadBalancerIp": {
+                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                    "type": "string",
+                                                                    "format": "IP"
+                                                                },
+                                                                "addressPoolName": {
+                                                                    "description": "Name of an address pool from which an IP address is assigned to the virtual CP.",
+                                                                    "type": "string"
+                                                                }
+                                                            }
+                                                        }
+                                                    }
+                                                }
+                                            },
+                                            "associatedVnfcCpIds": {
+                                                "description": "Identifiers of the VnfcCps that share the virtual IP addresse allocated to the VIP CP instance. See note.\n",
+                                                "type": "array",
+                                                "items": {
+                                                    "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                    "type": "string"
+                                                }
+                                            },
+                                            "vnfLinkPortId": {
+                                                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "metadata": {
+                                                "description": "Allows the OSS/BSS to provide additional parameter(s) to the termination process at the NS level.\n",
+                                                "type": "array",
+                                                "items": {
+                                                    "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                    "type": "object"
+                                                }
+                                            }
+                                        }
+                                    }
+                                },
+                                "virtualCpInfo": {
+                                    "description": "virtual CPs that are part of the VNF instance. Shall be present when a particular virtual CP is associated to an external CP of the VNF  instance. May be present otherwise.\n",
+                                    "type": "array",
+                                    "items": {
+                                        "description": "'This type represents the information related to a virtual CP instance of a VNF.\nNOTE 1: A consumer of the VNF LCM interface can learn the actual VNFC instances implementing  the service accessible via the virtual CP instance by querying the \"vnfcResourceInfo\" from the \"InstantiatedVnfInfo\" and filtering by corresponding \"vduId\" values.' NOTE 2: The information can be omitted because it is already available as part of the external CP information in the VnfExtCpInfo structure\n",
+                                        "type": "object",
+                                        "required": [
+                                            "cpInstanceId",
+                                            "cpdId",
+                                            "resourceHandle",
+                                            "vduId"
+                                        ],
+                                        "properties": {
+                                            "cpInstanceId": {
+                                                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "cpdId": {
+                                                "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                                "type": "string"
+                                            },
+                                            "resourceHandle": {
+                                                "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
+                                                "type": "object",
+                                                "required": [
+                                                    "resourceId"
+                                                ],
+                                                "properties": {
+                                                    "vimId": {
+                                                        "description": "An identifier with the intention of being globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "resourceProviderId": {
+                                                        "description": "An identifier with the intention of being globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "resourceId": {
+                                                        "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "vimLevelResourceType": {
+                                                        "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "vimLevelAdditionalResourceInfo": {
+                                                        "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
+                                                        "type": "object",
+                                                        "properties": {
+                                                            "hostName": {
+                                                                "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
+                                                                "type": "string"
+                                                            },
+                                                            "persistentVolume": {
+                                                                "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
+                                                                "type": "string"
+                                                            },
+                                                            "additionalInfo": {
+                                                                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                                "type": "object"
+                                                            }
+                                                        }
+                                                    },
+                                                    "containerNamespace": {
+                                                        "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
+                                                        "type": "string"
+                                                    }
+                                                }
+                                            },
+                                            "vnfExtCpId": {
+                                                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "cpProtocolInfo": {
+                                                "description": "Protocol information for this CP. There shall be one cpProtocolInfo for each layer protocol supported. This attribute may be omitted if the virtual CP is exposed as an external CP. See note 2\n",
+                                                "type": "array",
+                                                "items": {
+                                                    "description": "This type describes the protocol layer(s) that a CP or SAP uses together with protocol-related information, like addresses. It shall comply with the provisions defined in Table 6.5.3.58-1. NOTE: This attribute allows to signal the addition of further types of layer and protocol in future versions of the present document in a backwards-compatible way. In the current version of the present document, only IP over Ethernet is supported.\n",
+                                                    "type": "object",
+                                                    "required": [
+                                                        "layerProtocol",
+                                                        "ipOverEthernet"
+                                                    ],
+                                                    "properties": {
+                                                        "layerProtocol": {
+                                                            "description": "The identifier of layer(s) and protocol(s) associated to the network address information. Permitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
+                                                            "type": "string",
+                                                            "enum": [
+                                                                "IP_OVER_ETHERNET",
+                                                                "IP_FOR_VIRTUAL_CP"
+                                                            ]
+                                                        },
+                                                        "ipOverEthernet": {
+                                                            "description": "This type represents information about a network address that has been assigned.\nNOTE 1: At least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2: Exactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3: If the Cp instance represents a subport in a trunk, \"segmentationId\" shall be present. Otherwise it shall not be present. NOTE 4: Depending on the NFVI networking infrastructure, the \"segmentationId\" may indicate the actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header of the packets or it may be an identifier used between the application and the NFVI networking infrastructure to identify the network sub-interface of the trunk port in question. In the latter case the NFVI infrastructure will map this local \"segmentationId\" to whatever \"segmentationId\" is actually used by the NFVI's transport technology.\n",
+                                                            "type": "object",
+                                                            "anyOf": [
+                                                                {
+                                                                    "required": [
+                                                                        "macAddress"
+                                                                    ]
+                                                                },
+                                                                {
+                                                                    "required": [
+                                                                        "ipAddresses"
+                                                                    ]
+                                                                }
+                                                            ],
+                                                            "properties": {
+                                                                "macAddress": {
+                                                                    "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
+                                                                    "type": "string",
+                                                                    "format": "MAC"
+                                                                },
+                                                                "segmentationId": {
+                                                                    "description": "Identification of the network segment to which the Cp instance connects to. See note 3 and note 4.\n",
+                                                                    "type": "string"
+                                                                },
+                                                                "ipAddresses": {
+                                                                    "description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or dynamic IP address assignment per subnet. See note 1.\n",
+                                                                    "type": "array",
+                                                                    "items": {
+                                                                        "type": "object",
+                                                                        "required": [
+                                                                            "type"
+                                                                        ],
+                                                                        "oneOf": [
+                                                                            {
+                                                                                "required": [
+                                                                                    "addresses"
+                                                                                ]
+                                                                            },
+                                                                            {
+                                                                                "required": [
+                                                                                    "addressRange"
+                                                                                ]
+                                                                            }
+                                                                        ],
+                                                                        "properties": {
+                                                                            "type": {
+                                                                                "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
+                                                                                "type": "string",
+                                                                                "enum": [
+                                                                                    "IPV4",
+                                                                                    "IPV6"
+                                                                                ]
+                                                                            },
+                                                                            "addresses": {
+                                                                                "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
+                                                                                "type": "array",
+                                                                                "items": {
+                                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                    "type": "string",
+                                                                                    "format": "IP"
+                                                                                }
+                                                                            },
+                                                                            "isDynamic": {
+                                                                                "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
+                                                                                "type": "boolean"
+                                                                            },
+                                                                            "addressRange": {
+                                                                                "description": "An IP address range used, e.g., in case of egress connections. Exactly one of \"addresses\" or \"addressRange\" shall be present. See note 2.\n",
+                                                                                "type": "object",
+                                                                                "required": [
+                                                                                    "minAddress",
+                                                                                    "maxAddress"
+                                                                                ],
+                                                                                "properties": {
+                                                                                    "minAddress": {
+                                                                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                        "type": "string",
+                                                                                        "format": "IP"
+                                                                                    },
+                                                                                    "maxAddress": {
+                                                                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                        "type": "string",
+                                                                                        "format": "IP"
+                                                                                    }
+                                                                                }
+                                                                            },
+                                                                            "subnetId": {
+                                                                                "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                                "type": "string"
+                                                                            }
+                                                                        }
+                                                                    }
+                                                                },
+                                                                "type": {
+                                                                    "description": "The type of the IP addresses\n",
+                                                                    "type": "string",
+                                                                    "enum": [
+                                                                        "PV4",
+                                                                        "PV6"
+                                                                    ]
+                                                                },
+                                                                "addresses": {
+                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                    "type": "string",
+                                                                    "format": "IP"
+                                                                },
+                                                                "isDynamic": {
+                                                                    "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
+                                                                    "type": "boolean"
+                                                                },
+                                                                "addressRange": {
+                                                                    "description": "An IP address range used, e.g. in case of egress connections. See note.\n",
+                                                                    "type": "object",
+                                                                    "required": [
+                                                                        "minAddress",
+                                                                        "maxAddress"
+                                                                    ],
+                                                                    "properties": {
+                                                                        "minAddress": {
+                                                                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                            "type": "string",
+                                                                            "format": "IP"
+                                                                        },
+                                                                        "maxAddress": {
+                                                                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                            "type": "string",
+                                                                            "format": "IP"
+                                                                        }
+                                                                    }
+                                                                },
+                                                                "minAddress": {
+                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                    "type": "string",
+                                                                    "format": "IP"
+                                                                },
+                                                                "maxAddress": {
+                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                    "type": "string",
+                                                                    "format": "IP"
+                                                                },
+                                                                "subnetId": {
+                                                                    "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                    "type": "string"
+                                                                }
+                                                            }
+                                                        },
+                                                        "virtualCpAddress": {
+                                                            "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
+                                                            "type": "object",
+                                                            "required": [
+                                                                "type"
+                                                            ],
+                                                            "properties": {
+                                                                "type": {
+                                                                    "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
+                                                                    "type": "string",
+                                                                    "enum": [
+                                                                        "IPV4",
+                                                                        "IPV6"
+                                                                    ]
+                                                                },
+                                                                "loadBalancerIp": {
+                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                    "type": "string",
+                                                                    "format": "IP"
+                                                                },
+                                                                "addressPoolName": {
+                                                                    "description": "Name of an address pool from which an IP address is assigned to the virtual CP.",
+                                                                    "type": "string"
+                                                                }
+                                                            }
+                                                        }
+                                                    }
+                                                }
+                                            },
+                                            "vduId": {
+                                                "description": "Reference to the VDU(s) which implement the service accessible via the virtual CP instance. See note.\n",
+                                                "type": "array",
+                                                "items": {
+                                                    "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                                    "type": "string"
+                                                }
+                                            },
+                                            "additionalServiceInfo": {
+                                                "description": "Additional service identification information of the virtual CP instance.\n",
+                                                "type": "array",
+                                                "items": {
+                                                    "description": "This type represents the additional service information of the virtual CP instance used to expose properties of the virtual CP to NFV-MANO.\nNOTE: This attribute shall only be present if additional information is needed to identify the service termination within the VNF, such as for example a URL path information in an HTTP request required to allow a single virtual CP IP address to be used for several HTTP based services that use the same port number.",
+                                                    "type": "object",
+                                                    "required": [
+                                                        "portInfo"
+                                                    ],
+                                                    "properties": {
+                                                        "portInfo": {
+                                                            "description": "Service port numbers exposed by the virtual CP instance.\n",
+                                                            "type": "array",
+                                                            "items": {
+                                                                "description": "This type represents the information related to the service identifying port properties exposed by the virtual CP instance.",
+                                                                "type": "object",
+                                                                "required": [
+                                                                    "name",
+                                                                    "protocol",
+                                                                    "port",
+                                                                    "isPortConfigurable"
+                                                                ],
+                                                                "properties": {
+                                                                    "name": {
+                                                                        "description": "The name of the port exposed by the virtual CP instance.\n",
+                                                                        "type": "string"
+                                                                    },
+                                                                    "protocol": {
+                                                                        "description": "The L4 protocol for this port exposed by the virtual CP instance.\n  Permitted values:\n  - TCP\n  - UDP\n  - SCTP\n",
+                                                                        "type": "string",
+                                                                        "enum": [
+                                                                            "TCP",
+                                                                            "UDP",
+                                                                            "SCTP"
+                                                                        ]
+                                                                    },
+                                                                    "port": {
+                                                                        "description": "The L4 port number exposed by the virtual CP instance.\n",
+                                                                        "type": "integer"
+                                                                    },
+                                                                    "isPortConfigurable": {
+                                                                        "description": "Specifies whether the port attribute value is allowed to be configurable.\n",
+                                                                        "type": "boolean"
+                                                                    }
+                                                                }
+                                                            }
+                                                        },
+                                                        "serviceInfo": {
+                                                            "description": "Service matching information exposed by the virtual CP instance. See note.\n",
+                                                            "type": "array",
+                                                            "items": {
+                                                                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                                "type": "object"
+                                                            }
+                                                        }
+                                                    }
+                                                }
+                                            },
+                                            "metadata": {
+                                                "description": "Metadata about this virtual CP instance.\n",
+                                                "type": "array",
+                                                "items": {
+                                                    "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                    "type": "object"
+                                                }
+                                            }
+                                        }
+                                    }
+                                },
+                                "extVirtualLinkInfo": {
+                                    "description": "Information about the external VLs the VNF instance is connected to.\n",
+                                    "type": "array",
+                                    "items": {
+                                        "description": "This type represents information about an VNF external VL.",
+                                        "type": "object",
+                                        "required": [
+                                            "id",
+                                            "resourceHandle",
+                                            "currentVnfExtCpData"
+                                        ],
+                                        "properties": {
+                                            "id": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "resourceHandle": {
+                                                "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
+                                                "type": "object",
+                                                "required": [
+                                                    "resourceId"
+                                                ],
+                                                "properties": {
+                                                    "vimId": {
+                                                        "description": "An identifier with the intention of being globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "resourceProviderId": {
+                                                        "description": "An identifier with the intention of being globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "resourceId": {
+                                                        "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "vimLevelResourceType": {
+                                                        "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "vimLevelAdditionalResourceInfo": {
+                                                        "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
+                                                        "type": "object",
+                                                        "properties": {
+                                                            "hostName": {
+                                                                "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
+                                                                "type": "string"
+                                                            },
+                                                            "persistentVolume": {
+                                                                "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
+                                                                "type": "string"
+                                                            },
+                                                            "additionalInfo": {
+                                                                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                                "type": "object"
+                                                            }
+                                                        }
+                                                    },
+                                                    "containerNamespace": {
+                                                        "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
+                                                        "type": "string"
+                                                    }
+                                                }
+                                            },
+                                            "extLinkPorts": {
+                                                "description": "Link ports of this VL.\n",
+                                                "type": "array",
+                                                "items": {
+                                                    "description": "This type represents information about a link port of an external VL, i.e. a port providing connectivity for the VNF to an NS VL. NOTE 1: The use cases UC#4 and UC#5 in Annex A.4 of ETSI GS NFV-IFA 007 provide examples for such a configuration. NOTE 2: The value of \"trunkResourceId\" is scoped by the value of \"vimConnectionId\" in the \"resourceHandle\" attribute.\n",
+                                                    "type": "object",
+                                                    "required": [
+                                                        "id",
+                                                        "resourceHandle"
+                                                    ],
+                                                    "properties": {
+                                                        "id": {
+                                                            "description": "An identifier with the intention of being globally unique.\n",
+                                                            "type": "string"
+                                                        },
+                                                        "resourceHandle": {
+                                                            "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
+                                                            "type": "object",
+                                                            "required": [
+                                                                "resourceId"
+                                                            ],
+                                                            "properties": {
+                                                                "vimId": {
+                                                                    "description": "An identifier with the intention of being globally unique.\n",
+                                                                    "type": "string"
+                                                                },
+                                                                "resourceProviderId": {
+                                                                    "description": "An identifier with the intention of being globally unique.\n",
+                                                                    "type": "string"
+                                                                },
+                                                                "resourceId": {
+                                                                    "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                    "type": "string"
+                                                                },
+                                                                "vimLevelResourceType": {
+                                                                    "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
+                                                                    "type": "string"
+                                                                },
+                                                                "vimLevelAdditionalResourceInfo": {
+                                                                    "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
+                                                                    "type": "object",
+                                                                    "properties": {
+                                                                        "hostName": {
+                                                                            "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
+                                                                            "type": "string"
+                                                                        },
+                                                                        "persistentVolume": {
+                                                                            "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
+                                                                            "type": "string"
+                                                                        },
+                                                                        "additionalInfo": {
+                                                                            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                                            "type": "object"
+                                                                        }
+                                                                    }
+                                                                },
+                                                                "containerNamespace": {
+                                                                    "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
+                                                                    "type": "string"
+                                                                }
+                                                            }
+                                                        },
+                                                        "cpInstanceId": {
+                                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                            "type": "string"
+                                                        },
+                                                        "secondaryCpInstanceId": {
+                                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                            "type": "string"
+                                                        },
+                                                        "trunkResourceId": {
+                                                            "description": "An identifier maintained by the VIM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                            "type": "string"
+                                                        }
+                                                    }
+                                                }
+                                            },
+                                            "extNetAttDefResource": {
+                                                "description": "Network attachment definition resources that provide the specification of the interface to attach connection points to this VL.\n",
+                                                "type": "array",
+                                                "items": {
+                                                    "description": "This type represents the information related to a network attachment definition resource that provides the specification of the interface used to connect one or multiple connection points to a secondary container cluster network\n",
+                                                    "type": "object",
+                                                    "required": [
+                                                        "netAttDefResourceInfoId",
+                                                        "netAttDefResource"
+                                                    ],
+                                                    "properties": {
+                                                        "netAttDefResourceInfoId": {
+                                                            "description": "An identifier with the intention of being globally unique.\n",
+                                                            "type": "string"
+                                                        },
+                                                        "netAttDefResource": {
+                                                            "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
+                                                            "type": "object",
+                                                            "required": [
+                                                                "resourceId"
+                                                            ],
+                                                            "properties": {
+                                                                "vimId": {
+                                                                    "description": "An identifier with the intention of being globally unique.\n",
+                                                                    "type": "string"
+                                                                },
+                                                                "resourceProviderId": {
+                                                                    "description": "An identifier with the intention of being globally unique.\n",
+                                                                    "type": "string"
+                                                                },
+                                                                "resourceId": {
+                                                                    "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                    "type": "string"
+                                                                },
+                                                                "vimLevelResourceType": {
+                                                                    "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
+                                                                    "type": "string"
+                                                                },
+                                                                "vimLevelAdditionalResourceInfo": {
+                                                                    "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
+                                                                    "type": "object",
+                                                                    "properties": {
+                                                                        "hostName": {
+                                                                            "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
+                                                                            "type": "string"
+                                                                        },
+                                                                        "persistentVolume": {
+                                                                            "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
+                                                                            "type": "string"
+                                                                        },
+                                                                        "additionalInfo": {
+                                                                            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                                            "type": "object"
+                                                                        }
+                                                                    }
+                                                                },
+                                                                "containerNamespace": {
+                                                                    "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
+                                                                    "type": "string"
+                                                                }
+                                                            }
+                                                        },
+                                                        "associatedExtCpId": {
+                                                            "description": "Identifier of the external CP of the VNF associated to this network attachment definition resource.  Shall be present when the network attachment definition resource is used for external connectivity by the VNF\n",
+                                                            "type": "array",
+                                                            "items": {
+                                                                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                                "type": "string"
+                                                            }
+                                                        },
+                                                        "associatedVnfcCpId": {
+                                                            "description": "Identifier of the VNFC CP of the VNF associated to this network attachment definition resource.  May be present when the network attachment definition resource is used for internal connectivity by the VNF.\n",
+                                                            "type": "array",
+                                                            "items": {
+                                                                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                                "type": "string"
+                                                            }
+                                                        }
+                                                    }
+                                                }
+                                            },
+                                            "currentVnfExtCpData": {
+                                                "description": "This type represents configuration information for external CPs created from a CPD.\nNOTE 1: In case this identifier refers to a CPD with trunking enabled, the external CP instances created from this CPD will represent ports in a trunk. NOTE 2:  The map entry value shall be set to \"null\" in order to delete a \"VnfExtCpConfig\" entry identified by a particular key value from the map, i.e. for the disconnection of an existing external CP instance addressed by cpInstanceId in the deleted map entry from a particular external virtual link, and deletion of that instance in case it represents a subport. Deleting the last key from the map removes the affected instance of the \"VnfExtCpData\" structure from its parent data structure. NOTE 3:  Within one VNF instance, all VNFC instances created from a particular VDU have the same external connectivity. Thus, given a particular value of the \"cpdId' attribute, there shall be one \"cpConfig\" entry for each VNFC instance that has been or can be created from a VDU which includes a CPD identified by the \"cpdId\" attribute. If the cpConfig represents a subport in a trunk, all \"cpConfig\" entries in this list shall have the same segmentationId, which means they are connected to the same set of external VLs via the trunk. NOTE 4: If, as defined by the input parameters of a \"ChangeVnfFlavour\", \"ChangeExtVnfConnectivity\"  or \"ChangeCurrentVnfPkg\" operation, a cpConfig map entry identified by a particular map key value is  moved into another \"ExtVirtualLinkData\" or \"VnfExtCpData\" structure, this particular cpConfig map entry  may be used by an external CP instance different than the one that has used it before the operation, or  by no external CP instance at all. Renaming a CPD identifier during the \"changeCurrentVnfPkg\" operation  does not count as moving the related \"cpConfig\" map entries to a new \"extCpData\" structure.\n",
+                                                "type": "object",
+                                                "required": [
+                                                    "cpdId"
+                                                ],
+                                                "properties": {
+                                                    "cpdId": {
+                                                        "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "cpConfig": {
+                                                        "description": "Map of instance data that need to be configured on the CP instances  created from the respective CPD. The key of the map which identifies  the individual VnfExtCpConfig entries is of type \"IdentifierInVnf\"  and is managed by the API consumer. The entries shall be applied by  the VNFM according to the rules of JSON Merge Patch (see IETF RFC 7396 [11]).  See notes 2, 3 and 4.\n",
+                                                        "type": "object",
+                                                        "additionalProperties": {
+                                                            "description": "This type represents an externally provided link port, or a network attachment definition resource of secondary container cluster network, or network address information per  instance of a VNF external connection point. In the case of VM-based deployment of the VNFC exposing the external CP: In case a link port is provided, the NFVO shall use that link port when connecting the VNF external CP to the external VL. • In case a link port is not provided, the NFVO or VNFM shall create a link port on the external VL, and use that link port to connect the VNF external CP to the external VL. In the case of  container-based deployment of the VNFC exposing the external CP, the NFVO and VNFM shall use the network attachment definition resource of secondary container cluster  network when connecting the CP to the external VL.\nNOTE 1:  The following conditions apply to the attributes \"linkPortId\" and \"cpProtocolData\"\n        for an external CP instance connected or to be connected to a virtual network not\n        categorized as secondary container cluster network:\n        - At least one of the \"linkPortId\" and \"cpProtocolData\" attributes shall be present for\n        an external CP instance representing a subport that is to be created, or an external CP instance\n        that is to be created by creating the corresponding VNFC or VNF instance during the current or\n        a subsequent LCM operation, or for an existing external CP instance that is to be re-configured\n        or added to a particular external virtual link.\n        - If the \"cpProtocolData\" attribute is absent, the \"linkPortId\" attribute shall be provided\n      referencing a pre-created link port with pre-configured address information.\n        - If both \"cpProtocolData\" and \"linkportId\" are provided, the API consumer shall ensure that\n        the cpProtocolData can be used with the pre-created link port referenced by \"linkPortId\".\nNOTE 2: In case the NFVO manages its own identifier space, the NFVO may remap this identifier\n        when communicating with the VNFM. If the NFVO knows that there can be an identifier collision\n        when communicating with the VNFM by using the identifier from the OSS/BSS, the NFVO shall remap it.\nNOTE 3: The following conditions apply to the attributes \"netAttDefResourceId\" and \"cpProtocolData\" for an external CP\n        instance connected or to be connected to a secondary container cluster network:\n        − Void.\n        − At least one of these attributes shall be present for a to-be-created external CP instance or an existing\n        external CP instance.\nNOTE 4: Cardinality greater than 1 is only applicable for specific cases where more than one network\n        attachment definition resource is needed to fulfil the connectivity requirements of the external CP,\n        e.g. to build a link redundant mated pair in SR-IOV cases. When more than one \"netAttDefResourceId\"\n        is indicated, all shall belong to the same namespace as defined by the corresponding \n        \"containerNamespace\" attribute in the \"resourceHandle\" attribute in the \"NetAttDefResourceData\".\nNOTE 5: Either \"linkPortId\" or \"netAttDefResourceId\" may be included, but not both.\n",
+                                                            "type": "object",
+                                                            "oneOf": [
+                                                                {
+                                                                    "required": [
+                                                                        "linkPortId"
+                                                                    ]
+                                                                },
+                                                                {
+                                                                    "required": [
+                                                                        "cpProtocolData"
+                                                                    ]
+                                                                }
+                                                            ],
+                                                            "properties": {
+                                                                "parentCpConfigId": {
+                                                                    "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                                    "type": "string"
+                                                                },
+                                                                "linkPortId": {
+                                                                    "description": "An identifier with the intention of being globally unique.\n",
+                                                                    "type": "string"
+                                                                },
+                                                                "createExtLinkPort": {
+                                                                    "description": "Indicates the need to create a dedicated link port for the external CP. If set to True, a link port is created. If set to False, no link port is created. This attribute is only applicable for external CP instances without a floating IP address that expose a VIP CP instance for which a dedicated IP address is allocated. It shall be present in that case and shall be absent otherwise.\n",
+                                                                    "type": "boolean"
+                                                                },
+                                                                "cpProtocolData": {
+                                                                    "description": "Parameters for configuring the network protocols on the link port that connects the CP to a VL. See notes 1 and 3.\n",
+                                                                    "type": "array",
+                                                                    "items": {
+                                                                        "description": "This type represents network protocol data.\nNOTE:\tThis attribute allows to signal the addition of further types  of layer and protocol in future versions of the present document in  a backwards-compatible way. In the current version of the present  document, only IP over Ethernet is supported.\n",
+                                                                        "type": "object",
+                                                                        "required": [
+                                                                            "layerProtocol"
+                                                                        ],
+                                                                        "properties": {
+                                                                            "layerProtocol": {
+                                                                                "description": "Identifier of layer(s) and protocol(s). Permitted values:  - IP_OVER_ETHERNET - IP_FOR_VIRTUAL_CP See note.\n",
+                                                                                "type": "string",
+                                                                                "enum": [
+                                                                                    "IP_OVER_ETHERNET",
+                                                                                    "IP_FOR_VIRTUAL_CP"
+                                                                                ]
+                                                                            },
+                                                                            "ipOverEthernet": {
+                                                                                "description": "This type represents network address data for IP over Ethernet. NOTE 1: At least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2: Exactly one of \"fixedAddresses\", \"numDynamicAddresses\" or \"ipAddressRange\" shall be present. NOTE 3: If the CP instance represents a subport in a trunk, \"segmentationId\" shall be present. Otherwise it shall not be present. NOTE 4: Depending on the NFVI networking infrastructure, the \"segmentationId\" may indicate the actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header of the packets or it may be an identifier used between the application and the NFVI networking infrastructure to identify the network sub-interface of the trunk port in question. In the latter case the NFVI infrastructure will map this local \"segmentationId\" to whatever \"segmentationId\" is actually used by the NFVI's transport technology.\n",
+                                                                                "type": "object",
+                                                                                "anyOf": [
+                                                                                    {
+                                                                                        "required": [
+                                                                                            "ipAddresses"
+                                                                                        ]
+                                                                                    },
+                                                                                    {
+                                                                                        "required": [
+                                                                                            "macAddress"
+                                                                                        ]
+                                                                                    }
+                                                                                ],
+                                                                                "properties": {
+                                                                                    "macAddress": {
+                                                                                        "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
+                                                                                        "type": "string",
+                                                                                        "format": "MAC"
+                                                                                    },
+                                                                                    "segmentationType": {
+                                                                                        "description": "Specifies the encapsulation type for the traffics coming in and out of the trunk subport. Permitted values are: - VLAN: The subport uses VLAN as encapsulation type. - INHERIT: The subport gets its segmentation type from the network it is connected to. This attribute may be present for CP instances that represent subports in a trunk and shall be absent otherwise. If this attribute is not present for a subport CP instance, default value VLAN shall be used.\n",
+                                                                                        "type": "string",
+                                                                                        "enum": [
+                                                                                            "VLAN",
+                                                                                            "INHERIT"
+                                                                                        ]
+                                                                                    },
+                                                                                    "segmentationId": {
+                                                                                        "description": "Identification of the network segment to which the CP instance connects to. See note 3 and note 4.\n",
+                                                                                        "type": "string"
+                                                                                    },
+                                                                                    "ipAddresses": {
+                                                                                        "description": "List of IP addresses to assign to the CP instance. Each entry represents IP address data for fixed or dynamic IP address assignment per subnet. If this attribute is not present, no IP address shall be assigned. See note 1.\n",
+                                                                                        "type": "array",
+                                                                                        "items": {
+                                                                                            "type": "object",
+                                                                                            "required": [
+                                                                                                "type"
+                                                                                            ],
+                                                                                            "oneOf": [
+                                                                                                {
+                                                                                                    "required": [
+                                                                                                        "fixedAddresses"
+                                                                                                    ]
+                                                                                                },
+                                                                                                {
+                                                                                                    "required": [
+                                                                                                        "numDynamicAddresses"
+                                                                                                    ]
+                                                                                                },
+                                                                                                {
+                                                                                                    "required": [
+                                                                                                        "addressRange"
+                                                                                                    ]
+                                                                                                }
+                                                                                            ],
+                                                                                            "properties": {
+                                                                                                "type": {
+                                                                                                    "description": "The type of the IP addresses. Permitted values:\n  - IPV4\n  - IPV6\n",
+                                                                                                    "type": "string",
+                                                                                                    "enum": [
+                                                                                                        "IPV4",
+                                                                                                        "IPV6"
+                                                                                                    ]
+                                                                                                },
+                                                                                                "fixedAddresses": {
+                                                                                                    "description": "Fixed addresses to assign (from the subnet defined by \"subnetId\" if provided). Exactly one of \"fixedAddresses\", \"numDynamicAddresses\" or \"ipAddressRange\" shall be present.\n",
+                                                                                                    "type": "array",
+                                                                                                    "items": {
+                                                                                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                                        "type": "string",
+                                                                                                        "format": "IP"
+                                                                                                    }
+                                                                                                },
+                                                                                                "numDynamicAddresses": {
+                                                                                                    "description": "Number of dynamic addresses to assign (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
+                                                                                                    "type": "integer"
+                                                                                                },
+                                                                                                "addressRange": {
+                                                                                                    "description": "An IP address range to be used, e.g. in case of egress connections. In case this attribute is present, IP addresses from the range will be used.\n",
+                                                                                                    "type": "object",
+                                                                                                    "required": [
+                                                                                                        "minAddress",
+                                                                                                        "maxAddress"
+                                                                                                    ],
+                                                                                                    "properties": {
+                                                                                                        "minAddress": {
+                                                                                                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                                            "type": "string",
+                                                                                                            "format": "IP"
+                                                                                                        },
+                                                                                                        "maxAddress": {
+                                                                                                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                                            "type": "string",
+                                                                                                            "format": "IP"
+                                                                                                        }
+                                                                                                    }
+                                                                                                },
+                                                                                                "subnetId": {
+                                                                                                    "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                                                    "type": "string"
+                                                                                                }
+                                                                                            }
+                                                                                        }
+                                                                                    }
+                                                                                }
+                                                                            },
+                                                                            "virtualCpAddress": {
+                                                                                "description": "This type represents network address data for a virtual CP.  It shall comply with the provisions defined in table 6.5.3.12a-1.\nNOTE 1: If the container cluster is set up to be able to configure an external load balancer this address will be\n        used, otherwise it will be ignored by the CISM.\nNOTE 2: In case the cluster can configure an external load balancer but no loadBalancerIp is provided the\n        container cluster will assign an IP address.\nNOTE 3: The attribute is only relevant if the virtual CP is instantiated in a cluster that supports configuration of IP\n        address pools for virtual CPs. Otherwise it shall be ignored. MetalLB is an example of a solution for\n        Kubernetes® that supports configuration of address pools for load balancer services.\nNOTE 4: The loadBalancerIp and the addressPoolName attributes shall not be present at the same time.\n",
+                                                                                "type": "object",
+                                                                                "required": [
+                                                                                    "type"
+                                                                                ],
+                                                                                "properties": {
+                                                                                    "type": {
+                                                                                        "description": "Identifier of layer(s) and protocol(s). Permitted values: IP_OVER_ETHERNET.\n",
+                                                                                        "type": "string",
+                                                                                        "enum": [
+                                                                                            "IPV4",
+                                                                                            "IPV6"
+                                                                                        ]
+                                                                                    },
+                                                                                    "loadBalancerIp": {
+                                                                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                        "type": "string",
+                                                                                        "format": "IP"
+                                                                                    },
+                                                                                    "addressPoolName": {
+                                                                                        "description": "Name of an address pool from which the container cluster will assign an IP address to the virtual CP. See notes 3 and 4.\n",
+                                                                                        "type": "array",
+                                                                                        "items": {
+                                                                                            "type": "string"
+                                                                                        }
+                                                                                    }
+                                                                                }
+                                                                            }
+                                                                        }
+                                                                    }
+                                                                },
+                                                                "netAttDefResourceId": {
+                                                                    "description": "Identifier of the \"NetAttDefResourceData\" structure that provides the specification of the interface to attach the external CP to a secondary container cluster network.  It is only applicable if the external CP is connected or to be connected to a secondary container cluster network. It shall not be present if the external CP is related to a virtual network not categorized as secondary container cluster network.  See notes 3, 4 and 5.\n",
+                                                                    "type": "array",
+                                                                    "items": {
+                                                                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                                        "type": "string"
+                                                                    }
+                                                                }
+                                                            }
+                                                        }
+                                                    }
+                                                }
+                                            }
+                                        }
+                                    }
+                                },
+                                "extManagedVirtualLinkInfo": {
+                                    "description": "Information about the externally-managed internal VLs of the VNF instance.  See note 4 and note 5.\n",
+                                    "type": "array",
+                                    "items": {
+                                        "description": "This type provides information about an externally-managed internal virtual link for VNFs\n",
+                                        "type": "object",
+                                        "required": [
+                                            "id",
+                                            "vnfVirtualLinkDescId",
+                                            "networkResource"
+                                        ],
+                                        "properties": {
+                                            "id": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "vnfdId": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "vnfVirtualLinkDescId": {
+                                                "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                                "type": "string"
+                                            },
+                                            "networkResource": {
+                                                "description": "Reference to the VirtualNetwork resource or multi-site connectivity service providing this VL.\n",
+                                                "type": "array",
+                                                "items": {
+                                                    "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
+                                                    "type": "object",
+                                                    "required": [
+                                                        "resourceId"
+                                                    ],
+                                                    "properties": {
+                                                        "vimId": {
+                                                            "description": "An identifier with the intention of being globally unique.\n",
+                                                            "type": "string"
+                                                        },
+                                                        "resourceProviderId": {
+                                                            "description": "An identifier with the intention of being globally unique.\n",
+                                                            "type": "string"
+                                                        },
+                                                        "resourceId": {
+                                                            "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                            "type": "string"
+                                                        },
+                                                        "vimLevelResourceType": {
+                                                            "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
+                                                            "type": "string"
+                                                        },
+                                                        "vimLevelAdditionalResourceInfo": {
+                                                            "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
+                                                            "type": "object",
+                                                            "properties": {
+                                                                "hostName": {
+                                                                    "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
+                                                                    "type": "string"
+                                                                },
+                                                                "persistentVolume": {
+                                                                    "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
+                                                                    "type": "string"
+                                                                },
+                                                                "additionalInfo": {
+                                                                    "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                                    "type": "object"
+                                                                }
+                                                            }
+                                                        },
+                                                        "containerNamespace": {
+                                                            "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
+                                                            "type": "string"
+                                                        }
+                                                    }
+                                                }
+                                            },
+                                            "vnfLinkPorts": {
+                                                "description": "Link ports of this VL.\n",
+                                                "type": "array",
+                                                "items": {
+                                                    "type": "object",
+                                                    "description": "This type represents a link port of an internal VL of a VNF. It shall comply with the provisions defined in table 6.5.3.64-1.\nNOTE 1: Either cpInstanceId with cpInstanceType set to \"EXT_CP\" or any combination of cpInstanceId with cpInstanceType set to \"VNFC_CP\" and vipCpInstanceId (i.e. one or both of them) shall be present for a VnfLinkPortInfo. In case both cpInstanceId with cpInstanceType set to \"VNFC_CP\" and vipCpInstanceId are present, the two different CP instances share the linkport.\n",
+                                                    "required": [
+                                                        "id",
+                                                        "resourceHandle"
+                                                    ],
+                                                    "properties": {
+                                                        "id": {
+                                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                            "type": "string"
+                                                        },
+                                                        "resourceHandle": {
+                                                            "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
+                                                            "type": "object",
+                                                            "required": [
+                                                                "resourceId"
+                                                            ],
+                                                            "properties": {
+                                                                "vimId": {
+                                                                    "description": "An identifier with the intention of being globally unique.\n",
+                                                                    "type": "string"
+                                                                },
+                                                                "resourceProviderId": {
+                                                                    "description": "An identifier with the intention of being globally unique.\n",
+                                                                    "type": "string"
+                                                                },
+                                                                "resourceId": {
+                                                                    "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                    "type": "string"
+                                                                },
+                                                                "vimLevelResourceType": {
+                                                                    "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
+                                                                    "type": "string"
+                                                                },
+                                                                "vimLevelAdditionalResourceInfo": {
+                                                                    "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
+                                                                    "type": "object",
+                                                                    "properties": {
+                                                                        "hostName": {
+                                                                            "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
+                                                                            "type": "string"
+                                                                        },
+                                                                        "persistentVolume": {
+                                                                            "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
+                                                                            "type": "string"
+                                                                        },
+                                                                        "additionalInfo": {
+                                                                            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                                            "type": "object"
+                                                                        }
+                                                                    }
+                                                                },
+                                                                "containerNamespace": {
+                                                                    "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
+                                                                    "type": "string"
+                                                                }
+                                                            }
+                                                        },
+                                                        "cpInstanceId": {
+                                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                            "type": "string"
+                                                        },
+                                                        "cpInstanceType": {
+                                                            "description": "Type of the CP instance that is identified by cpInstanceId. Shall be present if \"cpInstanceId\" is present, and shall be absent otherwise. Permitted values: * VNFC_CP: The link port is connected to a VNFC CP * EXT_CP: The link port is associated to an external CP. See note 1.\n",
+                                                            "type": "string",
+                                                            "enum": [
+                                                                "VNFC_CP",
+                                                                "EXT_CP"
+                                                            ]
+                                                        },
+                                                        "vipCpInstanceId": {
+                                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                            "type": "string"
+                                                        },
+                                                        "trunkResourceId": {
+                                                            "description": "An identifier maintained by the VIM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                            "type": "string"
+                                                        }
+                                                    }
+                                                }
+                                            },
+                                            "vnfNetAttDefResource": {
+                                                "description": "This type represents the information related to a network attachment definition resource that provides the specification of the interface used to connect one or multiple connection points to a secondary container cluster network\n",
+                                                "type": "object",
+                                                "required": [
+                                                    "netAttDefResourceInfoId",
+                                                    "netAttDefResource"
+                                                ],
+                                                "properties": {
+                                                    "netAttDefResourceInfoId": {
+                                                        "description": "An identifier with the intention of being globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "netAttDefResource": {
+                                                        "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
+                                                        "type": "object",
+                                                        "required": [
+                                                            "resourceId"
+                                                        ],
+                                                        "properties": {
+                                                            "vimId": {
+                                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                                "type": "string"
+                                                            },
+                                                            "resourceProviderId": {
+                                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                                "type": "string"
+                                                            },
+                                                            "resourceId": {
+                                                                "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                "type": "string"
+                                                            },
+                                                            "vimLevelResourceType": {
+                                                                "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
+                                                                "type": "string"
+                                                            },
+                                                            "vimLevelAdditionalResourceInfo": {
+                                                                "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
+                                                                "type": "object",
+                                                                "properties": {
+                                                                    "hostName": {
+                                                                        "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
+                                                                        "type": "string"
+                                                                    },
+                                                                    "persistentVolume": {
+                                                                        "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
+                                                                        "type": "string"
+                                                                    },
+                                                                    "additionalInfo": {
+                                                                        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                                        "type": "object"
+                                                                    }
+                                                                }
+                                                            },
+                                                            "containerNamespace": {
+                                                                "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
+                                                                "type": "string"
+                                                            }
+                                                        }
+                                                    },
+                                                    "associatedExtCpId": {
+                                                        "description": "Identifier of the external CP of the VNF associated to this network attachment definition resource.  Shall be present when the network attachment definition resource is used for external connectivity by the VNF\n",
+                                                        "type": "array",
+                                                        "items": {
+                                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                            "type": "string"
+                                                        }
+                                                    },
+                                                    "associatedVnfcCpId": {
+                                                        "description": "Identifier of the VNFC CP of the VNF associated to this network attachment definition resource.  May be present when the network attachment definition resource is used for internal connectivity by the VNF.\n",
+                                                        "type": "array",
+                                                        "items": {
+                                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                            "type": "string"
+                                                        }
+                                                    }
+                                                }
+                                            },
+                                            "extManagedMultisiteVirtualLinkId": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            }
+                                        }
+                                    }
+                                },
+                                "monitoringParameters": {
+                                    "description": "Performance metrics tracked by the VNFM (e.g. for  auto-scaling purposes) as identified by the VNF  provider in the VNFD.\n",
+                                    "type": "array",
+                                    "items": {
+                                        "description": "This type represents a monitoring parameter that is tracked by the VNFM, for example,  for auto-scaling purposes. It shall comply with the provisions defined in Table 6.5.3.69-1.\n",
+                                        "type": "object",
+                                        "required": [
+                                            "id",
+                                            "performanceMetric"
+                                        ],
+                                        "properties": {
+                                            "id": {
+                                                "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                                                "type": "string"
+                                            },
+                                            "vnfdId": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "name": {
+                                                "description": "Human readable name of the monitoring parameter, as defined in the VNFD.\n",
+                                                "type": "string"
+                                            },
+                                            "performanceMetric": {
+                                                "description": "Performance metric that is monitored. This attribute shall contain the related  \"Measurement Name\" value as defined in clause 7.2 of ETSI GS NFV-IFA 027.\n",
+                                                "type": "string"
+                                            }
+                                        }
+                                    }
+                                },
+                                "localizationLanguage": {
+                                    "description": "Information about localization language of the VNF (includes e.g. strings in the VNFD). The localization languages supported by a VNF can be declared in the VNFD, and localization language selection can take place at instantiation time. The value shall comply with the format defined in IETF RFC 5646.\n",
+                                    "type": "string"
+                                },
+                                "vnfcResourceInfo": {
+                                    "description": "Information about the virtualised compute and storage resources used by the VNFCs of the VNF instance.\n",
+                                    "type": "array",
+                                    "items": {
+                                        "description": "This type represents the information on virtualised compute and storage resources used by a VNFC in a VNF instance. This feature addresses the following capabilities: • NFV Architecture support for VNFs which follow “cloud-native” design principles. • Enhance NFV-MANO capabilities to support container technologies. • Enhance NFV-MANO capabilities for container management and orchestration. • Enhance information model for containerized VNFs both using bare metal or nested virtualization technologies.\nNOTE 1: ETSI GS NFV-SOL 001 specifies the structure and format of the VNFD based on TOSCA specifications. NOTE 2: A VNFC CP is \"connected to\" an external CP if the VNFC CP is connected to an internal VL that exposes an external CP. A VNFC CP is \"exposed as\" an external CP if it is connected directly to an external VL. NOTE 3: The information can be omitted because it is already available as part of the external CP information.  NOTE 4:  Cardinality greater than 1 is only applicable for specific cases where more than one network  attachment definition resource is needed to fulfil the connectivity requirements of the internal CP,  e.g. to build a link redundant mated pair in SR-IOV cases. NOTE 5:  When more than one \"netAttDefResourceId\" is indicated, all shall belong to the same namespace.\n",
+                                        "type": "object",
+                                        "required": [
+                                            "id",
+                                            "vduId",
+                                            "computeResource"
+                                        ],
+                                        "properties": {
+                                            "id": {
+                                                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "vnfdId": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "vduId": {
+                                                "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                                "type": "string"
+                                            },
+                                            "computeResource": {
+                                                "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
+                                                "type": "object",
+                                                "required": [
+                                                    "resourceId"
+                                                ],
+                                                "properties": {
+                                                    "vimId": {
+                                                        "description": "An identifier with the intention of being globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "resourceProviderId": {
+                                                        "description": "An identifier with the intention of being globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "resourceId": {
+                                                        "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "vimLevelResourceType": {
+                                                        "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "vimLevelAdditionalResourceInfo": {
+                                                        "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
+                                                        "type": "object",
+                                                        "properties": {
+                                                            "hostName": {
+                                                                "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
+                                                                "type": "string"
+                                                            },
+                                                            "persistentVolume": {
+                                                                "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
+                                                                "type": "string"
+                                                            },
+                                                            "additionalInfo": {
+                                                                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                                "type": "object"
+                                                            }
+                                                        }
+                                                    },
+                                                    "containerNamespace": {
+                                                        "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
+                                                        "type": "string"
+                                                    }
+                                                }
+                                            },
+                                            "storageResourceIds": {
+                                                "description": "References to the VirtualStorage resources or references to Storage MCIOs.  The value refers to a VirtualStorageResourceInfo item in the VnfInstance.\n",
+                                                "type": "array",
+                                                "items": {
+                                                    "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                    "type": "string"
+                                                }
+                                            },
+                                            "reservationId": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "vnfcCpInfo": {
+                                                "description": "CPs of the VNFC instance. Shall be present when that particular CP of the VNFC instance is exposed as an external CP of the VNF instance or is connected to an external CP of the VNF instance.See note 2. May be present otherwise.\n",
+                                                "type": "array",
+                                                "items": {
+                                                    "type": "object",
+                                                    "required": [
+                                                        "id",
+                                                        "cpdId"
+                                                    ],
+                                                    "properties": {
+                                                        "id": {
+                                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                            "type": "string"
+                                                        },
+                                                        "cpdId": {
+                                                            "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                                            "type": "string"
+                                                        },
+                                                        "vnfExtCpId": {
+                                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                            "type": "string"
+                                                        },
+                                                        "cpProtocolInfo": {
+                                                            "description": "Network protocol information for this CP. May be omitted if the VNFC CP is exposed as an external CP. See note 3.\n",
+                                                            "type": "array",
+                                                            "items": {
+                                                                "description": "This type describes the protocol layer(s) that a CP or SAP uses together with protocol-related information, like addresses. It shall comply with the provisions defined in Table 6.5.3.58-1. NOTE: This attribute allows to signal the addition of further types of layer and protocol in future versions of the present document in a backwards-compatible way. In the current version of the present document, only IP over Ethernet is supported.\n",
+                                                                "type": "object",
+                                                                "required": [
+                                                                    "layerProtocol",
+                                                                    "ipOverEthernet"
+                                                                ],
+                                                                "properties": {
+                                                                    "layerProtocol": {
+                                                                        "description": "The identifier of layer(s) and protocol(s) associated to the network address information. Permitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
+                                                                        "type": "string",
+                                                                        "enum": [
+                                                                            "IP_OVER_ETHERNET",
+                                                                            "IP_FOR_VIRTUAL_CP"
+                                                                        ]
+                                                                    },
+                                                                    "ipOverEthernet": {
+                                                                        "description": "This type represents information about a network address that has been assigned.\nNOTE 1: At least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2: Exactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3: If the Cp instance represents a subport in a trunk, \"segmentationId\" shall be present. Otherwise it shall not be present. NOTE 4: Depending on the NFVI networking infrastructure, the \"segmentationId\" may indicate the actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header of the packets or it may be an identifier used between the application and the NFVI networking infrastructure to identify the network sub-interface of the trunk port in question. In the latter case the NFVI infrastructure will map this local \"segmentationId\" to whatever \"segmentationId\" is actually used by the NFVI's transport technology.\n",
+                                                                        "type": "object",
+                                                                        "anyOf": [
+                                                                            {
+                                                                                "required": [
+                                                                                    "macAddress"
+                                                                                ]
+                                                                            },
+                                                                            {
+                                                                                "required": [
+                                                                                    "ipAddresses"
+                                                                                ]
+                                                                            }
+                                                                        ],
+                                                                        "properties": {
+                                                                            "macAddress": {
+                                                                                "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
+                                                                                "type": "string",
+                                                                                "format": "MAC"
+                                                                            },
+                                                                            "segmentationId": {
+                                                                                "description": "Identification of the network segment to which the Cp instance connects to. See note 3 and note 4.\n",
+                                                                                "type": "string"
+                                                                            },
+                                                                            "ipAddresses": {
+                                                                                "description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or dynamic IP address assignment per subnet. See note 1.\n",
+                                                                                "type": "array",
+                                                                                "items": {
+                                                                                    "type": "object",
+                                                                                    "required": [
+                                                                                        "type"
+                                                                                    ],
+                                                                                    "oneOf": [
+                                                                                        {
+                                                                                            "required": [
+                                                                                                "addresses"
+                                                                                            ]
+                                                                                        },
+                                                                                        {
+                                                                                            "required": [
+                                                                                                "addressRange"
+                                                                                            ]
+                                                                                        }
+                                                                                    ],
+                                                                                    "properties": {
+                                                                                        "type": {
+                                                                                            "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
+                                                                                            "type": "string",
+                                                                                            "enum": [
+                                                                                                "IPV4",
+                                                                                                "IPV6"
+                                                                                            ]
+                                                                                        },
+                                                                                        "addresses": {
+                                                                                            "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
+                                                                                            "type": "array",
+                                                                                            "items": {
+                                                                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                                "type": "string",
+                                                                                                "format": "IP"
+                                                                                            }
+                                                                                        },
+                                                                                        "isDynamic": {
+                                                                                            "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
+                                                                                            "type": "boolean"
+                                                                                        },
+                                                                                        "addressRange": {
+                                                                                            "description": "An IP address range used, e.g., in case of egress connections. Exactly one of \"addresses\" or \"addressRange\" shall be present. See note 2.\n",
+                                                                                            "type": "object",
+                                                                                            "required": [
+                                                                                                "minAddress",
+                                                                                                "maxAddress"
+                                                                                            ],
+                                                                                            "properties": {
+                                                                                                "minAddress": {
+                                                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                                    "type": "string",
+                                                                                                    "format": "IP"
+                                                                                                },
+                                                                                                "maxAddress": {
+                                                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                                    "type": "string",
+                                                                                                    "format": "IP"
+                                                                                                }
+                                                                                            }
+                                                                                        },
+                                                                                        "subnetId": {
+                                                                                            "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                                            "type": "string"
+                                                                                        }
+                                                                                    }
+                                                                                }
+                                                                            },
+                                                                            "type": {
+                                                                                "description": "The type of the IP addresses\n",
+                                                                                "type": "string",
+                                                                                "enum": [
+                                                                                    "PV4",
+                                                                                    "PV6"
+                                                                                ]
+                                                                            },
+                                                                            "addresses": {
+                                                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                "type": "string",
+                                                                                "format": "IP"
+                                                                            },
+                                                                            "isDynamic": {
+                                                                                "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
+                                                                                "type": "boolean"
+                                                                            },
+                                                                            "addressRange": {
+                                                                                "description": "An IP address range used, e.g. in case of egress connections. See note.\n",
+                                                                                "type": "object",
+                                                                                "required": [
+                                                                                    "minAddress",
+                                                                                    "maxAddress"
+                                                                                ],
+                                                                                "properties": {
+                                                                                    "minAddress": {
+                                                                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                        "type": "string",
+                                                                                        "format": "IP"
+                                                                                    },
+                                                                                    "maxAddress": {
+                                                                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                        "type": "string",
+                                                                                        "format": "IP"
+                                                                                    }
+                                                                                }
+                                                                            },
+                                                                            "minAddress": {
+                                                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                "type": "string",
+                                                                                "format": "IP"
+                                                                            },
+                                                                            "maxAddress": {
+                                                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                "type": "string",
+                                                                                "format": "IP"
+                                                                            },
+                                                                            "subnetId": {
+                                                                                "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                                "type": "string"
+                                                                            }
+                                                                        }
+                                                                    },
+                                                                    "virtualCpAddress": {
+                                                                        "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
+                                                                        "type": "object",
+                                                                        "required": [
+                                                                            "type"
+                                                                        ],
+                                                                        "properties": {
+                                                                            "type": {
+                                                                                "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
+                                                                                "type": "string",
+                                                                                "enum": [
+                                                                                    "IPV4",
+                                                                                    "IPV6"
+                                                                                ]
+                                                                            },
+                                                                            "loadBalancerIp": {
+                                                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                                "type": "string",
+                                                                                "format": "IP"
+                                                                            },
+                                                                            "addressPoolName": {
+                                                                                "description": "Name of an address pool from which an IP address is assigned to the virtual CP.",
+                                                                                "type": "string"
+                                                                            }
+                                                                        }
+                                                                    }
+                                                                }
+                                                            }
+                                                        },
+                                                        "parentCpId": {
+                                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                            "type": "string"
+                                                        },
+                                                        "vnfLinkPortId": {
+                                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                            "type": "string"
+                                                        },
+                                                        "netAttDefResourceId": {
+                                                            "description": "Identifier of the \"NetAttDefResourceInfo\" structure that provides the specification of the interface to attach the connection point to a secondary container cluster network. See notes 4 and 5. It shall be present if the internal CP is associated to a VNFC realized by one or a set of OS containers and  is connected to a secondary container cluster network. It shall not be present otherwise.\n",
+                                                            "type": "array",
+                                                            "items": {
+                                                                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                                "type": "string"
+                                                            }
+                                                        },
+                                                        "metadata": {
+                                                            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                            "type": "object"
+                                                        },
+                                                        "certificateContentId": {
+                                                            "description": "The identifier of certificate that this VNFC CP instance uses. Shall be present when using in delegation-mode. Otherwise shall not be present.\n",
+                                                            "type": "array",
+                                                            "items": {
+                                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                                "type": "string"
+                                                            }
+                                                        }
+                                                    }
+                                                }
+                                            },
+                                            "metadata": {
+                                                "description": "Metadata about this resource.\n"
+                                            },
+                                            "certificateContentId": {
+                                                "description": "The identifier of certificate that this VNFC instance uses. Shall be present when using in delegation-mode. Otherwise shall not be present.\n",
+                                                "type": "array",
+                                                "items": {
+                                                    "description": "An identifier with the intention of being globally unique.\n",
+                                                    "type": "string"
+                                                }
+                                            }
+                                        }
+                                    }
+                                },
+                                "vnfVirtualLinkResourceInfo": {
+                                    "description": "Information about the virtualised network resources used by the VLs of the VNF instance. See note 5.\n",
+                                    "type": "array",
+                                    "items": {
+                                        "description": "This type represents the information that allows addressing a virtualised resource that is used by an internal VL instance in a VNF instance.\n",
+                                        "type": "object",
+                                        "required": [
+                                            "id",
+                                            "vnfVirtualLinkDescId",
+                                            "networkResource"
+                                        ],
+                                        "properties": {
+                                            "id": {
+                                                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "vnfdId": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "vnfVirtualLinkDescId": {
+                                                "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                                "type": "string"
+                                            },
+                                            "networkResource": {
+                                                "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
+                                                "type": "object",
+                                                "required": [
+                                                    "resourceId"
+                                                ],
+                                                "properties": {
+                                                    "vimId": {
+                                                        "description": "An identifier with the intention of being globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "resourceProviderId": {
+                                                        "description": "An identifier with the intention of being globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "resourceId": {
+                                                        "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "vimLevelResourceType": {
+                                                        "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "vimLevelAdditionalResourceInfo": {
+                                                        "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
+                                                        "type": "object",
+                                                        "properties": {
+                                                            "hostName": {
+                                                                "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
+                                                                "type": "string"
+                                                            },
+                                                            "persistentVolume": {
+                                                                "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
+                                                                "type": "string"
+                                                            },
+                                                            "additionalInfo": {
+                                                                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                                "type": "object"
+                                                            }
+                                                        }
+                                                    },
+                                                    "containerNamespace": {
+                                                        "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
+                                                        "type": "string"
+                                                    }
+                                                }
+                                            },
+                                            "reservationId": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "vnfLinkPorts": {
+                                                "description": "Links ports of this VL. Shall be present when the linkPort is used for external connectivity by the VNF (refer to VnfLinkPortInfo). May be present otherwise.\n",
+                                                "type": "array",
+                                                "items": {
+                                                    "type": "object",
+                                                    "description": "This type represents a link port of an internal VL of a VNF. It shall comply with the provisions defined in table 6.5.3.64-1.\nNOTE 1: Either cpInstanceId with cpInstanceType set to \"EXT_CP\" or any combination of cpInstanceId with cpInstanceType set to \"VNFC_CP\" and vipCpInstanceId (i.e. one or both of them) shall be present for a VnfLinkPortInfo. In case both cpInstanceId with cpInstanceType set to \"VNFC_CP\" and vipCpInstanceId are present, the two different CP instances share the linkport.\n",
+                                                    "required": [
+                                                        "id",
+                                                        "resourceHandle"
+                                                    ],
+                                                    "properties": {
+                                                        "id": {
+                                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                            "type": "string"
+                                                        },
+                                                        "resourceHandle": {
+                                                            "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
+                                                            "type": "object",
+                                                            "required": [
+                                                                "resourceId"
+                                                            ],
+                                                            "properties": {
+                                                                "vimId": {
+                                                                    "description": "An identifier with the intention of being globally unique.\n",
+                                                                    "type": "string"
+                                                                },
+                                                                "resourceProviderId": {
+                                                                    "description": "An identifier with the intention of being globally unique.\n",
+                                                                    "type": "string"
+                                                                },
+                                                                "resourceId": {
+                                                                    "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                    "type": "string"
+                                                                },
+                                                                "vimLevelResourceType": {
+                                                                    "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
+                                                                    "type": "string"
+                                                                },
+                                                                "vimLevelAdditionalResourceInfo": {
+                                                                    "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
+                                                                    "type": "object",
+                                                                    "properties": {
+                                                                        "hostName": {
+                                                                            "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
+                                                                            "type": "string"
+                                                                        },
+                                                                        "persistentVolume": {
+                                                                            "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
+                                                                            "type": "string"
+                                                                        },
+                                                                        "additionalInfo": {
+                                                                            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                                            "type": "object"
+                                                                        }
+                                                                    }
+                                                                },
+                                                                "containerNamespace": {
+                                                                    "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
+                                                                    "type": "string"
+                                                                }
+                                                            }
+                                                        },
+                                                        "cpInstanceId": {
+                                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                            "type": "string"
+                                                        },
+                                                        "cpInstanceType": {
+                                                            "description": "Type of the CP instance that is identified by cpInstanceId. Shall be present if \"cpInstanceId\" is present, and shall be absent otherwise. Permitted values: * VNFC_CP: The link port is connected to a VNFC CP * EXT_CP: The link port is associated to an external CP. See note 1.\n",
+                                                            "type": "string",
+                                                            "enum": [
+                                                                "VNFC_CP",
+                                                                "EXT_CP"
+                                                            ]
+                                                        },
+                                                        "vipCpInstanceId": {
+                                                            "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                            "type": "string"
+                                                        },
+                                                        "trunkResourceId": {
+                                                            "description": "An identifier maintained by the VIM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                            "type": "string"
+                                                        }
+                                                    }
+                                                }
+                                            },
+                                            "metadata": {
+                                                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                "type": "object"
+                                            }
+                                        }
+                                    }
+                                },
+                                "virtualStorageResourceInfo": {
+                                    "description": "Information on the virtualised storage resource(s) used as storage for the VNF instance.\n",
+                                    "type": "array",
+                                    "items": {
+                                        "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance.\n",
+                                        "type": "object",
+                                        "required": [
+                                            "id",
+                                            "virtualStorageDescId",
+                                            "storageResource"
+                                        ],
+                                        "properties": {
+                                            "id": {
+                                                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "virtualStorageDescId": {
+                                                "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                                "type": "string"
+                                            },
+                                            "vnfdId": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "storageResource": {
+                                                "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
+                                                "type": "object",
+                                                "required": [
+                                                    "resourceId"
+                                                ],
+                                                "properties": {
+                                                    "vimId": {
+                                                        "description": "An identifier with the intention of being globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "resourceProviderId": {
+                                                        "description": "An identifier with the intention of being globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "resourceId": {
+                                                        "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "vimLevelResourceType": {
+                                                        "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "vimLevelAdditionalResourceInfo": {
+                                                        "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
+                                                        "type": "object",
+                                                        "properties": {
+                                                            "hostName": {
+                                                                "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
+                                                                "type": "string"
+                                                            },
+                                                            "persistentVolume": {
+                                                                "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
+                                                                "type": "string"
+                                                            },
+                                                            "additionalInfo": {
+                                                                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                                "type": "object"
+                                                            }
+                                                        }
+                                                    },
+                                                    "containerNamespace": {
+                                                        "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
+                                                        "type": "string"
+                                                    }
+                                                }
+                                            },
+                                            "reservationId": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "metadata": {
+                                                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                "type": "object"
+                                            }
+                                        }
+                                    }
+                                },
+                                "mcioInfo": {
+                                    "description": "Information on the MCIO(s) representing VNFC instance(s) realized by one or a set  of OS containers and created from the same VDU for the VNF instance.\n",
+                                    "type": "array",
+                                    "items": {
+                                        "description": "This type provides information about an MCIO representing the set of VNFC instances realized by one or a set of OS containers which have been created based on the same VDU.\nNOTE 1 The type of MCIO as specified in the declarative descriptor of the MCIO, and that can be read from the CISM. EXAMPLE: In case of MCIOs managed by Kubernetes, the type of MCIO corresponds to the “kind” property of the declarative descriptor. NOTE 2  If the attribute additionalInfo is present, it may contain runtime information on the actual and desired state of the MCIO(s). NOTE 3  When the container infrastructure service is a Kubernetes® instance, the mcioId is the combined values from the kind  and name fields of the Kubernetes® resource object, separated by a slash. Example: \"Deployment/abcd\". NOTE 4 When the container infrastructure service is a Kubernetes® instance, the mcioName is the name field of the resource object.",
+                                        "type": "object",
+                                        "required": [
+                                            "mcioId",
+                                            "mcioName",
+                                            "mcioNamespace",
+                                            "vduId",
+                                            "cismId",
+                                            "mcioType",
+                                            "desiredInstances",
+                                            "availableInstances"
+                                        ],
+                                        "properties": {
+                                            "mcioId": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "mcioName": {
+                                                "description": "Human readable name of this MCIO. See note 4. \n",
+                                                "type": "string"
+                                            },
+                                            "mcioNamespace": {
+                                                "description": "Namespace of this MCIO.\n",
+                                                "type": "string"
+                                            },
+                                            "vduId": {
+                                                "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                                "type": "string"
+                                            },
+                                            "cismId": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "mcioType": {
+                                                "description": "The type of MCIO. Specific values, their semantics and associated MCIO types are defined in clause 6.5.4.13. Additional values are also permitted. See note 1.\n",
+                                                "type": "string"
+                                            },
+                                            "desiredInstances": {
+                                                "description": "Number of desired MCIO instances.\n",
+                                                "type": "integer"
+                                            },
+                                            "availableInstances": {
+                                                "description": "Number of available MCIO instances\n",
+                                                "type": "integer"
+                                            },
+                                            "additionalInfo": {
+                                                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                "type": "object"
+                                            },
+                                            "certificateContentId": {
+                                                "description": "The identifier of certificate that this MCIO instance uses. Shall be present when using in delegation- mode. Otherwise shall not be present.\n",
+                                                "type": "array",
+                                                "items": {
+                                                    "description": "An identifier with the intention of being globally unique.\n",
+                                                    "type": "string"
+                                                }
+                                            }
+                                        }
+                                    }
+                                },
+                                "vnfPaasServiceInfo": {
+                                    "description": "Information on the PaaS Services assigned and used by the VNF instance.\n",
+                                    "type": "array",
+                                    "items": {
+                                        "description": "This type provides information about a PaaS Service that is used  by a VNF instance or some other NS constituent. he PaasServiceInfo is  comprised of various sets of information. Some information comes from the  descriptors (e.g.,VNFD or NSD), other information comes from the PaaS Service assets provided by the NFVO to the VNFM, and other information is provided  as runtime information about the usage of the PaaS Service.\nNOTE: Either a \"nsPaasServiceRequestId\" or a \"vnfPaasServiceRequestId\" shall be provided, but not both.\n",
+                                        "type": "object",
+                                        "oneOf": [
+                                            {
+                                                "required": [
+                                                    "paasServiceId",
+                                                    "paasServiceType",
+                                                    "paasServiceHandle",
+                                                    "nsPaasServiceRequestId"
+                                                ]
+                                            },
+                                            {
+                                                "required": [
+                                                    "paasServiceId",
+                                                    "paasServiceType",
+                                                    "paasServiceHandle",
+                                                    "vnfPaasServiceRequestId"
+                                                ]
+                                            }
+                                        ],
+                                        "properties": {
+                                            "id": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "paasServiceId": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "paasServiceType": {
+                                                "description": "The type of PaaS Service. The value of this attribute is expected to be matched against values of the registered PaaS Services in the PSR.\n",
+                                                "type": "string"
+                                            },
+                                            "paasServiceVersion": {
+                                                "description": "A Version. Representation: string of variable length.\n",
+                                                "type": "string"
+                                            },
+                                            "nsPaasServiceRequestId": {
+                                                "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                                                "type": "string"
+                                            },
+                                            "vnfPaasServiceRequestId": {
+                                                "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                                                "type": "string"
+                                            },
+                                            "paasServiceHandle": {
+                                                "description": "This type provides information enabling the access and use of the PaaS Service by a VNF instance  or some other NS constituent. The type and format of the handle depends on the form that the PaaS  Service is formed.\n",
+                                                "type": "object",
+                                                "required": [
+                                                    "id"
+                                                ],
+                                                "properties": {
+                                                    "id": {
+                                                        "description": "An identifier with the intention of being globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "interfaceInfo": {
+                                                        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                        "type": "object"
+                                                    },
+                                                    "accessInfo": {
+                                                        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                        "type": "object"
+                                                    },
+                                                    "extra": {
+                                                        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                        "type": "object"
+                                                    }
+                                                }
+                                            },
+                                            "additionalInfo": {
+                                                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                "type": "object"
+                                            }
+                                        }
+                                    }
+                                }
+                            }
+                        },
+                        "metadata": {
+                            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                            "type": "object"
+                        },
+                        "extensions": {
+                            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                            "type": "object"
+                        }
+                    }
+                }
+            },
+            "pnfInfo": {
+                "description": "Information on the PNF(s) that are part of the NS instance.\n",
+                "type": "array",
+                "items": {
+                    "description": "This type represents the information about a PNF that is part of an NS instance.  It shall comply with the provisions defined in Table 6.5.3.13-1.\n",
+                    "type": "object",
+                    "required": [
+                        "pnfId",
+                        "pnfdId",
+                        "pnfdInfoId",
+                        "pnfProfileId"
+                    ],
+                    "properties": {
+                        "pnfId": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                        },
+                        "pnfName": {
+                            "description": "Name of the PNF.\n",
+                            "type": "string"
+                        },
+                        "pnfdId": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                        },
+                        "versionDependency": {
+                            "description": "Describes version dependencies currently valid for the PNF.  Identifies versions of descriptors of other constituents in the NSD upon which the PNF depends. The dependencies may be described for the PNFD referenced in this PnfInfo with pnfdId and for PNFDs with the same \"pnfdExtInvariantId\". There shall not be more than one versionDependency present with the same dependentConstituentId.\n",
+                            "type": "array",
+                            "items": {
+                                "description": "This type represents the information related to all dependencies that an NSD constituent has on the versions of other NSD constituents.  It shall comply with the provisions defined in table 6.5.3.112-1.\n",
+                                "type": "object",
+                                "required": [
+                                    "dependentConstituentId"
+                                ],
+                                "properties": {
+                                    "dependentConstituentId": {
+                                        "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                                        "type": "string"
+                                    },
+                                    "versionDependencyStatement": {
+                                        "description": "Identifies one or multiple versions of an NSD constituents upon which the dependent constituent identified by  dependentConstituentId has a dependency. Cardinality 0 is used to remove an existing version dependency in a profile.\n",
+                                        "type": "array",
+                                        "items": {
+                                            "description": "This type represents the information related to one or more VNF, NS or PNF descriptor identifiers which describe one  single dependency. When more than one descriptor is indicated, they correspond to different versions of the same VNF,  NS or PNF and they represent alternatives to fulfil the dependency. It shall comply with the provisions defined in  table 6.5.3.113-1.\n",
+                                            "type": "object",
+                                            "required": [
+                                                "descriptorId"
+                                            ],
+                                            "properties": {
+                                                "descriptorId": {
+                                                    "description": "Identifies a VNFD, NSD or PNFD upon which the entity using this data type depends. When more than one descriptor is indicated, they shall correspond to versions of the same VNF, NS or PNF and they represent alternatives, i.e. the presence of one of them fulfills the dependency.",
+                                                    "type": "array",
+                                                    "items": {
+                                                        "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                                                        "type": "string"
+                                                    }
+                                                }
+                                            }
+                                        }
+                                    }
+                                }
+                            }
+                        },
+                        "pnfdInfoId": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                        },
+                        "pnfProfileId": {
+                            "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                            "type": "string"
+                        },
+                        "cpInfo": {
+                            "description": "This type represents the information about the external CP of the PNF.  It shall comply with the provisions defined in Table 6.5.3.17-1.\n",
+                            "type": "object",
+                            "required": [
+                                "cpInstanceId",
+                                "cpdId"
+                            ],
+                            "properties": {
+                                "cpInstanceId": {
+                                    "description": "An Identifier that is unique within respect to a PNF. Representation: string of variable length.\n",
+                                    "type": "string"
+                                },
+                                "cpdId": {
+                                    "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                                    "type": "string"
+                                },
+                                "cpProtocolData": {
+                                    "description": "Parameters for configuring the network protocols on the CP.\n",
+                                    "type": "array",
+                                    "items": {
+                                        "description": "This type represents network protocol data.\nNOTE:\tThis attribute allows to signal the addition of further types  of layer and protocol in future versions of the present document in  a backwards-compatible way. In the current version of the present  document, only IP over Ethernet is supported.\n",
+                                        "type": "object",
+                                        "required": [
+                                            "layerProtocol"
+                                        ],
+                                        "properties": {
+                                            "layerProtocol": {
+                                                "description": "Identifier of layer(s) and protocol(s). Permitted values:  - IP_OVER_ETHERNET - IP_FOR_VIRTUAL_CP See note.\n",
+                                                "type": "string",
+                                                "enum": [
+                                                    "IP_OVER_ETHERNET",
+                                                    "IP_FOR_VIRTUAL_CP"
+                                                ]
+                                            },
+                                            "ipOverEthernet": {
+                                                "description": "This type represents network address data for IP over Ethernet. NOTE 1: At least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2: Exactly one of \"fixedAddresses\", \"numDynamicAddresses\" or \"ipAddressRange\" shall be present. NOTE 3: If the CP instance represents a subport in a trunk, \"segmentationId\" shall be present. Otherwise it shall not be present. NOTE 4: Depending on the NFVI networking infrastructure, the \"segmentationId\" may indicate the actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header of the packets or it may be an identifier used between the application and the NFVI networking infrastructure to identify the network sub-interface of the trunk port in question. In the latter case the NFVI infrastructure will map this local \"segmentationId\" to whatever \"segmentationId\" is actually used by the NFVI's transport technology.\n",
+                                                "type": "object",
+                                                "anyOf": [
+                                                    {
+                                                        "required": [
+                                                            "ipAddresses"
+                                                        ]
+                                                    },
+                                                    {
+                                                        "required": [
+                                                            "macAddress"
+                                                        ]
+                                                    }
+                                                ],
+                                                "properties": {
+                                                    "macAddress": {
+                                                        "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
+                                                        "type": "string",
+                                                        "format": "MAC"
+                                                    },
+                                                    "segmentationType": {
+                                                        "description": "Specifies the encapsulation type for the traffics coming in and out of the trunk subport. Permitted values are: - VLAN: The subport uses VLAN as encapsulation type. - INHERIT: The subport gets its segmentation type from the network it is connected to. This attribute may be present for CP instances that represent subports in a trunk and shall be absent otherwise. If this attribute is not present for a subport CP instance, default value VLAN shall be used.\n",
+                                                        "type": "string",
+                                                        "enum": [
+                                                            "VLAN",
+                                                            "INHERIT"
+                                                        ]
+                                                    },
+                                                    "segmentationId": {
+                                                        "description": "Identification of the network segment to which the CP instance connects to. See note 3 and note 4.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "ipAddresses": {
+                                                        "description": "List of IP addresses to assign to the CP instance. Each entry represents IP address data for fixed or dynamic IP address assignment per subnet. If this attribute is not present, no IP address shall be assigned. See note 1.\n",
+                                                        "type": "array",
+                                                        "items": {
+                                                            "type": "object",
+                                                            "required": [
+                                                                "type"
+                                                            ],
+                                                            "oneOf": [
+                                                                {
+                                                                    "required": [
+                                                                        "fixedAddresses"
+                                                                    ]
+                                                                },
+                                                                {
+                                                                    "required": [
+                                                                        "numDynamicAddresses"
+                                                                    ]
+                                                                },
+                                                                {
+                                                                    "required": [
+                                                                        "addressRange"
+                                                                    ]
+                                                                }
+                                                            ],
+                                                            "properties": {
+                                                                "type": {
+                                                                    "description": "The type of the IP addresses. Permitted values:\n  - IPV4\n  - IPV6\n",
+                                                                    "type": "string",
+                                                                    "enum": [
+                                                                        "IPV4",
+                                                                        "IPV6"
+                                                                    ]
+                                                                },
+                                                                "fixedAddresses": {
+                                                                    "description": "Fixed addresses to assign (from the subnet defined by \"subnetId\" if provided). Exactly one of \"fixedAddresses\", \"numDynamicAddresses\" or \"ipAddressRange\" shall be present.\n",
+                                                                    "type": "array",
+                                                                    "items": {
+                                                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                        "type": "string",
+                                                                        "format": "IP"
+                                                                    }
+                                                                },
+                                                                "numDynamicAddresses": {
+                                                                    "description": "Number of dynamic addresses to assign (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
+                                                                    "type": "integer"
+                                                                },
+                                                                "addressRange": {
+                                                                    "description": "An IP address range to be used, e.g. in case of egress connections. In case this attribute is present, IP addresses from the range will be used.\n",
+                                                                    "type": "object",
+                                                                    "required": [
+                                                                        "minAddress",
+                                                                        "maxAddress"
+                                                                    ],
+                                                                    "properties": {
+                                                                        "minAddress": {
+                                                                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                            "type": "string",
+                                                                            "format": "IP"
+                                                                        },
+                                                                        "maxAddress": {
+                                                                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                            "type": "string",
+                                                                            "format": "IP"
+                                                                        }
+                                                                    }
+                                                                },
+                                                                "subnetId": {
+                                                                    "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                    "type": "string"
+                                                                }
+                                                            }
+                                                        }
+                                                    }
+                                                }
+                                            },
+                                            "virtualCpAddress": {
+                                                "description": "This type represents network address data for a virtual CP.  It shall comply with the provisions defined in table 6.5.3.12a-1.\nNOTE 1: If the container cluster is set up to be able to configure an external load balancer this address will be\n        used, otherwise it will be ignored by the CISM.\nNOTE 2: In case the cluster can configure an external load balancer but no loadBalancerIp is provided the\n        container cluster will assign an IP address.\nNOTE 3: The attribute is only relevant if the virtual CP is instantiated in a cluster that supports configuration of IP\n        address pools for virtual CPs. Otherwise it shall be ignored. MetalLB is an example of a solution for\n        Kubernetes® that supports configuration of address pools for load balancer services.\nNOTE 4: The loadBalancerIp and the addressPoolName attributes shall not be present at the same time.\n",
+                                                "type": "object",
+                                                "required": [
+                                                    "type"
+                                                ],
+                                                "properties": {
+                                                    "type": {
+                                                        "description": "Identifier of layer(s) and protocol(s). Permitted values: IP_OVER_ETHERNET.\n",
+                                                        "type": "string",
+                                                        "enum": [
+                                                            "IPV4",
+                                                            "IPV6"
+                                                        ]
+                                                    },
+                                                    "loadBalancerIp": {
+                                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                        "type": "string",
+                                                        "format": "IP"
+                                                    },
+                                                    "addressPoolName": {
+                                                        "description": "Name of an address pool from which the container cluster will assign an IP address to the virtual CP. See notes 3 and 4.\n",
+                                                        "type": "array",
+                                                        "items": {
+                                                            "type": "string"
+                                                        }
+                                                    }
+                                                }
+                                            }
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    }
+                }
+            },
+            "virtualLinkInfo": {
+                "description": "Information on the VL(s) of the NS instance. This attribute shall be present if the nsState attribute value is INSTANTIATED and if the NS instance has specified connectivity.\n",
+                "type": "array",
+                "items": {
+                    "description": "This type specifies the information about an NS VL instance.  It shall comply with the provisions defined in Table 6.5.3.53-1.\nNOTE: As an NS can include NFs deployed in NFVI PoPs under the control of several different VIMs, therefore deploying an NS VL can involve several VIMs, each allocating different virtualised network resources, as well as WIMs handling the connectivity in between the NFVI-PoPs in the form of multi-site connectivity services. When this NsVirtualLink is provided as an ExtVirtualLink as input of a VNF LCM operation, the id of the ExtVirtualLink shall be the same as the corresponding NsVirtualLink.\n",
+                    "type": "object",
+                    "required": [
+                        "id",
+                        "nsVirtualLinkDescId",
+                        "nsVirtualLinkProfileId"
+                    ],
+                    "properties": {
+                        "id": {
+                            "description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
+                            "type": "string"
+                        },
+                        "nsVirtualLinkDescId": {
+                            "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                            "type": "string"
+                        },
+                        "nsVirtualLinkProfileId": {
+                            "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                            "type": "string"
+                        },
+                        "resourceHandle": {
+                            "description": "Identifier(s) of the virtualised network resource(s) and/or multi-site connectivity service(s) realizing the VL instance. See note.\n",
+                            "type": "array",
+                            "items": {
+                                "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
+                                "type": "object",
+                                "required": [
+                                    "resourceId"
+                                ],
+                                "properties": {
+                                    "vimId": {
+                                        "description": "An identifier with the intention of being globally unique.\n",
+                                        "type": "string"
+                                    },
+                                    "resourceProviderId": {
+                                        "description": "An identifier with the intention of being globally unique.\n",
+                                        "type": "string"
+                                    },
+                                    "resourceId": {
+                                        "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                        "type": "string"
+                                    },
+                                    "vimLevelResourceType": {
+                                        "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
+                                        "type": "string"
+                                    },
+                                    "vimLevelAdditionalResourceInfo": {
+                                        "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
+                                        "type": "object",
+                                        "properties": {
+                                            "hostName": {
+                                                "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
+                                                "type": "string"
+                                            },
+                                            "persistentVolume": {
+                                                "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
+                                                "type": "string"
+                                            },
+                                            "additionalInfo": {
+                                                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                "type": "object"
+                                            }
+                                        }
+                                    },
+                                    "containerNamespace": {
+                                        "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
+                                        "type": "string"
+                                    }
+                                }
+                            }
+                        },
+                        "linkPort": {
+                            "description": "Link ports of the VL instance. Cardinality of zero indicates that no port has yet been created for the VL instance.\n",
+                            "type": "array",
+                            "items": {
+                                "description": "This type represents information about a link port of a VL instance. It shall comply with the provisions defined in Table 6.5.3.55-1. NOTE: When the NsVirtualLink, from which the present NsLinkPort is part of, is provided as an ExtVirtualLink as input of a VNF LCM operation, the id of the ExtLinkPort shall be the same as the corresponding NsLinkPort.\n",
+                                "type": "object",
+                                "required": [
+                                    "id",
+                                    "resourceHandle"
+                                ],
+                                "properties": {
+                                    "id": {
+                                        "description": "An identifier with the intention of being globally unique.\n",
+                                        "type": "string"
+                                    },
+                                    "resourceHandle": {
+                                        "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
+                                        "type": "object",
+                                        "required": [
+                                            "resourceId"
+                                        ],
+                                        "properties": {
+                                            "vimId": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "resourceProviderId": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "resourceId": {
+                                                "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                "type": "string"
+                                            },
+                                            "vimLevelResourceType": {
+                                                "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
+                                                "type": "string"
+                                            },
+                                            "vimLevelAdditionalResourceInfo": {
+                                                "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
+                                                "type": "object",
+                                                "properties": {
+                                                    "hostName": {
+                                                        "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
+                                                        "type": "string"
+                                                    },
+                                                    "persistentVolume": {
+                                                        "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
+                                                        "type": "string"
+                                                    },
+                                                    "additionalInfo": {
+                                                        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                        "type": "object"
+                                                    }
+                                                }
+                                            },
+                                            "containerNamespace": {
+                                                "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
+                                                "type": "string"
+                                            }
+                                        }
+                                    },
+                                    "nsCpHandle": {
+                                        "description": "This type represents an identifier of the CP or SAP instance.  It shall comply with the provisions defined in Table 6.5.3.56-1. NOTE 1: For the VNF external CP instance, both vnfInstanceId and vnfExtCpInstanceId shall be present as a pair. NOTE 2: For the PNF external CP instance, both pnfInfoId and PnfExtCpInstanceId shall be present as a pair. NOTE 3: For the SAP instance, both nsInstanceId and nsSapInstanceId shall be present as a pair. NOTE 4: One pair of identifiers (VNF external CP, PNF external CP or SAP) shall be present.\n",
+                                        "type": "object",
+                                        "oneOf": [
+                                            {
+                                                "required": [
+                                                    "vnfInstanceId",
+                                                    "vnfExtCpInstanceId"
+                                                ]
+                                            },
+                                            {
+                                                "required": [
+                                                    "pnfInfoId",
+                                                    "pnfExtCpInstanceId"
+                                                ]
+                                            },
+                                            {
+                                                "required": [
+                                                    "nsInstanceId",
+                                                    "nsSapInstanceId"
+                                                ]
+                                            }
+                                        ],
+                                        "properties": {
+                                            "vnfInstanceId": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "vnfExtCpInstanceId": {
+                                                "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "pnfInfoId": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "pnfExtCpInstanceId": {
+                                                "description": "An Identifier that is unique within respect to a PNF. Representation: string of variable length.\n",
+                                                "type": "string"
+                                            },
+                                            "nsInstanceId": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "nsSapInstanceId": {
+                                                "description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
+                                                "type": "string"
+                                            }
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    }
+                }
+            },
+            "vnffgInfo": {
+                "description": "Information on the VNFFG(s) of the NS instance.\n",
+                "type": "array",
+                "items": {
+                    "description": "Information on the VNFFG(s) of the NS instance. NOTE: It indicates an exhaustive list of all the CP instances and SAP instances of the VNFFG.\n",
+                    "type": "object",
+                    "required": [
+                        "id",
+                        "vnffgdId",
+                        "vnfInstanceId",
+                        "pnfInfoId"
+                    ],
+                    "properties": {
+                        "id": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                        },
+                        "vnffgdId": {
+                            "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                            "type": "string"
+                        },
+                        "vnfInstanceId": {
+                            "description": "Identifier(s) of the constituent VNF instance(s) of this VNFFG instance.\n",
+                            "type": "array",
+                            "items": {
+                                "description": "An identifier with the intention of being globally unique.\n",
+                                "type": "string"
+                            }
+                        },
+                        "pnfdInfoId": {
+                            "description": "Identifier(s) of the constituent PNF instance(s) of this VNFFG instance.\n",
+                            "type": "array",
+                            "items": {
+                                "description": "An identifier with the intention of being globally unique.\n",
+                                "type": "string"
+                            }
+                        },
+                        "nsVirtualLinkInfoId": {
+                            "description": "Identifier(s) of the constituent VL instance(s) of this VNFFG instance.\n",
+                            "type": "array",
+                            "items": {
+                                "description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
+                                "type": "string"
+                            }
+                        },
+                        "nsCpHandle": {
+                            "description": "This type represents an identifier of the CP or SAP instance.  It shall comply with the provisions defined in Table 6.5.3.56-1. NOTE 1: For the VNF external CP instance, both vnfInstanceId and vnfExtCpInstanceId shall be present as a pair. NOTE 2: For the PNF external CP instance, both pnfInfoId and PnfExtCpInstanceId shall be present as a pair. NOTE 3: For the SAP instance, both nsInstanceId and nsSapInstanceId shall be present as a pair. NOTE 4: One pair of identifiers (VNF external CP, PNF external CP or SAP) shall be present.\n",
+                            "type": "object",
+                            "oneOf": [
+                                {
+                                    "required": [
+                                        "vnfInstanceId",
+                                        "vnfExtCpInstanceId"
+                                    ]
+                                },
+                                {
+                                    "required": [
+                                        "pnfInfoId",
+                                        "pnfExtCpInstanceId"
+                                    ]
+                                },
+                                {
+                                    "required": [
+                                        "nsInstanceId",
+                                        "nsSapInstanceId"
+                                    ]
+                                }
+                            ],
+                            "properties": {
+                                "vnfInstanceId": {
+                                    "description": "An identifier with the intention of being globally unique.\n",
+                                    "type": "string"
+                                },
+                                "vnfExtCpInstanceId": {
+                                    "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                                    "type": "string"
+                                },
+                                "pnfInfoId": {
+                                    "description": "An identifier with the intention of being globally unique.\n",
+                                    "type": "string"
+                                },
+                                "pnfExtCpInstanceId": {
+                                    "description": "An Identifier that is unique within respect to a PNF. Representation: string of variable length.\n",
+                                    "type": "string"
+                                },
+                                "nsInstanceId": {
+                                    "description": "An identifier with the intention of being globally unique.\n",
+                                    "type": "string"
+                                },
+                                "nsSapInstanceId": {
+                                    "description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
+                                    "type": "string"
+                                }
+                            }
+                        }
+                    }
+                }
+            },
+            "sapInfo": {
+                "description": "Information on the SAP(s) of the NS instance.\n",
+                "type": "array",
+                "items": {
+                    "description": "This type represents an SAP instance. It shall comply with the provisions defined in Table 6.5.3.67-1.\n",
+                    "type": "object",
+                    "required": [
+                        "id",
+                        "sapdId",
+                        "sapName",
+                        "sapProtocolInfo"
+                    ],
+                    "properties": {
+                        "id": {
+                            "description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
+                            "type": "string"
+                        },
+                        "sapdId": {
+                            "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                            "type": "string"
+                        },
+                        "sapName": {
+                            "description": "Human readable name for the SAP instance.\n",
+                            "type": "string"
+                        },
+                        "description": {
+                            "description": "Human readable description for the SAP instance.\n",
+                            "type": "string"
+                        },
+                        "sapProtocolInfo": {
+                            "description": "Network protocol information for this SAP.\n",
+                            "type": "array",
+                            "items": {
+                                "description": "This type describes the protocol layer(s) that a CP or SAP uses together with protocol-related information, like addresses. It shall comply with the provisions defined in Table 6.5.3.58-1. NOTE: This attribute allows to signal the addition of further types of layer and protocol in future versions of the present document in a backwards-compatible way. In the current version of the present document, only IP over Ethernet is supported.\n",
+                                "type": "object",
+                                "required": [
+                                    "layerProtocol",
+                                    "ipOverEthernet"
+                                ],
+                                "properties": {
+                                    "layerProtocol": {
+                                        "description": "The identifier of layer(s) and protocol(s) associated to the network address information. Permitted values:\n  - IP_OVER_ETHERNET\n  - IP_FOR_VIRTUAL_CP\nSee note.\n",
+                                        "type": "string",
+                                        "enum": [
+                                            "IP_OVER_ETHERNET",
+                                            "IP_FOR_VIRTUAL_CP"
+                                        ]
+                                    },
+                                    "ipOverEthernet": {
+                                        "description": "This type represents information about a network address that has been assigned.\nNOTE 1: At least one of \"macAddress\" or \"ipAddresses\" shall be present. NOTE 2: Exactly one of \"addresses\" or \"addressRange\" shall be present. NOTE 3: If the Cp instance represents a subport in a trunk, \"segmentationId\" shall be present. Otherwise it shall not be present. NOTE 4: Depending on the NFVI networking infrastructure, the \"segmentationId\" may indicate the actual network segment value (e.g. vlan Id, Vxlan segmentation id, etc.) used in the transport header of the packets or it may be an identifier used between the application and the NFVI networking infrastructure to identify the network sub-interface of the trunk port in question. In the latter case the NFVI infrastructure will map this local \"segmentationId\" to whatever \"segmentationId\" is actually used by the NFVI's transport technology.\n",
+                                        "type": "object",
+                                        "anyOf": [
+                                            {
+                                                "required": [
+                                                    "macAddress"
+                                                ]
+                                            },
+                                            {
+                                                "required": [
+                                                    "ipAddresses"
+                                                ]
+                                            }
+                                        ],
+                                        "properties": {
+                                            "macAddress": {
+                                                "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
+                                                "type": "string",
+                                                "format": "MAC"
+                                            },
+                                            "segmentationId": {
+                                                "description": "Identification of the network segment to which the Cp instance connects to. See note 3 and note 4.\n",
+                                                "type": "string"
+                                            },
+                                            "ipAddresses": {
+                                                "description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or dynamic IP address assignment per subnet. See note 1.\n",
+                                                "type": "array",
+                                                "items": {
+                                                    "type": "object",
+                                                    "required": [
+                                                        "type"
+                                                    ],
+                                                    "oneOf": [
+                                                        {
+                                                            "required": [
+                                                                "addresses"
+                                                            ]
+                                                        },
+                                                        {
+                                                            "required": [
+                                                                "addressRange"
+                                                            ]
+                                                        }
+                                                    ],
+                                                    "properties": {
+                                                        "type": {
+                                                            "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
+                                                            "type": "string",
+                                                            "enum": [
+                                                                "IPV4",
+                                                                "IPV6"
+                                                            ]
+                                                        },
+                                                        "addresses": {
+                                                            "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). See note 2.\n",
+                                                            "type": "array",
+                                                            "items": {
+                                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                "type": "string",
+                                                                "format": "IP"
+                                                            }
+                                                        },
+                                                        "isDynamic": {
+                                                            "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
+                                                            "type": "boolean"
+                                                        },
+                                                        "addressRange": {
+                                                            "description": "An IP address range used, e.g., in case of egress connections. Exactly one of \"addresses\" or \"addressRange\" shall be present. See note 2.\n",
+                                                            "type": "object",
+                                                            "required": [
+                                                                "minAddress",
+                                                                "maxAddress"
+                                                            ],
+                                                            "properties": {
+                                                                "minAddress": {
+                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                    "type": "string",
+                                                                    "format": "IP"
+                                                                },
+                                                                "maxAddress": {
+                                                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                    "type": "string",
+                                                                    "format": "IP"
+                                                                }
+                                                            }
+                                                        },
+                                                        "subnetId": {
+                                                            "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                            "type": "string"
+                                                        }
+                                                    }
+                                                }
+                                            },
+                                            "type": {
+                                                "description": "The type of the IP addresses\n",
+                                                "type": "string",
+                                                "enum": [
+                                                    "PV4",
+                                                    "PV6"
+                                                ]
+                                            },
+                                            "addresses": {
+                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                "type": "string",
+                                                "format": "IP"
+                                            },
+                                            "isDynamic": {
+                                                "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
+                                                "type": "boolean"
+                                            },
+                                            "addressRange": {
+                                                "description": "An IP address range used, e.g. in case of egress connections. See note.\n",
+                                                "type": "object",
+                                                "required": [
+                                                    "minAddress",
+                                                    "maxAddress"
+                                                ],
+                                                "properties": {
+                                                    "minAddress": {
+                                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                        "type": "string",
+                                                        "format": "IP"
+                                                    },
+                                                    "maxAddress": {
+                                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                        "type": "string",
+                                                        "format": "IP"
+                                                    }
+                                                }
+                                            },
+                                            "minAddress": {
+                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                "type": "string",
+                                                "format": "IP"
+                                            },
+                                            "maxAddress": {
+                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                "type": "string",
+                                                "format": "IP"
+                                            },
+                                            "subnetId": {
+                                                "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                "type": "string"
+                                            }
+                                        }
+                                    },
+                                    "virtualCpAddress": {
+                                        "description": "This type represents information about a network address that has been assigned to a virtual CP.\n",
+                                        "type": "object",
+                                        "required": [
+                                            "type"
+                                        ],
+                                        "properties": {
+                                            "type": {
+                                                "description": "The type of the IP addresses. Permitted values: - IPV4 - IPV6\n",
+                                                "type": "string",
+                                                "enum": [
+                                                    "IPV4",
+                                                    "IPV6"
+                                                ]
+                                            },
+                                            "loadBalancerIp": {
+                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                "type": "string",
+                                                "format": "IP"
+                                            },
+                                            "addressPoolName": {
+                                                "description": "Name of an address pool from which an IP address is assigned to the virtual CP.",
+                                                "type": "string"
+                                            }
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    }
+                }
+            },
+            "nestedNsInstanceId": {
+                "description": "Identifier of the nested NS(s) of the NS instance.\n",
+                "type": "array",
+                "items": {
+                    "description": "An identifier with the intention of being globally unique.\n",
+                    "type": "string"
+                }
+            },
+            "vnfSnapshotInfoIds": {
+                "description": "Identifier of information on VNF snapshots of VNF instances that are part of this NS instance.\n",
+                "type": "array",
+                "items": {
+                    "description": "An identifier with the intention of being globally unique.\n",
+                    "type": "string"
+                }
+            },
+            "nsState": {
+                "description": "The state of the NS instance. Permitted values: NOT_INSTANTIATED: The NS instance is terminated or not instantiated. INSTANTIATED: The NS instance is instantiated.\n",
+                "type": "string",
+                "enum": [
+                    "NOT_INSTANTIATED",
+                    "INSTANTIATED"
+                ]
+            },
+            "monitoringParameter": {
+                "description": "Performance metrics tracked by the NFVO (e.g. for auto-scaling purposes) as identified by the NS designer in the NSD.\n",
+                "type": "array",
+                "items": {
+                    "description": "This type represents a monitoring parameter that is tracked by the NFVO, for example,  for auto-scaling purposes. It shall comply with the provisions defined in Table 6.5.3.68-1.\n",
+                    "type": "object",
+                    "required": [
+                        "id",
+                        "performanceMetric"
+                    ],
+                    "properties": {
+                        "id": {
+                            "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                            "type": "string"
+                        },
+                        "name": {
+                            "description": "Human readable name of the monitoring parameter, as defined in the NSD.\n",
+                            "type": "string"
+                        },
+                        "performanceMetric": {
+                            "description": "Performance metric that is monitored. This attribute shall contain the related  \"Measurement Name\" value as defined in clause 7.2 of ETSI GS NFV-IFA 027.\n",
+                            "type": "string"
+                        }
+                    }
+                }
+            },
+            "nsScaleStatus": {
+                "description": "Status of each NS scaling aspect declared in the applicable DF, how \"big\" the NS instance has been scaled w.r.t. that aspect. This attribute shall be present if the nsState attribute value is INSTANTIATED.\n",
+                "type": "array",
+                "items": {
+                    "description": "This type represents the target NS Scale level for each NS scaling aspect of the current deployment flavor.\n",
+                    "type": "object",
+                    "required": [
+                        "nsScalingAspectId",
+                        "nsScaleLevelId"
+                    ],
+                    "properties": {
+                        "nsScalingAspectId": {
+                            "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                            "type": "string"
+                        },
+                        "nsScaleLevelId": {
+                            "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                            "type": "string"
+                        }
+                    }
+                }
+            },
+            "additionalAffinityOrAntiAffinityRule": {
+                "description": "Information on the additional affinity or anti-affinity rule from NS instantiation operation. Shall not conflict with rules already specified in the NSD.\n",
+                "type": "array",
+                "items": {
+                    "description": "This type describes the additional affinity or anti-affinity rule applicable between the VNF instances to be instantiated in the NS instantiation operation request or between the VNF instances to be instantiated in the NS instantiation operation request and the existing VNF instances..\n",
+                    "type": "object",
+                    "required": [
+                        "affinityOrAntiAffiinty",
+                        "scope"
+                    ],
+                    "properties": {
+                        "vnfdId": {
+                            "description": "Reference to a VNFD. When the VNFD which is not used to instantiate VNF, it presents all VNF instances of this type as the subjects of the affinity or anti-affinity rule. The VNF instance which the VNFD presents is not necessary as a part of the NS to be instantiated.\n",
+                            "type": "array",
+                            "items": {
+                                "description": "An identifier with the intention of being globally unique.\n",
+                                "type": "string"
+                            }
+                        },
+                        "vnfProfileId": {
+                            "description": "Reference to a vnfProfile defined in the NSD. At least one VnfProfile which is used to instantiate VNF for the NS to be instantiated as the subject of the affinity or anti-affinity rule shall be present. When the VnfProfile which is not used to instantiate VNF, it presents all VNF instances of this type as the subjects of the affinity or anti-affinity rule. The VNF instance which the VnfProfile presents is not necessary as a part of the NS to be instantiated.\n",
+                            "type": "array",
+                            "items": {
+                                "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                                "type": "string"
+                            }
+                        },
+                        "vnfInstanceId": {
+                            "description": "Reference to the existing VNF instance as the subject of the affinity or anti-affinity rule. The existing VNF instance is not necessary as a part of the NS to be instantiated.\n",
+                            "type": "array",
+                            "items": {
+                                "description": "An identifier with the intention of being globally unique.\n",
+                                "type": "string"
+                            }
+                        },
+                        "affinityOrAntiAffiinty": {
+                            "description": "The type of the constraint. Permitted values: AFFINITY ANTI_AFFINITY.\n",
+                            "type": "string",
+                            "enum": [
+                                "AFFINITY",
+                                "ANTI_AFFINITY"
+                            ]
+                        },
+                        "scope": {
+                            "description": "Specifies the scope of the rule where the placement constraint applies. Permitted values: NFVI_POP ZONE ZONE_GROUP NFVI_NODE.\n",
+                            "type": "string",
+                            "enum": [
+                                "NFVI_POP",
+                                "ZONE",
+                                "ZONE_GROUP",
+                                "NFVI_NODE"
+                            ]
+                        }
+                    }
+                }
+            },
+            "wanConnectionInfo": {
+                "description": "Information about WAN related connectivity enabling multi-site VLs.\n",
+                "type": "array",
+                "items": {
+                    "description": "This type provides information about the connectivity to the WAN of network resources realizing a VL, e.g.,\nwhen the VL is deployed on several sites across a WAN. It shall comply with the provisions defined in table 6.5.3.90-1.\nNOTE: Either a \"nsVirtualLinkInfoId\" or a \"vnfVirtualLinkResourceInfoId\" shall be provided, but not both.\n",
+                    "type": "object",
+                    "required": [
+                        "wanConnectionInfoId"
+                    ],
+                    "oneOf": [
+                        {
+                            "required": [
+                                "nsVirtualLinkInfoId"
+                            ]
+                        },
+                        {
+                            "required": [
+                                "vnfVirtualLinkResourceInfoId"
+                            ]
+                        }
+                    ],
+                    "properties": {
+                        "wanConnectionInfoId": {
+                            "description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
+                            "type": "string"
+                        },
+                        "nsVirtualLinkInfoId": {
+                            "description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
+                            "type": "string"
+                        },
+                        "vnfVirtualLinkResourceInfoId": {
+                            "description": "An identifier that is unique with respect to a NS. Representation: string of variable length.\n",
+                            "type": "string"
+                        },
+                        "protocolInfo": {
+                            "description": "This type provides protocol specific information about the connectivity to the WAN of network resources realizing\na VL, e.g., when the VL is deployed on several sites and across a WAN, and the related multi-site connectivity\nservice (MSCS) enabling the connectivity through the WAN. This type supports providing information about both\npre-provisioned WAN connectivity realized by external entities to NFV-MANO but parts of such connectivity is known\nto the NFVO, as well as information about MSCS created under NFV-MANO responsibility (i.e., connectivity is realized\nwhen NFVO communicates with the WIM).  It shall comply with the provisions defined in table 6.5.3.91-1.\n",
+                            "type": "object",
+                            "properties": {
+                                "mscsInfo": {
+                                    "description": "This type provides information about an already provisioned multi-site connectivity service (MSCS) deployed across a WAN. It shall comply with the provisions defined in Table 6.5.3.82-1.\n",
+                                    "type": "object",
+                                    "required": [
+                                        "mscsId",
+                                        "mscsType"
+                                    ],
+                                    "properties": {
+                                        "mscsId": {
+                                            "description": "An identifier with the intention of being globally unique.\n",
+                                            "type": "string"
+                                        },
+                                        "mscsName": {
+                                            "description": "Human readable name of the MSCS.\n",
+                                            "type": "string"
+                                        },
+                                        "mscsDescription": {
+                                            "description": "Human readable description of the MSCS.\n",
+                                            "type": "string"
+                                        },
+                                        "mscsType": {
+                                            "description": "The type of connectivity that is provided to the virtualized networks in the NFVI-PoP and characterizes the connectivity service across the WAN. Permitted values: - L2 - L3\n",
+                                            "type": "string",
+                                            "enum": [
+                                                "L2VPN",
+                                                "L3VPN"
+                                            ]
+                                        },
+                                        "mscsLayerProtocol": {
+                                            "description": "Type of underlying connectivity service and protocol associated to the MSCS. Permitted values are as listed below and restricted by the type of MSCS: - EVPN_BGP_MPLS: as specified in IETF RFC 7432. Only applicable for mscsType=\"L2\". - EVPN_VPWS: as specified in IETF RFC 8214. Only applicable for mscsType=\"L2\". - VPLS_BGP: as specified in IETF RFC 4761 and IETF RFC 6624. Only applicable for mscsType=\"L2\". - VPLS_LDP_L2TP: as specified in IETF RFC 4762. Only applicable for mscsType=\"L2\". - VPWS_LDP_L2TP: as specified in IETF RFC 6074. Only applicable for mscsType=\"L2\". - BGP_IP_VPN: BGP/MPLS based IP VPN as specified in IETF RFC 4364. Only applicable for mscsType=\"L3\".\n",
+                                            "type": "string",
+                                            "enum": [
+                                                "EVPN_BGP_MPLS",
+                                                "EVPN_VPWS",
+                                                "VPLS_BGP",
+                                                "VPLS_LDP",
+                                                "VPWS",
+                                                "BGP_IP_VPN"
+                                            ]
+                                        },
+                                        "siteAccessProtectionSchemes": {
+                                            "description": "Information to determine the proper MSCS endpoints configuration to fulfil certain resiliency/protection requirements, e.g., by considering certain availability and redundancy of connectivity service endpoints in between NFVI-PoP and WAN.\n",
+                                            "type": "array",
+                                            "items": {
+                                                "type": "object",
+                                                "properties": {
+                                                    "locationConstraints": {
+                                                        "description": "This type represents location constraints for a VNF to be instantiated. The location constraints can be represented as follows: • as a country code • as a civic address combined with a country code • as an area, conditionally combined with a country code\nNOTE: If both \"countryCode\" and \"area\" are present, no conflicts should exist between the values of these two attributes. In case of conflicts, the API producer (i.e. the NFVO) shall disregard parts of the geographic area signalled by \"area\" that are outside the boundaries of the country signalled by \"countryCode\". If \"countryCode\" is absent, it is solely the \"area\" attribute that defines the location constraint.\n",
+                                                        "type": "object",
+                                                        "properties": {
+                                                            "countryCode": {
+                                                                "description": "The two-letter ISO 3166 country code in capital letters. Shall be present in case the \"area\" attribute is absent. May be absent if the \"area\" attribute is present (see note).\n",
+                                                                "type": "string"
+                                                            },
+                                                            "civicAddressElement": {
+                                                                "description": "Zero or more elements comprising the civic address. Shall be absent if the \"area\" attribute is present.\n",
+                                                                "type": "array",
+                                                                "items": {
+                                                                    "type": "object",
+                                                                    "required": [
+                                                                        "caType",
+                                                                        "caValue"
+                                                                    ],
+                                                                    "properties": {
+                                                                        "caType": {
+                                                                            "description": "Describe the content type of caValue. The value of caType shall comply with Section 3.4 of IETF RFC 4776 [13].\n",
+                                                                            "type": "integer"
+                                                                        },
+                                                                        "caValue": {
+                                                                            "description": "Content of civic address element corresponding to the caType. The format caValue shall comply with Section 3.4 of IETF RFC 4776 [13].\n",
+                                                                            "type": "string"
+                                                                        }
+                                                                    }
+                                                                }
+                                                            },
+                                                            "area": {
+                                                                "description": "Geographic area. Shall be absent if the \"civicAddressElement\" attribute is present. The content of this attribute shall follow the provisions for the \"Polygon\" geometry object as defined in IETF RFC 7946, for which the \"type\" member shall be set to the value \"Polygon\". See note.\n",
+                                                                "type": "object"
+                                                            }
+                                                        }
+                                                    },
+                                                    "protectionScheme": {
+                                                        "description": "Defines the protection scheme. Permitted values: - UNPROTECTED: to indicate no protection. - ONE_TO_ONE: to indicate an active-passive access protection. - ONE_PLUS_ONE: to indicate an active-active access protection. - ONE_TO_N: to indicate an N active to 1 passive access protection.\n",
+                                                        "type": "string",
+                                                        "enum": [
+                                                            "UNPROTECTED",
+                                                            "ONE_TO_ONE",
+                                                            "ONE_PLUS_ONE",
+                                                            "ONE_TO_N"
+                                                        ]
+                                                    }
+                                                }
+                                            }
+                                        },
+                                        "mtuMscs": {
+                                            "description": "Maximum Transmission Unit (MTU) that can be forwarded over the MSCS (in bytes). Default value is \"1500\" (bytes).\n",
+                                            "type": "number"
+                                        },
+                                        "mscsEndpoints": {
+                                            "description": "Information about the MSCS endpoints of the MSCS.\n",
+                                            "type": "array",
+                                            "items": {
+                                                "description": "This type provides encapsulates information about an MSCS endpoint of the MSCS. It shall comply with the provisions defined in table 6.5.3.83-1.\n",
+                                                "type": "object",
+                                                "required": [
+                                                    "mscsEndpointId",
+                                                    "directionality",
+                                                    "connectivityServiceEndpoinId"
+                                                ],
+                                                "properties": {
+                                                    "mscsEndpointId": {
+                                                        "description": "An identifier with the intention of being globally unique.\n",
+                                                        "type": "string"
+                                                    },
+                                                    "directionality": {
+                                                        "description": "Directionality of the data traffic in the context of the terminating MSCS endpoint from WAN’s perspective. Permitted values: - INBOUND: to indicate into the WAN. - OUTBOUND: to indicate from the WAN. - BOTH: to indicate bidirectional data traffic to/from the WAN.\n",
+                                                        "type": "string",
+                                                        "enum": [
+                                                            "INBOUND",
+                                                            "OUTBOUND",
+                                                            "BOTH"
+                                                        ]
+                                                    },
+                                                    "connectivityServiceEndpoinId": {
+                                                        "description": "References the connectivity service endpoint configuration information applicable to support the MSCS endpoint. More than one connectivity service endpoint can be referred when endpoints are in LAG mode.\n",
+                                                        "type": "array",
+                                                        "items": {
+                                                            "description": "An identifier with the intention of being globally unique.\n",
+                                                            "type": "string"
+                                                        }
+                                                    }
+                                                }
+                                            }
+                                        }
+                                    }
+                                },
+                                "connectivityServiceEndpoints": {
+                                    "description": "Configuration information about the network resources in the NFVI-PoP and their connectivity to the WAN.\n",
+                                    "type": "array",
+                                    "items": {
+                                        "description": "This type provides configuration data for the NFVI-PoP network gateway providing connectivity service endpoints. The connectivity service endpoints are used as endpoints by an MSCS. It shall comply with the provisions defined in Table 6.5.3.84-1.\n",
+                                        "type": "object",
+                                        "required": [
+                                            "connectivityServiceEndpointId",
+                                            "vimId"
+                                        ],
+                                        "properties": {
+                                            "connectivityServiceEndpointId": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "vimId": {
+                                                "description": "An identifier with the intention of being globally unique.\n",
+                                                "type": "string"
+                                            },
+                                            "siteToWanLayer2ProtocolData": {
+                                                "description": "This type provides information about Layer 2 protocol specific information for the configuration of the NFVI-PoP network gateway to enable the stitching of the intra-site VN to the MSCS over the WAN. It shall comply with the provisions defined in Table 6.5.3.85-1. NOTE: Either \"networkResources\" or \"vnSegmentsIds\" shall be provided, but not both.\n",
+                                                "type": "object",
+                                                "required": [
+                                                    "layer2ConnectionInfo"
+                                                ],
+                                                "properties": {
+                                                    "layer2ConnectionInfo": {
+                                                        "description": "Layer 2 protocol parameters of the connectivity service endpoint (CSE).\n",
+                                                        "type": "object",
+                                                        "required": [
+                                                            "connectionType",
+                                                            "interfaceType",
+                                                            "interfaceTagging",
+                                                            "encapsulationType"
+                                                        ],
+                                                        "properties": {
+                                                            "connectionType": {
+                                                                "description": "The type of connection to be established on the connectivity service point. Permitted values: - CSE: defined by the characteristics of the existing referred connectivity service point. - AGGREGATE_CSE: create an aggregation of the connectivity service endpoints.\n",
+                                                                "type": "string",
+                                                                "enum": [
+                                                                    "CSE",
+                                                                    "AGGREGATE_CSE"
+                                                                ]
+                                                            },
+                                                            "interfaceType": {
+                                                                "description": "To indicate whether to create logical interfaces on the referred connectivity service endpoint or new aggregated connectivity service endpoint. Permitted values: - PARENT: use the mapped interface to the connectivity service endpoint as is, i.e., do not create logical interfaces. - LOGICAL: create logical interfaces.\n",
+                                                                "type": "string",
+                                                                "enum": [
+                                                                    "PARENT",
+                                                                    "LOGICAL"
+                                                                ]
+                                                            },
+                                                            "interfaceTagging": {
+                                                                "description": "The type of frames to forward on the connectivity service point. Permitted values: - UNTAGGED: an interface where frames are not tagged. - TAGGED: an interface configured to forward tagged frames (i.e., enabled for VLAN tagging).\n",
+                                                                "type": "string",
+                                                                "enum": [
+                                                                    "UNTAGGED",
+                                                                    "TAGGED"
+                                                                ]
+                                                            },
+                                                            "encapsulationType": {
+                                                                "description": "The type of encapsulation. If the interfaceTagging=\"TAGGED\", either \"VLAN\" or \"VXLAN\" shall be set. Permitted values: - ETH: generic Ethernet encapsulation. - VLAN: encapsulation based on VLAN. - VXLAN: encapsulation based on VXLAN.\n",
+                                                                "type": "string",
+                                                                "enum": [
+                                                                    "ETH",
+                                                                    "VLAN",
+                                                                    "VXLAN"
+                                                                ]
+                                                            },
+                                                            "vlanTaggingType": {
+                                                                "description": "Type of encapsulation method for VLAN tagging. Shall be present if interfaceTagging=\"TAGGED\" and encapsulationType=\"VLAN\". Permitted values: - DOT1Q: used when packets on the CSE are encapsulated with one or a set of customer VLAN identifiers. - QINQ: used when packets on the CSE are encapsulated with multiple customer VLAN identifiers and a single\n  service VLAN identifier.\n- QINANY: used when packets on the CSE have no specific customer VLAN and a service VLAN identifier is used.\n",
+                                                                "type": "string",
+                                                                "enum": [
+                                                                    "DOT1Q",
+                                                                    "QINQ",
+                                                                    "QINANY"
+                                                                ]
+                                                            },
+                                                            "wanSegmentIds": {
+                                                                "description": "Segment identifiers to pass on the tagged interface. Shall be present if encapsulationType=\"VLAN\" or “VXLAN\".\n",
+                                                                "type": "object",
+                                                                "required": [
+                                                                    "wanSegmentIdValue"
+                                                                ],
+                                                                "properties": {
+                                                                    "wanSegmentIdValue": {
+                                                                        "description": "Identifier of the network segment (e.g., VLAN id or VNI).\n",
+                                                                        "type": "string"
+                                                                    },
+                                                                    "wanSegmentIdUpperRange": {
+                                                                        "description": "Identifier of the upper range network segment, in case the \"wanSegmentIds\" is used to define a range.\n",
+                                                                        "type": "string"
+                                                                    }
+                                                                }
+                                                            },
+                                                            "vxlanConfig": {
+                                                                "description": "Additional configuration needed when using VXLAN encapsulation. Shall be present if interfaceTagging=\"TAGGED\" and encapsulationType=\"VXLAN\".\n",
+                                                                "type": "object",
+                                                                "required": [
+                                                                    "peerMode"
+                                                                ],
+                                                                "properties": {
+                                                                    "peerMode": {
+                                                                        "description": "Type of VXLAN access mode. Default value is \"STATIC\".\nPermitted values: - STATIC - BGP_EVPN\n",
+                                                                        "type": "string",
+                                                                        "enum": [
+                                                                            "STATIC",
+                                                                            "BGP_EVPN"
+                                                                        ]
+                                                                    },
+                                                                    "peers": {
+                                                                        "description": "List of IP addresses of VTEP peers when using static mode.\n",
+                                                                        "type": "array",
+                                                                        "items": {
+                                                                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                            "type": "string",
+                                                                            "format": "IP"
+                                                                        }
+                                                                    }
+                                                                }
+                                                            },
+                                                            "lagInterfaceData": {
+                                                                "description": "Information for setting up a LAG interface aggregating multiple connectivity service endpoints.\n",
+                                                                "type": "object",
+                                                                "required": [
+                                                                    "aggregatedEndpoints",
+                                                                    "lacpActivation",
+                                                                    "lacpConfig"
+                                                                ],
+                                                                "properties": {
+                                                                    "aggregatedEndpoints": {
+                                                                        "description": "List of the connectivity service endpoints that are to be aggregated. Shall be present if connectionType=\"AGGREGATE_CSE\". In case of aggregating connectivity service endpoints, only one SiteToWanLayer2ProtocolData shall be provided for the whole set of aggregated endpoints.\n",
+                                                                        "type": "array",
+                                                                        "items": {
+                                                                            "description": "An identifier with the intention of being globally unique.\n",
+                                                                            "type": "string"
+                                                                        }
+                                                                    },
+                                                                    "lacpActivation": {
+                                                                        "description": "Indicates whether to activate LACP on the interface. If \"TRUE\", the LACP is to be activated, or \"FALSE\" otherwise. Default value is \"FALSE\".\n",
+                                                                        "type": "boolean"
+                                                                    },
+                                                                    "lacpConfig": {
+                                                                        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                                        "type": "object"
+                                                                    }
+                                                                }
+                                                            },
+                                                            "layer2ControlProtocol": {
+                                                                "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                                "type": "object"
+                                                            }
+                                                        }
+                                                    },
+                                                    "mtuL2": {
+                                                        "description": "Maximum Transmission Unit (MTU) that can be forwarded at layer 2 (in bytes). Default value is \"1500\" (bytes).\n",
+                                                        "type": "number"
+                                                    },
+                                                    "virtualRoutingAndForwarding": {
+                                                        "description": "Configuration related to the L2 virtual routing and forwarding (MAC-VRF).\n",
+                                                        "type": "object",
+                                                        "required": [
+                                                            "macVrfName"
+                                                        ],
+                                                        "properties": {
+                                                            "macVrfName": {
+                                                                "description": "Name (or identifier) of the MAC-VRF instance.\n",
+                                                                "type": "string"
+                                                            }
+                                                        }
+                                                    },
+                                                    "forwardingConfig": {
+                                                        "description": "Information related to the forwarding of the VN in the NFVI-PoP to the connectivity service endpoint, if information about the VN to \"stitch\" is already known. . by the OSS/BSS. Shall not be provided otherwise, in which case the NFVO will infer the forwarding configuration based on the NS VL, or external VL, or externally-managed VL provisioning.\n",
+                                                        "type": "object",
+                                                        "oneOf": [
+                                                            {
+                                                                "required": [
+                                                                    "networkResources"
+                                                                ]
+                                                            },
+                                                            {
+                                                                "required": [
+                                                                    "vnSegmentIds"
+                                                                ]
+                                                            }
+                                                        ],
+                                                        "properties": {
+                                                            "networkResources": {
+                                                                "description": "Reference to the VN resource to be forwarded into/from the MSCS. See note.\n",
+                                                                "type": "array",
+                                                                "items": {
+                                                                    "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance or by an NS instance. Information about the resource is available from the VIM.\nNOTE 1:\tThe value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM,  the CISM, the WIM or the resource provider and can be used as information that complements the ResourceHandle. When the container infrastructure service is a Kubernetes® instance the  vimLevelResourceType is the type of resource, as would correspond to the ‘kind’ field if the  resource is declared in its own Kubernetes® manifest, e.g.: Pod, PersistentVolumeClaim,  NetworkAttachmentDefinition.  NOTE 2:\tWhen the container infrastructure service is a Kubernetes® instance the resourceId shall be populated in the following way:  * For a compute MCIO, it is the instance identifier that Kubernetes® assigns, which is unique cluster wide per resource type.  * For a storage MCIO modelled as a persistent volume claim, it is the name of the persistent volume claim, i.e. the value of the ‘claimName’ field in the Kubernetes® manifest, or a compound name built by Kubernetes® if the persistent volume claim is  defined inline in another template instead of in its own manifest.  * For a network MCIO representing a NetworkAttachmentDefinition, a Service or an Ingress, it is the value of the ‘metadata.name’ field in Kubernetes® manifest. \n",
+                                                                    "type": "object",
+                                                                    "required": [
+                                                                        "resourceId"
+                                                                    ],
+                                                                    "properties": {
+                                                                        "vimId": {
+                                                                            "description": "An identifier with the intention of being globally unique.\n",
+                                                                            "type": "string"
+                                                                        },
+                                                                        "resourceProviderId": {
+                                                                            "description": "An identifier with the intention of being globally unique.\n",
+                                                                            "type": "string"
+                                                                        },
+                                                                        "resourceId": {
+                                                                            "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                                                            "type": "string"
+                                                                        },
+                                                                        "vimLevelResourceType": {
+                                                                            "description": "Additional resource information which is specific to this resource and its type, and which  is available from the VIM or the CISM or the resource provider. See note 1.\n",
+                                                                            "type": "string"
+                                                                        },
+                                                                        "vimLevelAdditionalResourceInfo": {
+                                                                            "description": "This type represents additional resource information which resource and resource type specific, and which  is available from the VIM or the CISM or the resource provider. NOTE:\tAt least one attribute shall be present. \n",
+                                                                            "type": "object",
+                                                                            "properties": {
+                                                                                "hostName": {
+                                                                                    "description": "Name of the host where the resource is allocated. It shall be present for compute resources in the  scope of the CISM and shall be absent otherwise. See note. \n",
+                                                                                    "type": "string"
+                                                                                },
+                                                                                "persistentVolume": {
+                                                                                    "description": "Name of the persistent volume to which the persistent volume claim representing the storage resource is bound. It may be present for storage resources in the scope of the CISM and shall be absent otherwise.  See note. \n",
+                                                                                    "type": "string"
+                                                                                },
+                                                                                "additionalInfo": {
+                                                                                    "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                                                    "type": "object"
+                                                                                }
+                                                                            }
+                                                                        },
+                                                                        "containerNamespace": {
+                                                                            "description": "The value of the namespace in which the MCIO corresponding to the resource is deployed.  This attribute shall be present if the resource is managed by a CISM and it shall be absent otherwise. \n",
+                                                                            "type": "string"
+                                                                        }
+                                                                    }
+                                                                }
+                                                            },
+                                                            "vnSegmentIds": {
+                                                                "description": "Identifiers of the network segments of the VN resources to be forwarded into/from the MSCS.\n",
+                                                                "type": "object",
+                                                                "required": [
+                                                                    "vnSegmentIdValue"
+                                                                ],
+                                                                "properties": {
+                                                                    "vnSegmentIdValue": {
+                                                                        "description": "Identifier of the network segment.\n",
+                                                                        "type": "string"
+                                                                    },
+                                                                    "vnSegmentIdUpperRange": {
+                                                                        "description": "Identifier of the upper range network segment, in case the \"vnSegmentIds\" is used to define a range.\n",
+                                                                        "type": "string"
+                                                                    }
+                                                                }
+                                                            }
+                                                        }
+                                                    }
+                                                }
+                                            },
+                                            "siteToWanLayer3ProtocolData": {
+                                                "description": "This type provides information about Layer 3 protocol specific information for the stitching of the intra-site VN to the multi-site connectivity service over the WAN. It shall comply with the provisions defined in Table 6.5.3.86-1.\n",
+                                                "type": "object",
+                                                "required": [
+                                                    "routingInfo"
+                                                ],
+                                                "properties": {
+                                                    "logicalInterfaceIpAddress": {
+                                                        "description": "IP addressing information associated to a logical interface. Shall be present if the \"interfaceType\" of the SiteToWanLayer2ProtocolData is equal to \"LOGICAL\".\n",
+                                                        "type": "object",
+                                                        "required": [
+                                                            "ipAddress",
+                                                            "associatedSegmentId"
+                                                        ],
+                                                        "properties": {
+                                                            "ipAddress": {
+                                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                "type": "string",
+                                                                "format": "IP"
+                                                            },
+                                                            "associatedSegmentId": {
+                                                                "description": "The associated segment identifier that has triggered the creation of the logical interface. The value shall be one of the values listed in the \"wanSegmentIds\" of the \"siteToWanLayer2ProtocolData\".\n",
+                                                                "type": "string"
+                                                            }
+                                                        }
+                                                    },
+                                                    "routingInfo": {
+                                                        "description": "The routing information that is activated on the connectivity service endpoint. More than one \"routingInfo\" is allowed to enable stacking different routing protocols (e.g., one routing protocol for IPv4 and another one for IPv6).\n",
+                                                        "type": "object",
+                                                        "required": [
+                                                            "routingProtocol",
+                                                            "routingAddressFamily"
+                                                        ],
+                                                        "properties": {
+                                                            "routingProtocol": {
+                                                                "description": "The routing protocol that is activated on the connectivity service endpoint. Permitted values: - BGP: used for dynamic routing BGPv4. - RIP: used for dynamic routing RIPv2. - OSPF: used for dynamic routing (OSPF version 2 for IPv4; and OSPF version 3 for IPv6). - STATIC: used for static routing. - DIRECT: used when the NFVI-PoP network is directly connected to the WAN provider network. - VRRP: used when the NFVI-PoP network is directly connected to the WAN provider network with virtual\n  router redundancy protocol support (VRRP).\n",
+                                                                "type": "string",
+                                                                "enum": [
+                                                                    "BGP",
+                                                                    "RIP",
+                                                                    "OSPF",
+                                                                    "STATIC",
+                                                                    "DIRECT",
+                                                                    "VRRP"
+                                                                ]
+                                                            },
+                                                            "staticRouting": {
+                                                                "description": "Defines a static route. It shall only be present if the routingProtocol=\"STATIC\".\n",
+                                                                "type": "object",
+                                                                "required": [
+                                                                    "ipVersion",
+                                                                    "ipPrefix",
+                                                                    "prefixSize",
+                                                                    "nextHop"
+                                                                ],
+                                                                "properties": {
+                                                                    "ipVersion": {
+                                                                        "description": "The IP version applicable to the routing entry. Permitted values: - IPV4 - IPV6\n",
+                                                                        "type": "string",
+                                                                        "enum": [
+                                                                            "IPV4",
+                                                                            "IPV6"
+                                                                        ]
+                                                                    },
+                                                                    "ipPrefix": {
+                                                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                        "type": "string",
+                                                                        "format": "IP"
+                                                                    },
+                                                                    "prefixSize": {
+                                                                        "description": "The IP prefix size.\n",
+                                                                        "type": "number"
+                                                                    },
+                                                                    "nextHop": {
+                                                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                        "type": "string",
+                                                                        "format": "IP"
+                                                                    }
+                                                                }
+                                                            },
+                                                            "routingAddressFamily": {
+                                                                "description": "The IP version applicable to the dynamic routing protocol. Shall be present for dynamic routing protocols. Permitted values: - IPV4 - IPV6\n",
+                                                                "type": "string",
+                                                                "enum": [
+                                                                    "IPV4",
+                                                                    "IPv6"
+                                                                ]
+                                                            },
+                                                            "ospfRouting": {
+                                                                "description": "Defines parameters for OSPF routing. It shall only be present if the routingProtocol=\"OSPF\".\n",
+                                                                "type": "object",
+                                                                "required": [
+                                                                    "areaId"
+                                                                ],
+                                                                "properties": {
+                                                                    "areaId": {
+                                                                        "description": "The routing area identifier, e.g., a number or an IP address.\n",
+                                                                        "type": "string"
+                                                                    }
+                                                                }
+                                                            },
+                                                            "bgpRouting": {
+                                                                "description": "Defines parameters for BGP routing. It shall only be present if the routingProtocol=\"BGP\".\n",
+                                                                "type": "object",
+                                                                "required": [
+                                                                    "bgpAs"
+                                                                ],
+                                                                "properties": {
+                                                                    "bgpAs": {
+                                                                        "description": "The Autonomous System (AS) identification applicable to the BGP routing info entry.\n",
+                                                                        "type": "object"
+                                                                    },
+                                                                    "bgpNeighbour": {
+                                                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                                        "type": "string",
+                                                                        "format": "IP"
+                                                                    },
+                                                                    "bgpAdditionalParam": {
+                                                                        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                                        "type": "object"
+                                                                    }
+                                                                }
+                                                            },
+                                                            "routeMapsDistribution": {
+                                                                "description": "Maps of routes that are permitted or denied for redistribution.\n",
+                                                                "type": "object",
+                                                                "required": [
+                                                                    "policy",
+                                                                    "sequence",
+                                                                    "matchAndSetRule"
+                                                                ],
+                                                                "properties": {
+                                                                    "policy": {
+                                                                        "description": "The policy to apply to the route distribution.\nPermitted values: - PERMIT - DENY\n",
+                                                                        "type": "string",
+                                                                        "enum": [
+                                                                            "PERMIT",
+                                                                            "DENY"
+                                                                        ]
+                                                                    },
+                                                                    "sequence": {
+                                                                        "description": "Sequence or index number assigned to the route-map.\n",
+                                                                        "type": "number"
+                                                                    },
+                                                                    "matchAndSetRule": {
+                                                                        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                                        "type": "object"
+                                                                    }
+                                                                }
+                                                            }
+                                                        }
+                                                    },
+                                                    "mtuL3": {
+                                                        "description": "Maximum Transmission Unit (MTU) that can be forwarded at layer 3 (in bytes). Default value is \"1500\" (bytes).\n",
+                                                        "type": "number"
+                                                    },
+                                                    "virtualRoutingAndForwarding": {
+                                                        "description": "Configuration related to the virtual routing and forwarding (VRF).\n",
+                                                        "type": "object",
+                                                        "required": [
+                                                            "vrfName"
+                                                        ],
+                                                        "properties": {
+                                                            "vrfName": {
+                                                                "description": "Name (or identifier) of the VRF instance.\n",
+                                                                "type": "string"
+                                                            }
+                                                        }
+                                                    },
+                                                    "bfdConfig": {
+                                                        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                                        "type": "object"
+                                                    }
+                                                }
+                                            }
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    }
+                }
+            },
+            "dataFlowMirroringInfo": {
+                "description": "Information related to Data Flow Mirroring associated to this NS instance\n",
+                "type": "array",
+                "items": {
+                    "description": "This type represents the runtime information that the NFVO holds about a Data Flow Mirroring. \nNOTE: It is responsibility of the NFVO to map the mirroringIds exposed towards the API consumer on the Os-Ma-nfvo reference point with the corresponding identifiers of the data flow mirroring that are created towards the VIM.\n",
+                    "type": "object",
+                    "required": [
+                        "mirroringId",
+                        "mirroringName",
+                        "description",
+                        "collectorDetails",
+                        "vnfInstanceId",
+                        "cpInstanceId",
+                        "dataFlowData"
+                    ],
+                    "properties": {
+                        "mirroringId": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                        },
+                        "mirroringName": {
+                            "description": "Name of Data Flow Mirroring.\n",
+                            "type": "string"
+                        },
+                        "description": {
+                            "description": "Information description of Data Flow Mirroring\n",
+                            "type": "string"
+                        },
+                        "collectorDetails": {
+                            "description": "This type represents the information about where the mirrored flow is to be delivered.  It shall comply with the provisions defined in table 6.5.3.103-1. NOTE: The collector which is attached to this port can be a virtual machine that uses the mirrored\n     data for analysis purpose. The collector is not managed by VIM.\n",
+                            "type": "object",
+                            "required": [
+                                "collectorId",
+                                "collectorName"
+                            ],
+                            "properties": {
+                                "collectorId": {
+                                    "description": "An identifier with the intention of being globally unique.\n",
+                                    "type": "string"
+                                },
+                                "collectorName": {
+                                    "description": "Name of the collector where the mirrored flow is to be delivered.\n",
+                                    "type": "string"
+                                },
+                                "portId": {
+                                    "description": "An identifier maintained by the VIM or the CISM or other resource provider. It is expected to be unique within the VIM instance. Representation: string of variable length.\n",
+                                    "type": "string"
+                                }
+                            }
+                        },
+                        "vnfInstanceId": {
+                            "description": "Identifier of the VNF instance from where the data flows are requested to be mirrored.\n",
+                            "type": "array",
+                            "minItems": 1,
+                            "items": {
+                                "description": "An identifier with the intention of being globally unique.\n",
+                                "type": "string"
+                            }
+                        },
+                        "cpInstanceId": {
+                            "description": "Identifier of the CP instance from where the data flows are mirrored.\n",
+                            "type": "array",
+                            "minItems": 1,
+                            "items": {
+                                "description": "An identifier with the intention of being globally unique.\n",
+                                "type": "string"
+                            }
+                        },
+                        "dataFlowData": {
+                            "description": "Information about the data flows to be mirrored\n",
+                            "type": "array",
+                            "minItems": 1,
+                            "items": {
+                                "description": "This type represents the information about the data flows to be mirrored.  It shall comply with the provisions defined in table 6.5.3.101-1. NOTE: A value need not be provided at runtime if the APIconsumer does not  intend to refer to a data flow defined in the NSD.\n",
+                                "type": "object",
+                                "required": [
+                                    "DataFlowDetails"
+                                ],
+                                "properties": {
+                                    "dataFlowInfoId": {
+                                        "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                                        "type": "string"
+                                    },
+                                    "dataFlowDetails": {
+                                        "description": "This type represents the detailed information about the data flows that are requested to be mirrored. It shall comply with the provisions defined in table 6.5.3.102-1.\nNOTE 1: It shall be present when dataFlowInfoId in DataFlowData is not provided. NOTE 2: Depends on the value of the direction of the data flow to be mirrored, this attribute defines whether the data flow from the connection point to the target IP address or the data flow from the target IP address to the connection point or both shall be mirrored.\n",
+                                        "type": "object",
+                                        "properties": {
+                                            "description": {
+                                                "description": "Information description of the data flow.\n",
+                                                "type": "string"
+                                            },
+                                            "cpdId": {
+                                                "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                                                "type": "string"
+                                            },
+                                            "direction": {
+                                                "type": "string",
+                                                "description": "The enumeration DirectionType represents the direction of the data flow that are requested to be mirrored. It shall comply with the provisions defined in table 6.5.4.12-1.",
+                                                "enum": [
+                                                    "IN",
+                                                    "OUT",
+                                                    "BOTH"
+                                                ]
+                                            },
+                                            "targetIpAddress": {
+                                                "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                                "type": "string",
+                                                "format": "IP"
+                                            }
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    }
+                }
+            },
+            "nsPaasServiceInfo": {
+                "description": "Information on the PaaS Services assigned and used by an NS constituent  other than VNF instances. See note 4. \n",
+                "type": "array",
+                "items": {
+                    "description": "This type provides information about a PaaS Service that is used  by a VNF instance or some other NS constituent. he PaasServiceInfo is  comprised of various sets of information. Some information comes from the  descriptors (e.g.,VNFD or NSD), other information comes from the PaaS Service assets provided by the NFVO to the VNFM, and other information is provided  as runtime information about the usage of the PaaS Service.\nNOTE: Either a \"nsPaasServiceRequestId\" or a \"vnfPaasServiceRequestId\" shall be provided, but not both.\n",
+                    "type": "object",
+                    "oneOf": [
+                        {
+                            "required": [
+                                "paasServiceId",
+                                "paasServiceType",
+                                "paasServiceHandle",
+                                "nsPaasServiceRequestId"
+                            ]
+                        },
+                        {
+                            "required": [
+                                "paasServiceId",
+                                "paasServiceType",
+                                "paasServiceHandle",
+                                "vnfPaasServiceRequestId"
+                            ]
+                        }
+                    ],
+                    "properties": {
+                        "id": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                        },
+                        "paasServiceId": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                        },
+                        "paasServiceType": {
+                            "description": "The type of PaaS Service. The value of this attribute is expected to be matched against values of the registered PaaS Services in the PSR.\n",
+                            "type": "string"
+                        },
+                        "paasServiceVersion": {
+                            "description": "A Version. Representation: string of variable length.\n",
+                            "type": "string"
+                        },
+                        "nsPaasServiceRequestId": {
+                            "description": "An identifier that is unique within a NS descriptor. Representation: string of variable length.\n",
+                            "type": "string"
+                        },
+                        "vnfPaasServiceRequestId": {
+                            "description": "Identifier of the VNF Virtual Link Descriptor (VLD) in the VNFD.\n",
+                            "type": "string"
+                        },
+                        "paasServiceHandle": {
+                            "description": "This type provides information enabling the access and use of the PaaS Service by a VNF instance  or some other NS constituent. The type and format of the handle depends on the form that the PaaS  Service is formed.\n",
+                            "type": "object",
+                            "required": [
+                                "id"
+                            ],
+                            "properties": {
+                                "id": {
+                                    "description": "An identifier with the intention of being globally unique.\n",
+                                    "type": "string"
+                                },
+                                "interfaceInfo": {
+                                    "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                    "type": "object"
+                                },
+                                "accessInfo": {
+                                    "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                    "type": "object"
+                                },
+                                "extra": {
+                                    "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                                    "type": "object"
+                                }
+                            }
+                        },
+                        "additionalInfo": {
+                            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of key- value pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 7159.\n",
+                            "type": "object"
+                        }
+                    }
+                }
+            },
+            "_links": {
+                "type": "object",
+                "description": "Links to resources related to this resource.",
+                "required": [
+                    "self"
+                ],
+                "properties": {
+                    "self": {
+                        "description": "This type represents a link to a resource.\n",
+                        "type": "object",
+                        "required": [
+                            "href"
+                        ],
+                        "properties": {
+                            "href": {
+                                "description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
+                                "type": "string",
+                                "format": "url"
+                            }
+                        }
+                    },
+                    "nestedNsInstances": {
+                        "description": "Links to resources related to this notification.\n",
+                        "type": "array",
+                        "items": {
+                            "description": "This type represents a link to a resource.\n",
+                            "type": "object",
+                            "required": [
+                                "href"
+                            ],
+                            "properties": {
+                                "href": {
+                                    "description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
+                                    "type": "string",
+                                    "format": "url"
+                                }
+                            }
+                        }
+                    },
+                    "vnfSnapshotInfos": {
+                        "description": "Links to the VNF snapshots associated to VNF instances which are part of this NS instance.\n",
+                        "type": "array",
+                        "items": {
+                            "description": "This type represents a link to a resource.\n",
+                            "type": "object",
+                            "required": [
+                                "href"
+                            ],
+                            "properties": {
+                                "href": {
+                                    "description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
+                                    "type": "string",
+                                    "format": "url"
+                                }
+                            }
+                        }
+                    },
+                    "instantiate": {
+                        "description": "This type represents a link to a resource.\n",
+                        "type": "object",
+                        "required": [
+                            "href"
+                        ],
+                        "properties": {
+                            "href": {
+                                "description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
+                                "type": "string",
+                                "format": "url"
+                            }
+                        }
+                    },
+                    "terminate": {
+                        "description": "This type represents a link to a resource.\n",
+                        "type": "object",
+                        "required": [
+                            "href"
+                        ],
+                        "properties": {
+                            "href": {
+                                "description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
+                                "type": "string",
+                                "format": "url"
+                            }
+                        }
+                    },
+                    "update": {
+                        "description": "This type represents a link to a resource.\n",
+                        "type": "object",
+                        "required": [
+                            "href"
+                        ],
+                        "properties": {
+                            "href": {
+                                "description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
+                                "type": "string",
+                                "format": "url"
+                            }
+                        }
+                    },
+                    "scale": {
+                        "description": "This type represents a link to a resource.\n",
+                        "type": "object",
+                        "required": [
+                            "href"
+                        ],
+                        "properties": {
+                            "href": {
+                                "description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
+                                "type": "string",
+                                "format": "url"
+                            }
+                        }
+                    },
+                    "heal": {
+                        "description": "This type represents a link to a resource.\n",
+                        "type": "object",
+                        "required": [
+                            "href"
+                        ],
+                        "properties": {
+                            "href": {
+                                "description": "URI of a resource referenced from a notification. Should be an absolute URI (i.e. a URI that contains {apiRoot}), however, may be a relative URI (i.e. a URI where the {apiRoot} part is omitted) if the {apiRoot} information is not available.\n",
+                                "type": "string",
+                                "format": "url"
+                            }
+                        }
+                    }
+                }
+            }
+        }
+    }
+}
\ No newline at end of file
diff --git a/SOL005/NSPerformanceManagement-API/IndividualPmJob.robot b/SOL005/NSPerformanceManagement-API/IndividualPmJob.robot
index 95c3605c602610606e5f388f7b2a087bb51c09f3..706a040168d8c2e40934fc8b471bfbee2029aa61 100644
--- a/SOL005/NSPerformanceManagement-API/IndividualPmJob.robot
+++ b/SOL005/NSPerformanceManagement-API/IndividualPmJob.robot
@@ -16,7 +16,7 @@ GET individual NS Performance Job
     ...    Test title: Get individual NS Performance Job
     ...    Test objective: The objective is to test the retrieval of an individual NS Performance monitoring job and perform a JSON schema and content validation of the collected job data structure
     ...    Pre-conditions: A NS instance is instantiated. One or more NS Performance jobs are set in the NFVO.
-    ...    Reference: Clause 7.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -30,7 +30,7 @@ GET individual NS Performance Job with invalid resource identifier
     ...    Test title: Get individual NS Performance Job with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of an individual NS Performance monitoring job fails when using an invalid resource identifier, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: A NS instance is instantiated. One or more NS Performance jobs are set in the NFVO.
-    ...    Reference: Clause 7.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -43,7 +43,7 @@ DELETE Individual NS Performance Job with invalid resource identifier
     ...    Test title: Delete individual NS Performance Job with invalid resource identifier
     ...    Test objective: The objective is to test that the deletion of an individual NS Performance monitoring job fails when using an invalid resource identifier
     ...    Pre-conditions: A NS instance is instantiated. One or more NS Performance jobs are set in the NFVO.
-    ...    Reference: Clause 7.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -55,7 +55,7 @@ POST Individual NS Performance Job - Method not implemented
     ...    Test title: POST Individual NS Performance Job - method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new NS Performance Monitoring Job
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.3.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.3.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -67,7 +67,7 @@ PUT Individual NS Performance Job - Method not implemented
     ...    Test title: PUT Individual NS Performance Job - method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to update an existing NS Performance Monitoring Job
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.3.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.3.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -79,7 +79,7 @@ PATCH Individual NS Performance Job
     ...    Test title: PATCH Individual NS Performance Job 
     ...    Test objective: The objective is to test that PATCH method modify an existing new NS Performance Monitoring Job
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance jobs are set in the NFVO.
-    ...    Reference: Clause 6.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 6.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: Resource modified
@@ -92,7 +92,7 @@ DELETE Individual NS Performance Job
     ...    Test title: Delete Individual NS Performance Job
     ...    Test objective: The objective is to test the deletion of an individual NS Performance monitoring job
     ...    Pre-conditions: A NS instance is instantiated. One or more NS Performance jobs are set in the NFVO.
-    ...    Reference: Clause 7.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The NS Performance Job is no more available in the NFVO    
@@ -105,7 +105,7 @@ PATCH Individual NS Performance Job - Precondition failed
     ...    Test title: PATCH Individual NS Performance Job - Precondition failed
     ...    Test objective: The objective is to attempt to Modify an individual NS Performance job fails, where the precondition was not met
     ...    Pre-conditions: The related job already exist
-    ...    Reference: Clause 7.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The resource is not modified
@@ -118,7 +118,7 @@ PATCH Individual NS Performance Job - Precondition failed HTTP Conditional Reque
     ...    Test title: PATCH Individual NS Performance Job - Precondition failed HTTP Conditional Request Not Supported
     ...    Test objective: The objective is to attempt to Modify an individual NS Performance job fails, where the API Producer does not support "Last-Modified" and "ETag" HTTP Headers
     ...    Pre-conditions: The related job already exist
-    ...    Reference: Clause 7.4.3.3.4, 4.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.3.3.4, 4.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: API Producer does not support "Last-Modified" and "ETag" HTTP Headers
     ...    Post-Conditions: The resource is not modified
@@ -131,10 +131,36 @@ PATCH Individual NS Performance Job - Unprocessable Content
     ...    Test title: PATCH Individual NS Performance Job - Unprocessable Content
     ...    Test objective: The objective is to test that PATCH method cannot modify an exsisting individual PM job resource when a request contains syntactically correct data but the data cannot be processed.
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance jobs are set in the NFVO.
-    ...    Reference: Clause 7.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send Patch request for individual NS Performance Job with unprocessable content
     Check HTTP Response Status Code Is    422
     Check HTTP Response Body Json Schema Is    ProblemDetails
+
+GET individual NS Performance Job with permitted authorization scope
+    [Documentation]    Test ID: 5.3.4.2.10
+    ...    Test title: Get individual NS Performance Job with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of an individual NS Performance monitoring job with permitted authorization scope
+    ...    Pre-conditions: A NS instance is instantiated. One or more NS Performance jobs are set in the NFVO.
+    ...    Reference: Clause 7.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET individual NS Performance Job with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   PmJob
+    Check HTTP Response Body Pm Job Identifier matches the requested Pm Job
+
+GET individual NS Performance Job with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.4.2.11
+    ...    Test title: Get individual NS Performance Job with not permitted authorization scope
+    ...    Test objective: The objective is to test that the retrieval of an individual NS Performance monitoring job fails when using not permitted authorization scope
+    ...    Pre-conditions: A NS instance is instantiated. One or more NS Performance jobs are set in the NFVO.
+    ...    Reference: Clause 7.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET individual NS Performance Job with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/NSPerformanceManagement-API/IndividualReport.robot b/SOL005/NSPerformanceManagement-API/IndividualReport.robot
index f848fdbc5d157b8443a1ea61c711eb2e54d32de2..9b15875a1028d930046a7b087c08103ed3234292 100644
--- a/SOL005/NSPerformanceManagement-API/IndividualReport.robot
+++ b/SOL005/NSPerformanceManagement-API/IndividualReport.robot
@@ -11,7 +11,7 @@ Get Individual Performance Report
     ...    Test title: Get Individual Performance Report
     ...    Test objective: The objective is to test the retrieval of an individual NS performance report associated to a monitoring job and perform a JSON schema validation of the collected report data structure
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance reports are set for a monitoring job in the NFVO.
-    ...    Reference: Clause 7.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -24,7 +24,7 @@ Get Individual Performance Report with invalid resource endpoint
     ...    Test title: Get Individual Performance Report with invalid resource endpoint
     ...    Test objective:  The objective is to test that the retrieval of an individual NS performance report associated to a monitoring job fails when using an invalid resource endpoint 
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance reports are set for a monitoring job in the NFVO.
-    ...    Reference: Clause 7.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -37,7 +37,7 @@ POST Individual Performance Report - Method not implemented
     ...    Test title: POST Individual Performance Report - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new NS performance report within a monitoring job
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -49,7 +49,7 @@ PUT Individual Performance Report - Method not implemented
     ...    Test title: PUT Individual Performance Report - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to update an existing NS performance report within a monitoring job
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.4.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.4.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -61,7 +61,7 @@ PATCH Individual Performance Report - Method not implemented
     ...    Test title: PATCH Individual Performance Report - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to modify an existing NS performance report within a monitoring job
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.4.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.4.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -73,10 +73,34 @@ DELETE Individual Performance Report - Method not implemented
     ...    Test title: DELETE Individual Performance Report - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete an existing NS performance report within a monitoring job
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.4.4.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.4.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send Delete request for Individual Performance Report
     Check HTTP Response Status Code Is    405
 
+Get Individual Performance Report with permitted authorization scope
+    [Documentation]    Test ID: 5.3.4.3.7
+    ...    Test title: Get Individual Performance Report with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of an individual NS performance report associated to a monitoring job with permitted authorization scope
+    ...    Pre-conditions: A NS instance is instantiated. One or more NS performance reports are set for a monitoring job in the NFVO.
+    ...    Reference: Clause 7.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Individual Performance Report with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   PerformanceReport
+
+Get Individual Performance Report with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.4.3.8
+    ...    Test title: Get Individual Performance Report with not permitted authorization scope
+    ...    Test objective: The objective is to test that the retrieval of an individual NS performance report associated to a monitoring job fails when using permitted authorization scope
+    ...    Pre-conditions: A NS instance is instantiated. One or more NS performance reports are set for a monitoring job in the NFVO.
+    ...    Reference: Clause 7.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Individual Performance Report with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
diff --git a/SOL005/NSPerformanceManagement-API/IndividualThreshold.robot b/SOL005/NSPerformanceManagement-API/IndividualThreshold.robot
index 8fc83339db3418689faf1c37e3eff3a3e811462d..4db3987deff76c04fdbaa3a63d567f984bd6c872 100644
--- a/SOL005/NSPerformanceManagement-API/IndividualThreshold.robot
+++ b/SOL005/NSPerformanceManagement-API/IndividualThreshold.robot
@@ -18,7 +18,7 @@ GET Individual Threshold
     ...    Test title: GET Individual Threshold
     ...    Test objective: The objective is to test the retrieval of an individual NS performance threshold and perform a JSON schema and content validation of the collected threshold data structure
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance thresholds are set in the NFVO.
-    ...    Reference: Clause 7.4.6.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.6.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -32,7 +32,7 @@ GET Individual Threshold with invalid resource identifier
     ...    Test title: GET Individual Threshold with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of an individual NS performance threshold fails when using an invalid resource identifier
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance jobs are set in the NFVO.
-    ...    Reference: Clause 7.4.6.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.6.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -45,7 +45,7 @@ DELETE Individual Threshold with invalid resource identifier
     ...    Test title: DELETE Individual Threshold with invalid resource identifier
     ...    Test objective: The objective is to test the deletion of an individual NS performance threshold
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance thresholds are set in the NFVO.
-    ...    Reference: Clause 7.4.6.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.6.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -57,7 +57,7 @@ POST Individual Threshold - Method not implemented
     ...    Test title: POST Individual Threshold - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new NS performance Threshold
     ...    Pre-conditions: A NS instance is instantiated
-    ...    Reference: Clause 7.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -69,7 +69,7 @@ PUT Individual Threshold - Method not implemented
     ...    Test title: PUT Individual Threshold - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to update an existing NS performance threshold
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance thresholds are set in the NFVO.
-    ...    Reference: Clause 7.4.6.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.6.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -81,7 +81,7 @@ PATCH Individual Threshold
     ...    Test title: PATCH Individual Threshold 
     ...    Test objective: The objective is to test that PATCH method modify an existing NS performance threshold
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance thresholds are set in the NFVO.
-    ...    Reference: Clause 7.4.6.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.6.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The NS performance Threshold is modified by the operation
@@ -95,7 +95,7 @@ DELETE Individual Threshold
     ...    Test title: DELETE Individual Threshold
     ...    Test objective: The objective is to test the deletion of an individual NS performance threshold
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance thresholds are set in the NFVO.
-    ...    Reference: Clause 7.4.6.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.6.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The NS performance Threshold is not available anymore in the NFVO    
@@ -108,7 +108,7 @@ PATCH Individual Threshold - Precondition failed
     ...    Test title: PATCH Individual Threshold - Precondition failed 
     ...    Test objective: The objective is to attempt to Modify an individual NS Performance threshold fails, where the precondition was not met
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance thresholds are set in the NFVO.
-    ...    Reference: Clause 7.4.6.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.6.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The NS performance Threshold is not modified by the operation
@@ -122,7 +122,7 @@ PATCH Individual Threshold - Precondition failed HTTP Conditional Request Not Su
     ...    Test title: PATCH Individual Threshold - Precondition failed HTTP Conditional Request Not Supported
     ...    Test objective: The objective is to attempt to Modify an individual NS Performance threshold fails, where the API Producer does not support "Last-Modified" and "ETag" HTTP Headers
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance thresholds are set in the NFVO.
-    ...    Reference: Clause 7.4.6.3.4, 4.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.6.3.4, 4.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: API Producer does not support "Last-Modified" and "ETag" HTTP Headers
     ...    Post-Conditions: The NS performance Threshold is not modified by the operation
@@ -136,7 +136,7 @@ PATCH Individual Threshold - Unprocessable Content
     ...    Test title: PATCH Individual NS Performance Job - Unprocessable Content
     ...    Test objective: The objective is to test that PATCH method cannot modify an exsisting individual PM job resource when a request contains syntactically correct data but the data cannot be processed.
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance jobs are set in the NFVO.
-    ...    Reference: Clause 7.4.6.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.6.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The NS performance Threshold is not modified by the operation
@@ -144,3 +144,29 @@ PATCH Individual Threshold - Unprocessable Content
     Check HTTP Response Status Code Is    422
     Check HTTP Response Body Json Schema Is    ProblemDetails
     Check Postcondition NS performance Threshold is Unmodified (Implicit)
+
+GET Individual Threshold with permitted authorization scope
+    [Documentation]    Test ID: 5.3.4.5.10
+    ...    Test title: GET Individual Threshold with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of an individual NS performance threshold with permitted authorization scope
+    ...    Pre-conditions: A NS instance is instantiated. One or more NS performance thresholds are set in the NFVO.
+    ...    Reference: Clause 7.4.6.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET individual NS performance Threshold with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   Threshold
+    Check HTTP Response Body Threshold Identifier matches the requested Threshold  
+
+GET Individual Threshold with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.4.5.11
+    ...    Test title: GET Individual Threshold with not permitted authorization scope
+    ...    Test objective: The objective is to test that the retrieval of an individual NS performance threshold fails when using not permitted authorization scope
+    ...    Pre-conditions: A NS instance is instantiated. One or more NS performance thresholds are set in the NFVO.
+    ...    Reference: Clause 7.4.6.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET individual NS performance Threshold with not permitted authorization scope
+    Check HTTP Response Status Code Is    401    
diff --git a/SOL005/NSPerformanceManagement-API/NSPerformanceManagementKeywords.robot b/SOL005/NSPerformanceManagement-API/NSPerformanceManagementKeywords.robot
index 515ed39350367af5d762d18e8fa5aab760c21151..90519ae92dabadf66f63238a0b44fed8314fb62c 100644
--- a/SOL005/NSPerformanceManagement-API/NSPerformanceManagementKeywords.robot
+++ b/SOL005/NSPerformanceManagement-API/NSPerformanceManagementKeywords.robot
@@ -9,6 +9,7 @@ Library    Collections
 Library    JSONSchemaLibrary    schemas/
 Library    Process
 Library    String
+Library    jwt
 
 *** Keywords ***
 GET all NS Performance Monitoring Jobs
@@ -19,6 +20,28 @@ GET all NS Performance Monitoring Jobs
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+GET all NS Performance Monitoring Jobs with permitted authorization scope
+    Log    Trying to get all PM Jobs present in the NFVO
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${JOBS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+GET all NS Performance Monitoring Jobs with not permitted authorization scope
+    Log    Trying to get all PM Jobs present in the NFVO
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
 GET NS Performance Monitoring Jobs with attribute-based filter
     Log    Trying to get all PM Jobs present in the NFVO, using filter params
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
@@ -211,6 +234,28 @@ GET individual NS Performance Job
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+GET individual NS Performance Job with permitted authorization scope
+    Log    Trying to get a Pm Job present in the NFVO Catalogue
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${JOBS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs/${pmJobId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+GET individual NS Performance Job with not permitted authorization scope
+    Log    Trying to get a Pm Job present in the NFVO Catalogue
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs/${pmJobId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
 GET individual NS Performance Job with invalid resource identifier  
     Log    Trying to perform a negative get, using erroneous PM Job identifier
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
@@ -354,11 +399,33 @@ Check HTTP Response Body Pm Job Identifier matches the requested Pm Job
 Get Individual Performance Report
     Log    Trying to get a performance report present in the NFVO
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
-    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    ${scopeValue}=    Create Dictionary    scope=${JOBS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs/${pmJobId}/reports/${reportId}
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+Get Individual Performance Report with permitted authorization scope
+    Log    Trying to get a performance report present in the NFVO
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs/${pmJobId}/reports/${reportId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output} 
+
+Get Individual Performance Report with not permitted authorization scope
+    Log    Trying to get a performance report present in the NFVO
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs/${pmJobId}/reports/${reportId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}   
+
 Get Individual Performance Report with invalid resource endpoint
     Log    Trying to get a performance report with invalid resource endpoint
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
@@ -409,6 +476,29 @@ GET all Performance Thresholds
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+GET all Performance Thresholds with permitted authorization scope
+    Log    Trying to get all thresholds present in the NFVO    
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${THRESHOLDS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/thresholds
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+ 
+GET all Performance Thresholds with not permitted authorization scope
+    Log    Trying to get all thresholds present in the NFVO    
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/thresholds
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}   
+
 GET Performance Thresholds with attribute-based filter
     Log    Trying to get thresholds present in the NFVO with filter
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
@@ -520,6 +610,28 @@ GET Individual NS performance Threshold
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+GET Individual NS performance Threshold with permitted authorization scope
+    Log    Trying to get a Threhsold present in the NFVO
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${THRESHOLDS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/thresholds/${thresholdId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+GET Individual NS performance Threshold with not permitted authorization scope
+    Log    Trying to get a Threhsold present in the NFVO
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/thresholds/${thresholdId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}   
+
 GET individual NS performance Threshold with invalid resource identifier
     Log    Trying to get a Threhsold with invalid resource endpoint
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
@@ -687,3 +799,8 @@ Check Notification Endpoint
 Check HTTP Response Header Contains Location
     ${linkURL}=    Get Value From Json    ${response['headers']}    $..Link
     Should Not Be Empty    ${linkURL}
+
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded} 
diff --git a/SOL005/NSPerformanceManagement-API/NotificationEndpoint.robot b/SOL005/NSPerformanceManagement-API/NotificationEndpoint.robot
index a4519edea9e086b25953081c48c2a76232790ef0..3aae58739b7f8613b4f32a6149d35a21b08862a8 100644
--- a/SOL005/NSPerformanceManagement-API/NotificationEndpoint.robot
+++ b/SOL005/NSPerformanceManagement-API/NotificationEndpoint.robot
@@ -13,7 +13,7 @@ NS Performance Information Availability Notification
     ...    Test title: NS Performance Information Availability Notification
     ...    Test objective: The objective is to test that NS Performance Information Availability Notification is delivered with success to the notification consumer
     ...    Pre-conditions: A NS performance job is created, and information availability notifications is available in the NFVO.
-    ...    Reference: Clause 7.4.9.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.9.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -25,7 +25,7 @@ NS Threshold Crossed Notification
     ...    Test title: NS Threshold Crossed Notification
     ...    Test objective: The objective is to test that NS Threshold Crossed Notification is delivered with success to the notification consumer
     ...    Pre-conditions: A NS performance job is created, and threshold crossed notifications is available in the NFVO.
-    ...    Reference: Clause 7.4.9.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.9.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL005/NSPerformanceManagement-API/Notifications.robot b/SOL005/NSPerformanceManagement-API/Notifications.robot
index 5874b6f2fabd3885e2de4038b70a8a5d3ca25424..2884c6a556f62b044491fcc1c600c6430b625181 100644
--- a/SOL005/NSPerformanceManagement-API/Notifications.robot
+++ b/SOL005/NSPerformanceManagement-API/Notifications.robot
@@ -16,7 +16,7 @@ NS Performance Information Availability Notification
     ...    Test title: NS Performance Information Availability Notification
     ...    Test objective: The objective is to test the dispatch of NS Performance Information Availability Notification when new NS performance information is available in the NFVO, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A NS performance job is created, and a subscription for information availability notifications is available in the NFVO.
-    ...    Reference: Clause 7.4.9.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.9.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -29,7 +29,7 @@ NS Threshold Crossed Notification
     ...    Test title: NS Threshold Crossed Notification
     ...    Test objective: The objective is to test the dispatch of NS Threshold Crossed Notification when a previously set NS performance metric threshold is crossed, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A NS performance job is created, and a threshold subscription is available in the NFVO.
-    ...    Reference: Clause 7.4.9.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.9.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL005/NSPerformanceManagement-API/PMJobs.robot b/SOL005/NSPerformanceManagement-API/PMJobs.robot
index 2593818b4b8e3cdbedb023f3ddc9ee83a679e759..62fd7ed18cb88b186b498dc8f7dc79322ac0198d 100644
--- a/SOL005/NSPerformanceManagement-API/PMJobs.robot
+++ b/SOL005/NSPerformanceManagement-API/PMJobs.robot
@@ -17,7 +17,7 @@ GET all NS Performance Monitoring Jobs
     ...    Test title: GET all NS Performance Monitoring Jobs
     ...    Test objective: The objective is to test the retrieval of all the available NS performance monitoring jobs and perform a JSON schema and content validation of the collected jobs data structure
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance jobs are set in the NFVO.
-    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -31,7 +31,7 @@ GET NS Performance Monitoring Jobs with attribute-based filter
     ...    Test title: GET all NS Performance Monitoring Jobs with attribute-based filter
     ...    Test objective: The objective is to test the retrieval of NS performance monitoring jobs using attribute-based filter, perform a JSON schema validation of the collected jobs data structure, and verify that the retrieved information matches the issued attribute-based filter
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance jobs are set in the NFVO.
-    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -45,7 +45,7 @@ GET all NS Performance Monitoring Jobs with "all_fields" attribute selector
     ...    Test title: GET all NS Performance Monitoring Jobs with "all_fields" attribute selector
     ...    Test objective: The objective is to test the retrieval of all NS performance monitoring jobs "all_fields" attribute selector, perform a JSON schema validation of the collected jobs data structure, and verify that the retrieved information matches the issued "all_fileds" selector
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance jobs are set in the NFVO.
-    ...    Reference: Clause 4.3.3.2.1, 7.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 4.3.3.2.1, 7.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -59,7 +59,7 @@ GET all NS Performance Monitoring Jobs with "exclude_default" attribute selector
     ...    Test title: GET all NS Performance Monitoring Jobs with "exclude_default" attribute selector
     ...    Test objective: The objective is to test the retrieval of all NS performance monitoring jobs "exclude_default" attribute selector, perform a JSON schema validation of the collected jobs data structure, and verify that the retrieved information matches the issued "exclude_default" selector
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance jobs are set in the NFVO.
-    ...    Reference: Clause 4.3.3.2.1, 7.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 4.3.3.2.1, 7.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -73,7 +73,7 @@ GET all NS Performance Monitoring Jobs with "fields" attribute selector
     ...    Test title: GET all NS Performance Monitoring Jobs with "fields" attribute selector
     ...    Test objective: The objective is to test the retrieval of all NS performance monitoring jobs "fields" attribute selector, perform a JSON schema validation of the collected jobs data structure, and verify that the retrieved information matches the issued "include" selector
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance jobs are set in the NFVO.
-    ...    Reference: Clause 4.3.3.2.1, 7.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 4.3.3.2.1, 7.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports the use of "include" attribute selector
     ...    Post-Conditions: none
@@ -87,7 +87,7 @@ GET all NS Performance Monitoring Jobs with "exclude" attribute selector
     ...    Test title: GET all NS Performance Monitoring Jobs with exclude_fields attribute selector
     ...    Test objective: The objective is to test the retrieval of all NS performance monitoring jobs "exclude" attribute selector, perform a JSON schema validation of the collected jobs data structure, and verify that the retrieved information matches the issued "exclude" selector
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance jobs are set in the NFVO.
-    ...    Reference: Clause 4.3.3.2.1, 7.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 4.3.3.2.1, 7.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports the use of "exclude" attribute selector
     ...    Post-Conditions: none
@@ -101,7 +101,7 @@ GET NS Performance Monitoring Jobs with invalid attribute-based filter
     ...    Test title: GET NS Performance Monitoring Jobs with invalid attribute-based filter
     ...    Test objective: The objective is to test that the retrieval of NS performance monitoring jobs fails when using invalid attribute-based filter, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance jobs are set in the NFVO.
-    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -114,7 +114,7 @@ GET NS Performance Monitoring Jobs with invalid resource endpoint
     ...    Test title: GET NS Performance Monitoring Jobs with invalid resource endpoint
     ...    Test objective: The objective is to test that the retrieval of NS performance monitoring jobs fails when using invalid resource endpoint
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance jobs are set in the NFVO.
-    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -127,7 +127,7 @@ Create new NS Performance Monitoring Job
     ...    Test title:  Create a new NS Performance Monitoring Job
     ...    Test objective: The objective is to test the creation of a new NS performance monitoring job and perform the JSON schema validation of the returned job data structure
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance jobs are set in the NFVO.
-    ...    Reference: Clause 7.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The NS Performance Job is successfully created on the NFVO
@@ -141,7 +141,7 @@ PUT all NS Performance Monitoring Jobs - Method not implemented
     ...    Test title: PUT all NS Performance Monitoring Jobs - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify NS Performance Monitoring Jobs
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance jobs are set in the NFVO.
-    ...    Reference: Clause 7.4.2.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.2.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -153,7 +153,7 @@ PATCH all NS Performance Monitoring Jobs - Method not implemented
     ...    Test title: PATCH all NS Performance Monitoring Jobs - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update NS Performance Monitoring Jobs
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance jobs are set in the NFVO.
-    ...    Reference: Clause 7.4.2.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.2.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -165,7 +165,7 @@ DELETE all NS Performance Monitoring Jobs - Method not implemented
     ...    Test title: DELETE all NS Performance Monitoring Jobs - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete NS Performance Monitoring Jobs
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance jobs are set in the NFVO.
-    ...    Reference: Clause 7.4.2.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.2.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -177,7 +177,7 @@ GET all NS Performance Monitoring Jobs as Paged Response
     ...    Test title: GET all NS Performance Monitoring Jobs as Paged Response
     ...    Test objective: The objective is to test the retrieval of all the available NS performance monitoring jobs as paged response.
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance jobs are set in the NFVO.
-    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -190,7 +190,7 @@ GET NS Performance Monitoring Jobs - Bad Request Response too Big
     ...    Test title: GET NS Performance Monitoring Jobs - Bad Request Response too Big
     ...    Test objective: The objective is to test that the retrieval of NS performance monitoring jobs fails because reponse is too big, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance jobs are set in the NFVO.
-    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -203,7 +203,7 @@ GET all NS Performance Monitoring Jobs with "fields" and "exclude_default" attri
     ...    Test title: GET all NS Performance Monitoring Jobs with "fields" and "exclude_default" attribute selector
     ...    Test objective: The objective is to test the retrieval of all NS performance monitoring jobs "fields" and "exclude_default" attribute selector, perform a JSON schema validation of the collected jobs data structure, and verify that the retrieved information matches the issued selector
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance jobs are set in the NFVO.
-    ...    Reference: Clause 4.3.3.2.1, 7.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 4.3.3.2.1, 7.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports the use of "include" attribute selector
     ...    Post-Conditions: none
@@ -217,10 +217,36 @@ POST new NS Performance Monitoring Job - Unprocessable Content
     ...    Test title: POST new NS Performance Monitoring Job - Unprocessable Content
     ...    Test objective:  The objective is to test the creation of a new NS performance monitoring job fails when a request contains syntactically correct data but the data cannot be processed.
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance jobs are set in the NFVO.
-    ...    Reference: clause 7.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: clause 7.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send POST request for NS Performance Monitoring Job with unprocessable content
     Check HTTP Response Status Code Is    422
     Check HTTP Response Body Json Schema Is    ProblemDetails
+
+GET all NS Performance Monitoring Jobs with permitted authorization scope
+    [Documentation]    Test ID: 5.3.4.1.17
+    ...    Test title: GET all NS Performance Monitoring Jobs with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of all the available NS performance monitoring jobs with permitted authorization scope
+    ...    Pre-conditions: A NS instance is instantiated. One or more NS performance jobs are set in the NFVO.
+    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET all NS Performance Monitoring Jobs with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   PmJobs
+    Check HTTP Response Body PmJobs Do Not Contain reports
+
+GET all NS Performance Monitoring Jobs with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.4.1.17
+    ...    Test title: GET all NS Performance Monitoring Jobs with not permitted authorization scope
+    ...    Test objective: The objective is to test that the retrieval of all the available NS performance monitoring jobs fails when using not permitted authorization scope
+    ...    Pre-conditions: A NS instance is instantiated. One or more NS performance jobs are set in the NFVO.
+    ...    Reference: Clause 7.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET all NS Performance Monitoring Jobs with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/NSPerformanceManagement-API/Thresholds.robot b/SOL005/NSPerformanceManagement-API/Thresholds.robot
index f2f8a5cad858b71bb6b34307e2e2d0727fef997d..2c71268f3021fcd3c68912fb45bc2774f77dd929 100644
--- a/SOL005/NSPerformanceManagement-API/Thresholds.robot
+++ b/SOL005/NSPerformanceManagement-API/Thresholds.robot
@@ -18,7 +18,7 @@ GET All Performance Thresholds
     ...    Test title: GET All Performance Thresholds
     ...    Test objective: The objective is to test the retrieval of all the available NS performance thresholds and perform a JSON schema validation of the collected thresholds data structure
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance thresholds are set in the NFVO.
-    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -31,7 +31,7 @@ GET Performance Thresholds with attribute-based filter
     ...    Test title: GET Performance Thresholds with attribute-based filter
     ...    Test objective: The objective is to test the retrieval of all the available NS performance thresholds when using attribute-based filters, perform a JSON schema validation of the collected thresholds data structure, and verify that the retrieved information matches the issued attribute-based filter
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance thresholds are set in the NFVO.
-    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -45,7 +45,7 @@ GET Performance Thresholds with invalid attribute-based filter
     ...    Test title: GET Performance Thresholds with invalid attribute-based filter
     ...    Test objective: The objective is to test that the retrieval of NS performance thresholds fails when using invalid attribute-based filter, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance thresholds are set in the NFVO.
-    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -58,7 +58,7 @@ GET Performance Thresholds with invalid resource endpoint
     ...    Test title: GET Performance Thresholds with invalid resource endpoint
     ...    Test objective: The objective is to test that the retrieval of NS performance thresholds fails when using invalid resource endpoint, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance thresholds are set in the NFVO.
-    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -71,7 +71,7 @@ Create new Performance Threshold
     ...    Test title:  Create new Performance Threshold
     ...    Test objective: The objective is to test the creation of a new NS performance threshold and perform the JSON schema validation of the returned threshold data structure
     ...    Pre-conditions: A NS instance is instantiated.
-    ...    Reference: Clause 7.4.5.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.5.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The NS performance Threshold is successfully created on the NFVO
@@ -86,7 +86,7 @@ PUT Performance Thresholds - Method not implemented
     ...    Test title: PUT Performance Thresholds - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify NS performance Thresholds
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance thresholds are set in the NFVO.
-    ...    Reference: Clause 7.4.5.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.5.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -98,7 +98,7 @@ PATCH Performance Thresholds - Method not implemented
     ...    Test title: PATCH Performance Thresholds - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to modify NS performance Thresholds
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance thresholds are set in the NFVO.
-    ...    Reference: Clause 7.4.5.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.5.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -110,7 +110,7 @@ DELETE Performance Thresholds - Method not implemented
     ...    Test title: DELETE Performance Thresholds - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to update NS performance Thresholds
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance thresholds are set in the NFVO.
-    ...    Reference: Clause 7.4.5.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.5.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -122,7 +122,7 @@ GET All Performance Thresholds as Paged Response
     ...    Test title: GET All Performance Thresholds as Paged Response
     ...    Test objective: The objective is to test the retrieval of all the available NS performance thresholds as paged response.
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance thresholds are set in the NFVO.
-    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -135,7 +135,7 @@ GET Performance Thresholds - Bad Request Response too Big
     ...    Test title: GET Performance Thresholds - Bad Request Response too Big
     ...    Test objective: The objective is to test that the retrieval of NS performance thresholds fails because reponse is too big, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: A NS instance is instantiated. One or more NS performance thresholds are set in the NFVO.
-    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -148,11 +148,36 @@ POST new Performance Threshold - Unprocessable Content
     ...    Test title: POST new Performance Threshold - Unprocessable Content
     ...    Test objective:  The objective is to test the creation of a new NS performance threshold fails when a request contains syntactically correct data but the data cannot be processed.
     ...    Pre-conditions: A NS instance is instantiated.
-    ...    Reference: clause 7.4.5.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: clause 7.4.5.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send POST request for Performance threshold with unprocessable content
     Check HTTP Response Status Code Is    422
     Check HTTP Response Body Json Schema Is    ProblemDetails
+
+GET All Performance Thresholds with permitted authorization scope
+    [Documentation]    Test ID: 5.3.4.4.12
+    ...    Test title: GET All Performance Thresholds with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of all the available NS performance thresholds with permitted authorization scope
+    ...    Pre-conditions: A NS instance is instantiated. One or more NS performance thresholds are set in the NFVO.
+    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET all Performance Thresholds with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   Thresholds
+
+GET All Performance Thresholds with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.4.4.13
+    ...    Test title: GET All Performance Thresholds with not permitted authorization scope
+    ...    Test objective: The objective is to test that the retrieval of all the available NS performance thresholds fails when using not permitted authorization scope
+    ...    Pre-conditions: A NS instance is instantiated. One or more NS performance thresholds are set in the NFVO.
+    ...    Reference: Clause 7.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET all Performance Thresholds with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
     
diff --git a/SOL005/NSPerformanceManagement-API/environment/variables.txt b/SOL005/NSPerformanceManagement-API/environment/variables.txt
index c0bb21017be0a7f7e6a977c1cca614d14a846f6a..7cdb907ac145596d10196718e10604a53e6e59e2 100644
--- a/SOL005/NSPerformanceManagement-API/environment/variables.txt
+++ b/SOL005/NSPerformanceManagement-API/environment/variables.txt
@@ -4,6 +4,12 @@ ${NFVO_PORT}      8081    # Listening port of the NFVO
 ${NFVO_SCHEMA}    https
 ${AUTHORIZATION_HEADER}    Authorization
 ${AUTHORIZATION_TOKEN}    Bearer 0b79bab50daca910b000d4f1a2b675d604257e42
+
+${OAUTH_ENCRIPTION_ALGORITHM}    HS256
+${JOBS_PERMITTED_SCOPE}    nspm:v2:pm_jobs 
+${THRESHOLDS_PERMITTED_SCOPE}    nspm:v2:thresholds 
+${NOT_PERMITTED_SCOPE}    nspm:v2:invalid
+
 ${CONTENT_TYPE_JSON}    application/json
 ${ACCEPT_JSON}    application/json
 ${apiRoot}        /
diff --git a/SOL005/VNFPackageManagement-API/AccessConfigurationForExternalArtifacts.robot b/SOL005/VNFPackageManagement-API/AccessConfigurationForExternalArtifacts.robot
index b50411050323da29347c797c4b874b9d68f73639..2bfc5170428268dbb3b8a112b0a7c0acbb782837 100644
--- a/SOL005/VNFPackageManagement-API/AccessConfigurationForExternalArtifacts.robot
+++ b/SOL005/VNFPackageManagement-API/AccessConfigurationForExternalArtifacts.robot
@@ -11,7 +11,7 @@ Get Access configuration for external artifacts
     ...    Test title: Get Access configuration for external artifacts
     ...    Test objective: The objective is to test the GET method reads the access configuration information that is used by the NFVO to get the content of external VNF package artifacts and perform a JSON schema and content validation of the collected data structure
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.4a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.4a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -24,7 +24,7 @@ Get Access configuration for external artifacts - Not Found
     ...    Test title: Get Access configuration for external artifacts - Not Found
     ...    Test objective: The objective is to test that the retrieval of access configuration information that is used by the NFVO to get the content of external VNF package artifacts fails because resource is not present.
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.4a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.4a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -37,7 +37,7 @@ PUT Access configuration for external artifacts
     ...    Test title: Access configuration for external artifacts
     ...    Test objective: The objective is to test that PUT method provides the access configuration information for the NFVO to download the content of external VNF package artifacts.
     ...    Pre-conditions:  the individual VNF package resource shall have been created, and the value of "onboardingState" attribute shall equal to "CREATED" or "ERROR"
-    ...    Reference: Clause 9.4.4a.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.4a.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -51,7 +51,7 @@ PUT Access configuration for external artifacts - Downloading
     ...    Test title: Access configuration for external artifacts - Downloading
     ...    Test objective: The objective is to test that VNF package has been uploaded successfully previously, to indicate that the access configuration information has been stored successfully by the NFVO and the NFVO now starts downloading external artifacts.
     ...    Pre-conditions:  the individual VNF package resource shall have been created, and the value of "onboardingState" attribute shall equal to "CREATED" or "ERROR"
-    ...    Reference: Clause 9.4.4a.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.4a.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -64,7 +64,7 @@ PUT Access configuration for external artifacts - Conflict
     ...    Test title: Access configuration for external artifacts
     ...    Test objective: The objective is to test that PUT method provides the access configuration information for the NFVO to download the content of external VNF package artifacts.
     ...    Pre-conditions:  the individual VNF package resource shall have been created, and the value of "onboardingState" attribute is neither "CREATED" nor "ERROR"
-    ...    Reference: Clause 9.4.4a.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.4a.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -77,7 +77,7 @@ POST Access configuration for external artifacts - Method not implemented
     ...    Test title: POST Access configuration for external artifacts - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create access configuration for external artifacts
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.4a.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.4a.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -89,7 +89,7 @@ PATCH Access configuration for external artifacts - Method not implemented
     ...    Test title: PATCH Access configuration for external artifacts - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update access configuration for external artifacts
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.4a.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.4a.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -101,9 +101,34 @@ DELETE Access configuration for external artifacts - Method not implemented
     ...    Test title: DELETE Access configuration for external artifacts - Method not implemented
     ...    Test objective: The objective is to test that DELETE  method is not allowed to delete access configuration for external artifacts
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.4a.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.4a.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send DELETE Request for Access configuration for external artifacts
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+Get Access configuration for external artifacts with permitted authorization scope
+    [Documentation]    Test ID: 5.3.5.11.9
+    ...    Test title: Get Access configuration for external artifacts with permitted authorization scope
+    ...    Test objective: The objective is to test the GET method reads the access configuration information that is used by the NFVO to get the content of external VNF package artifacts with permitted authorization scope
+    ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
+    ...    Reference: Clause 9.4.4a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get access configuration information for external artifacts with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   ExternalArtifactsAccessConfig
+
+Get Access configuration for external artifacts with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.5.11.10
+    ...    Test title: Get Access configuration for external artifacts with not permitted authorization scope
+    ...    Test objective: The objective is to test that the GET method to read the access configuration information fails when using not permitted authorization scope
+    ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
+    ...    Reference: Clause 9.4.4a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get access configuration information for external artifacts with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/VNFPackageManagement-API/IndividualSubscription.robot b/SOL005/VNFPackageManagement-API/IndividualSubscription.robot
index 99801802810cb7907ff8c3c22e2e492c40a3ef12..1a27c4e7730be352b9acabab94ae451a3d42a826 100644
--- a/SOL005/VNFPackageManagement-API/IndividualSubscription.robot
+++ b/SOL005/VNFPackageManagement-API/IndividualSubscription.robot
@@ -12,7 +12,7 @@ GET Individual VNF Package Subscription
     ...    Test title: GET Individual VNF Package Subscription
     ...    Test objective: The objective is to test the retrieval of individual VNF package subscription and perform a JSON schema and content validation of the returned subscription data structure
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 9.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -27,7 +27,7 @@ GET Individual VNF Package Subscription with invalid resource identifier
     ...    Test title: GET Individual VNF Package Subscription with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of an individual VNF package subscription fails when using an invalid resource identifier
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 9.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -40,7 +40,7 @@ DELETE Individual VNF Package Subscription with invalid resource identifier
     ...    Test title: DELETE Individual VNF Package Subscription with invalid resource identifier
     ...    Test objective: The objective is to test that the deletion of an individual VNF package subscription fails when using an invalid resource identifier
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 9.4.9.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.9.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -52,7 +52,7 @@ POST Individual VNF Package Subscription - Method not implemented
     ...    Test title: POST Individual VNF Package Subscription - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new VNF Package Subscription
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.9.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.9.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -64,7 +64,7 @@ PUT Individual VNF Package Subscription - Method not implemented
     ...    Test title: PUT Individual VNF Package Subscription - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to update an existing VNF Package subscription
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 9.4.9.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.9.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -76,7 +76,7 @@ PATCH Individual VNF Package Subscription - Method not implemented
     ...    Test title: PATCH Individual VNF Package Subscription - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to modify an existing VNF Package subscription
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 9.4.9.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.9.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -88,10 +88,37 @@ DELETE Individual VNF Package Subscription
     ...    Test title: DELETE Individual VNF Package Subscription
     ...    Test objective: The objective is to test the deletion of an individual VNF package subscription
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 9.4.9.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.9.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The VNF Package Subscription is not available anymore in the NFVO    
     Send Delete request for individual VNF Package Subscription
     Check HTTP Response Status Code Is    204
-    Check Postcondition VNF Package Subscription is Deleted
\ No newline at end of file
+    Check Postcondition VNF Package Subscription is Deleted
+
+GET Individual VNF Package Subscription with permitted authorization scope
+    [Documentation]    Test ID: 5.3.5.8.8
+    ...    Test title: GET Individual VNF Package Subscription with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of individual VNF package subscription with permitted authorization scope
+    ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
+    ...    Reference: Clause 9.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Individual VNF Package Subscription with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   PkgmSubscription
+    Check HTTP Response Body Subscription Identifier matches the requested Subscription
+    Check HTTP Response Body PkgmSubscription content against VNF Descriptor
+
+GET Individual VNF Package Subscription with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.5.8.8
+    ...    Test title: GET Individual VNF Package Subscription with not permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of individual VNF package subscription fails when using not permitted authorization scope
+    ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
+    ...    Reference: Clause 9.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Individual VNF Package Subscription with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/VNFPackageManagement-API/IndividualVNFPackage.robot b/SOL005/VNFPackageManagement-API/IndividualVNFPackage.robot
index ad4c51d02de4c2dbe8c644f95c7e1c4458c69bc4..3b071cb1dd680eb0cc9d6e1d57e67abb9ed05779 100644
--- a/SOL005/VNFPackageManagement-API/IndividualVNFPackage.robot
+++ b/SOL005/VNFPackageManagement-API/IndividualVNFPackage.robot
@@ -11,7 +11,7 @@ GET Individual VNF Package
     ...    Test title: GET Individual VNF Package
     ...    Test objective: The objective is to test the retrieval of an individual VNF package information perform a JSON schema validation of the collected data structure
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -26,7 +26,7 @@ GET Individual VNF Package with invalid resource identifier
     ...    Test title: GET Individual VNF Package with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of an individual VNF package fails when using an invalid resource identifier
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -39,7 +39,7 @@ POST Individual VNF Package - Method not implemented
     ...    Test title: POST Individual VNF Package - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create new VNF Package
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.3.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.3.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -51,7 +51,7 @@ PUT Individual VNF Package - Method not implemented
     ...    Test title: PUT Individual VNF Package - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify a VNF Package
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.3.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.3.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -63,7 +63,7 @@ Disable Individual VNF Package
     ...    Test title: Disable Individual VNF Package  
     ...    Test objective: The objective is to test the disabling of an individual VNF Package  and perform a JSON schema and content validation of the collected data structure
     ...    Pre-conditions: One or more VNF Packages are onboarded in the NFVO in ENABLED operational state.
-    ...    Reference: Clause 9.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The VNF Package is in operational state DISABLED
@@ -77,7 +77,7 @@ Disable Individual VNF Package with conflict due to operational state DISABLED
     ...    Test title: Disable Individual VNF Package with conflict due to operational state DISABLED
     ...    Test objective: The objective is to test that disabling an individual VNF Package that is already in DISABLED operational state fails and perform a JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: One or more VNF Packages are onboarded in the NFVO in DISABLED operational state (Test ID 5.3.5.2.5).
-    ...    Reference: Clause 9.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -90,7 +90,7 @@ Enable Individual VNF Package
     ...    Test title: Enable Individual VNF Package
     ...    Test objective: The objective is to test the enabling of an individual VNF Package and perform a JSON schema and content validation of the collected data structure
     ...    Pre-conditions: One or more VNF Packages are onboarded in the NFVO in DISABLED operational state (Test ID 5.3.5.2.5).
-    ...    Reference: Clause 9.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The VNF Package is in operational state ENABLED
@@ -104,7 +104,7 @@ Enable Individual VNF Package with conflict due to operational state ENABLED
     ...    Test title: Enable Individual VNF Package with conflict due to operational state ENABLED
     ...    Test objective: The objective is to test that enabling an individual VNF Package that is already in ENABLED operational state fails and perform a JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: One or more VNF Packages are onboarded in the NFVO in ENABLED operational state (Test ID 5.3.5.2.7).
-    ...    Reference: Clause 9.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -117,7 +117,7 @@ DELETE Individual VNF Package
     ...    Test title: DELETE Individual VNF Package
     ...    Test objective: The objective is to test the deletion of an individual VNF Package
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO in DISABLED operational state
-    ...    Reference: Clause 9.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The VNF Package is not available anymore in the NFVO 
@@ -130,7 +130,7 @@ DELETE Individual VNF Package in operational state ENABLED
     ...    Test title:  DELETE Individual VNF Package in operational state ENABLED
     ...    Test objective: The objective is to test that the deletion of an individual VNF Package in operational state ENABLED fails. The test also performs a JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: One or more VNF Package are onboarded in the NFVO in ENABLED operational state (Test ID 5.3.1.2.7).
-    ...    Reference: Clause 9.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The VNF Package is not deleted by the failed operation. 
@@ -144,11 +144,37 @@ DELETE Individual VNF Package used for instantiated VNF instances
     ...    Test title:  DELETE Individual VNF Package used for instantiated VNF instances
     ...    Test objective: The objective is to test that the deletion of an individual VNF Package that is used in instantiated VNF instances fails. The test also performs a JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: One or more VNF instances are instantiated based on the concerned VNF package.
-    ...    Reference: Clause 9.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The VNF Package is not deleted by the failed operation. 
     Send DELETE Request for Individual VNF Package used for instantiated VNF instances
     Check HTTP Response Status Code Is    409
     Check HTTP Response Body Json Schema Is   ProblemDetails
-    Check Postcondition VNF Package Exists
\ No newline at end of file
+    Check Postcondition VNF Package Exists
+
+Disable Individual VNF Package with permitted authorization scope
+    [Documentation]    Test ID: 5.3.5.2.12
+    ...    Test title: Disable Individual VNF Package with permitted authorization scope
+    ...    Test objective: The objective is to test the disabling of an individual VNF Package with permitted authorization scope
+    ...    Pre-conditions: One or more VNF Packages are onboarded in the NFVO in ENABLED operational state.
+    ...    Reference: Clause 9.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: The VNF Package is in operational state DISABLED
+    Send PATCH to disable Individual VNF Package with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   VnfPkgInfoModification
+    Check Postcondition VNF Package is in operational state    DISABLED
+
+Disable Individual VNF Package with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.5.2.13
+    ...    Test title: Disable Individual VNF Package with not permitted authorization scope
+    ...    Test objective: The objective is to test that the disabling of an individual VNF Package fails when using not permitted authorization scope
+    ...    Pre-conditions: One or more VNF Packages are onboarded in the NFVO in ENABLED operational state.
+    ...    Reference: Clause 9.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Send PATCH to disable Individual VNF Package with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/VNFPackageManagement-API/IndividualVNFPackageArtifacts.robot b/SOL005/VNFPackageManagement-API/IndividualVNFPackageArtifacts.robot
index 6e44e2489fde9a4b9b28db79a6686ff16f9d62d1..e776f0254af75c0391457a20fa84c82d8c11e088 100644
--- a/SOL005/VNFPackageManagement-API/IndividualVNFPackageArtifacts.robot
+++ b/SOL005/VNFPackageManagement-API/IndividualVNFPackageArtifacts.robot
@@ -11,7 +11,7 @@ GET Individual VNF Package Artifact
     ...    Test title: GET Individual VNF Package Artifact
     ...    Test objective: The objective is to test the retrieval of an individual VNF package artifact
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -23,7 +23,7 @@ GET Individual VNF Package Artifact in octet stream format
     ...    Test title: GET Individual VNF Package Artifact in octet stream format
     ...    Test objective: The objective is to test the retrieval of an individual VNF package artifact when the NFVO cannot determine the artifact content type. The test performs a validation that the returned artifcat in is octet-stream format 
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO cannot determine the content type of the artifact
     ...    Post-Conditions: none
@@ -36,7 +36,7 @@ GET Individual VNF Package Artifact with Range Request and NFVO supporting Range
     ...    Test title: GET Individual VNF Package Artifact with Range Request and NFVO supporting Range Requests
     ...    Test objective: The objective is to test the retrieval of an individual VNF package artifact when using a range request to return single range of bytes from the file, with the NFVO supporting it. The test also perform a validation that returned content matches the issued range
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports range requests to return single range of bytes from the VNF package artifact
     ...    Post-Conditions: none
@@ -50,7 +50,7 @@ GET Individual VNF Package Artifact with Range Request and NFVO not supporting R
     ...    Test title: GET Individual VNF Package Artifact with Range Request and NFVO not supporting Range Requests
     ...    Test objective: The objective is to test that the retrieval of an individual VNF package artifact, when using a range request to return single range of bytes from the file and the NFVO not supporting it, returns the full VNF Package artifact.
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO does not support range requests to return single range of bytes from the VNF package artifact
     ...    Post-Conditions: none    
@@ -62,7 +62,7 @@ GET Individual VNF Package Artifact with invalid Range Request
     ...    Test title: GET Individual VNF Package Artifact with invalid Range Request
     ...    Test objective: The objective is to test that the retrieval of an individual VNF package artifact fails when using a range request that does not match any available byte range in the file.
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports range requests to return single range of bytes from the VNF package artifact
     ...    Post-Conditions: none      
@@ -74,7 +74,7 @@ GET Individual VNF Package Artifact with invalid resource identifier
     ...    Test title: GET Individual VNF Package Artifact with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of an individual VNF package artifact fails when using an invalid resource identifier
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -87,7 +87,7 @@ GET Individual VNF Package Artifact with conflict due to onboarding state
     ...    Test title: GET Individual VNF Package Artifact with conflict due to onboarding state
     ...    Test objective: The objective is to test that the retrieval of an individual VNF package artifact fails due to a conflict when the VNF Package is not in onboarding state ONBOARDED in the NFVO. The test also performs a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: The onboarding state of the VNF package for which the content is requested is different from ONBOARDED.
-    ...    Reference: Clause 9.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -100,7 +100,7 @@ POST Individual VNF Package Artifact - Method not implemented
     ...    Test title: POST Individual VNF Package Artifact - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create new VNF Package artifact
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.7.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.7.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -112,7 +112,7 @@ PUT Individual VNF Package Artifact - Method not implemented
     ...    Test title: PUT Individual VNF Package Artifact - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify a VNF Package artifact
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.7.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.7.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -124,7 +124,7 @@ PATCH Individual VNF Package Artifact - Method not implemented
     ...    Test title: PATCH Individual VNF Package Artifact - Method not implemented
     ...    Test objective: The objective is to test that PATCH  method is not allowed to update a VNF Package artifact
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.7.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.7.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -136,9 +136,33 @@ DELETE Individual VNF Package Artifact - Method not implemented
     ...    Test title: DELETE Individual VNF Package Artifact - Method not implemented
     ...    Test objective: The objective is to test that DELETE  method is not allowed to delete a VNF Package artifact
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.7.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.7.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send DELETE Request for individual VNF Package Artifact
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+GET Individual VNF Package Artifact with permitted authorization scope
+    [Documentation]    Test ID: 5.3.5.6.1
+    ...    Test title: GET Individual VNF Package Artifact with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of an individual VNF package artifact with permitted authorization scope
+    ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
+    ...    Reference: Clause 9.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual VNF Package Artifact with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+
+GET Individual VNF Package Artifact with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.5.6.1
+    ...    Test title: GET Individual VNF Package Artifact with not permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of an individual VNF package artifact fails when using not permitted authorization scope
+    ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
+    ...    Reference: Clause 9.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual VNF Package Artifact with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/VNFPackageManagement-API/ManifestInIndividualVNFPackage.robot b/SOL005/VNFPackageManagement-API/ManifestInIndividualVNFPackage.robot
index c77ce8c5e85994137408d13b3aa98945ff14c06a..1815de9bf09f9b64902dabb0e3a77e013b6cedbc 100644
--- a/SOL005/VNFPackageManagement-API/ManifestInIndividualVNFPackage.robot
+++ b/SOL005/VNFPackageManagement-API/ManifestInIndividualVNFPackage.robot
@@ -11,7 +11,7 @@ Get Manifest in Individual VNF Package
     ...    Test title: Get Manifest in Individual VNF Package
     ...    Test objective: The objective is to test that content of manifest within a NVF Package is read successfully.
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.4b.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.4b.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -24,7 +24,7 @@ Get Manifest in Individual VNF Package with security information
     ...    Test title: Get Manifest in Individual VNF Package with security information
     ...    Test objective: The objective is to test the retrieval of the Manifest in individual VNF package shall include in the ZIP archive the security information when requested with "include_signature" parameter, and perform a validation that returned content is in zip format
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.4b.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.4b.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -37,7 +37,7 @@ Get Manifest in Individual VNF Package - Not Acceptable
     ...    Test title: Get Manifest in Individual VNF Package - Not Acceptable
     ...    Test objective: The objective is to test that the "Accept" header is not compatible with Content type "application/zip" but "incude_signature" is provided.\
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.4b.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.4b.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -50,7 +50,7 @@ Get Manifest in Individual VNF Package - Conflict
     ...    Test title: Get Manifest in Individual VNF Package - Conflict
     ...    Test objective: The objective is to test that the operation cannot be executed currently, due to a conflict with the state of the resource.
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.4b.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.4b.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -63,7 +63,7 @@ POST Manifest in Individual VNF Package - Method not implemented
     ...    Test title: POST Manifest in Individual VNF Package - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create new Manifest
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.4b.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.4b.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -75,7 +75,7 @@ PUT Manifest in Individual VNF Package - Method not implemented
     ...    Test title: PUT Manifest in Individual VNF Package - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify a Manifest
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.4b.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.4b.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -87,7 +87,7 @@ PATCH Manifest in Individual VNF Package - Method not implemented
     ...    Test title: PATCH Manifest in Individual VNF Package - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update a Manifest
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.4b.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.4b.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -99,9 +99,34 @@ DELETE Manifest in Individual VNF Package - Method not implemented
     ...    Test title: DELETE Manifest in Individual VNF Package - Method not implemented
     ...    Test objective: The objective is to test that DELETE  method is not allowed to delete a Manifest
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.4b.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.4b.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send DELETE Request for Manifest in individual VNF Package
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+Get Manifest in Individual VNF Package with permitted authorization scope
+    [Documentation]    Test ID: 5.3.5.12.9
+    ...    Test title: Get Manifest in Individual VNF Package with permitted authorization scope
+    ...    Test objective: The objective is to test that content of manifest within a NVF Package is read successfully with permitted authorization scope.
+    ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
+    ...    Reference: Clause 9.4.4b.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Manifest in Individual VNF Package in plainFormat with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Header Content-Type Is    text/plain
+
+Get Manifest in Individual VNF Package with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.5.12.10
+    ...    Test title: Get Manifest in Individual VNF Package with not permitted authorization scope
+    ...    Test objective: The objective is to test that content of manifest within a NVF Package fails when using not permitted authorization scope.
+    ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
+    ...    Reference: Clause 9.4.4b.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Manifest in Individual VNF Package in plainFormat with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/VNFPackageManagement-API/NotificationEndpoint.robot b/SOL005/VNFPackageManagement-API/NotificationEndpoint.robot
index e2c33abb1dbb915144d5b8e24832d9a8999700dc..edb0d5a56c32f9f0b922681ce295cd8f2647e02a 100644
--- a/SOL005/VNFPackageManagement-API/NotificationEndpoint.robot
+++ b/SOL005/VNFPackageManagement-API/NotificationEndpoint.robot
@@ -14,7 +14,7 @@ VNF Package Onboarding Notification
     ...    Test title: VNF Package Onboarding Notification
     ...    Test objective: The objective is to test that VNF Package Onboarding Notification is delivered with success to the notification consumer
     ...    Pre-conditions: A VNF package subscription for onboarding notifications is available in the NFVO.
-    ...    Reference: Clause 9.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -26,7 +26,7 @@ VNF Package Change Notification
     ...    Test title: VNF Package Change Notification
     ...    Test objective: The objective is to test that VNF Package Change Notification is delivered with success to the notification consumer
     ...    Pre-conditions: A VNF package subscription for change notifications is available in the NFVO.
-    ...    Reference: Clause 9.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL005/VNFPackageManagement-API/Notifications.robot b/SOL005/VNFPackageManagement-API/Notifications.robot
index 4c5ac65280a768c07bcbd88709f13b1c14312e6f..f31ef8dca7b2b1fff2874434416e0ffe150f822f 100644
--- a/SOL005/VNFPackageManagement-API/Notifications.robot
+++ b/SOL005/VNFPackageManagement-API/Notifications.robot
@@ -16,7 +16,7 @@ VNF Package Onboarding Notification
     ...    Test title: VNF Package Onboarding Notification
     ...    Test objective: The objective is to test the dispatch of VNF Package Onboarding notification when the VNF package onboarding operation is successfully completed, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A VNF package subscription for onboarding notifications is available in the NFVO.
-    ...    Reference: Clause 9.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -29,7 +29,7 @@ VNF Package Operational State Change Notification
     ...    Test title: VNF Package Operational State Change Notification
     ...    Test objective: The objective is to test the dispatch of VNF Package Change notification when the VNF package operational state is modified, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A VNF package subscription for change notifications is available in the NFVO.
-    ...    Reference: Clause 9.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -43,7 +43,7 @@ VNF Package Deletion Notification
     ...    Test title: VNF Package Deletion Notification
     ...    Test objective: The objective is to test the dispatch of VNF Package Change notification when the VNF package is deleted on the NFVO, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A VNF package subscription for change notifications is available in the NFVO.
-    ...    Reference: Clause 9.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL005/VNFPackageManagement-API/Subscriptions.robot b/SOL005/VNFPackageManagement-API/Subscriptions.robot
index 0602f8b8274184f9c5da9b4bea755a046b8419a9..e64445da2319059c7b58450aea861f0e4e733898 100644
--- a/SOL005/VNFPackageManagement-API/Subscriptions.robot
+++ b/SOL005/VNFPackageManagement-API/Subscriptions.robot
@@ -16,7 +16,7 @@ Get All VNF Package Subscriptions
     ...    Test title: GET all VNF Package Subscriptions
     ...    Test objective: The objective is to test the retrieval of all VNF package subscriptions and perform a JSON schema validation of the returned subscriptions data structure
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 9.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -29,7 +29,7 @@ Get VNF Package Subscriptions with attribute-based filter
     ...    Test title: Get VNF Package Subscriptions with attribute-based filter
     ...    Test objective: The objective is to test the retrieval of VNF package subscriptions using attribute-based filter, perform a JSON schema validation of the collected data structure, and verify that the retrieved information matches the issued attribute-based filters 
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 9.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -43,7 +43,7 @@ Get VNF Package Subscriptions with invalid attribute-based filter
     ...    Test title: Get VNF Package Subscriptions with attribute-based filters
     ...    Test objective: The objective is to test that the retrieval of VNF package subscriptions fails when using invalid attribute-based filters, and perform the JSON schema validation of the failed operation HTTP response. 
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 9.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -56,7 +56,7 @@ GET VNF Package Subscription with invalid resource endpoint
     ...    Test title: GET VNF Package Subscription with invalid resource endpoint
     ...    Test objective: The objective is to test that the retrieval of all VNF package subscriptions fails when using invalid resource endpoint.
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 9.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -69,7 +69,7 @@ Create new VNF Package subscription
     ...    Test title: Create new VNF Package subscription
     ...    Test objective: The objective is to test the creation of a new VNF package subscription and perform a JSON schema and content validation of the returned subscription data structure
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.8.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.8.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The VNF package subscription is successfully set and it matches the issued subscription    
@@ -85,7 +85,7 @@ Create duplicated VNF Package subscription with NFVO not creating duplicated sub
     ...    Test title: Create duplicated VNF Package subscription with NFVO not creating duplicated subscriptions
     ...    Test objective: The objective is to test the attempt of a creation of a duplicated VNF package subscription and check that no new subscription is created by the NFVO and a link to the original subscription is returned
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 9.4.8.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.8.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO does not support the creation of duplicated subscriptions
     ...    Post-Conditions: The existing VNF package subscription returned is available in the NFVO
@@ -101,7 +101,7 @@ Create duplicated VNF Package subscription with NFVO creating duplicated subscri
     ...    Test title: Create duplicated VNF Package subscription with NFVO creating duplicated subscriptions
     ...    Test objective: The objective is to test the creation of a duplicated VNF package subscription and perform a JSON schema and content validation of the returned duplicated subscription data structure
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 9.4.8.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.8.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports the creation of duplicated subscriptions
     ...    Post-Conditions: The duplicated VNF package subscription is successfully set and it matches the issued subscription
@@ -116,7 +116,7 @@ PUT VNF Package Subscriptions - Method not implemented
     ...    Test title: PUT VNF Package Subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify VNF package subscriptions
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 9.4.8.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.8.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -128,7 +128,7 @@ PATCH VNF Package Subscriptions - Method not implemented
     ...    Test title: PATCH VNF Package Subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update VNF package subscriptions
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 9.4.8.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.8.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -151,7 +151,7 @@ Get All VNF Package Subscriptions as Paged Response
     ...    Test title: GET all VNF Package Subscriptions as Paged Response
     ...    Test objective: The objective is to test the retrieval of all VNF package subscriptions as paged response.
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 9.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -164,10 +164,35 @@ Get VNF Package Subscriptions - Bad Request Response too Big
     ...    Test title: Get VNF Package Subscriptions - Bad Request Response too Big
     ...    Test objective: The objective is to test that the retrieval of VNF package subscriptions fails because response is too big, and perform the JSON schema validation of the failed operation HTTP response. 
     ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
-    ...    Reference: Clause 9.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     Get all VNF Package Subscriptions
     Check HTTP Response Status Code Is    400
-    Check HTTP Response Body Json Schema Is   ProblemDetails   
\ No newline at end of file
+    Check HTTP Response Body Json Schema Is   ProblemDetails   
+
+Get All VNF Package Subscriptions with permitted authorization scope
+    [Documentation]    Test ID: 5.3.5.7.13
+    ...    Test title: GET all VNF Package Subscriptions with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of all VNF package subscriptions with permitted authorization scope
+    ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
+    ...    Reference: Clause 9.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none    
+    Get all VNF Package Subscriptions with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    PkgmSubscriptions
+
+Get All VNF Package Subscriptions with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.5.7.14
+    ...    Test title: GET all VNF Package Subscriptions with not permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of all VNF package subscriptions fails when using not permitted authorization scope
+    ...    Pre-conditions: At least one VNF package subscription is available in the NFVO.
+    ...    Reference: Clause 9.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none    
+    Get all VNF Package Subscriptions with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/VNFPackageManagement-API/VNFDInIndividualVNFPackage.robot b/SOL005/VNFPackageManagement-API/VNFDInIndividualVNFPackage.robot
index 2b0f2f40fe34d45b74717579f1895f4f81e5270b..6507002eb5a8131041a3167864e103e08c418b07 100644
--- a/SOL005/VNFPackageManagement-API/VNFDInIndividualVNFPackage.robot
+++ b/SOL005/VNFPackageManagement-API/VNFDInIndividualVNFPackage.robot
@@ -22,7 +22,7 @@ Get VNFD in Individual VNF Package in Zip Format
     ...    Test title: Get VNFD in Individual VNF Package in Zip Format
     ...    Test objective: The objective is to test the retrieval of the VNFD in zip format for an individual VNF package and perform a validation that returned content is in zip format
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -68,7 +68,7 @@ Get VNFD in Individual VNF Package with invalid resource identifier
     ...    Test title: Get VNFD in Individual VNF Package with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of the VNFD for an individual VNF Package fails when using an invalid resource identifier
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -81,7 +81,7 @@ Get VNFD in Individual VNF Package with conflict due to onboarding state
     ...    Test title: Get VNFD in Individual VNF Package with conflict due to onboarding state
     ...    Test objective: The objective is to test that the retrieval of the VNFD for an individual VNF Package fails due to a conflict when the VNF Package is not in onboarding state ONBOARDED in the NFVO. The test also performs a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: The onboarding state of the VNF package for which the VNFD is requested is different from ONBOARDED.
-    ...    Reference: Clause 9.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -94,7 +94,7 @@ POST VNFD in Individual VNF Package - Method not implemented
     ...    Test title: POST VNFD in Individual VNF Package - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create new VNFD
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -106,7 +106,7 @@ PUT VNFD in Individual VNF Package - Method not implemented
     ...    Test title: PUT VNFD in Individual VNF Package - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify a VNFD
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.4.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.4.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -118,7 +118,7 @@ PATCH VNFD in Individual VNF Package - Method not implemented
     ...    Test title: PATCH VNFD in Individual VNF Package - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update a VNFD
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.4.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.4.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -130,7 +130,7 @@ DELETE VNFD in Individual VNF Package - Method not implemented
     ...    Test title: DELETE VNFD in Individual VNF Package - Method not implemented
     ...    Test objective: The objective is to test that DELETE  method is not allowed to delete a VNFD
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.4.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.4.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -142,14 +142,39 @@ Get VNFD in Individual VNF Package with security information
     ...    Test title: Get VNFD in Individual VNF Package with security information
     ...    Test objective: The objective is to test the retrieval of the VNFD in zip format for an individual VNF package shall include in the ZIP archive the security information when requested with "include_signature" parameter, and perform a validation that returned content is in zip format
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     Get VNFD in Individual VNF Package with security information
     Check HTTP Response Status Code Is    200
     Check HTTP Response Header Content-Type Is    application/zip
-    
+
+Get VNFD in Individual VNF Package in Zip Format with permitted authorization scope
+    [Documentation]    Test ID: 5.3.5.3.13
+    ...    Test title: Get VNFD in Individual VNF Package in Zip Format with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of the VNFD in zip format for an individual VNF package with permitted authorization scope
+    ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
+    ...    Reference: Clause 9.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get VNFD in Individual VNF Package in Zip Format with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Header Content-Type Is    application/zip
+
+Get VNFD in Individual VNF Package in Zip Format with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.5.3.14
+    ...    Test title: Get VNFD in Individual VNF Package in Zip Format with not permitted authorization scope
+    ...    Test objective: The objective is to test that the retrieval of the VNFD in zip format for an individual VNF package fails when using not permitted authorization scope
+    ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
+    ...    Reference: Clause 9.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get VNFD in Individual VNF Package in Zip Format with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
+
 *** Keywords ***
 Void
     log    do nothing
diff --git a/SOL005/VNFPackageManagement-API/VNFPackageArtifacts.robot b/SOL005/VNFPackageManagement-API/VNFPackageArtifacts.robot
index d0e465324f33c386544690bf0e32ec3fe7ef4967..d7624582ea60cdefe4e991419584bbc45de92e75 100644
--- a/SOL005/VNFPackageManagement-API/VNFPackageArtifacts.robot
+++ b/SOL005/VNFPackageManagement-API/VNFPackageArtifacts.robot
@@ -12,7 +12,7 @@ Get VNF Package Artifact
     ...    Test title: Get VNF Package Artifact
     ...    Test objective: The objective is to test that the GET request read the whole content of the archive containing the artifact files successfully, and perform a validation that returned content is in Zip format
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.5a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.5a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -25,7 +25,7 @@ Get VNF Package Artifact with "exclude_all_mano_artifacts" parameter
     ...    Test title: Get VNF Package Artifact with "exclude_all_mano_artifacts" parameter
     ...    Test objective: The objective is to test that the GET request read the whole content of the archive containing the artifact files successfully and it doesnot contain additional MANO artifacts  when requested with "exclude_all_mano_artifacts" parameter
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.5a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.5a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -38,7 +38,7 @@ Get VNF Package Artifact with "exclude_all_non_mano_artifacts" parameter
     ...    Test title: Get VNF Package Artifact with "exclude_all_non_mano_artifacts" parameter
     ...    Test objective: The objective is to test that the GET request read the whole content of the archive containing the artifact files successfully and it doesnot contain non-MANO Artifacts when requested with "exclude_all_non_mano_artifacts" parameter
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.5a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.5a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -51,7 +51,7 @@ Get VNF Package Artifact with "select_non_mano_artifact_sets" parameter
     ...    Test title: Get VNF Package Artifact with "select_non_mano_artifact_sets" parameter
     ...    Test objective: The objective is to test that the GET request read the whole content of the archive containing the artifact files successfully and also contain non_MANO artifacts set when requested with "select_non_mano_artifact_sets" parameter
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.5a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.5a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -64,7 +64,7 @@ Get VNF Package Artifact with "include_signatures" parameter
     ...    Test title: Get VNF Package Artifact with "include_signatures" parameter
     ...    Test objective: The objective is to test that the GET request read the whole content of the archive containing the artifact files successfully and also contain security certificates when requested with "include_signature" parameter, and perform a validation that returned content is in Zip format
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.5a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.5a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -77,7 +77,7 @@ Get VNF Package Artifact with Range Request and NFVO supporting Range Requests
     ...    Test title: Get VNF Package Artifact with Range Request and NFVO supporting Range Requests
     ...    Test objective: The objective is to test the GET request read the whole content of the archive containing the artifact files successfully when using a range request to return single range of bytes from the file, with the NFVO supporting it. The test also perform a validation that returned content matches the issued range
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.5a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.5a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports range requests to return single range of bytes from the VNF package artifact
     ...    Post-Conditions: none
@@ -91,7 +91,7 @@ Get VNF Package Artifact with invalid URI parameters "exclude_all_non_mano_artif
     ...    Test title: Get VNF Package Artifact with invalid URI parameters "exclude_all_non_mano_artifacts", "select_non_mano_artifact_sets"
     ...    Test objective: The objective is to test that the GET request to read the whole content of the archive containing the artifact files fails when both "exclude_all_non_mano_artifacts" and "select_non_mano_artifact_sets" are present in request
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.5a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.5a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -104,7 +104,7 @@ Get VNF Package Artifact with invalid URI parameters "exclude_all_non_mano_artif
     ...    Test title: Get VNF Package Artifact with invalid URI parameters "exclude_all_non_mano_artifacts", "exclude_all_mano_artifactss"
     ...    Test objective: The objective is to test that the GET request to read the whole content of the archive containing the artifact files fails when both "exclude_all_non_mano_artifacts" and "exclude_all_mano_artifacts" are present in request
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.5a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.5a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -117,7 +117,7 @@ Get VNF Package Artifact with invalid URI parameters undifend select_non_mano_ar
     ...    Test title: Get VNF Package Artifact with invalid URI parameters undefined select_non_mano_artifact_sets
     ...    Test objective: The objective is to test that the GET request to read the whole content of the archive containing the artifact files fails when one or more value provided in "select_non_mano_artifact_sets" are not provided in Manifest.
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.5a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.5a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -130,7 +130,7 @@ Get VNF Package Artifact with conflict due to onboarding state
     ...    Test title: Get VNF Package Artifact with conflict due to onboarding state
     ...    Test objective: The objective is to test that the GET request to read the whole content of the archive containing the artifact files fails due to a conflict when the VNF Package is not in onboarding state ONBOARDED in the NFVO. The test also performs a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: The onboarding state of the VNF package for which the content is requested is different from ONBOARDED.
-    ...    Reference: Clause 9.4.5a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.5a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -143,7 +143,7 @@ GET VNF Package Artifact with invalid Range Request
     ...    Test title: GET VNF Package Artifact with invalid Range Request
     ...    Test objective: The objective is to test that the GET request to read the whole content of the archive containing the artifact files fails when using a range request that does not match any available byte range in the file.
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.5a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.5a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports range requests to return single range of bytes from the VNF package artifact
     ...    Post-Conditions: none      
@@ -156,7 +156,7 @@ POST VNF Package Artifact - Method not implemented
     ...    Test title: POST VNF Package Artifact - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create new VNF Package artifact
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.5a.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.5a.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -168,7 +168,7 @@ PUT VNF Package Artifact - Method not implemented
     ...    Test title: PUT VNF Package Artifact - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify a VNF Package artifact
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.5a.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.5a.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -180,7 +180,7 @@ PATCH VNF Package Artifact - Method not implemented
     ...    Test title: PATCH VNF Package Artifact - Method not implemented
     ...    Test objective: The objective is to test that PATCH  method is not allowed to update a VNF Package artifact
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.5a.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.5a.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -192,7 +192,7 @@ DELETE VNF Package Artifact - Method not implemented
     ...    Test title: DELETE VNF Package Artifact - Method not implemented
     ...    Test objective: The objective is to test that DELETE  method is not allowed to delete a VNF Package artifact
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.6.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.6.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -204,10 +204,35 @@ Get VNF Package Artifact with "include_external_artifacts" parameter
     ...    Test title: Get VNF Package Artifact with "include_external_artifacts" parameter
     ...    Test objective: The objective is to test that GET request reads the whole content of the archive containing the external artifacts successfully when requested with "include_external_artifacts" parameter
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.5a.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.5a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     Get Artifact in VNF Package with include_external_artifacts parameter
     Check HTTP Response Status Code Is    200
     Check HTTP Response Header Content-Type Is    application/zip
+
+Get VNF Package Artifact with permitted authorization scope
+    [Documentation]    Test ID: 5.3.5.13.17
+    ...    Test title: Get VNF Package Artifact with permitted authorization scope
+    ...    Test objective: The objective is to test that the GET request read the whole content of the archive containing the artifact files successfully with permitted authorization scope
+    ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
+    ...    Reference: Clause 9.4.5a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Artifact in VNF Package with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Header Content-Type Is    application/zip
+
+Get VNF Package Artifact with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.5.13.18
+    ...    Test title: Get VNF Package Artifact with not permitted authorization scope
+    ...    Test objective: The objective is to test that the GET request read the whole content of the archive containing the artifact files fails when using not permitted authorization scope
+    ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
+    ...    Reference: Clause 9.4.5a.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Artifact in VNF Package with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/VNFPackageManagement-API/VNFPackageContent.robot b/SOL005/VNFPackageManagement-API/VNFPackageContent.robot
index 8f5bfa0153265fd73c3f04a352955e5979cdd3bb..78e7d82b4a79064527315f820b88cd00ae6465e1 100644
--- a/SOL005/VNFPackageManagement-API/VNFPackageContent.robot
+++ b/SOL005/VNFPackageManagement-API/VNFPackageContent.robot
@@ -12,7 +12,7 @@ GET Individual VNF Package Content
     ...    Test title: GET Individual VNF Package Content
     ...    Test objective: The objective is to test the retrieval of an individual VNF package content and perform a validation that returned content is in zip format
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -25,7 +25,7 @@ GET Individual VNF Package Content with Range Request and NFVO supporting Range
     ...    Test title: GET Individual VNF Package Content with Range Request and NFVO supporting Range Requests
     ...    Test objective: The objective is to test the retrieval of an individual VNF package content when using a range request to return single range of bytes from the file, with the NFVO supporting it. The test also perform a validation that returned content matches the issued range
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports range requests to return single range of bytes from the VNF package file
     ...    Post-Conditions: none
@@ -40,7 +40,7 @@ GET Individual VNF Package Content with Range Request and NFVO not supporting Ra
     ...    Test title: GET Individual VNF Package Content with Range Request and NFVO not supporting Range Requests
     ...    Test objective: The objective is to test that the retrieval of an individual VNF package content, when using a range request to return single range of bytes from the file and the NFVO not supporting it, returns the full VNF Package file.
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO does not support range requests to return single range of bytes from the VNF package file
     ...    Post-Conditions: none    
@@ -53,7 +53,7 @@ GET Individual VNF Package Content with invalid Range Request
     ...    Test title: GET Individual VNF Package Content with invalid Range Request
     ...    Test objective: The objective is to test that the retrieval of an individual VNF package content fails when using a range request that does not match any available byte range in the file.
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO supports range requests to return single range of bytes from the VNF package file
     ...    Post-Conditions: none      
@@ -65,7 +65,7 @@ GET Individual VNF Package Content with invalid resource identifier
     ...    Test title: GET Individual VNF Package Content with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of an individual VNF package content fails when using an invalid resource identifier
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -78,7 +78,7 @@ GET Individual VNF Package Content with conflict due to onboarding state
     ...    Test title: GET Individual VNF Package Content with conflict due to onboarding state
     ...    Test objective: The objective is to test that the retrieval of an individual VNF package content fails due to a conflict when the VNF Package is not in onboarding state ONBOARDED in the NFVO. The test also performs a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: The onboarding state of the VNF package for which the content is requested is different from ONBOARDED.
-    ...    Reference: Clause 9.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -91,7 +91,7 @@ POST Individual VNF Package Content - Method not implemented
     ...    Test title: POST Individual VNF Package Content - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create new VNF Package content
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.5.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.5.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -103,7 +103,7 @@ Upload VNF Package Content
     ...    Test title: Upload VNF Package Content
     ...    Test objective: The objective is to test the upload of a VNF Package Content in Zip format.
     ...    Pre-conditions: One or more VNF Packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.5.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.5.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The VNF Package content is successfully uploaded and available in the NFVO
@@ -116,7 +116,7 @@ Upload VNF Package Content with conflict due to onboarding state
     ...    Test title: Upload VNF Package Content with conflict due to onboarding state
     ...    Test objective: The objective is to test that the upload of the VNF Package Content fails due to a conflict when the VNF Package is not in onboarding state CREATED in the NFVO. The test also performs a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: The onboarding state of the VNF Package for which the content is requested is different from CREATED.
-    ...    Reference: Clause 9.4.5.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.5.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -129,7 +129,7 @@ PATCH Individual VNF Package Content - Method not implemented
     ...    Test title: PATCH Individual VNF Package Content - Method not implemented
     ...    Test objective: The objective is to test that PATCH  method is not allowed to update a VNF Package content
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.5.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.5.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -141,9 +141,34 @@ DELETE Individual VNF Package Content - Method not implemented
     ...    Test title: DELETE Individual VNF Package Content - Method not implemented
     ...    Test objective: The objective is to test that DELETE  method is not allowed to delete a VNF Package content
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.5.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.5.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send DELETE Request for individual VNF Package Content
     Check HTTP Response Status Code Is    405
+
+Upload VNF Package Content with permitted authorization scope
+    [Documentation]    Test ID: 5.3.5.4.12
+    ...    Test title: Upload VNF Package Content with permitted authorization scope
+    ...    Test objective: The objective is to test the upload of a VNF Package Content in Zip format with permitted authorization scope.
+    ...    Pre-conditions: One or more VNF Packages are onboarded in the NFVO.
+    ...    Reference: Clause 9.4.5.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: The VNF Package content is successfully uploaded and available in the NFVO
+    Send PUT Request to upload VNF Package Content with permitted authorization scope
+    Check HTTP Response Status Code Is    204
+    Check Postcondition VNF Package Content is uploaded and available in the NFVO
+
+Upload VNF Package Content with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.5.4.13
+    ...    Test title: Upload VNF Package Content with not permitted authorization scope
+    ...    Test objective: The objective is to test the upload of a VNF Package Content in Zip format fails when using not permitted authorization scope.
+    ...    Pre-conditions: One or more VNF Packages are onboarded in the NFVO.
+    ...    Reference: Clause 9.4.5.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Send PUT Request to upload VNF Package Content with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/VNFPackageManagement-API/VNFPackageContentViaURI.robot b/SOL005/VNFPackageManagement-API/VNFPackageContentViaURI.robot
index 8917321b9b84ce0886f5a3a56b3390f97ba32a7d..46655346dbd2785855f9310a60e614ac6f6a6f1a 100644
--- a/SOL005/VNFPackageManagement-API/VNFPackageContentViaURI.robot
+++ b/SOL005/VNFPackageManagement-API/VNFPackageContentViaURI.robot
@@ -12,7 +12,7 @@ Upload VNF Package Content from URI
     ...    Test title: Upload VNF Package Content from URI
     ...    Test objective: The objective is to test the upload of a VNF Package Content from URI.
     ...    Pre-conditions: One or more VNF Packages are in onboarding state CREATED in the NFVO.
-    ...    Reference: Clause 9.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -25,7 +25,7 @@ Upload VNF Package Content from URI with conflict due to onboarding state
     ...    Test title: Upload VNF Package Content from URI with conflict due to onboarding state
     ...    Test objective: The objective is to test that the upload of the VNF Package Content from URI fails due to a conflict when the VNF Package is not in onboarding state CREATED in the NFVO. The test also performs a validation of the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: The onboarding state of the VNF Package for which the content is requested is different from CREATED.
-    ...    Reference: Clause 9.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -38,7 +38,7 @@ GET Individual VNF Package Content from URI - Method not implemented
     ...    Test title: GET Individual VNF Package Content from URI - Method not implemented
     ...    Test objective: The objective is to test that GET  method is not allowed to retrieve a VNF Package content from URI
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.6.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.6.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -50,7 +50,7 @@ PUT Individual VNF Package Content from URI - Method not implemented
     ...    Test title: PUT Individual VNF Package Content from URI - Method not implemented
     ...    Test objective: The objective is to test that PUT  method is not allowed to modify a VNF Package content from URI
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.6.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.6.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -62,7 +62,7 @@ PATCH Individual VNF Package Content from URI - Method not implemented
     ...    Test title: PATCH Individual VNF Package Content - Method not implemented
     ...    Test objective: The objective is to test that PATCH  method is not allowed to update a VNF Package content from URI
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.6.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.6.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -74,9 +74,35 @@ DELETE Individual VNF Package Content from URI - Method not implemented
     ...    Test title: DELETE Individual VNF Package Content - Method not implemented
     ...    Test objective: The objective is to test that DELETE  method is not allowed to delete a VNF Package content from URI
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.6.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.6.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send DELETE Request for individual VNF Package Content from URI
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+Upload VNF Package Content from URI with permitted authorization scope
+    [Documentation]    Test ID: 5.3.5.5.6
+    ...    Test title: Upload VNF Package Content from URI with permitted authorization scope
+    ...    Test objective: The objective is to test the upload of a VNF Package Content from URI with permitted authorization scope.
+    ...    Pre-conditions: One or more VNF Packages are in onboarding state CREATED in the NFVO.
+    ...    Reference: Clause 9.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Send POST Request to upload VNF Package Content from URI with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Body is Empty
+
+Upload VNF Package Content from URI with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.5.5.7
+    ...    Test title: Upload VNF Package Content from URI with not permitted authorization scope
+    ...    Test objective: The objective is to test the upload of a VNF Package Content from URI fails when using not permitted authorization scope.
+    ...    Pre-conditions: One or more VNF Packages are in onboarding state CREATED in the NFVO.
+    ...    Reference: Clause 9.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Send POST Request to upload VNF Package Content from URI with not permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Body is Empty
\ No newline at end of file
diff --git a/SOL005/VNFPackageManagement-API/VNFPackageManagementKeywords.robot b/SOL005/VNFPackageManagement-API/VNFPackageManagementKeywords.robot
index 661f409bbdb3164a1d3cc0a6cc4b053bf92e6fc8..24a14ec184f0e2586c529bf34c00921a3fac1d69 100644
--- a/SOL005/VNFPackageManagement-API/VNFPackageManagementKeywords.robot
+++ b/SOL005/VNFPackageManagement-API/VNFPackageManagementKeywords.robot
@@ -10,6 +10,7 @@ Library           MockServerLibrary
 Library           String
 Library           Collections
 Library           String
+Library           jwt
 #Variables         descriptors/SOL001/VNFD/vnfd_SOL001.yaml
 #Variables         descriptors/SOL006/VNFD/vnfd_SOL006.yaml
 
@@ -182,6 +183,32 @@ Send Post Request to create new VNF Package Resource
     REST.POST    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages    ${body}
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output} 
+
+Send Post Request to create new VNF Package Resource with permitted authorization scope
+    Log    Creating a new VNF Package
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${body} =    Get File    jsons/CreateVnfPkgInfoRequest.json
+    ${scopeValue}=    Create Dictionary    scope=${INFO_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.POST    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages    ${body}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output} 
+
+Send Post Request to create new VNF Package Resource with not permitted authorization scope
+    Log    Creating a new VNF Package
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${body} =    Get File    jsons/CreateVnfPkgInfoRequest.json
+    ${scopeValue}=    Create Dictionary    scope=${INFO_NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.POST    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages    ${body}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output} 
     
     
 Check HTTP Response Body vnfPkginfo content against VNF Descriptor
@@ -406,6 +433,32 @@ Send PATCH to disable Individual VNF Package
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+Send PATCH to disable Individual VNF Package with permitted authorization scope
+    Log    Trying to perform a PATCH. As prerequisite the nsdInfo shall be in enabled operational state
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${body}=    Get File    jsons/VnfPkgInfoModificationsDisabled.json
+    ${scopeValue}=    Create Dictionary    scope=${INFO_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.PATCH    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${vnfPackageId}    ${body}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Send PATCH to disable Individual VNF Package with not permitted authorization scope
+    Log    Trying to perform a PATCH. As prerequisite the nsdInfo shall be in enabled operational state
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${body}=    Get File    jsons/VnfPkgInfoModificationsDisabled.json
+    ${scopeValue}=    Create Dictionary    scope=${INFO_NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.PATCH    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${vnfPackageId}    ${body}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
 Check Postcondition VNF Package is in operational state
     [Arguments]    ${status}
     Log    Checking postcondition op status
@@ -456,6 +509,28 @@ Send DELETE Request for Individual VNF Package used for instantiated VNF instanc
     Set Suite Variable    ${response}    ${output} 
 
 Get VNFD in Individual VNF Package in Zip Format
+    Log    Trying to get a VNFD from a given VNF Package present in the NFVO Catalogue
+    Set Headers    {"Accept": "${ACCEPT_ZIP}"}
+    ${scopeValue}=    Create Dictionary    scope=${VNFD_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${vnfPkgZipVNFD}/vnfd
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output} 
+
+Get VNFD in Individual VNF Package in Zip Format with permitted authorization scope
+    Log    Trying to get a VNFD from a given VNF Package present in the NFVO Catalogue
+    Set Headers    {"Accept": "${ACCEPT_ZIP}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${vnfPkgZipVNFD}/vnfd
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output} 
+
+Get VNFD in Individual VNF Package in Zip Format with not permitted authorization scope
     Log    Trying to get a VNFD from a given VNF Package present in the NFVO Catalogue
     Set Headers    {"Accept": "${ACCEPT_ZIP}"}
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
@@ -631,6 +706,32 @@ Send PUT Request to upload VNF Package Content
     ${response}=    Create Dictionary   status=${response.status_code}
     Set Suite Variable      ${response}     ${response}
 
+Send PUT Request to upload VNF Package Content with not permitted authorization scope
+    Log    Trying to perform a PUT. This method upload the content of a NSD
+    Create Session      nbi     ${NFVO_SCHEMA}://${NFVO_HOST}:${NFVO_PORT}  headers={"Accept": "${ACCEPT_ZIP}", "Content-Type": "application/zip", "${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}      verify=False
+    ${body}=  Get Binary File     ${contentZipVnfPackage}
+    ${scopeValue}=    Create Dictionary    scope=${CONTENT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    ${response}=    Put Request     nbi     ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${newVnfPackageId}/package_content    data=${body}
+    Should Be Empty     ${response.text}
+    ${response}=    Create Dictionary   status=${response.status_code}
+    Set Suite Variable      ${response}     ${response}
+
+Send PUT Request to upload VNF Package Content with permitted authorization scope
+    Log    Trying to perform a PUT. This method upload the content of a NSD
+    Create Session      nbi     ${NFVO_SCHEMA}://${NFVO_HOST}:${NFVO_PORT}  headers={"Accept": "${ACCEPT_ZIP}", "Content-Type": "application/zip", "${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}      verify=False
+    ${body}=  Get Binary File     ${contentZipVnfPackage}
+    ${scopeValue}=    Create Dictionary    scope=${CONTENT_NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    ${response}=    Put Request     nbi     ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${newVnfPackageId}/package_content    data=${body}
+    Should Be Empty     ${response.text}
+    ${response}=    Create Dictionary   status=${response.status_code}
+    Set Suite Variable      ${response}     ${response}
+
 
 Check Postcondition VNF Package Content is uploaded and available in the NFVO
     Log    Trying to get a VNF Package Content
@@ -671,6 +772,26 @@ GET Individual VNF Package Artifact
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+GET Individual VNF Package Artifact with permitted authorization scope
+    Log    Trying to get a VNF Package Artifact
+    ${scopeValue}=    Create Dictionary    scope=${ARTIFACT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${vnfPackageId}/artifacts/${artifactPath}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+GET Individual VNF Package Artifact with not permitted authorization scope
+    Log    Trying to get a VNF Package Artifact
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${vnfPackageId}/artifacts/${artifactPath}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
 GET Individual VNF Package Artifact in octet stream format  
     Log    Trying to get a VNF Package Artifact
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
@@ -755,6 +876,32 @@ Send POST Request to upload VNF Package Content from URI
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+Send POST Request to upload VNF Package Content from URI with permitted authorization scope
+    Log    Trying to perform a POST. The POST method provides the information for the NFVO to get the content of a VNF package.
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${URI_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    ${template}=    Get File    jsons/UploadVnfPkgFromUriRequest.json
+    ${body}=        Format String   ${template}     vnfPkgUri=${vnfPkgUri}
+    REST.POST    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${vnfPkgViaUriId}/package_content/upload_from_uri    ${body}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Send POST Request to upload VNF Package Content from URI with not permitted authorization scope
+    Log    Trying to perform a POST. The POST method provides the information for the NFVO to get the content of a VNF package.
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    ${template}=    Get File    jsons/UploadVnfPkgFromUriRequest.json
+    ${body}=        Format String   ${template}     vnfPkgUri=${vnfPkgUri}
+    REST.POST    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${vnfPkgViaUriId}/package_content/upload_from_uri    ${body}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
 Send POST Request to upload VNF Package Content from URI with conflict due to onboarding state
     Log    Trying to perform a POST. The POST method provides the information for the NFVO to get the content of a VNF package.
     Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
@@ -805,6 +952,28 @@ Get all VNF Package Subscriptions
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+Get all VNF Package Subscriptions with permitted authorization scope
+    Log    Trying to get the list of subscriptions
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${SUBSCRIPTIONS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Get all VNF Package Subscriptions with not permitted authorization scope
+    Log    Trying to get the list of subscriptions
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
 Get VNF Package Subscriptions with attribute-based filters
     Log    Trying to get the list of subscriptions using filters
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
@@ -938,6 +1107,28 @@ Get Individual VNF Package Subscription
     REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
+
+Get Individual VNF Package Subscription with permitted authorization scope
+    Log    Trying to get a single subscription identified by subscriptionId
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${SUBSCRIPTIONS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Get Individual VNF Package Subscription with not permitted authorization scope
+    Log    Trying to get a single subscription identified by subscriptionId
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
     
 GET individual VNF Package Subscription with invalid resource identifier
     Log    Trying to perform a request on a subscriptionID which doesn't exist
@@ -1085,6 +1276,24 @@ Get access configuration information for external artifacts
     REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${vnfPkgId}/ext_artifacts_access
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
+
+Get access configuration information for external artifacts with permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scope=${ACCESS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${vnfPkgId}/ext_artifacts_access
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Get access configuration information for external artifacts with not permitted authorization scope
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${vnfPkgId}/ext_artifacts_access
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
     
 Send PUT Request to access configuration information for external artifacts
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
@@ -1130,6 +1339,26 @@ Get Manifest in Individual VNF Package in plainFormat
     REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${vnfPkgId}/manifest
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
+
+Get Manifest in Individual VNF Package in plainFormat with permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_PLAIN}"}
+    ${scopeValue}=    Create Dictionary    scope=${MANIFEST_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${vnfPkgId}/manifest
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Get Manifest in Individual VNF Package in plainFormat with not permitted authorization scope
+    Set Headers    {"Accept": "${ACCEPT_PLAIN}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${vnfPkgId}/manifest
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
     
 Get Manifest in Individual VNF Package with security information
     Log    Trying to get a manifest from a given VNF Package present in the NFVO Catalogue
@@ -1186,6 +1415,28 @@ Get Artifact in VNF Package
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+Get Artifact in VNF Package with permitted authorization scope
+    Log    Trying to get Artifact in VNF Package
+    Set Headers    {"Accept": "${ACCEPT_ZIP}"}
+    ${scopeValue}=    Create Dictionary    scope=${BULK_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${vnfPackageId}/artifacts
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Get Artifact in VNF Package with not permitted authorization scope
+    Log    Trying to get Artifact in VNF Package
+    Set Headers    {"Accept": "${ACCEPT_ZIP}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    REST.GET    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${vnfPackageId}/artifacts
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
 Get Artifact in VNF Package with exclude_all_mano_artifacts parameter
     Log    Trying to get Artifact in VNF Package with exclude_all_mano_artifacts
     Set Headers    {"Accept": "${ACCEPT_ZIP}"}
@@ -1302,3 +1553,8 @@ Send DELETE Request for VNF Package Artifact
     REST.DELETE    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_packages/${vnfPackageId}/artifacts
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
+
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded} 
\ No newline at end of file
diff --git a/SOL005/VNFPackageManagement-API/VNFPackages.robot b/SOL005/VNFPackageManagement-API/VNFPackages.robot
index 681b365f6c0899b603733f66f2551975699690e7..0d7f69bd65e0d2524be14a32d48da8716a5f4fd5 100644
--- a/SOL005/VNFPackageManagement-API/VNFPackages.robot
+++ b/SOL005/VNFPackageManagement-API/VNFPackages.robot
@@ -11,7 +11,7 @@ GET all VNF Packages
     ...    Test title: GET all VNF Packages
     ...    Test objective: The objective is to test the retrieval of all the available VNF packages information and perform a JSON schema and content validation of the collected data structure
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -28,7 +28,7 @@ GET VNF Packages with attribute-based filter
     ...    Test title: GET VNF Packages with attribute-based filter
     ...    Test objective: The objective is to test the retrieval of VNF packages using attribute-based filter, perform a JSON schema validation of the collected jobs data structure, and verify that the retrieved information matches the issued attribute-based filter
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -42,7 +42,7 @@ GET VNF Packages with invalid attribute-based filter
     ...    Test title: GET VNF Packages with invalid attribute-based filter
     ...    Test objective: The objective is to test that the retrieval of VNF packages fails when using invalid attribute-based filter, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -55,7 +55,7 @@ Get all VNF Packages with malformed authorization token
     ...    Test title: Get all VNF Packages Information with malformed authorization token
     ...    Test objective: The objective is to test that the retrieval of VNF Packages fails when using malformed authorization token
     ...    Pre-conditions: One or more VNF Packages are onboarded in the NFVO.
-    ...    Reference: Clause 4.5.3.3, 9.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 4.5.3.3, 9.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO requires the usage of access tokens for authorizing the API requests.
     ...    Post-Conditions: none
@@ -67,7 +67,7 @@ Get all VNF Packages without authorization token
     ...    Test title: Get all VNF Packages without authorization token
     ...    Test objective: The objective is to test that the retrieval of VNF Packages fails when omitting the authorization token
     ...    Pre-conditions: One or more VNF Packages are onboarded in the NFVO.
-    ...    Reference: Clause 4.5.3.3, 9.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 4.5.3.3, 9.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO requires the usage of access tokens for authorizing the API requests.
     ...    Post-Conditions: none
@@ -79,7 +79,7 @@ GET VNF Packages with "all_fields" attribute selector
     ...    Test title: GET VNF Packages with "all_fields" attribute selector
     ...    Test objective: The objective is to test the retrieval of VNF packages with "all_fields" attribute selector, perform a JSON schema validation of the collected data structure, and verify that the retrieved information matches the issued "all_fileds" selector
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 4.3.3.2.1, 9.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 4.3.3.2.1, 9.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -93,7 +93,7 @@ GET VNF Packages with "exclude_default" attribute selector
     ...    Test title: GET VNF Packages with exclude_default attribute selector
     ...    Test objective: The objective is to test the retrieval of VNF packages with "exclude_default" attribute selector, perform a JSON schema validation of the collected data structure, and verify that the retrieved information matches the issued "exclude_default" selector
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 4.3.3.2.1, 9.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 4.3.3.2.1, 9.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none        
@@ -107,7 +107,7 @@ GET VNF Packages with "fields" attribute selector
     ...    Test title: GET VNF Packages with fields attribute selector
     ...    Test objective: The objective is to test the retrieval of VNF packages with "fields" attribute selector, perform a JSON schema validation of the collected data structure, and verify that the retrieved information matches the issued "fields" selector
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 4.3.3.2.1, 9.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 4.3.3.2.1, 9.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The VNFM supports the use of fields attribute selector
     ...    Post-Conditions: none
@@ -121,7 +121,7 @@ GET VNF Packages with "exclude_fields" attribute selector
     ...    Test title: GET VNF Packages with exclude_fields attribute selector
     ...    Test objective: The objective is to test the retrieval of VNF packages with "exclude_fields" attribute selector, perform a JSON schema validation of the collected data structure, and verify that the retrieved information matches the issued "exclude_fields" selector
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 4.3.3.2.1, 9.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 4.3.3.2.1, 9.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The VNFM supports the use of exclude_fields attribute selector
     ...    Post-Conditions: none
@@ -135,7 +135,7 @@ GET all VNF Packages with invalid resource endpoint
     ...    Test title: GET VNF Packages with invalid resource endpoint
     ...    Test objective: The objective is to test that the retrieval of VNF packages fails when using invalid resource endpoint
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -148,7 +148,7 @@ Create new VNF Package Resource
     ...    Test title: Create new VNF Package Resource
     ...    Test objective: The objective is to test the creation of a new VNF Package Resource and perform the JSON schema validation of the returned structure
     ...    Pre-conditions: none
-    ...    Reference: Clause 9.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The VNF Package Resource is successfully created on the NFVO
@@ -164,7 +164,7 @@ PUT all VNF Packages - Method not implemented
     ...    Test title: PUT all VNF Packages - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify existing VNF Packages
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.2.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.2.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -176,7 +176,7 @@ PATCH all VNF Packages - Method not implemented
     ...    Test title: PATCH all VNF Packages - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update existing VNF Packages
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.2.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.2.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -188,7 +188,7 @@ DELETE all VNF Packages - Method not implemented
     ...    Test title: DELETE all VNF Packages - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete existing VNF Packages
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.2.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.2.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -200,7 +200,7 @@ GET all VNF Packages as Paged Response
     ...    Test title: GET all VNF Packages as Paged Response
     ...    Test objective: The objective is to test the retrieval of all the available VNF packages information as paged response.
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -213,10 +213,38 @@ GET VNF Packages - Bad Request Response too Big
     ...    Test title: GET VNF Packages - Bad Request Response too Big
     ...    Test objective: The objective is to test that the retrieval of VNF packages fails because response is too big, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
-    ...    Reference: Clause 9.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 9.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     GET all VNF Packages
     Check HTTP Response Status Code Is    400
-    Check HTTP Response Body Json Schema Is   ProblemDetails
\ No newline at end of file
+    Check HTTP Response Body Json Schema Is   ProblemDetails
+
+Create new VNF Package Resource with permitted authorization scope
+    [Documentation]    Test ID: 5.3.5.1.17
+    ...    Test title: Create new VNF Package Resource with permitted authorization scope
+    ...    Test objective: The objective is to test the creation of a new VNF Package Resource with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 9.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: The VNF Package Resource is successfully created on the NFVO
+    Send Post Request to create new VNF Package Resource with permitted authorization scope
+    Check HTTP Response Status Code Is    201
+    Check HTTP Response Body Json Schema Is   vnfPkgInfo
+    Check HTTP Response Header Contains    Location
+    Check Postcondition VNF Package Resource Exists
+    Check HTTP Response Body vnfPkgInfo content against VNF Descriptor
+
+Create new VNF Package Resource with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.5.1.18
+    ...    Test title: Create new VNF Package Resource with not permitted authorization scope
+    ...    Test objective: The objective is to test that the creation of a new VNF Package Resource fails when using not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 9.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Send Post Request to create new VNF Package Resource with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/VNFPackageManagement-API/descriptors/SOL001/VNFD/vnfd_SOL001.yaml b/SOL005/VNFPackageManagement-API/descriptors/SOL001/VNFD/vnfd_SOL001.yaml
index 603b1887d8a21e38d2c072e1184b780fc2f143dd..250f1c705d7ff857e9b3873effa2f3855661e50d 100644
--- a/SOL005/VNFPackageManagement-API/descriptors/SOL001/VNFD/vnfd_SOL001.yaml
+++ b/SOL005/VNFPackageManagement-API/descriptors/SOL001/VNFD/vnfd_SOL001.yaml
@@ -1,8 +1,8 @@
-tosca_definitions_version: tosca_simple_yaml_1_2
+tosca_definitions_version: tosca_simple_yaml_1_3
 description: "TST010 reference VNF-B"
 
 imports:
-  - https://forge.etsi.org/rep/nfv/SOL001/raw/v3.3.1/etsi_nfv_sol001_vnfd_types.yaml  
+  - https://forge.etsi.org/rep/nfv/SOL001/raw/v4.4.1/etsi_nfv_sol001_vnfd_types.yaml  
 
 metadata:
   descriptor_id: "VNF-B"
@@ -44,7 +44,7 @@ node_types:
         type: list
         entry_schema:
           type: string
-        default: [ 'etsivnfm:v2.3.1' ]
+        default: [ 'etsivnfm:v4.5.1' ]
     interfaces:
       Vnflcm:
         type: "tosca.interfaces.nfv.Vnflcm"
@@ -162,4 +162,4 @@ topology_template:
           terminate:
             implementation: terminate-example.yaml
           operate:
-            implementation: operate-example.yaml                
\ No newline at end of file
+            implementation: operate-example.yaml                
diff --git a/SOL005/VNFPackageManagement-API/environment/variables.txt b/SOL005/VNFPackageManagement-API/environment/variables.txt
index 8a4dfde1bdd5742f769e9bb9885ef094d84fa6c1..7ed196cf9a0cc05ca096c0da099aa0b686b66aa7 100644
--- a/SOL005/VNFPackageManagement-API/environment/variables.txt
+++ b/SOL005/VNFPackageManagement-API/environment/variables.txt
@@ -5,6 +5,22 @@ ${NFVO_PORT}      8081    # Listening port of the NFVO
 ${NFVO_SCHEMA}    https
 ${AUTHORIZATION_HEADER}    Authorization
 ${AUTHORIZATION_TOKEN}    Bearer 0b79bab50daca910b000d4f1a2b675d604257e42
+
+${OAUTH_ENCRIPTION_ALGORITHM}    HS256
+${INFO_PERMITTED_SCOPE}    vnfpkgm:v2:vnf_package_info 
+${INFO_NOT_PERMITTED_SCOPE}    vnfpkgm:v2:vnf_package_info:readonly
+${VNFD_PERMITTED_SCOPE}    vnfpkgm:v2:vnfd:readonly
+${ACCESS_PERMITTED_SCOPE}    vnfpkgm:v2:ext_artifacts_access
+${MANIFEST_PERMITTED_SCOPE}    vnfpkgm:v2:manifest:readonly
+${CONTENT_PERMITTED_SCOPE}    vnfpkgm:v2:vnf_package_content 
+${CONTENT_NOT_PERMITTED_SCOPE}    vnfpkgm:v2:vnf_package_content:readonly
+${BULK_PERMITTED_SCOPE}    vnfpkgm:v2:bulk_artifacts:readonly
+${ARTIFACT_PERMITTED_SCOPE}    vnfpkgm:v2:artifact:readonly
+${URI_PERMITTED_SCOPE}    vnfpkgm:v2:upload_from_uri
+${SUBSCRIPTIONS_PERMITTED_SCOPE}    vnfpkgm:v2:subscriptions
+${NOT_PERMITTED_SCOPE}    vnfpkgm:v2:invalid
+
+
 ${CONTENT_TYPE_JSON}    application/json
 ${ACCEPT_JSON}    application/json
 ${apiRoot}        /
diff --git a/SOL005/VNFSnapshotPackageManagement-API/AccessConfigurationForExternalArtifacts.robot b/SOL005/VNFSnapshotPackageManagement-API/AccessConfigurationForExternalArtifacts.robot
index 4b470a4097e26e1738fd5be08e246d2b0b567a33..ea1b2824c5e1f2f26c1620fee29cf13a35ee5a4f 100644
--- a/SOL005/VNFSnapshotPackageManagement-API/AccessConfigurationForExternalArtifacts.robot
+++ b/SOL005/VNFSnapshotPackageManagement-API/AccessConfigurationForExternalArtifacts.robot
@@ -7,7 +7,7 @@ POST Access Configuration for External Artifacts - Method not implemented
     ...    Test title: POST Access Configuration for External Artifacts - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemented
     ...    Pre-conditions: Individual VNF Snapshot Package resource have been created.
-    ...    Reference: Clause 11.4.9.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.9.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -19,7 +19,7 @@ GET Access Configuration for External Artifacts
     ...    Test title: GET Access Configuration for External Artifacts
     ...    Test objective: The objective is to test that GET method reads the access configuration information that is used by the NFVO to get the content of external VNF snapshot package artifacts.
     ...    Pre-conditions: Individual VNF Snapshot Package resource have been created.
-    ...    Reference: Clause 11.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -32,7 +32,7 @@ PUT Access Configuration for External Artifacts
     ...    Test title: PUT Access Configuration for External Artifacts
     ...    Test objective: The objective is to test that PUT method provides the access configuration information for the NFVO to download the content of external VNF package artifacts.
     ...    Pre-conditions: Individual VNF Snapshot Package resource have been created.
-    ...    Reference: Clause 11.4.9.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.9.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -45,7 +45,7 @@ PUT Access Configuration for External Artifacts - Conflict
     ...    Test title: PUT Access Configuration for External Artifacts - Conflict
     ...    Test objective: The objective is to test that PUT method cannot provide the access configuration information to the NFVO when the VNF Snapshot Package resource is not in CREATED or ERROR state.
     ...    Pre-conditions: Individual VNF Snapshot Package resource have been created.
-    ...    Reference: Clause 11.4.9.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.9.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The "state" attribute of the "Individual VNF snapshot package" resources contains a value different from "CREATED" or "ERROR".
     ...    Post-Conditions: none
@@ -58,7 +58,7 @@ PATCH Access Configuration for External Artifacts - Method Not implemented
     ...    Test title: PATCH Access Configuration for External Artifacts - Method Not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.8.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.8.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -70,9 +70,34 @@ DELETE Access Configuration for External Artifacts - Method Not implemented
     ...    Test title: DELETE Access Configuration for External Artifacts - Method Not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.8.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.8.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE Access Configuration for External Artifacts
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+GET Access Configuration for External Artifacts with permitted authorization scope
+    [Documentation]    Test ID: 5.3.7.9.7
+    ...    Test title: GET Access Configuration for External Artifacts with permitted authorization scope
+    ...    Test objective: The objective is to test that GET method reads the access configuration information that is used by the NFVO to get the content of external VNF snapshot package artifacts with permitted authorization scope.
+    ...    Pre-conditions: Individual VNF Snapshot Package resource have been created.
+    ...    Reference: Clause 11.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Access Configuration for External Artifacts with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   VnfSnapshotPkgExtArtifactsAccessConfig
+
+GET Access Configuration for External Artifacts with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.7.9.2
+    ...    Test title: GET Access Configuration for External Artifacts with not permitted authorization scope
+    ...    Test objective: The objective is to test that GET method fails to read the access configuration information that is used by the NFVO to get the content of external VNF snapshot package artifacts when using not permitted authorization scope.
+    ...    Pre-conditions: Individual VNF Snapshot Package resource have been created.
+    ...    Reference: Clause 11.4.9.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Access Configuration for External Artifacts with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/VNFSnapshotPackageManagement-API/BuildVNFSnapshotPackageContentTask.robot b/SOL005/VNFSnapshotPackageManagement-API/BuildVNFSnapshotPackageContentTask.robot
index f9b9cc1d0fffd2bdfe9eda7b482ad522cede19d9..fa6f50a03308acc0bd16d4a8a905465e5d78cf2e 100644
--- a/SOL005/VNFSnapshotPackageManagement-API/BuildVNFSnapshotPackageContentTask.robot
+++ b/SOL005/VNFSnapshotPackageManagement-API/BuildVNFSnapshotPackageContentTask.robot
@@ -7,7 +7,7 @@ POST Build VNF Snapshot Package Content Task
     ...    Test title: POST Build VNF Snapshot Package Content Task
     ...    Test objective: The objective is to test that POST method provides the information for the NFVO to start building the content of a VNF snapshot package.
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -19,7 +19,7 @@ POST Build VNF Snapshot Package Content Task - Conflict
     ...    Test title: POST Build VNF Snapshot Package Content Task - Conflict
     ...    Test objective: The objective is to test that a correct error code is returned when the POST method tries to intiate building of VNF Snapshot Package and the state of the VNF snapshot package resource is other than "CREATED".
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The state of the VNF snapshot package resource is other than "CREATED".
     ...    Post-Conditions: none
@@ -32,7 +32,7 @@ GET Build VNF Snapshot Package Content Task - Method Not implemented
     ...    Test title: GET Build VNF Snapshot Package Content Task - Method Not implemented
     ...    Test objective: The objective is to test that GET method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.6.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.6.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -44,7 +44,7 @@ PUT Build VNF Snapshot Package Content Task - Method Not implemented
     ...    Test title: PUT Build VNF Snapshot Package Content Task - Method Not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.6.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.6.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -56,7 +56,7 @@ PATCH Build VNF Snapshot Package Content Task - Method Not implemented
     ...    Test title: PATCH Build VNF Snapshot Package Content Task - Method Not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.6.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.6.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -68,9 +68,33 @@ DELETE Build VNF Snapshot Package Content Task - Method Not implemented
     ...    Test title: DELETE Build VNF Snapshot Package Content Task - Method Not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.6.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.6.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE Build VNF Snapshot Package Content Task
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+POST Build VNF Snapshot Package Content Task with permitted authorization scope
+    [Documentation]    Test ID: 5.3.7.6.7
+    ...    Test title: POST Build VNF Snapshot Package Content Task with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method provides the information for the NFVO to start building the content of a VNF snapshot package with permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 11.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Build VNF Snapshot Package Content Task with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+
+POST Build VNF Snapshot Package Content Task with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.7.6.8
+    ...    Test title: POST Build VNF Snapshot Package Content Task with not permitted authorization scope
+    ...    Test objective: The objective is to test that POST method fails to provide the information for the NFVO to start building the content of a VNF snapshot package when using a not permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 11.4.6.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Build VNF Snapshot Package Content Task with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/VNFSnapshotPackageManagement-API/CancelVNFSnapshotPackageOperationTask.robot b/SOL005/VNFSnapshotPackageManagement-API/CancelVNFSnapshotPackageOperationTask.robot
index 68b074140a80f7ef2697616e468b050873ccc977..a2d5855e84cc82a7551123b2033a3657eb8d47b9 100644
--- a/SOL005/VNFSnapshotPackageManagement-API/CancelVNFSnapshotPackageOperationTask.robot
+++ b/SOL005/VNFSnapshotPackageManagement-API/CancelVNFSnapshotPackageOperationTask.robot
@@ -7,7 +7,7 @@ POST Cancel VNF Snapshot Package Content Task
     ...    Test title: POST Cancel VNF Snapshot Package Content Task
     ...    Test objective: The objective is to test that  POST method provides the information for the NFVO to cancel the ongoing operation related to the content of a VNF snapshot package.
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.8.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.8.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -19,7 +19,7 @@ POST Cancel VNF Snapshot Package Content Task - Conflict
     ...    Test title: POST Cancel VNF Snapshot Package Content Task - Conflict
     ...    Test objective: The objective is to test that a correct error code is returned when the POST method tries to cancel a VNF Snapshot Package task and the state of the VNF snapshot package resource is other than "UPLOADING", "BUILDING", "PROCESSING" or "EXTRACTING".
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.8.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.8.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The state of the VNF snapshot package resource is other than "UPLOADING", "BUILDING", "PROCESSING" or "EXTRACTING".
     ...    Post-Conditions: none
@@ -32,7 +32,7 @@ GET Cancel VNF Snapshot Package Content Task - Method Not implemented
     ...    Test title: GET Cancel VNF Snapshot Package Content Task - Method Not implemented
     ...    Test objective: The objective is to test that GET method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.8.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -44,7 +44,7 @@ PUT Cancel VNF Snapshot Package Content Task - Method Not implemented
     ...    Test title: PUT Cancel VNF Snapshot Package Content Task - Method Not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.8.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.8.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -56,7 +56,7 @@ PATCH Cancel VNF Snapshot Package Content Task - Method Not implemented
     ...    Test title: PATCH Cancel VNF Snapshot Package Content Task - Method Not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.8.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.8.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -68,9 +68,33 @@ DELETE Cancel VNF Snapshot Package Content Task - Method Not implemented
     ...    Test title: DELETE Cancel VNF Snapshot Package Content Task - Method Not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.8.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.8.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE Cancel VNF Snapshot Package Content Task
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+POST Cancel VNF Snapshot Package Content Task with permitted authorization scope
+    [Documentation]    Test ID: 5.3.7.8.1
+    ...    Test title: POST Cancel VNF Snapshot Package Content Task with permitted authorization scope
+    ...    Test objective: The objective is to test that  POST method provides the information for the NFVO to cancel the ongoing operation related to the content of a VNF snapshot package with permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 11.4.8.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Cancel VNF Snapshot Package Content Task with permitted authorization scope
+    Check HTTP Response Status Code Is    202 
+
+POST Cancel VNF Snapshot Package Content Task with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.7.8.1
+    ...    Test title: POST Cancel VNF Snapshot Package Content Task with not permitted authorization scope
+    ...    Test objective: The objective is to test that  POST method fails to  provide the information for the NFVO to cancel the ongoing operation related to the content of a VNF snapshot package when using not permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 11.4.8.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Cancel VNF Snapshot Package Content Task with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/VNFSnapshotPackageManagement-API/ExtractVNFSnapshotPackageContentTask.robot b/SOL005/VNFSnapshotPackageManagement-API/ExtractVNFSnapshotPackageContentTask.robot
index 79984eac5217aef78aed55d790dbcb52f3f36678..70af5855a7b6a0a97673c7a77cc4912a91c44908 100644
--- a/SOL005/VNFSnapshotPackageManagement-API/ExtractVNFSnapshotPackageContentTask.robot
+++ b/SOL005/VNFSnapshotPackageManagement-API/ExtractVNFSnapshotPackageContentTask.robot
@@ -7,7 +7,7 @@ POST Extract VNF Snapshot Package Content Task
     ...    Test title: POST Extract VNF Snapshot Package Content Task
     ...    Test objective: The objective is to test that POST method provides the information for the NFVO to start extracting the content of a VNF snapshot package.
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.7.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.7.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -19,7 +19,7 @@ POST Extract VNF Snapshot Package Content Task - Conflict State
     ...    Test title: POST Extract VNF Snapshot Package Content Task - Conflict
     ...    Test objective: The objective is to test that a correct error code is returned when the POST method tries to intiate extraction of VNF Snapshot Package and the state of the VNF snapshot package resource is other than "AVAILABLE".
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.7.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.7.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The state of the VNF snapshot package resource is other than "AVAILABLE".
     ...    Post-Conditions: none
@@ -32,7 +32,7 @@ POST Extract VNF Snapshot Package Content Task - Invalid VnfInstanceId
     ...    Test title: POST Extract VNF Snapshot Package Content Task - Conflict
     ...    Test objective: The objective is to test that a correct error code is returned when the POST method tries to intiate extraction of VNF Snapshot Package using an invalid VnfInstanceId in the request body.
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.7.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.7.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The state of the VNF snapshot package resource is other than "CREATED".
     ...    Post-Conditions: none
@@ -45,7 +45,7 @@ GET Extract VNF Snapshot Package Content Task - Method Not implemented
     ...    Test title: GET Extract VNF Snapshot Package Content Task - Method Not implemented
     ...    Test objective: The objective is to test that GET method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.7.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -57,7 +57,7 @@ PUT Extract VNF Snapshot Package Content Task - Method Not implemented
     ...    Test title: PUT Extract VNF Snapshot Package Content Task - Method Not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.7.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.7.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -69,7 +69,7 @@ PATCH Extract VNF Snapshot Package Content Task - Method Not implemented
     ...    Test title: PATCH Extract VNF Snapshot Package Content Task - Method Not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.7.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.7.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -81,9 +81,33 @@ DELETE Extract VNF Snapshot Package Content Task - Method Not implemented
     ...    Test title: DELETE Extract VNF Snapshot Package Content Task - Method Not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.7.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.7.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE Extract VNF Snapshot Package Content Task
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+POST Extract VNF Snapshot Package Content Task with permitted authorization scope
+    [Documentation]    Test ID: 5.3.7.7.8
+    ...    Test title: POST Extract VNF Snapshot Package Content Task with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method provides the information for the NFVO to start extracting the content of a VNF snapshot package with permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 11.4.7.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Extract VNF Snapshot Package Content Task with permitted authorization scope
+    Check HTTP Response Status Code Is    202 
+
+POST Extract VNF Snapshot Package Content Task with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.7.7.9
+    ...    Test title: POST Extract VNF Snapshot Package Content Task with not permitted authorization scope
+    ...    Test objective: The objective is to test that POST method fails to provide the information for the NFVO to start extracting the content of a VNF snapshot package when using not permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 11.4.7.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Extract VNF Snapshot Package Content Task with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/VNFSnapshotPackageManagement-API/IndividualVNFSnapshotPackage.robot b/SOL005/VNFSnapshotPackageManagement-API/IndividualVNFSnapshotPackage.robot
index 83570a23e7d854ae834acdfc6db09232fee7badf..5d959c8138dcf4209bd2f2d41a9d9afc4e33cea7 100644
--- a/SOL005/VNFSnapshotPackageManagement-API/IndividualVNFSnapshotPackage.robot
+++ b/SOL005/VNFSnapshotPackageManagement-API/IndividualVNFSnapshotPackage.robot
@@ -7,7 +7,7 @@ POST Individual VNF Snapshot Package - Method not implemented
     ...    Test title: POST Individual VNF Snapshot Package - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.3.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.3.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -19,7 +19,7 @@ GET Information about an individual VNF Snapshot Package - SUCCESSFUL
     ...    Test title: GET Information about an individual VNF Snapshot Package - SUCCESSFUL
     ...    Test objective: The objective is to create a new VNF Snapshot Package resource
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -32,7 +32,7 @@ GET Information about an individual VNF Snapshot Package - NOT FOUND
     ...    Test title: GET Information about an individual VNF Snapshot Package - NOT FOUND
     ...    Test objective: The objective is to test that the retrieval of individual VNF Snapshot Package fails when using an invalid resource identifier.
     ...    Pre-conditions: At least one individual VNF Snapshot Package is available in the NFV-MANO.
-    ...    Reference: Clause 11.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.3.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -45,7 +45,7 @@ PUT Individual VNF Snapshot Package - Method not implemented
     ...    Test title: PUT Individual VNF Snapshot Package - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.3.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.3.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: VNF Snapshot Package not modified
@@ -57,7 +57,7 @@ PATCH Individual VNF Snapshot Package - Modified
     ...    Test title: PATCH Individual VNF Snapshot Package - Modified
     ...    Test objective: The objective is to test that PATCH method updates the information of a VNF Snapshot package
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -70,7 +70,7 @@ PATCH Individual VNF Snapshot Package - Conflict
     ...    Test title: PATCH Individual VNF Snapshot Package - Conflict
     ...    Test objective: The objective is to test that PATCH method does not update the information of a VNF Snapshot package when the state of the VNF snapshot package resource is in a state other than CREATED, ERROR_EXTRACTING or AVAILABLE.
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The state of the VNF snapshot package resource is in a state other than CREATED, ERROR_EXTRACTING or AVAILABLE.
     ...    Post-Conditions: none
@@ -83,7 +83,7 @@ DELETE Individual VNF Snapshot Package
     ...    Test title: DELETE Individual VNF Snapshot Package
     ...    Test objective: The objective is to test that DELETE method deletes an individual VNF Snapshot Package resource
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: VNF Snapshot Package deleted
@@ -95,10 +95,36 @@ DELETE Individual VNF Snapshot Package - Conflict
     ...    Test title: DELETE Individual VNF Snapshot Package - Method Not im
     ...    Test objective: The objective is to test that DELETE method does not delete a VNF Snapshot package when the state of the VNF snapshot package resource is in a state other than CREATED, ERROR or AVAILABLE.
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.3.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The state of the VNF snapshot package resource is in a state other than CREATED, ERROR or AVAILABLE.
     ...    Post-Conditions: VNF Snapshot Package not deleted
     DELETE individual VNF Snapshot Package - Conflict
     Check HTTP Response Status Code Is    409
-    Check HTTP Response Body Json Schema Is   ProblemDetails    
\ No newline at end of file
+    Check HTTP Response Body Json Schema Is   ProblemDetails    
+
+PATCH Individual VNF Snapshot Package with permitted authorization scope
+    [Documentation]    Test ID: 5.3.7.3.9
+    ...    Test title: PATCH Individual VNF Snapshot Package with permitted authorization scope
+    ...    Test objective: The objective is to test that PATCH method updates the information of a VNF Snapshot package with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 11.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    PATCH individual VNF Snapshot Package with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   VnfSnapshotPkgInfoModifications
+
+
+PATCH Individual VNF Snapshot Package with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.7.3.9
+    ...    Test title: PATCH Individual VNF Snapshot Package with not permitted authorization scope
+    ...    Test objective: The objective is to test that PATCH method fails to update the information of a VNF Snapshot package when using a not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 11.4.3.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    PATCH individual VNF Snapshot Package with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/VNFSnapshotPackageManagement-API/IndividualVNFSnapshotPackageArtifact.robot b/SOL005/VNFSnapshotPackageManagement-API/IndividualVNFSnapshotPackageArtifact.robot
index 0aeb295ccf889e0f7cd7dabecb8fbeb8feac8d30..c4de7649b0ca24858f29d9718ee78bd0c58f0215 100644
--- a/SOL005/VNFSnapshotPackageManagement-API/IndividualVNFSnapshotPackageArtifact.robot
+++ b/SOL005/VNFSnapshotPackageManagement-API/IndividualVNFSnapshotPackageArtifact.robot
@@ -7,7 +7,7 @@ POST Individual VNF Snapshot Package Artifact - Method not implemented
     ...    Test title: POST Individual VNF Snapshot Package Artifact - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.10.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO 
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -19,7 +19,7 @@ GET Individual VNF Snapshot Package Artifact - Complete File
     ...    Test title: GET Information about an individual VNF Snapshot Package - Complete File
     ...    Test objective: The objective is to fetch the whole content of a VNF snapshot package using GET method.
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.10.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.10.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -32,7 +32,7 @@ GET Individual VNF Snapshot Package Artifact - Partial Content
     ...    Test title: GET Individual VNF Snapshot Package Artifact - Partial Content
     ...    Test objective: The objective is to fetch partial content of a VNF snapshot package by sending a range request using GET method.
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.10.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.10.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: NFVO supports range requests
     ...    Post-Conditions: none
@@ -47,7 +47,7 @@ GET Individual VNF Snapshot Package Artifact - Range Request Not Supported
     ...    Test title: GET Information about an individual VNF Snapshot Package - Range Request Not Supported
     ...    Test objective: The objective is to test that the whole content of a VNF snapshot package is delivered even with a range request when NFVO does not support range requests.
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.10.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.10.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: NFVO does not support range requests
     ...    Post-Conditions: none
@@ -60,7 +60,7 @@ GET Individual VNF Snapshot Package Artifact - Range Not Satisfiable
     ...    Test title: GET Information about an individual VNF Snapshot Package - Range Not Satisfiable
     ...    Test objective: The objective is to test that an error is returned when the byte range passed in the "Range" header does not match any available byte range in the VNF snapshot package file.
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.10.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.10.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: NFVO supports range requests
     ...    Post-Conditions: none
@@ -72,7 +72,7 @@ GET Individual VNF Snapshot Package Artifact - Conflict
     ...    Test title: GET Information about an individual VNF Snapshot Package - Conflict
     ...    Test objective: The objective is to test that an error is returned when the "state" of the VNF snapshot package has a value different from "AVAILABLE".
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.10.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.10.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The "state" of the VNF snapshot package has a value different from "AVAILABLE".
     ...    Post-Conditions: none
@@ -85,7 +85,7 @@ GET Individual VNF Snapshot Package Artifact - External Artifact
     ...    Test title: GET Information about an individual VNF Snapshot Package - External Artifact
     ...    Test objective: The objective is to test that correct response code is returned the referred "Individual VNF Snapshot package artifact" is external to the main VNF snapshot package file created from a build process.
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.10.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.10.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The "Individual VNF Snapshot package artifact" is external to the main VNF snapshot package file created from a build process.
     ...    Post-Conditions: none
@@ -98,7 +98,7 @@ PUT Individual VNF Snapshot Package Artifact - Method not implemented
     ...    Test title: PUT Individual VNF Snapshot Package Artifact - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.10.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.10.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: VNF Snapshot Package not modified
@@ -110,7 +110,7 @@ PATCH Individual VNF Snapshot Package Artifact - Method Not implemented
     ...    Test title: PATCH Individual VNF Snapshot Package Artifact
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.10.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.10.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -122,9 +122,34 @@ DELETE Individual VNF Snapshot Package Artifact - Method Not implemented
     ...    Test title: DELETE Individual VNF Snapshot Package Artifact - Method Not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.10.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.10.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE Individual VNF Snapshot Package Artifact
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+GET Individual VNF Snapshot Package Artifact with permitted authorization scope
+    [Documentation]    Test ID: 5.3.7.10.11
+    ...    Test title: GET Information about an individual VNF Snapshot Package with permitted authorization scope
+    ...    Test objective: The objective is to fetch the whole content of a VNF snapshot package using GET method with permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 11.4.10.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual VNF Snapshot Package Artifact with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Content-Type Header Is Set For Package Artifact
+
+GET Individual VNF Snapshot Package Artifact with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.7.10.12
+    ...    Test title: GET Information about an individual VNF Snapshot Package with not permitted authorization scope
+    ...    Test objective: The objective is to test that fetch the whole content of a VNF snapshot package using GET method fails when using not permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 11.4.10.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual VNF Snapshot Package Artifact with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/VNFSnapshotPackageManagement-API/UploadVNFSnapshotPackageFromUriTask.robot b/SOL005/VNFSnapshotPackageManagement-API/UploadVNFSnapshotPackageFromUriTask.robot
index ee2ec096de0c781f60e1ce9a08e60925221aab92..2c09646c96910ecea83b8cee8288ab0e2aaf53f7 100644
--- a/SOL005/VNFSnapshotPackageManagement-API/UploadVNFSnapshotPackageFromUriTask.robot
+++ b/SOL005/VNFSnapshotPackageManagement-API/UploadVNFSnapshotPackageFromUriTask.robot
@@ -7,7 +7,7 @@ POST Upload VNF Snapshot Package Content from URI
     ...    Test title: POST Upload VNF Snapshot Package Content from URI
     ...    Test objective: The objective is to test that POST method provides the information for the NFVO to get the content of a VNF snapshot package.
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.5.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.5.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -19,7 +19,7 @@ POST Upload VNF Snapshot Package Content from URI - Conflict
     ...    Test title: POST Upload VNF Snapshot Package Content from URI - Conflict
     ...    Test objective: The objective is to test that a correct error code is returned when the POST method tries to intiate upload VNF Snapshot Package from URI task and the state of the VNF snapshot package resource is other than "CREATED" or "ERROR".
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.5.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.5.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The state of the VNF snapshot package resource is other than "CREATED" or "ERROR".
     ...    Post-Conditions: none
@@ -32,7 +32,7 @@ GET Upload VNF Snapshot Package Content from URI - Method Not implemented
     ...    Test title: GET Upload VNF Snapshot Package Content from URI - Method Not implemented
     ...    Test objective: The objective is to test that GET method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.5.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -44,7 +44,7 @@ PUT Upload VNF Snapshot Package Content from URI - Method Not implemented
     ...    Test title: PUT Upload VNF Snapshot Package Content from URI - Method Not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.5.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.5.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -56,7 +56,7 @@ PATCH Upload VNF Snapshot Package Content from URI - Method Not implemented
     ...    Test title: PATCH Upload VNF Snapshot Package Content from URI - Method Not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.5.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.5.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -68,9 +68,33 @@ DELETE Upload VNF Snapshot Package Content from URI - Method Not implemented
     ...    Test title: DELETE Upload VNF Snapshot Package Content from URI - Method Not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.5.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.5.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE Upload VNF Snapshot Package Content from URI
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+POST Upload VNF Snapshot Package Content from URI with permitted authorization scope
+    [Documentation]    Test ID: 5.3.7.5.7
+    ...    Test title: POST Upload VNF Snapshot Package Content from URI with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method provides the information for the NFVO to get the content of a VNF snapshot package with permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 11.4.5.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Upload VNF Snapshot Package Content from URI with permitted authorization scope
+    Check HTTP Response Status Code Is    202 
+
+POST Upload VNF Snapshot Package Content from URI with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.7.5.7
+    ...    Test title: POST Upload VNF Snapshot Package Content from URI with not permitted authorization scope
+    ...    Test objective: The objective is to test that POST method fails to provide the information for the NFVO to get the content of a VNF snapshot package when using not permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 11.4.5.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Upload VNF Snapshot Package Content from URI with not permitted authorization scope
+    Check HTTP Response Status Code Is    401 
\ No newline at end of file
diff --git a/SOL005/VNFSnapshotPackageManagement-API/VNFSnapshotPackageContent.robot b/SOL005/VNFSnapshotPackageManagement-API/VNFSnapshotPackageContent.robot
index 5198074c868f31887a086f2f390f923acc862c3c..fbf7c77085181ae2d6e87c97734a29096606d3f8 100644
--- a/SOL005/VNFSnapshotPackageManagement-API/VNFSnapshotPackageContent.robot
+++ b/SOL005/VNFSnapshotPackageManagement-API/VNFSnapshotPackageContent.robot
@@ -7,7 +7,7 @@ POST VNF Snapshot Package Content - Method not implemented
     ...    Test title: POST VNF Snapshot Package Content - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.4.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -19,7 +19,7 @@ GET VNF Snapshot Package Content - Complete File
     ...    Test title: GET Information about an individual VNF Snapshot Package - Complete File
     ...    Test objective: The objective is to fetch the whole content of a VNF snapshot package using GET method.
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -32,7 +32,7 @@ GET VNF Snapshot Package Content - Partial Content
     ...    Test title: GET VNF Snapshot Package Content - Partial Content
     ...    Test objective: The objective is to fetch partial content of a VNF snapshot package by sending a range request using GET method.
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: NFVO supports range requests
     ...    Post-Conditions: none
@@ -47,7 +47,7 @@ GET VNF Snapshot Package Content - Range Request Not Supported
     ...    Test title: GET Information about an individual VNF Snapshot Package - Range Request Not Supported
     ...    Test objective: The objective is to test that the whole content of a VNF snapshot package is delivered even with a range request when NFVO does not support range requests.
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: NFVO does not support range requests
     ...    Post-Conditions: none
@@ -60,7 +60,7 @@ GET VNF Snapshot Package Content - Range Not Satisfiable
     ...    Test title: GET Information about an individual VNF Snapshot Package - Range Not Satisfiable
     ...    Test objective: The objective is to test that an error is returned when the byte range passed in the "Range" header does not match any available byte range in the VNF snapshot package file.
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: NFVO supports range requests
     ...    Post-Conditions: none
@@ -72,7 +72,7 @@ GET VNF Snapshot Package Content - Conflict
     ...    Test title: GET Information about an individual VNF Snapshot Package - Conflict
     ...    Test objective: The objective is to test that an error is returned when the "state" of the VNF snapshot package has a value different from "AVAILABLE".
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.4.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The "state" of the VNF snapshot package has a value different from "AVAILABLE".
     ...    Post-Conditions: none
@@ -85,7 +85,7 @@ PUT VNF Snapshot Package Content
     ...    Test title: PUT VNF Snapshot Package Content
     ...    Test objective: The objective is to test that PUT method uploads the content of VNF Snapshot Package.
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.4.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.4.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -97,7 +97,7 @@ PUT VNF Snapshot Package Content - Conflict
     ...    Test title: PUT VNF Snapshot Package Content
     ...    Test objective: The objective is to test that PUT method cannot upload the content of VNF Package when the state of the VNF snapshot package resource is other than "CREATED" or "ERROR"..
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.4.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.4.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: the state of the VNF snapshot package resource is other than "CREATED" or "ERROR".
     ...    Post-Conditions: none
@@ -110,7 +110,7 @@ PATCH VNF Snapshot Package Content - Method Not implemented
     ...    Test title: PATCH VNF Snapshot Package Content
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.4.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.4.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -122,9 +122,33 @@ DELETE VNF Snapshot Package Content - Method Not implemented
     ...    Test title: DELETE VNF Snapshot Package Content - Method Not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.4.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.4.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE VNF Snapshot Package Content
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+PUT VNF Snapshot Package Content with permitted authorization scope
+     [Documentation]    Test ID: 5.3.7.4.11
+    ...    Test title: PUT VNF Snapshot Package Content with permitted authorization scope
+    ...    Test objective: The objective is to test that PUT method uploads the content of VNF Snapshot Package with permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 11.4.4.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    PUT VNF Snapshot Package Content with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+
+PUT VNF Snapshot Package Content with not permitted authorization scope
+     [Documentation]    Test ID: 5.3.7.4.12
+    ...    Test title: PUT VNF Snapshot Package Content with not permitted authorization scope
+    ...    Test objective: The objective is to test that PUT method fails to upload the content of VNF Snapshot Package when using a not permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 11.4.4.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    PUT VNF Snapshot Package Content with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/VNFSnapshotPackageManagement-API/VNFSnapshotPackages.robot b/SOL005/VNFSnapshotPackageManagement-API/VNFSnapshotPackages.robot
index 16cc89da668ff3951419ccc8e263c54bb10238a7..b067424ce45011bcd07ebf6f80de10aaec7aca11 100644
--- a/SOL005/VNFSnapshotPackageManagement-API/VNFSnapshotPackages.robot
+++ b/SOL005/VNFSnapshotPackageManagement-API/VNFSnapshotPackages.robot
@@ -7,7 +7,7 @@ POST Create a VNF Snapshot Package
     ...    Test title: POST Create a VNF Snapshot Package
     ...    Test objective: The objective is to test that POST method creates a VNF Snapshot Package
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -20,7 +20,7 @@ GET information about multiple VNF Snapshot Packages
     ...    Test title: GET information about multiple VNF Snapshot Packages
     ...    Test objective: The objective is to get information about multiples VNF Snapshot Packages
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -33,7 +33,7 @@ GET information about multiple VNF Snapshot Packages Bad Request Invalid attribu
     ...    Test title: GET information about multiple VNF Snapshot Packages Bad Request Invalid attribute-based filtering parameters
     ...    Test objective: The objective is to get information about multiples VNF Snapshot Packages with Invalid attribute-based filtering parameters
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -46,7 +46,7 @@ GET information about multiple VNF Snapshot Packages Bad Request Invalid attribu
     ...    Test title: GET information about multiple VNF Snapshot Packages Bad Request Invalid attribute selector
     ...    Test objective: The objective is to get information about multiples VNF Snapshot Packages with Invalid attribute-based filtering parameters
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -59,7 +59,7 @@ GET information about multiple VNF Snapshot Packages with "all_fields" attribute
     ...    Test title: GET information about multiple VNF Snapshot Packages with "all_fields" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF Snapshot Packages
     ...    Pre-conditions:  none
-    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -72,7 +72,7 @@ GET information about multiple VNF Snapshot Packages with "exclude_default" attr
     ...    Test title: GET information about multiple VNF Snapshot Packages with "exclude_default" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF Snapshot Packages
     ...    Pre-conditions:  none
-    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -85,7 +85,7 @@ GET information about multiple VNF Snapshot Packages with "fields" attribute sel
     ...    Test title: GET information about multiple VNF Snapshot Packages with "fields" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF Snapshot Packages
     ...    Pre-conditions:  none
-    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -98,7 +98,7 @@ GET information about multiple VNF Snapshot Packages with "exclude_default" and
     ...    Test title: GET information about multiple VNF Snapshot Packages with "exclude_default" and "fields" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF Snapshot Packages
     ...    Pre-conditions:  none
-    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -111,7 +111,7 @@ GET information about multiple VNF Snapshot Packages with "exclude_fields" attri
     ...    Test title: GET information about multiple VNF Snapshot Packages with "exclude_fields" attribute selector
     ...    Test objective: The objective is to query information about multiple VNF Snapshot Packages
     ...    Pre-conditions:  none
-    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -124,7 +124,7 @@ GET VNF Snapshot Packages - Bad Request Response too Big
     ...    Test title: GET VNF Snapshot Packages - Bad Request Response too Big
     ...    Test objective: The objective is test that the retrieval of existing VNF Snapshot Packages list fails because response is too big, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: NFVO does not support paged response.
     ...    Post-Conditions: none 
@@ -137,7 +137,7 @@ GET VNF Snapshot Packages as Paged Response
     ...    Test title: GET VNF Snapshot Packages as Paged Response
     ...    Test objective: The objective is to test that GET method retrieves the list of existing VNF Snapshot Packages as paged response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: NFVO supports paged response.
     ...    Post-Conditions: none    
@@ -150,7 +150,7 @@ PUT VNF Snapshot Packages - Method not implemented
     ...    Test title: PUT VNF Snapshot Packages - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions:  none
-    ...    Reference: Clause 11.4.2.3.3 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.2.3.3 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -162,7 +162,7 @@ PATCH VNF Snapshot Packages - Method not implemented
     ...    Test title: PATCH VNF Snapshot Packages - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none 
-    ...    Reference: Clause 11.4.2.3.4 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.2.3.4 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -174,7 +174,7 @@ DELETE VNF Snapshot Packages - Method not implemented
     ...    Test title: DELETE VNF Snapshot Packages - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented
     ...    Pre-conditions: none 
-    ...    Reference: Clause 11.4.2.3.5 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.2.3.5 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: VNF snapshot package is not deleted
@@ -186,10 +186,35 @@ GET information about multiple VNF Snapshot Packages with Filter
     ...    Test title: GET information about multiple VNF Snapshot Packages with Filter
     ...    Test objective: The objective is to get information about multiples VNF Snapshot Packages using filter
     ...    Pre-conditions: none
-    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.4.1
+    ...    Reference: Clause 11.4.2.3.2 - ETSI GS NFV-SOL 005 [3] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     GET multiple VNF Snapshot Packages using filter
     Check HTTP Response Status Code Is    200
-    Check HTTP Response Body Json Schema Is    VnfSnapshotPkgInfos
\ No newline at end of file
+    Check HTTP Response Body Json Schema Is    VnfSnapshotPkgInfos
+
+POST Create a VNF Snapshot Package with permitted authorization scope
+    [Documentation]    Test ID: 5.3.7.2.16
+    ...    Test title: POST Create a VNF Snapshot Package with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method creates a VNF Snapshot Package with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 11.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST VNF Snapshot Packages with permitted authorization scope
+    Check HTTP Response Status Code Is    201
+    Check HTTP Response Body Json Schema Is    VnfSnapshotPkgInfo
+
+POST Create a VNF Snapshot Package with not permitted authorization scope
+    [Documentation]    Test ID: 5.3.7.2.17
+    ...    Test title: POST Create a VNF Snapshot Package with not permitted authorization scope
+    ...    Test objective: The objective is to test that POST method fails to creat a VNF Snapshot Package when using a not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: Clause 11.4.2.3.1 - ETSI GS NFV-SOL 005 [3] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST VNF Snapshot Packages with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL005/VNFSnapshotPackageManagement-API/VnfSnapshotPackageManagementKeywords.robot b/SOL005/VNFSnapshotPackageManagement-API/VnfSnapshotPackageManagementKeywords.robot
index e5c9cf02e87a6b9417af6fae57572e8425499eec..a3c98a0f1d143635e993af77a51bae2d56d3fc8f 100644
--- a/SOL005/VNFSnapshotPackageManagement-API/VnfSnapshotPackageManagementKeywords.robot
+++ b/SOL005/VNFSnapshotPackageManagement-API/VnfSnapshotPackageManagementKeywords.robot
@@ -7,6 +7,7 @@ Library     JSONSchemaLibrary    schemas/
 Library     String
 Library     OperatingSystem
 Library     Collections
+Library     jwt
 
 *** Keywords ***
 POST API Version
@@ -101,7 +102,34 @@ POST VNF Snapshot Packages
     ${body}=    Get File    jsons/CreateVnfSnapshotPkgInfoRequest.json
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages    ${body}
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}        
+	Set Global Variable    ${response}    ${outputResponse}      
+
+POST VNF Snapshot Packages with permitted authorization scope
+    Log    Trying to create a VNF Snapshot Package using the POST method.
+    Set Headers    {"Accept":"${ACCEPT_JSON}"} 
+    Set Headers    {"Content-Type":"${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${PACKAGE_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken
+    ${body}=    Get File    jsons/CreateVnfSnapshotPkgInfoRequest.json
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}      
+
+
+POST VNF Snapshot Packages with not permitted authorization scope
+    Log    Trying to create a VNF Snapshot Package using the POST method.
+    Set Headers    {"Accept":"${ACCEPT_JSON}"} 
+    Set Headers    {"Content-Type":"${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${PACKAGE_NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken
+    ${body}=    Get File    jsons/CreateVnfSnapshotPkgInfoRequest.json
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}      
 	
 GET multiple VNF Snapshot Packages	
     Log    Query VNF The GET method queries information about multiple VNF Snapshot Packages.
@@ -257,6 +285,32 @@ PATCH individual VNF Snapshot Package
     Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages/${vnfSnapshotPkgId} 		
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
+
+PATCH individual VNF Snapshot Package with permitted authorization scope
+    log    Trying to modify a VNF Snapshot Package using PATCH method
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${PACKAGE_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken
+    ${body}=    Get File    jsons/VnfSnapshotPkgInfoModifications.json
+    Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages/${vnfSnapshotPkgId} 		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 
+
+PATCH individual VNF Snapshot Package with not permitted authorization scope
+    log    Trying to modify a VNF Snapshot Package using PATCH method
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${PACKAGE_NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken
+    ${body}=    Get File    jsons/VnfSnapshotPkgInfoModifications.json
+    Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages/${vnfSnapshotPkgId} 		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
 	
 Check state of the VNF Snapshot Package - PATCH
     GET individual VNF Snapshot Package
@@ -381,6 +435,32 @@ PUT VNF Snapshot Package Content
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 
+PUT VNF Snapshot Package Content with permitted authorization scope
+    log    Trying to upload the contents of VNF Snapshot Package using PUT
+    Set Headers  {"Accept":"${ACCEPT_ZIP}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE_ZIP}"}
+    ${scopeValue}=    Create Dictionary    scope=${CONTENT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken
+    ${body}=    Get Binary File    zip/sampleVNFSnapshotPackage.zip
+    Put    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages/${vnfSnapshotPkgId}/package_content    ${body} 		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 
+
+PUT VNF Snapshot Package Content with not permitted authorization scope
+    log    Trying to upload the contents of VNF Snapshot Package using PUT
+    Set Headers  {"Accept":"${ACCEPT_ZIP}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE_ZIP}"}
+    ${scopeValue}=    Create Dictionary    scope=${CONTENT_NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken
+    ${body}=    Get Binary File    zip/sampleVNFSnapshotPackage.zip
+    Put    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages/${vnfSnapshotPkgId}/package_content    ${body} 		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 
+
 PUT VNF Snapshot Package Content - Conflict
     Check Conflict State for PUT VNF Snapshot Package Content
     log    Trying to upload the contents of VNF Snapshot Package using PUT when the state of Individual VNF Snapshot Package is other than CREATED or ERROR
@@ -433,6 +513,28 @@ GET Individual VNF Snapshot Package Artifact - Complete
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}  
 
+GET Individual VNF Snapshot Package Artifact with permitted authorization scope
+    log    Trying to fetch the complete contents of an individual VNF Snapshot Package artifact
+    Set Headers    {"Accept":"${ACCEPT_OCTET}"}  
+    ${scopeValue}=    Create Dictionary    scope=${ARTIFACT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages/${vnfSnapshotPkgId}/artifacts/${artifactPath} 		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}  
+
+GET Individual VNF Snapshot Package Artifact with not permitted authorization scope
+    log    Trying to fetch the complete contents of an individual VNF Snapshot Package artifact
+    Set Headers    {"Accept":"${ACCEPT_OCTET}"}  
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages/${vnfSnapshotPkgId}/artifacts/${artifactPath} 		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 
+
 GET Individual VNF Snapshot Package Artifact - Range Request
     Pass Execution If    ${NFVO_RANGE_OK} == 0    Skipping this test as NFVO is not able to handle partial Requests.
     log    Trying to get information about an individual VNF Snapshot Package artifact using a range request
@@ -517,7 +619,35 @@ POST Upload VNF Snapshot Package Content from URI
     ${body}=        Format String   ${template}    addressInformation=${vnfPackageContent_URI}
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages/${vnfSnapshotPkgId}/package_content/upload_from_uri    ${body}
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}        
+	Set Global Variable    ${response}    ${outputResponse}    
+
+POST Upload VNF Snapshot Package Content from URI with permitted authorization scope
+    Log    Trying to initiate Upload VNF Snapshot Content from URI task
+    Set Headers    {"Accept":"${ACCEPT_JSON}"} 
+    Set Headers    {"Content-Type":"${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${URI_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken
+    ${template}=    Get File    jsons/UploadVnfSnapshotPkgFromUriRequest.json
+    ${body}=        Format String   ${template}    addressInformation=${vnfPackageContent_URI}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages/${vnfSnapshotPkgId}/package_content/upload_from_uri    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}    
+
+POST Upload VNF Snapshot Package Content from URI with not permitted authorization scope
+    Log    Trying to initiate Upload VNF Snapshot Content from URI task
+    Set Headers    {"Accept":"${ACCEPT_JSON}"} 
+    Set Headers    {"Content-Type":"${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken
+    ${template}=    Get File    jsons/UploadVnfSnapshotPkgFromUriRequest.json
+    ${body}=        Format String   ${template}    addressInformation=${vnfPackageContent_URI}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages/${vnfSnapshotPkgId}/package_content/upload_from_uri    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}    
     
 POST Upload VNF Snapshot Package Content from URI - Conflict
     Check Conflict State for PUT VNF Snapshot Package Content
@@ -576,7 +706,35 @@ POST Build VNF Snapshot Package Content Task
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages/${vnfSnapshotPkgId}/package_content/build    ${body}
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}        
-    
+
+POST Build VNF Snapshot Package Content Task with permitted authorization scope
+    Log    Trying to initiate the Build of VNF Snapshot Content Task
+    Set Headers    {"Accept":"${ACCEPT_JSON}"} 
+    Set Headers    {"Content-Type":"${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${BUILD_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken
+    ${template}=    Get File    jsons/BuildVnfSnapshotPkgRequest.json
+    ${body}=        Format String   ${template}    vnfSnapshotInfoId=${vnfSnapshotInfoId}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages/${vnfSnapshotPkgId}/package_content/build    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 
+
+POST Build VNF Snapshot Package Content Task with not permitted authorization scope
+    Log    Trying to initiate the Build of VNF Snapshot Content Task
+    Set Headers    {"Accept":"${ACCEPT_JSON}"} 
+    Set Headers    {"Content-Type":"${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken
+    ${template}=    Get File    jsons/BuildVnfSnapshotPkgRequest.json
+    ${body}=        Format String   ${template}    vnfSnapshotInfoId=${vnfSnapshotInfoId}
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages/${vnfSnapshotPkgId}/package_content/build    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 
+
 POST Build VNF Snapshot Package Content Task - Conflict
     Check Conflict State for BUILD VNF Snapshot Package Content
     Log    Trying to initiate the Build VNF Snapshot Content task when the state of the VNF Snapshot Package is not CREATED.
@@ -638,7 +796,35 @@ POST Extract VNF Snapshot Package Content Task
     ${body}=        Format String   ${template}    vnfSnapshotInfoId=${vnfSnapshotInfoId}    
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages/${vnfSnapshotPkgId}/package_content/extract    ${body}
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}        
+	Set Global Variable    ${response}    ${outputResponse}   
+
+POST Extract VNF Snapshot Package Content Task with permitted authorization scope
+    Log    Trying to initiate Extract VNF Snapshot Content from URI task
+    Set Headers    {"Accept":"${ACCEPT_JSON}"} 
+    Set Headers    {"Content-Type":"${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${EXTRACTs_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken
+    ${template}=    Get File    jsons/ExtractVnfSnapshotPkgRequest.json
+    ${body}=        Format String   ${template}    vnfSnapshotInfoId=${vnfSnapshotInfoId}    
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages/${vnfSnapshotPkgId}/package_content/extract    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}    
+
+POST Extract VNF Snapshot Package Content Task with not permitted authorization scope
+    Log    Trying to initiate Extract VNF Snapshot Content from URI task
+    Set Headers    {"Accept":"${ACCEPT_JSON}"} 
+    Set Headers    {"Content-Type":"${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken
+    ${template}=    Get File    jsons/ExtractVnfSnapshotPkgRequest.json
+    ${body}=        Format String   ${template}    vnfSnapshotInfoId=${vnfSnapshotInfoId}    
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages/${vnfSnapshotPkgId}/package_content/extract    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}   
     
 POST Extract VNF Snapshot Package Content Task - Conflict State
     Check Conflict State for Extract VNF Snapshot Package Content
@@ -711,7 +897,33 @@ POST Cancel VNF Snapshot Package Content Task
     ${body}=    Get File    jsons/CancelVnfSnapshotPkgOperationRequest.json
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages/${vnfSnapshotPkgId}/package_content/cancel    ${body}
     ${outputResponse}=    Output    response
-	Set Global Variable    ${response}    ${outputResponse}        
+	Set Global Variable    ${response}    ${outputResponse}    
+
+POST Cancel VNF Snapshot Package Content Task with permitted authorization scope
+    Log    Trying to initiate cancelation of VNF Snapshot Content Task
+    Set Headers    {"Accept":"${ACCEPT_JSON}"} 
+    Set Headers    {"Content-Type":"${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${CANCEL_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken
+    ${body}=    Get File    jsons/CancelVnfSnapshotPkgOperationRequest.json
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages/${vnfSnapshotPkgId}/package_content/cancel    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}  
+
+POST Cancel VNF Snapshot Package Content Task with not permitted authorization scope
+    Log    Trying to initiate cancelation of VNF Snapshot Content Task
+    Set Headers    {"Accept":"${ACCEPT_JSON}"} 
+    Set Headers    {"Content-Type":"${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken
+    ${body}=    Get File    jsons/CancelVnfSnapshotPkgOperationRequest.json
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages/${vnfSnapshotPkgId}/package_content/cancel    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}  
     
 POST Cancel VNF Snapshot Package Content Task - Conflict
     Check Conflict State for Cancel VNF Snapshot Package Content
@@ -814,6 +1026,30 @@ GET Access Configuration for External Artifacts
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
 
+GET Access Configuration for External Artifacts with permitted authorization scope
+    log    Trying to read the access configuration information that is used by the NFVO to get the content of external VNF snapshot package artifacts
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${ACCESS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages/${vnfSnapshotPkgId}/ext_artifacts_access 		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 
+
+GET Access Configuration for External Artifacts with not permitted authorization scope
+    log    Trying to read the access configuration information that is used by the NFVO to get the content of external VNF snapshot package artifacts
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages/${vnfSnapshotPkgId}/ext_artifacts_access 		
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse} 
+
 PATCH Access Configuration for External Artifacts
     log    Trying to perform a PATCH. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT_JSON}"}  
@@ -830,3 +1066,8 @@ DELETE Access Configuration for External Artifacts
     Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/vnf_snapshot_packages/${vnfSnapshotPkgId}/ext_artifacts_access 		
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
+
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded} 
\ No newline at end of file
diff --git a/SOL005/VNFSnapshotPackageManagement-API/environment/variables.txt b/SOL005/VNFSnapshotPackageManagement-API/environment/variables.txt
index e82fd1098c758ea9cdbe9986582b704995fe022a..4eb339f15eb6df690942e5e303764c463fd4d429 100644
--- a/SOL005/VNFSnapshotPackageManagement-API/environment/variables.txt
+++ b/SOL005/VNFSnapshotPackageManagement-API/environment/variables.txt
@@ -4,6 +4,20 @@ ${NFVO_PORT}      8081    # Listening port of the NFVO
 ${NFVO_SCHEMA}    https
 ${AUTHORIZATION_HEADER}    Authorization
 ${AUTHORIZATION_TOKEN}    Bearer 0b79bab50daca910b000d4f1a2b675d604257e42
+
+${OAUTH_ENCRIPTION_ALGORITHM}    HS256
+${PACKAGE_PERMITTED_SCOPE}    vnfsnapshotpkgm:v2:vnf_snapshot_packages  
+${PACKAGE_NOT_PERMITTED_SCOPE}    vnfsnapshotpkgm:v2:vnf_snapshot_packages:readonly
+${CONTENT_PERMITTED_SCOPE}    vnfsnapshotpkgm:v2:package_content 
+${CONTENT_NOT_PERMITTED_SCOPE}    vnfsnapshotpkgm:v2:package_content:readonly
+${URI_PERMITTED_SCOPE}    vnfsnapshotpkgm:v2:upload_from_uri
+${BUILD_PERMITTED_SCOPE}    vnfsnapshotpkgm:v2:build 
+${EXTRACT_PERMITTED_SCOPE}    vnfsnapshotpkgm:v2:extract 
+${CANCEL_PERMITTED_SCOPE}    vnfsnapshotpkgm:v2:cancel 
+${ACCESS_PERMITTED_SCOPE}    vnfsnapshotpkgm:v2:ext_artifacts_access
+${ARTIFACT_PERMITTED_SCOPE}    vnfsnapshotpkgm:v2:artifacts:readonly
+${NOT_PERMITTED_SCOPE}    vnfsnapshotpkgm:v2:invalid
+
 ${ACCEPT_JSON}    application/json
 ${AUTH_USAGE}     1
 ${CONTENT_TYPE_JSON}    application/json
diff --git a/SOL009/NFVMANOFaultManagement-API/Alarms.robot b/SOL009/NFVMANOFaultManagement-API/Alarms.robot
index 3d6d861e732255afbbad0569dfdab5cca36f3047..01d60318d4e746df2e2b61c3259d0d8340cd73a3 100644
--- a/SOL009/NFVMANOFaultManagement-API/Alarms.robot
+++ b/SOL009/NFVMANOFaultManagement-API/Alarms.robot
@@ -7,7 +7,7 @@ POST Alarms - Method not implemented
     ...    Test title: POST Alarms - Method not implemented 
     ...    Test objective: The objective is to test that Post method is not allowed to create fault management alarms on NFV-MANO
     ...    Pre-conditions: none
-    ...    Reference: clause 7.5.3.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.3.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions:  none
@@ -19,7 +19,7 @@ Get information about multiple alarms
     ...    Test title: Get information about multiple alarms
     ...    Test objective: The objective is to retrieve information about the alarm list and perform a JSON schema of the returned alarms data structure
     ...    Pre-conditions: none
-    ...    Reference: clause 7.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -32,7 +32,7 @@ Get information about multiple alarms with filter
     ...    Test title: Get information about multiple alarms with filter
     ...    Test objective: The objective is to retrieve information about the alarm list and perform a JSON schema validation of the returned alarms data structure, and verify that the retrieved information matches the issued attribute-based filters 
     ...    Pre-conditions: none 
-    ...    Reference: clause 7.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -45,7 +45,7 @@ Get information about multiple alarms with invalid attribute-based filtering par
     ...    Test title:  Get information about multiple alarms with invalid attribute-based filtering parameters
     ...    Test objective: The objective is to try to retrieve information about the alarm list with invalid filters and perform a JSON schema validation of the returned problem details data structure
     ...    Pre-conditions: none
-    ...    Reference: clause 7.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -58,7 +58,7 @@ Get information about multiple alarms as a Paged Response
     ...    Test title: Get information about multiple alarms as a Paged Response
     ...    Test objective: The objective is to retrieve information about the alarm list as a Paged Response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: Clause 7.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -71,7 +71,7 @@ Get information about multiple alarms - Bad Request Response too Big
     ...    Test title:  Get information about multiple alarms - Bad Request Response too Big
     ...    Test objective: The objective is to try to retrieve information about the alarm list because response is too big and perform a JSON schema validation of the returned problem details data structure
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: Clause 7.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -84,7 +84,7 @@ GET information about alarms with attribute-based filter "id"
     ...    Test title: GET information about alarms with attribute-based filter "id"
     ...    Test objective: The objective is to retrieve information about the alarm list with alarm filter "id"
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: Clause 7.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -98,7 +98,7 @@ GET information about multiple alarms with attribute-based filter "managedObject
     ...    Test title: GET information about multiple alarms with attribute-based filter "managedObjectId"
     ...    Test objective: The objective is to retrieve information about the alarm list with attribute filter "managedObjectId"
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: Clause 7.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -112,7 +112,7 @@ GET information about multiple alarms with attribute-based filter "eventType"
     ...    Test title: GET information about multiple alarms with attribute-based filter "eventType"
     ...    Test objective: The objective is to retrieve information about the alarm list with attribute filter "eventType"
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: Clause 7.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -126,7 +126,7 @@ GET information about multiple alarms with attribute-based filter "perceivedSeve
     ...    Test title: GET information about multiple alarms with attribute-based filter "perceivedSeverity"
     ...    Test objective: The objective is to retrieve information about the alarm list with attribute filter "perceivedSeverity"
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: Clause 7.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -140,7 +140,7 @@ GET information about multiple alarms with attribute-based filter "probableCause
     ...    Test title: GET information about multiple alarms with attribute-based filter "probableCause"
     ...    Test objective: The objective is to retrieve information about the alarm list with attribute filter "probableCause"
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: Clause 7.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -154,7 +154,7 @@ Get information about multiple alarms with malformed authorization token
     ...    Test title: Get information about multiple alarms with malformed authorization token
     ...    Test objective: The objective is to test that the retrieval of information about the alarm list fails when using malformed authorization token
     ...    Pre-conditions: none
-    ...    Reference: clause 7.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: The NFV-MANO entity requires the usage of access tokens for authorizing the API requests.
     ...    Post-Conditions: none
@@ -166,7 +166,7 @@ Get information about multiple alarms without authorization token
     ...    Test title: Get information about multiple alarms without authorization token
     ...    Test objective: The objective is to test that the retrieval of information about the alarm list fails when omitting the authorization token
     ...    Pre-conditions: none
-    ...    Reference: clause 7.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: The NFV-MANO entity requires the usage of access tokens for authorizing the API requests.
     ...    Post-Conditions: none
@@ -178,7 +178,7 @@ GET information about multiple alarms with expired or revoked authorization toke
     ...    Test title: GET information about multiple alarms with expired or revoked authorization token
     ...    Test objective: The objective is to test that the retrieval of information about the alarm list fails when using expired or revoked authorization token
     ...    Pre-conditions: One or more Network Service Descriptors are onboarded in the NFVO
-    ...    Reference: clause 7.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: The NFV-MANO entity requires the usage of access tokens for authorizing the API requests.
     ...    Post-Conditions: none
@@ -190,7 +190,7 @@ PUT Alarms - Method not implemented
     ...    Test title: PUT Alarms - Method not implemented 
     ...    Test objective: The objective is to test that PUT method is not allowed to modify fault management alarms on NFV-MANO.
     ...    Pre-conditions: none
-    ...    Reference: clause 7.5.3.3.3 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.3.3.3 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions:  none
@@ -202,7 +202,7 @@ PATCH Alarms - Method not implemented
     ...    Test title: PATCH Alarms - Method not implemented 
     ...    Test objective: The objective is to test that PATCH method is not allowed to modify fault management alarms on NFV-MANO.
     ...    Pre-conditions: none
-    ...    Reference: clause 7.5.3.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.3.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions:  none
@@ -214,10 +214,35 @@ DELETE Alarms - Method not implemented
     ...    Test title: POST Alarms - Method not implemented 
     ...    Test objective: The objective is to test that DELETE method is not allowed for fault management alarms on NFV-MANO
     ...    Pre-conditions: none
-    ...    Reference: clause 7.5.3.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.3.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions:  none
     DELETE Fault management Alarms
     Check HTTP Response Status Code Is    405
+
+Get information about multiple alarms with permitted authorization scope
+    [Documentation]    Test ID: 8.3.3.1.18
+    ...    Test title: Get information about multiple alarms with permitted authorization scope
+    ...    Test objective: The objective is to retrieve information about the alarm list with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: clause 7.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Fault Management Alarms with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    Alarms
+
+Get information about multiple alarms with not permitted authorization scope
+    [Documentation]    Test ID: 8.3.3.1.19
+    ...    Test title: Get information about multiple alarms with not permitted authorization scope
+    ...    Test objective: The objective is to test that retrieve information about the alarm list fails with not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: clause 7.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Fault Management Alarms with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
     
\ No newline at end of file
diff --git a/SOL009/NFVMANOFaultManagement-API/FaultManagement-APIKeyword.robot b/SOL009/NFVMANOFaultManagement-API/FaultManagement-APIKeyword.robot
index 4d1427ddf0cd7271a1675e458f121d0cacde95da..5a02292a4bd89f4c3e48192a85e72e68359276ca 100644
--- a/SOL009/NFVMANOFaultManagement-API/FaultManagement-APIKeyword.robot
+++ b/SOL009/NFVMANOFaultManagement-API/FaultManagement-APIKeyword.robot
@@ -8,6 +8,7 @@ Library    OperatingSystem
 Library    Collections
 Library    MockServerLibrary
 Library    Process
+Library    jwt
 
 # *** Variables ***
 # ${original_etag}    1234
@@ -36,7 +37,31 @@ GET Fault Management Alarms
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms
     ${outputResponse}=    Output    response
     Set Global Variable    @{response}    ${outputResponse}
+
+GET Fault Management Alarms with permitted authorization scope
+    Log    Query NFV-MANO The GET method queries information about multiple alarms.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    ${scopeValue}=    Create Dictionary    scope=${ALARMS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Log    Execute Query
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms
+    ${outputResponse}=    Output    response
+    Set Global Variable    @{response}    ${outputResponse}
     
+GET Fault Management Alarms with not permitted authorization scope
+    Log    Query NFV-MANO The GET method queries information about multiple alarms.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Log    Execute Query
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms
+    ${outputResponse}=    Output    response
+    Set Global Variable    @{response}    ${outputResponse}
+
 Check HTTP Response Body Json Schema Is
     [Arguments]    ${input}
     Run Keyword If    '${input}' == 'ProblemDetails'    Should Contain    ${response['headers']['Content-Type']}    application/problem+json
@@ -140,6 +165,32 @@ PATCH Fault Management Individual Alarm
     Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms/${alarmId}    ${body}
     ${outputResponse}=    Output    response
     Set Global Variable    @{response}    ${outputResponse}
+
+PATCH Fault Management Individual Alarm with permitted authorization scope
+    log    Trying to perform a PATCH. This method modifies an individual alarm resource
+    Set Headers  {"Accept":"${ACCEPT}"} 
+    Set Headers  {"Content-Type": "${CONTENT_TYPE_PATCH}"} 
+    ${scopeValue}=    Create Dictionary    scope=${ALARMS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    ${body}=    Get File    jsons/alarmModifications.json
+    Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms/${alarmId}    ${body}
+    ${outputResponse}=    Output    response
+    Set Global Variable    @{response}    ${outputResponse}
+
+PATCH Fault Management Individual Alarm with not permitted authorization scope
+    log    Trying to perform a PATCH. This method modifies an individual alarm resource
+    Set Headers  {"Accept":"${ACCEPT}"} 
+    Set Headers  {"Content-Type": "${CONTENT_TYPE_PATCH}"} 
+    ${scopeValue}=    Create Dictionary    scope=${ALARMS_NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    ${body}=    Get File    jsons/alarmModifications.json
+    Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/alarms/${alarmId}    ${body}
+    ${outputResponse}=    Output    response
+    Set Global Variable    @{response}    ${outputResponse}
     
 PATCH Fault Management Individual Alarm - precondition failed
     log    Trying to perform a PATCH. This method fail to modifies an individual alarm resource
@@ -256,6 +307,28 @@ GET Subscriptions
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions
     ${outputResponse}=    Output    response
     Set Global Variable    @{response}    ${outputResponse}
+
+GET Subscriptions with permitted authorization scope
+    Log    Get the list of active subscriptions
+    Set Headers    {"Accept": "${ACCEPT}"}
+    ${scopeValue}=    Create Dictionary    scope=${SUBSCRIPTIONS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions
+    ${outputResponse}=    Output    response
+    Set Global Variable    @{response}    ${outputResponse}
+
+GET Subscriptions with not permitted authorization scope
+    Log    Get the list of active subscriptions
+    Set Headers    {"Accept": "${ACCEPT}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions
+    ${outputResponse}=    Output    response
+    Set Global Variable    @{response}    ${outputResponse}
     
 GET Subscriptions with filter
     Log    Get the list of active subscriptions using a filter
@@ -312,6 +385,28 @@ GET Individual Subscription
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
     ${outputResponse}=    Output    response
     Set Global Variable    @{response}    ${outputResponse}  
+
+GET Individual Subscription with permitted authorization scope
+    log    Trying to get information about an individual subscription
+    Set Headers    {"Accept":"${ACCEPT}"}  
+    ${scopeValue}=    Create Dictionary    scope=${SUBSCRIPTIONS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
+    ${outputResponse}=    Output    response
+    Set Global Variable    @{response}    ${outputResponse}  
+
+GET Individual Subscription with not permitted authorization scope
+    log    Trying to get information about an individual subscription
+    Set Headers    {"Accept":"${ACCEPT}"}  
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
+    ${outputResponse}=    Output    response
+    Set Global Variable    @{response}    ${outputResponse} 
     
 PUT Individual Subscription
     log    Trying to perform a PUT. This method should not be implemented
@@ -713,3 +808,8 @@ DELETE API Version with apiMajorVersion
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion} /api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
+
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded} 
diff --git a/SOL009/NFVMANOFaultManagement-API/IndividualAlarm.robot b/SOL009/NFVMANOFaultManagement-API/IndividualAlarm.robot
index 9b1d6e2b1f408dd7cae49444660f235df07d8cb1..2998c682bfd4dd4b409427d72d822b0fddff2df3 100644
--- a/SOL009/NFVMANOFaultManagement-API/IndividualAlarm.robot
+++ b/SOL009/NFVMANOFaultManagement-API/IndividualAlarm.robot
@@ -7,7 +7,7 @@ POST Individual Alarm - Method not implemented
     ...    Test title: POST Individual Alarm - Method not implemented
     ...    Test objective: The objective is to test that Post method is not allowed to create fault management individual alarm on NFV-MANO 
     ...    Pre-conditions: none
-    ...    Reference: clause 7.5.4.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.4.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none  
@@ -19,7 +19,7 @@ Get information about an fault management individual alarm
     ...    Test title: Get information about an fault management individual alarm
     ...    Test objective: The objective is to retrieve information about an individual alarm and perform a JSON schema and content validation of the returned alarm data structure
     ...    Pre-conditions: The related alarm exists
-    ...    Reference: clause 7.5.4.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.4.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions:  none 
@@ -32,7 +32,7 @@ Get information about an fault management individual alarm - Not Found
     ...    Test title: Get information about an fault management individual alarm
     ...    Test objective: The objective is to test the retrieval of information about an individual alarm fails when the resource is not present.
     ...    Pre-conditions: none
-    ...    Reference: clause 7.5.4.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.4.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -45,7 +45,7 @@ PUT Individual Alarm - Method not implemented
     ...    Test title: PUT Individual Alarm - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to for fault management individual alarm on NFV-MANO 
     ...    Pre-conditions: none
-    ...    Reference: clause 7.5.4.3.3 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.4.3.3 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions:  none 
@@ -57,7 +57,7 @@ PATCH Fault Management Individual Alarm
     ...    Test title: PATCH Fault Management Individual Alarm
     ...    Test objective: The objective is to Modify an individual alarm resource, and perform a JSON schema validation of the returned alarm data structure.
     ...    Pre-conditions: The related alarm exists
-    ...    Reference: clause 7.5.4.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.4.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: Alarm is modified.
@@ -70,7 +70,7 @@ Modify an individual alarm resource - Precondition failed
     ...    Test title: Modify an individual alarm resource - Precondition failed
     ...    Test objective: The objective is to test that an individual alarm resource cannot be modified if the alarm is already in the state that is requested to be set, and perform a JSON schema validation of the returned data structure.
     ...    Pre-conditions: The related alarm exists
-    ...    Reference: clause 7.5.4.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.4.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: Alarm is not modified.
@@ -84,7 +84,7 @@ Modify an individual alarm resource - Conflict
     ...    Test title: Modify an individual alarm resource - Conflict
     ...    Test objective: The objective is to test that an individual alarm resource cannot be modified if the resource was modified by another entity , and perform a JSON schema validation of the returned data structure.
     ...    Pre-conditions: The related alarm exists
-    ...    Reference: clause 7.5.4.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.4.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: Alarm is not modified.
@@ -98,9 +98,35 @@ DELETE Individual Alarm - Method not implemented
     ...    Test title: DELETE Individual Alarm - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete fault management individual alarm on NFV-MANO.
     ...    Pre-conditions: none
-    ...    Reference: clause 7.5.4.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.4.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE Fault Management Individual Alarm
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+PATCH Fault Management Individual Alarm with permitted authorization scope
+    [Documentation]    Test ID: 8.3.3.2.9
+    ...    Test title: PATCH Fault Management Individual Alarm with permitted authorization scope
+    ...    Test objective: The objective is to Modify an individual alarm resource with permitted authorization scope.
+    ...    Pre-conditions: The related alarm exists
+    ...    Reference: clause 7.5.4.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: Alarm is modified.
+    PATCH Fault Management Individual Alarm with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is  AlarmModification
+
+PATCH Fault Management Individual Alarm with not permitted authorization scope
+    [Documentation]    Test ID: 8.3.3.2.10
+    ...    Test title: PATCH Fault Management Individual Alarm with not permitted authorization scope
+    ...    Test objective: The objective is to test that Modification of an individual alarm resource fails with not permitted authorization scope.
+    ...    Pre-conditions: The related alarm exists
+    ...    Reference: clause 7.5.4.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: Alarm is modified.
+    PATCH Fault Management Individual Alarm with not permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is  AlarmModification
\ No newline at end of file
diff --git a/SOL009/NFVMANOFaultManagement-API/IndividualSubscription.robot b/SOL009/NFVMANOFaultManagement-API/IndividualSubscription.robot
index 36bbf07f9c9d66b3a38ad73f2c8fc84a88bc669b..c6ad4f9a9a41285e046da86aaa8afb5ef9467b60 100644
--- a/SOL009/NFVMANOFaultManagement-API/IndividualSubscription.robot
+++ b/SOL009/NFVMANOFaultManagement-API/IndividualSubscription.robot
@@ -7,7 +7,7 @@ Post Individual Subscription - Method not implemented
     ...    Test title: Post Individual Subscription - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed for fault management subscription on NFV-MANO  
     ...    Pre-conditions: none
-    ...    Reference: clause 7.5.6.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.6.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability:  none
     ...    Post-Conditions:  none
@@ -19,7 +19,7 @@ Get Information about an individual subscription
     ...    Test title: Get Information about an individual subscription
     ...    Test objective: The objective is to read an individual subscription from NFV-MANO alarms subscribed by the client and perform a JSON schema and content validation of the returned fault management individual subscription data structure
     ...    Pre-conditions: The subscription with the given id exists
-    ...   Reference: clause 7.5.6.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...   Reference: clause 7.5.6.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability:   none
     ...    Post-Conditions:  none
@@ -32,7 +32,7 @@ Get Information about an individual subscription - Not Found
     ...    Test title: Get Information about an individual subscription - Not Found
     ...    Test objective: The objective is to test the retrieval of individual subscription from NFV-MANO alarms fails when the resource is not present.
     ...    Pre-conditions: none
-    ...    Reference: clause 7.5.6.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.6.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -44,7 +44,7 @@ PUT an individual subscription - Method not implemented
     ...    Test title:PUT an individual subscription - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed for fault management individual subscription on VNF  
     ...    Pre-conditions:  none
-    ...    Reference: clause 7.5.6.3.3 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.6.3.3 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability:  none
     ...    Post-Conditions:  none
@@ -56,7 +56,7 @@ PATCH an individual subscription - Method not implemented
     ...    Test title:PATCH an individual subscription - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed for fault management individual subscription on VNF  
     ...    Pre-conditions:  none
-    ...    Reference: clause 7.5.6.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.6.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability:  none
     ...    Post-Conditions:  none
@@ -68,10 +68,35 @@ DELETE an individual subscription
     ...    Test title:DELETE an individual subscription
     ...    Test objective: The objective is to test that DELETE method removes individual subscription on VNF   
     ...    Pre-conditions: The Subsbcription already exists
-    ...    Reference: clause 7.5.6.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.6.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability:  none
     ...    Post-Conditions:  subscription is deleted
     DELETE Individual Subscription
     Check HTTP Response Status Code Is    204
-    Check Individual Subscription deleted
\ No newline at end of file
+    Check Individual Subscription deleted
+
+Get Information about an individual subscription with permitted authorization scope
+    [Documentation]    Test ID: 8.3.3.4.7
+    ...    Test title: Get Information about an individual subscription with permitted authorization scope
+    ...    Test objective: The objective is to read an individual subscription from NFV-MANO alarms subscribed by the client with permitted authorization scope
+    ...    Pre-conditions: The subscription with the given id exists
+    ...   Reference: clause 7.5.6.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability:   none
+    ...    Post-Conditions:  none
+    GET Individual Subscription with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    FmSubscription
+
+Get Information about an individual subscription with not permitted authorization scope
+    [Documentation]    Test ID: 8.3.3.4.7
+    ...    Test title: Get Information about an individual subscription with not permitted authorization scope
+    ...    Test objective: The objective is to test that reading an individual subscription from NFV-MANO alarms subscribed by the client fails with not permitted authorization scope
+    ...    Pre-conditions: The subscription with the given id exists
+    ...   Reference: clause 7.5.6.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability:   none
+    ...    Post-Conditions:  none
+    GET Individual Subscription with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL009/NFVMANOFaultManagement-API/NotificationEndpoint.robot b/SOL009/NFVMANOFaultManagement-API/NotificationEndpoint.robot
index 0f54308886d2679aa1b64c025edd48cc5ba31158..14e8a77bfed0b2f4f8c4ffe11216d8887f0225c1 100644
--- a/SOL009/NFVMANOFaultManagement-API/NotificationEndpoint.robot
+++ b/SOL009/NFVMANOFaultManagement-API/NotificationEndpoint.robot
@@ -8,7 +8,7 @@ Alarm Notification
     ...    Test title: Alarm Notification
     ...    Test objective: The objective is to test that Alarm Notification is delivered with success to the notification consumer.
     ...    Pre-conditions: A subscription for alarm notification is available in the NFV-MANO.
-    ...    Reference: clause 7.5.7.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.7.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -20,7 +20,7 @@ Alarm Cleared Notification
     ...    Test title: Alarm Cleared Notification
     ...    Test objective: The objective is to test that Alarm Cleared Notification is delivered with success to the notification consumer.
     ...    Pre-conditions: A subscription for alarm cleared notification is available in the NFV-MANO.
-    ...    Reference: clause 7.5.7.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.7.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -32,7 +32,7 @@ Alarm List Rebuilt Notification
     ...    Test title: Alarm List Rebuilt Notification
     ...    Test objective: The objective is to test that Alarm List Rebuilt Notification is delivered with success to the notification consumer.
     ...    Pre-conditions: A subscription for alarm list rebuilt notification is available in the NFV-MANO.
-    ...    Reference: clause 7.5.7.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.7.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL009/NFVMANOFaultManagement-API/Notifications.robot b/SOL009/NFVMANOFaultManagement-API/Notifications.robot
index 61b3e367c4280c566df66319e372171b2bb5a31f..81970be6288cd4aac7078b8bca30eaae00705863 100644
--- a/SOL009/NFVMANOFaultManagement-API/Notifications.robot
+++ b/SOL009/NFVMANOFaultManagement-API/Notifications.robot
@@ -10,7 +10,7 @@ NFV-MANO Fault Alarm Notification
     ...    Test title: NFV-MANO Fault Alarm Notification
     ...    Test objective: The objective is to test the dispatch of NFV-MANO Fault Alarm Notification when a resource within an NFV-MANO instance fails, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A NFV-MANO instance is instantiated, and a subscription for fault alarm notifications is available.
-    ...    Reference: clause 7.5.7.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.7.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -23,7 +23,7 @@ NFV-MANO Fault Alarm Cleared Notification
     ...    Test title: NFV-MANO Fault Alarm Cleared Notification
     ...    Test objective: The objective is to test the dispatch of NFV-MANO Fault Alarm Cleared Notification when a faulty resource within an NFV-MANO instance is cleared, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A NFV-MANO instance is instantiated, a virtualised resource is in faulty state, and a subscription for fault alarm cleared notifications is available.
-    ...    Reference: clause 7.5.7.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.7.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -36,7 +36,7 @@ NFV-MANO Fault Alarm List Rebuilt Notification
     ...    Test title: NFV-MANO Fault Alarm List Rebuilt Notification 
     ...    Test objective: The objective is to test the dispatch of NFV-MANO Fault Alarm List Rebuilt Notification when the NFV-MANO decides to rebuild the list of its NFV-MANO alarms, e.g. due to a corruption in the alarm storage, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A NFV-MANO instance is instantiated, one or more virtualised resource are in faulty state, and a subscription for fault alarm list rebuilt notifications is available.
-    ...    Reference: clause 7.5.7.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.7.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL009/NFVMANOFaultManagement-API/Subscriptions.robot b/SOL009/NFVMANOFaultManagement-API/Subscriptions.robot
index 7b747f50a15f38add375455705ef88a4cdda1fbc..f2a65fa0034fef20baebd8df602768308cd42715 100644
--- a/SOL009/NFVMANOFaultManagement-API/Subscriptions.robot
+++ b/SOL009/NFVMANOFaultManagement-API/Subscriptions.robot
@@ -7,7 +7,7 @@ POST Create a new Fault Management alarm subscription
     ...    Test title: POST Create a new fault management alarm subscription
     ...    Test objective: The objective is to create a new fault management alarm subscription and perform a JSON schema validation of the returned fault management alarms subscription data structure
     ...    Pre-conditions: No subscription with the same filter and callbackUri exists
-    ...    Reference: clause 7.5.5.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.5.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID:   Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: subscription is created
@@ -22,7 +22,7 @@ POST Create a new alarm subscription - DUPLICATION
     ...    Test title: POST Create a new alarm subscription - DUPLICATION
     ...    Test objective: The objective is to create a new subscription with the NFV-MANO allowing duplication and perform a JSON schema validation of the returned fault management alarms subscription data structure.
     ...    Pre-conditions: subscription with the same filter and callbackUri exists
-    ...    Reference: clause 7.5.5.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.5.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID:   Config_prod_NFV-MANO
     ...    Applicability: the NFV-MANO allows creating a subscription resource if another subscription resource with the same filter and callbackUri already exists
     ...    Post-Conditions: duplicated subscription is created
@@ -37,7 +37,7 @@ POST Create a new alarm subscription - NO DUPLICATION
     ...    Test title: POST Create a new alarm subscription - NO DUPLICATION
     ...    Test objective: The objective is to create a new subscription with the NFV-MANO not allowing duplication and perform a JSON schema validation of the returned fault management alarms subscription data structure.
     ...    Pre-conditions: subscription with the same filter and callbackUri exists
-    ...    Reference: clause 7.5.5.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.5.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID:   Config_prod_NFV-MANO
     ...    Applicability: the NFV-MANO does not allow to create a duplicate subscription resource 
     ...    Post-Conditions: duplicated subscription is not created
@@ -52,7 +52,7 @@ Retrieve a list of alarm subscriptions
     ...    Test title: Retrieve a list of alarm subscriptions
     ...    Test objective: The objective is to retrieve the list of active subscriptions and perform a JSON schema validation of the returned fault management alarms subscription data structure.
     ...    Pre-conditions: none
-    ...    Reference: clause 7.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID:   Config_prod_NFV-MANO
     ...    Applicability:  none
     ...    Post-Conditions: noe
@@ -65,7 +65,7 @@ Retrieve a list of alarm subscriptions with filter
     ...    Test title: Retrieve a list of alarm subscriptions with filter
     ...    Test objective: The objective is to retrieve the list of active subscriptions with filter and perform a JSON schema validation of the returned fault management alarms subscription data structure.
     ...    Pre-conditions: none 
-    ...    Reference: clause 7.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID:   Config_prod_NFV-MANO
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -78,7 +78,7 @@ Get information about multiple alarms as a Paged Response
     ...    Test title: Get information about multiple alarms as a Paged Response
     ...    Test objective: The objective is to retrieve information about active list subscriptions as a Paged Response
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: Clause 7.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -91,7 +91,7 @@ GET subscriptions - Bad Request Invalid attribute-based filtering parameters
     ...    Test title: GET subscriptions - Bad Request Invalid attribute-based filtering parameters
     ...    Test objective: The objective is to retrieve the list of active subscriptions with Invalid attribute-based filtering parameters and perform a JSON schema validation of the returned problem details data structure.
     ...    Pre-conditions: none
-    ...    Reference: clause 7.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID:   Config_prod_NFV-MANO
     ...    Applicability:  none
     ...    Post-Conditions:    none 
@@ -104,7 +104,7 @@ Get information about multiple alarms - Bad Request Response too Big
     ...    Test title:  Get information about multiple alarms - Bad Request Response too Big
     ...    Test objective: The objective is to try to retrieve information about active list subscription to check that response is too big and perform a JSON schema validation of the returned problem details data structure
     ...    Pre-conditions: none
-    ...    Reference: Clause clause 7.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: Clause clause 7.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -117,7 +117,7 @@ GET Subscription with attribute-based filter "id"
     ...    Test title: GET Subscription with attribute-based filter "id"
     ...    Test objective: The objective is to retrieve the list of active subscriptions with filter "id"
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: Clause 7.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -131,7 +131,7 @@ Get subscriptions with filter "filter.notificationTypes"
     ...    Test title: GET Subscription with attribute-based filter "filter.notificationTypes"
     ...    Test objective: The objective is to retrieve the list of active subscriptions with filter "filter.notificationTypes"
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: Clause 7.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability:  none
     ...    Post-Conditions: none 
@@ -145,7 +145,7 @@ Get subscriptions with filter "filter.perceivedSeverities"
     ...    Test title: GET Subscription with attribute-based filter "filter.perceivedSeverities"
     ...    Test objective: The objective is to retrieve the list of active subscriptions with filter "filter.perceivedSeverities"
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: Clause 7.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -159,7 +159,7 @@ Get subscriptions with filter "filter.eventTypes"
     ...    Test title: GET Subscription with attribute-based filter "filter.eventTypes"
     ...    Test objective: The objective is to retrieve the list of active subscriptions with filter "filter.eventTypes"
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: Clause 7.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -173,7 +173,7 @@ Get subscriptions with filter "filter.probableCauses"
     ...    Test title: GET Subscription with attribute-based filter "filter.probableCauses"
     ...    Test objective: The objective is to retrieve the list of active subscriptions with filter "filter.probableCauses"
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: Clause 7.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -187,7 +187,7 @@ PUT subscriptions - Method not implemented
     ...    Test title:PUT subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to for fault management subscriptions on VNF 
     ...    Pre-conditions: none
-    ...    RReference: clause 7.5.5.3.3 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    RReference: clause 7.5.5.3.3 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID:  Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions:  none
@@ -199,7 +199,7 @@ PATCH subscriptions - Method not implemented
     ...    Test title: PATCH subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to for fault management subscriptions on VNF  
     ...    Pre-conditions: none
-    ...    Reference: clause 7.5.5.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.5.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID:  Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions:  none
@@ -211,7 +211,7 @@ DELETE subscriptions - Method not implemented
     ...    Test title: DELETE subscriptions - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to for fault management subscriptions on VNF  
     ...    Pre-conditions: none 
-    ...    Reference: clause 7.5.5.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.5.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID:  Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -223,10 +223,35 @@ POST Create a new Fault Management alarm subscription - Unprocessable content
     ...    Test title: POST Create a new fault management alarm subscription - Unprocessable content
     ...    Test objective: The objective is to test that a new fault management alarm subscription is not created if the notification endpoint is unreachable by the NFV-MANO.
     ...    Pre-conditions: No subscription with the same filter and callbackUri exists.
-    ...    Reference: clause 7.5.5.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 7.5.5.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID:   Config_prod_NFV-MANO
     ...    Applicability: Notification endpoint is unreachable by the NFV-MANO.
     ...    Post-Conditions: none
     POST Subscription with Unreachable callbackUri
     Check HTTP Response Status Code Is    422
     Check HTTP Response Body Json Schema Is    ProblemDetails
+
+Get list of alarm subscriptions with permitted authorization scope
+    [Documentation]    Test ID: 8.3.3.3.18
+    ...    Test title: Retrieve a list of alarm subscriptions with permitted authorization scope
+    ...    Test objective: The objective is to retrieve the list of active subscriptions with permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: clause 7.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID:   Config_prod_NFV-MANO
+    ...    Applicability:  none
+    ...    Post-Conditions: noe
+    GET Subscriptions with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    FmSubscriptions
+
+Get list of alarm subscriptions with not permitted authorization scope
+    [Documentation]    Test ID: 8.3.3.3.19
+    ...    Test title: Retrieve a list of alarm subscriptions with not permitted authorization scope
+    ...    Test objective: The objective is to test that retrieving the list of active subscriptions fails with not permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: clause 7.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID:   Config_prod_NFV-MANO
+    ...    Applicability:  none
+    ...    Post-Conditions: noe
+    GET Subscriptions with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL009/NFVMANOFaultManagement-API/environment/variables.txt b/SOL009/NFVMANOFaultManagement-API/environment/variables.txt
index 62dcfc043930f0bec286c4ad10d0c6c9a0c4f2da..068c4dff4765bc88f0fda9432ad14aa7b3fe275d 100644
--- a/SOL009/NFVMANOFaultManagement-API/environment/variables.txt
+++ b/SOL009/NFVMANOFaultManagement-API/environment/variables.txt
@@ -10,6 +10,14 @@ ${ACCEPT_JSON}         application/json
 ${AUTH_USAGE}     1
 ${NEG_AUTHORIZATION_TOKEN}    Bearer negativetoken
 ${BAD_AUTHORIZATION_TOKEN}    Bear sometoken
+
+${OAUTH_ENCRIPTION_ALGORITHM}    HS256
+${ALAMRS_PERMITTED_SCOPE}    nfvmanofm:v2:alarm_info
+${ALARMS_NOT_PERMITTED_SCOPE}    nfvmanofm:v2:alarm_info:readonly
+${SUBSCRIPTIONS_PERMITTED_SCOPE}    nfvmanofm:v2:subscriptions
+${NOT_PERMITTED_SCOPE}    nfvmanofm:v2:policies:invalid
+
+
 ${apiRoot}        /
 ${apiName}        nfvmanofm
 ${apiMajorVersion}     v1
diff --git a/SOL009/NFVMANOLogManagement-API/CompileLogTask.robot b/SOL009/NFVMANOLogManagement-API/CompileLogTask.robot
index e3f6b68b66f4a184590e35b979e3b85ac66879e1..da7f9beaa53db4b7e1889b43003c698c22b2c7cd 100644
--- a/SOL009/NFVMANOLogManagement-API/CompileLogTask.robot
+++ b/SOL009/NFVMANOLogManagement-API/CompileLogTask.robot
@@ -8,7 +8,7 @@ Request to compile the logged data into a file - Synchronous mode
     ...    Test title: Request to compile the logged data into a file - Synchronous mode
     ...    Test objective: The objective is to request to compile the logged data into a file in synchronous mode and perform a JSON schema validation on the returned log report data structure
     ...    Pre-conditions: logging job is available
-    ...    Reference: clause 8.5.6.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.6.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: The NFV-MANO can decide immediately what to respond to a compile request
     ...    Post-Conditions: none
@@ -22,7 +22,7 @@ Request to compile the logged data into a file - Asynchronous mode
     ...    Test title: Request to compile the logged data into a file - Asynchronous mode
     ...    Test objective: The objective is to request to compile the logged data into a file in asynchronous mode
     ...    Pre-conditions: logging job is available
-    ...    Reference: clause 8.5.6.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.6.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: The NFV-MANO can not decide immediately what to respond to a compile request
     ...    Post-Conditions: log report is available to the API consumer
@@ -36,7 +36,7 @@ Request to compile the logged data into a file - Already Processing
     ...    Test title: Request to compile the logged data into a file - Already Processing
     ...    Test objective: The objective is to request to compile the logged data into a file when a log data compilation and report creation is already ongoing, or a log report has just been created, for the specified logging job at the time of processing the request
     ...    Pre-conditions: none
-    ...    Reference: clause 8.5.6.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.6.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -49,7 +49,7 @@ Request to compile the logged data into a file with unprocessable content
     ...    Test title: Request to compile the logged data into a file with unprocessable content
     ...    Test objective:  The objective is to test that the rrequest to compile the logged data into a file fails when error in request body. 
     ...    Pre-conditions: none
-    ...    Reference: clause 8.5.6.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.6.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -62,7 +62,7 @@ GET Compiled Log Data - Method not implemented
     ...    Test title: GET Compiled Log Data - Method not implemented
     ...    Test objective: The objective is to test that GET method is not allowed to retrieve compiled log data.
     ...    Pre-conditions: none
-    ...    Reference: clause 8.5.6.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.6.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -74,7 +74,7 @@ PUT Compiled Log Data - Method not implemented
     ...    Test title: PUT Compiled Log Data - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to update compiled log data.
     ...    Pre-conditions: none
-    ...    Reference: clause 8.5.6.3.3 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.6.3.3 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -86,7 +86,7 @@ PATCH Compiled Log Data - Method not implemented
     ...    Test title: PATCH Compiled Log Data - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update compiled log data.
     ...    Pre-conditions: none
-    ...    Reference: clause 8.5.6.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.6.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -98,10 +98,35 @@ DELETE Compiled Log Data - Method not implemented
     ...    Test title: DELETE Compiled Log Data - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to update compiled log data.
     ...    Pre-conditions: none
-    ...    Reference: clause 8.5.6.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.6.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send DELETE Compiled Log Data
     Check HTTP Response Status Code Is    405
     
+Request to compile the logged data into a file with a permitted authorization scope - Synchronous mode
+    [Documentation]    Test ID: 8.3.4.4.9
+    ...    Test title: Request to compile the logged data into a file with a permitted authorization scope - Synchronous mode
+    ...    Test objective: The objective is to request to compile the logged data into a file in synchronous mode with a permitted authorization scope
+    ...    Pre-conditions: logging job is available
+    ...    Reference: clause 8.5.6.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: The NFV-MANO can decide immediately what to respond to a compile request
+    ...    Post-Conditions: none
+    Send Log data Request in Synchronous mode with permitted authorization scope
+    Check HTTP Response Status Code Is    201
+    Check HTTP Response Header Contains Location
+    Check HTTP Response Body Json Schema Is    LogReport
+
+Request to compile the logged data into a file with not permitted authorization scope - Synchronous mode
+    [Documentation]    Test ID: 8.3.4.4.9
+    ...    Test title: Request to compile the logged data into a file with not permitted authorization scope - Synchronous mode
+    ...    Test objective: The objective is to test that requesting to compile the logged data into a file in synchronous mode fails when using not permitted authorization scope
+    ...    Pre-conditions: logging job is available
+    ...    Reference: clause 8.5.6.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: The NFV-MANO can decide immediately what to respond to a compile request
+    ...    Post-Conditions: none
+    Send Log data Request in Synchronous mode with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL009/NFVMANOLogManagement-API/IndividualLoggingJob.robot b/SOL009/NFVMANOLogManagement-API/IndividualLoggingJob.robot
index be2e6bf2de134b910a4fb0c167ae95ff8592dd4b..aa42b23b57031ab6d19506ec68492fa3b367af76 100644
--- a/SOL009/NFVMANOLogManagement-API/IndividualLoggingJob.robot
+++ b/SOL009/NFVMANOLogManagement-API/IndividualLoggingJob.robot
@@ -7,7 +7,7 @@ POST Individual Logging Job - Method not implemented
     ...    Test title: POST Individual Logging Job - method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create an Indiviual Logging
     ...    Pre-conditions: none
-    ...    Reference: clause 8.5.4.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.4.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -19,7 +19,7 @@ GET individual Logging Job
     ...    Test title: Get individual Logging Job
     ...    Test objective: The objective is to test the retrieval of an individual logging job and perform a JSON schema validation of the collected job data structure
     ...    Pre-conditions: Logging Job is already created.
-    ...    Reference: clause 8.5.4.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.4.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -33,7 +33,7 @@ GET individual Logging Job with invalid resource identifier
     ...    Test title: Get individual Logging Job with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of an individual logging job fails when using an invalid resource identifier, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: Logging Job is already created.
-    ...    Reference: clause 8.5.4.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.4.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -46,7 +46,7 @@ PUT Individual Logging Job - Method not implemented
     ...    Test title: PUT Individual Logging Job - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to update an existing Logging Job
     ...    Pre-conditions: none
-    ...    Reference: clause 8.5.4.3.3 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.4.3.3 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -58,7 +58,7 @@ PATCH Individual Logging Job - Method not implemented
     ...    Test title: PATCH Individual Logging Job - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to modify an existing new Logging Job
     ...    Pre-conditions: none
-    ...    Reference: clause 6.5.4.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.4.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -70,7 +70,7 @@ DELETE Individual Logging Job
     ...    Test title: DELETE Individual Logging Job
     ...    Test objective: The objective is to test the deletion of an individual logging job
     ...    Pre-conditions: Logging Job is already created.
-    ...    Reference: clause 8.5.4.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.4.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: The Logging Job is no more available.   
@@ -83,10 +83,35 @@ DELETE Individual Logging Job with invalid resource identifier
     ...    Test title: DELETE Individual Logging Job with invalid resource identifier
     ...    Test objective: The objective is to test that the deletion of an individual logging job fails when using an invalid resource identifier
     ...    Pre-conditions: Logging Job is already created.
-    ...    Reference: clause 8.5.4.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.4.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send Delete request for individual Logging Job with invalid resource identifier
     Check HTTP Response Status Code Is    404
-    Check HTTP Response Body Json Schema Is   ProblemDetails
\ No newline at end of file
+    Check HTTP Response Body Json Schema Is   ProblemDetails
+
+DELETE Individual Logging Job with permitted authorization scope
+    [Documentation]    Test ID: 8.3.4.2.8
+    ...    Test title: DELETE Individual Logging Job with permitted authorization scope
+    ...    Test objective: The objective is to test the deletion of an individual logging job with permitted authorization scope
+    ...    Pre-conditions: Logging Job is already created.
+    ...    Reference: clause 8.5.4.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: The Logging Job is no more available.   
+    Send Delete request for individual Logging Job with permitted authorization scope
+    Check HTTP Response Status Code Is    204
+    Check Postcondition Logging Job is Deleted
+
+DELETE Individual Logging Job with not permitted authorization scope
+    [Documentation]    Test ID: 8.3.4.2.9
+    ...    Test title: DELETE Individual Logging Job with not permitted authorization scope
+    ...    Test objective: The objective is to test that the deletion of an individual logging job fails when using a not permitted authorization scope
+    ...    Pre-conditions: Logging Job is already created.
+    ...    Reference: clause 8.5.4.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: The Logging Job is no more available.   
+    Send Delete request for individual Logging Job with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL009/NFVMANOLogManagement-API/IndividualReport.robot b/SOL009/NFVMANOLogManagement-API/IndividualReport.robot
index d0a31fdbb765d931b13ef7ad58ed7d0a143b6127..b80d18028502478e94a9c2983afb31a638b91f9e 100644
--- a/SOL009/NFVMANOLogManagement-API/IndividualReport.robot
+++ b/SOL009/NFVMANOLogManagement-API/IndividualReport.robot
@@ -7,7 +7,7 @@ POST Individual Log Report - Method not implemented
     ...    Test title: POST Individual Log Report - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new log report.
     ...    Pre-conditions: none
-    ...    Reference: clause 8.5.5.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.5.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -19,7 +19,7 @@ Get Individual Log Report
     ...    Test title: Get Individual Log Report
     ...    Test objective: The objective is to test the retrieval of an individual log report and perform a JSON schema validation of the collected report data structure
     ...    Pre-conditions: One or more log reports are set.
-    ...    Reference: clause 8.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -32,7 +32,7 @@ Get Individual Log Report (asynchronous)
     ...    Test title: Get Individual Log Report  (asynchronous)
     ...    Test objective: The objective is to test the retrieval of an individual log report is ongoing and no log report is available yet.
     ...    Pre-conditions: One or more log reports are set.
-    ...    Reference: clause 8.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -44,7 +44,7 @@ Get Individual Log Report with invalid resource endpoint
     ...    Test title: Get Individual Log Report with invalid resource endpoint
     ...    Test objective:  The objective is to test that the retrieval of an individual log report  fails when using an invalid resource endpoint. 
     ...    Pre-conditions: One or more log reports are set.
-    ...    Reference: clause 8.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -57,7 +57,7 @@ PUT Individual Log Report - Method not implemented
     ...    Test title: PUT Individual Log Report - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to update an existing log report.
     ...    Pre-conditions: none
-    ...    Reference: clause 8.5.5.3.3 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.5.3.3 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -69,7 +69,7 @@ PATCH Individual Log Report - Method not implemented
     ...    Test title: PATCH Individual Log Report - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to modify an existinglog report.
     ...    Pre-conditions: none
-    ...    Reference: clause 8.5.5.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.5.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -81,9 +81,34 @@ DELETE Individual Log Report - Method not implemented
     ...    Test title: DELETE Individual Log Report - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete an existing log report.
     ...    Pre-conditions: none
-    ...    Reference: clause 8.5.5.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.5.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send Delete request for Individual Log Report
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+Get Individual Log Report with permitted authorization scope
+    [Documentation]    Test ID: 8.3.4.3.8
+    ...    Test title: Get Individual Log Report with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of an individual log report with permitted authorization scope
+    ...    Pre-conditions: One or more log reports are set.
+    ...    Reference: clause 8.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Individual Log Report with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   LogReport
+
+Get Individual Log Report with not permitted authorization scope
+    [Documentation]    Test ID: 8.3.4.3.9
+    ...    Test title: Get Individual Log Report with not permitted authorization scope
+    ...    Test objective: The objective is to test that the retrieval of an individual log report fails when using not permitted authorization scope
+    ...    Pre-conditions: One or more log reports are set.
+    ...    Reference: clause 8.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Individual Log Report with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL009/NFVMANOLogManagement-API/IndividualSubscription.robot b/SOL009/NFVMANOLogManagement-API/IndividualSubscription.robot
index d7376efcfc33cff8e1d5d780c20d72b8b838117b..3f6565f388eb9f6042b63320c3bfd8d8bde59614 100644
--- a/SOL009/NFVMANOLogManagement-API/IndividualSubscription.robot
+++ b/SOL009/NFVMANOLogManagement-API/IndividualSubscription.robot
@@ -7,7 +7,7 @@ GET Individual Subscription
     ...    Test title: GET Individual  Subscription
     ...    Test objective: The objective is to test the retrieval of individual subscription and perform a JSON schema validation of the returned subscription data structure
     ...    Pre-conditions: At least one subscription is available in the NFV-MANO.
-    ...    Reference: clause 8.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -21,7 +21,7 @@ GET Individual Subscription - invalid resource identifier
     ...    Test title: GET Individual Subscription - invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of an individual subscription fails when using an invalid resource identifier
     ...    Pre-conditions: At least one subscription is available in the NFV-MANO.
-    ...    Reference: clause 8.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -34,7 +34,7 @@ DELETE Individual Subscription
     ...    Test title: DELETE Individual Subscription
     ...    Test objective: The objective is to test the deletion of an individual subscription
     ...    Pre-conditions: At least one subscription is available in the NFV-MANO.
-    ...    Reference: clause 8.5.8.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.8.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: The is not available anymore in the NFV-MANO    
@@ -47,7 +47,7 @@ DELETE Individual Subscription - invalid resource identifier
     ...    Test title: DELETE Individual Subscription - invalid resource identifier
     ...    Test objective: The objective is to test that the deletion of an individual  subscription fails when using an invalid resource identifier
     ...    Pre-conditions: At least one subscription is available in the NFV-MANO.
-    ...    Reference: clause 8.5.8.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.8.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -59,7 +59,7 @@ POST Individual Subscription - Method not implemented
     ...    Test title: POST Individual Subscription - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new Subscription
     ...    Pre-conditions: none
-    ...    Reference: clause 8.5.8.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.8.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -71,7 +71,7 @@ PUT Individual Subscription - Method not implemented
     ...    Test title: PUT Individual Subscription - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to update an existing subscription
     ...    Pre-conditions: none
-    ...    Reference: clause 8.5.8.3.3 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.8.3.3 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -83,9 +83,35 @@ PATCH Individual Subscription - Method not implemented
     ...    Test title: PATCH Individual Subscription - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to modify an existing subscription
     ...    Pre-conditions: none
-    ...    Reference: clause 8.5.8.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.8.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send Patch request for individual Threshold
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+GET Individual Subscription with permitted authorization scope
+    [Documentation]    Test ID: 8.3.4.6.8
+    ...    Test title: GET Individual  Subscription with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of individual subscription with permitted authorization scope
+    ...    Pre-conditions: At least one subscription is available in the NFV-MANO.
+    ...    Reference: clause 8.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Individual Subscription with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   LogmSubscription
+    Check HTTP Response Body Subscription Identifier matches the requested Subscription
+
+GET Individual Subscription with not permitted authorization scope
+    [Documentation]    Test ID: 8.3.4.6.9
+    ...    Test title: GET Individual  Subscription with not permitted authorization scope
+    ...    Test objective: The objective is to test that the retrieval of individual subscription fails when using not permitted authorization scope
+    ...    Pre-conditions: At least one subscription is available in the NFV-MANO.
+    ...    Reference: clause 8.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Individual Subscription with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL009/NFVMANOLogManagement-API/LoggingJobs.robot b/SOL009/NFVMANOLogManagement-API/LoggingJobs.robot
index 1fa21ae2f06bc92697123a22c3224290501a7e71..7e427b78d265665dc243e2eb999c39f781446907 100644
--- a/SOL009/NFVMANOLogManagement-API/LoggingJobs.robot
+++ b/SOL009/NFVMANOLogManagement-API/LoggingJobs.robot
@@ -7,7 +7,7 @@ POST Create a new logging job
     ...    Test title: POST Create a new logging job
     ...    Test objective: The objective is to create a new logging job, and perform the JSON schema validation of the operation HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: clause 8.5.3.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.3.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: logging job created
@@ -22,7 +22,7 @@ GET information about logging jobs
     ...    Test title: GET information logging jobs
     ...    Test objective: The objective is to retrieve information about logging jobs, and perform the JSON schema validation of the operation HTTP response.
     ...    Pre-conditions: At least one logging job is created.
-    ...    Reference: clause 8.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions:  none
@@ -35,7 +35,7 @@ GET Logging jobs - invalid attribute-based filter
     ...    Test title: GET Logging jobs - invalid attribute-based filter
     ...    Test objective:  The objective is to test that the retrieval of logging jobs fails when using invalid attribute-based filter, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: At least one logging job is created.
-    ...    Reference: clause 8.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -48,7 +48,7 @@ GET Logging jobs - invalid attribute selector
     ...    Test title: GET Logging jobs - invalid attribute selector
     ...    Test objective: The objective is to test that the retrieval of logging jobs fails when using invalid attribute selector, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: At least one logging job is created.
-    ...    Reference: clause 8.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -61,7 +61,7 @@ GET Logging jobs - Bad Request Response too Big
     ...    Test title: GET Logging jobs - Bad Request Response too Big
     ...    Test objective: The objective is to test that the retrieval of Logging job fails when response is too big, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: At least one logging job is created.
-    ...    Reference: clause 8.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -74,7 +74,7 @@ GET information about logging jobs with attribute-based filter
     ...    Test title: GET information about logging jobs with attribute-based filter
     ...    Test objective: The objective is to retrieve information about the logging jobs with attribute filters, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: At least one logging job is created.
-    ...    Reference: clause 8.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -87,7 +87,7 @@ GET information about logging jobs with "all_fields" attribute selector
     ...    Test title: GET information about logging jobs with "all_fields" attribute selector
     ...    Test objective: The objective is to retrieve information about logging jobs with "all_fields" attribute selector, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: At least one logging job is created.
-    ...    Reference: clause 8.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -100,7 +100,7 @@ GET information about Logging Jobs with "exclude_default" attribute selector
     ...    Test title: GET information about Logging Jobs with "exclude_default" attribute selector
     ...    Test objective: The objective is to retrieve information about logging jobs with "exclude_default" attribute selector, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: At least one logging job is created.
-    ...    Reference: clause 8.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -113,7 +113,7 @@ GET information about Logging Jobs with "fields" attribute selector
     ...    Test title: GET information about Logging Jobs with fields attribute selector
     ...    Test objective: The objective is to retrieve information about Logging Jobs with fields attribute selector, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: At least one logging job is created.
-    ...    Reference: clause 8.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -126,7 +126,7 @@ GET information about Logging Jobs with "exclude_fields" attribute selector
     ...    Test title: GET information about Logging Jobs with "exclude_fields" attribute selector
     ...    Test objective: The objective is to retrieve information about the Logging Jobs with "exclude_fields" attribute selector, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: At least one logging job is created.
-    ...    Reference: clause 8.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -139,7 +139,7 @@ GET information about Logging Jobs with "fields" and "exclude_default" attribute
     ...    Test title: GET information about Logging Jobs with fields and exclude_default attribute selector
     ...    Test objective: The objective is to retrieve information about Logging Jobs with fields and exclude_default attribute selector, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: At least one logging job is created.
-    ...    Reference: clause 8.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -152,7 +152,7 @@ GET information about Logging Jobs with Paged Response
     ...    Test title: GET information about Logging Jobs with Paged Response
     ...    Test objective: The objective is to query information about Logging Jobs to get Paged Response.
     ...    Pre-conditions:  At least one logging job is created.
-    ...    Reference: clause 8.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -165,7 +165,7 @@ GET information about Logging Jobs with malformed authorization token
     ...    Test title: GET information about Logging Jobs with malformed authorization token
     ...    Test objective: The objective is to test that the retrieval of information about Logging Jobs fails when using malformed authorization token.
     ...    Pre-conditions: none
-    ...    Reference: clause 8.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: The Peer Entity requires the usage of access tokens for authorizing the API requests.
     ...    Post-Conditions: none
@@ -177,7 +177,7 @@ GET information about Logging Jobs without authorization token
     ...    Test title: GET information about Logging Jobs without authorization token
     ...    Test objective: The objective is to test that the retrieval of information about Logging Jobs fails when omitting the authorization token.
     ...    Pre-conditions: none
-    ...    Reference: clause 8.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: The Peer Entity requires the usage of access tokens for authorizing the API requests.
     ...    Post-Conditions: none
@@ -189,7 +189,7 @@ GET information about Logging Jobs with expired or revoked authorization token
     ...    Test title: GET information about Logging Jobs with expired or revoked authorization token
     ...    Test objective: The objective is to test that the retrieval of information about Logging Jobs fails when using expired or revoked authorization token.
     ...    Pre-conditions: none
-    ...    Reference: clause 8.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: The Peer Entity requires the usage of access tokens for authorizing the API requests.
     ...    Post-Conditions: none
@@ -201,7 +201,7 @@ PUT Logging Jobs - Method not implemented
     ...    Test title: PUT Logging Jobs - Method not implemented
     ...    Test objective: The objective is to test that the method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: clause 8.5.3.3.3 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.3.3.3 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -213,7 +213,7 @@ PATCH Logging Jobs - Method not implemented
     ...    Test title: PATCH Logging Jobs - Method not implemented
     ...    Test objective: The objective is to test that the method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: clause 8.5.3.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.3.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -225,9 +225,36 @@ DELETE Logging Jobs - Method not implemented
     ...    Test title: DELETE Logging Jobs - Method not implemented
     ...    Test objective: The objective is to test that the method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: clause 8.5.3.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.3.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE Logging Jobs
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+POST Create a new logging job with permitted authorization scope
+    [Documentation]    Test ID: 8.3.4.1.19 
+    ...    Test title: POST Create a new logging job with permitted authorization scope
+    ...    Test objective: The objective is to create a new logging job with permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: clause 8.5.3.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: logging job created
+    POST Create a new logging job with permitted authorization scope
+    Check HTTP Response Status Code Is    201
+    Check HTTP Response Header Contains    Location
+    Check HTTP Response Body Json Schema Is    LoggingJob
+    Check Post-Condition Logging job is created
+
+POST Create a new logging job with not permitted authorization scope
+    [Documentation]    Test ID: 8.3.4.1.20 
+    ...    Test title: POST Create a new logging job with not permitted authorization scope
+    ...    Test objective: The objective is to test that the creation of a new logging job fails when a not permitted authorization scope is used.
+    ...    Pre-conditions: none
+    ...    Reference: clause 8.5.3.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Create a new logging job with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL009/NFVMANOLogManagement-API/NFVMANOLogManagementKeywords.robot b/SOL009/NFVMANOLogManagement-API/NFVMANOLogManagementKeywords.robot
index e3bc90bebaad139169b13938ab73f3515e7865fa..d9cdae4f372cc6c4e669a933dcb66ada168d32c3 100644
--- a/SOL009/NFVMANOLogManagement-API/NFVMANOLogManagementKeywords.robot
+++ b/SOL009/NFVMANOLogManagement-API/NFVMANOLogManagementKeywords.robot
@@ -9,6 +9,7 @@ Library    JSONLibrary
 Library    Collections
 Library    JSONSchemaLibrary    schemas/
 Library    Process
+Library    jwt
 
 *** Keywords ***
 Check HTTP Response Status Code Is
@@ -40,7 +41,34 @@ POST Create a new logging job
     Post    ${apiRoot}/${apiName}/${apiMajorVersion}/log_jobs    ${body}
     ${outputResponse}=    Output    response
 	Set Global Variable    @{response}    ${outputResponse}
-	
+
+POST Create a new logging job with permitted authorization scope
+     Log    Create a logging job
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scope=${JOB_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    ${template}=    Get File    jsons/createLoggingJobRequest.json
+    ${body}=        Format String   ${template}     objectInstanceId=${objectInstanceId} 
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/log_jobs    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    @{response}    ${outputResponse}
+
+POST Create a new logging job with not permitted authorization scope
+     Log    Create a logging job
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scope=${JOB_NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    ${template}=    Get File    jsons/createLoggingJobRequest.json
+    ${body}=        Format String   ${template}     objectInstanceId=${objectInstanceId} 
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/log_jobs    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    @{response}    ${outputResponse}	
 Check Post-Condition Logging job is created
     GET Logging Jobs
     Check HTTP Response Status Code Is    200
@@ -231,6 +259,28 @@ Send Delete request for individual Logging Job
     DELETE    ${apiRoot}/${apiName}/${apiMajorVersion}/log_jobs/${logJobId}
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
+
+Send Delete request for individual Logging Job with permitted authorization scope
+    Log    Trying to delete an existing logging Job
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${JOB_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    DELETE    ${apiRoot}/${apiName}/${apiMajorVersion}/log_jobs/${logJobId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Send Delete request for individual Logging Job with not permitted authorization scope
+    Log    Trying to delete an existing logging Job
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${JOB_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    DELETE    ${apiRoot}/${apiName}/${apiMajorVersion}/log_jobs/${logJobId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
     
 Check Postcondition Logging Job is Deleted
     Log    Check Postcondition
@@ -260,6 +310,28 @@ Get Individual Log Report
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+Get Individual Log Report with permitted authorization scope
+    Log    Trying to get log report
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${REPORT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/log_jobs/${logJobId}/log_reports/${reportId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Get Individual Log Report with not permitted authorization scope
+    Log    Trying to get log report
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/log_jobs/${logJobId}/log_reports/${reportId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
 Get Individual Log Report with invalid resource endpoint
     Log    Trying to get a log report with invalid resource endpoint
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
@@ -307,6 +379,36 @@ Send Log data Request in Synchronous mode
     ${body}=    Output    response
     Set Suite Variable    &{response}    ${body}
 
+Send Log data Request in Synchronous mode with permitted authorization scope
+    Log    Request to compile the logged data into a file Synchronous mode
+    Pass Execution If    ${SYNC_MODE} == 0    The compile process is asynchronous mode. Skipping the test
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scope=${JOB_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    ${template}=    Get File    jsons/compileLogRequest.json
+    ${body}=        Format String   ${template}     objectInstanceId=${objectInstanceId} 
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/log_jobs/${logJobId}/compile_log    ${body}
+    ${body}=    Output    response
+    Set Suite Variable    &{response}    ${body}
+
+Send Log data Request in Synchronous mode with not permitted authorization scope
+    Log    Request to compile the logged data into a file Synchronous mode
+    Pass Execution If    ${SYNC_MODE} == 0    The compile process is asynchronous mode. Skipping the test
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    ${template}=    Get File    jsons/compileLogRequest.json
+    ${body}=        Format String   ${template}     objectInstanceId=${objectInstanceId} 
+    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/log_jobs/${logJobId}/compile_log    ${body}
+    ${body}=    Output    response
+    Set Suite Variable    &{response}    ${body}
+
 Check HTTP Response Header Contains Location
     ${vnfLcmOpOccId}=    Get Value From Json    ${response['headers']}    $..Location
     Should Not Be Empty    ${vnfLcmOpOccId}
@@ -402,6 +504,30 @@ Get all Subscriptions
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
+
+Get all Subscriptions with permitted authorization scope
+    [Documentation]    The api consumer can use this method to query the list of active subscriptions to log management notifications
+    Set headers    {"Accept": "application/json"}
+    Set headers    {"Content-Type": "application/json"}
+    ${scopeValue}=    Create Dictionary    scope=${SUBSCRIPTIONS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Get all Subscriptions with not permitted authorization scope
+    [Documentation]    The api consumer can use this method to query the list of active subscriptions to log management notifications
+    Set headers    {"Accept": "application/json"}
+    Set headers    {"Content-Type": "application/json"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
     
  Get Subscriptions with attribute-based filters
     [Documentation]    The api consumer can use this method to query the list of active subscriptions to log management notifications
@@ -551,6 +677,26 @@ Get Individual Subscription
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
+
+Get Individual Subscription with permitted authorization scope
+    Set headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${SUBSCRIPTIONS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Get Individual Subscription with not permitted authorization scope
+    Set headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
     
 Check HTTP Response Body Subscription Identifier matches the requested Subscription
     Log    Trying to check response ID
@@ -740,3 +886,8 @@ DELETE API Version with apiMajorVersion
     Delete    ${apiRoot}/${apiName}/${apiMajorVersion} /api_versions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse} 
+
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded} 
diff --git a/SOL009/NFVMANOLogManagement-API/NotificationEndpoint.robot b/SOL009/NFVMANOLogManagement-API/NotificationEndpoint.robot
index 0bd1b3550e74800f34afef69ace45d33f2a38be4..acade9e290342b4bc8968e1180a75fb67f85ed02 100644
--- a/SOL009/NFVMANOLogManagement-API/NotificationEndpoint.robot
+++ b/SOL009/NFVMANOLogManagement-API/NotificationEndpoint.robot
@@ -8,7 +8,7 @@ Log Report Available Notification
     ...    Test title: Log Report Available Notification
     ...    Test objective: The objective is to test that Log Report Available Notification is delivered with success to the notification consumer.
     ...    Pre-conditions: A subscription for log report available notification is available in the NFV-MANO.
-    ...    Reference: clause 8.5.9.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.9.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL009/NFVMANOLogManagement-API/Notifications.robot b/SOL009/NFVMANOLogManagement-API/Notifications.robot
index da28ed2d23e2a836f11c5dfa809e9f94b2b6decf..9159d9ec4ad04480a802a6c85efd829bd49c4fa0 100644
--- a/SOL009/NFVMANOLogManagement-API/Notifications.robot
+++ b/SOL009/NFVMANOLogManagement-API/Notifications.robot
@@ -9,7 +9,7 @@ Log Report Avaliable Notification
     ...    Test title: Log Report Avaliable Notification
     ...    Test objective: The objective is to test the dispatch of Log Report Avaliable Notification when new log report is available in the NFV-MANO, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: none
-    ...    Reference: clause 8.5.9.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.9.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL009/NFVMANOLogManagement-API/Subscriptions.robot b/SOL009/NFVMANOLogManagement-API/Subscriptions.robot
index c1087430c20f3535f382199700d65266af43769b..2ab8c38c9436c028e1eda6f3867cd4c57b537e1b 100644
--- a/SOL009/NFVMANOLogManagement-API/Subscriptions.robot
+++ b/SOL009/NFVMANOLogManagement-API/Subscriptions.robot
@@ -9,7 +9,7 @@ GET all Subscriptions
     ...    Test title: GET all Subscriptions
     ...    Test objective: The objective is to test the retrieval list of active subscriptions list to log management notifications and perform a JSON schema validation of the returned subscriptions data structure
     ...    Pre-conditions:  At least one subscription is available in the NFV-MANO.
-    ...    Reference: clause 8.5.7.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.7.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -22,7 +22,7 @@ GET Subscriptions with attribute-based filter
     ...    Test title: GET Subscriptions with attribute-based filter
     ...    Test objective: The objective is to test the retrieval of active subscriptions list to log management notifications using attribute-based filter, perform a JSON schema validation of the collected indicators data structure, and verify that the retrieved information matches the issued attribute-based filters 
     ...    Pre-conditions: At least one subscription is available in the NFV-MANO.
-    ...    Reference: clause 8.5.7.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.7.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -35,7 +35,7 @@ GET Subscriptions with Paged Response
     ...    Test title: GET Subscriptions with Paged Response
     ...    Test objective: The objective is to query information of active subscriptions list to log management notifications to get Paged Response.
     ...    Pre-conditions:  At least one subscription is available in the NFV-MANO.
-    ...    Reference: clause 8.5.7.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.7.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -48,7 +48,7 @@ GET Subscriptions - invalid attribute-based filter
     ...    Test title: GET Subscriptions - invalid attribute-based filter
     ...    Test objective: The objective is to test that the retrieval of active subscriptions list to log management notifications fails when using invalid attribute-based filters, and perform the JSON schema validation of the failed operation HTTP response. 
     ...    Pre-conditions: At least one subscription is available in the NFV-MANO.
-    ...    Reference: clause 8.5.7.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.7.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -61,7 +61,7 @@ GET Subscriptions - Bad Request Response too Big
     ...    Test title: GET Subscriptions - Bad Request Response too Big
     ...    Test objective: The objective is to test that the retrieval of active subscriptions list to log management notifications fails when response is too big, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: At least one subscription is available in the NFV-MANO.
-    ...    Reference: clause 8.5.7.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.7.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -74,7 +74,7 @@ GET Subscriptions - invalid resource endpoint
     ...    Test title: GET Subscriptions - invalid resource endpoint
     ...    Test objective: The objective is to test that the retrieval of active subscriptions list to log management notifications fails when using invalid resource endpoint.
     ...    Pre-conditions: At least one subscription is available in the NFV-MANO.
-    ...    Reference: clause 8.5.7.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.7.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -87,7 +87,7 @@ GET Subscription with attribute-based filter "id"
     ...    Test title: GET Subscription with attribute-based filter "id"
     ...    Test objective: The objective is to retrieve the list of active subscriptions with filter "id"
     ...    Pre-conditions: none 
-    ...    Reference: clause 8.5.7.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.7.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability:  none 
     ...    Post-Conditions: none 
@@ -101,7 +101,7 @@ Get subscriptions with filter "filter.notificationTypes"
     ...    Test title: GET Subscription with attribute-based filter "filter.notificationTypes"
     ...    Test objective: The objective is to retrieve the list of active subscriptions with filter "filter.notificationTypes"
     ...    Pre-conditions: none 
-    ...    Reference: clause 8.5.7.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.7.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability:  none 
     ...    Post-Conditions: none 
@@ -115,7 +115,7 @@ POST Create new Subscription
     ...    Test title: POST Create new Subscription
     ...    Test objective: The objective is to test the creation of a new subscription to log management notification and perform a JSON schema and content validation of the returned subscription data structure
     ...    Pre-conditions: none
-    ...    Reference: clause 8.5.7.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.7.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: The subscription is successfully set and it matches the issued subscription    
@@ -131,7 +131,7 @@ POST Create request for duplicated Subscription not creating duplicated subscrip
     ...    Test title: POST Create request for duplicated Subscription not creating duplicated subscriptions
     ...    Test objective: The objective is to test the attempt of a creation of a duplicated subscription failed and check that no new subscription is created and a link to the original subscription is returned
     ...    Pre-conditions: At least one subscription is available in the NFV-MANO.
-    ...    Reference: clause 8.5.7.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.7.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: The NFV-MANO does not support the creation of duplicated subscriptions
     ...    Post-Conditions: The existing Subscription returned is available in the NFV-MANO 
@@ -147,7 +147,7 @@ POST Create request for duplicated Subscription creating duplicated subscription
     ...    Test title: POST Create request for duplicated Subscription creating duplicated subscriptions
     ...    Test objective: The objective is to test the creation of a duplicated subscription and perform a JSON schema and content validation of the returned duplicated subscription data structure
     ...    Pre-conditions: At least one subscription is available in the NFV-MANO.
-    ...    Reference: clause 8.5.7.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.7.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: The NFV-MANO supports the creation of duplicated subscriptions
     ...    Post-Conditions: The duplicated subscription is successfully set and it matches the issued subscription
@@ -162,7 +162,7 @@ PUT Subscriptions - Method not implemented
     ...    Test title: PUT Subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify subscriptions
     ...    Pre-conditions: none
-    ...    Reference: clause 8.5.7.3.3 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.7.3.3 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -174,7 +174,7 @@ PATCH Subscriptions - Method not implemented
     ...    Test title: PATCH Subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update subscriptions
     ...    Pre-conditions: none
-    ...    Reference: clause 8.5.7.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.7.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -186,7 +186,7 @@ DELETE Subscriptions - Method not implemented
     ...    Test title: DELETE Subscriptions - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete subscriptions
     ...    Pre-conditions: none
-    ...    Reference: clause 8.5.7.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.7.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none  
@@ -198,10 +198,35 @@ POST Create new Subscription - Unprocessable content
     ...    Test title: POST Create new Subscription - Unprocessable content
     ...    Test objective: The objective is to test that a new log management subscription is not created if the notification endpoint is unreachable by the NFV-MANO.
     ...    Pre-conditions: none
-    ...    Reference: clause 8.5.7.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 8.5.7.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: Notification endpoint is unreachable by the NFV-MANO.
     ...    Post-Conditions: none
     Send Post Request for Subscription with unreachable callbackUri
     Check HTTP Response Status Code Is    422
     Check HTTP Response Body Json Schema Is    ProblemDetails
+
+GET all Subscriptions with permitted authorization scope
+    [Documentation]    Test ID: 8.3.4.5.16
+    ...    Test title: GET all Subscriptions with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval list of active subscriptions list to log management notifications with permitted authorization scope
+    ...    Pre-conditions:  At least one subscription is available in the NFV-MANO.
+    ...    Reference: clause 8.5.7.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: none    
+    Get all Subscriptions with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    LogmSubscriptions
+
+GET all Subscriptions with not permitted authorization scope
+    [Documentation]    Test ID: 8.3.4.5.17
+    ...    Test title: GET all Subscriptions with not permitted authorization scope
+    ...    Test objective: The objective is to test that the retrieval list of active subscriptions list to log management notifications fails when using not permitted authorization scope
+    ...    Pre-conditions:  At least one subscription is available in the NFV-MANO.
+    ...    Reference: clause 8.5.7.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: none    
+    Get all Subscriptions with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
diff --git a/SOL009/NFVMANOLogManagement-API/environment/variables.txt b/SOL009/NFVMANOLogManagement-API/environment/variables.txt
index 272f600eac58a455aff4fe090f227f135044e013..779b3d4a99f092da87e998feabcae334d8eb01f8 100644
--- a/SOL009/NFVMANOLogManagement-API/environment/variables.txt
+++ b/SOL009/NFVMANOLogManagement-API/environment/variables.txt
@@ -11,6 +11,13 @@ ${AUTHORIZATION_TOKEN}    Bearer 0b79bab50daca910b000d4f1a2b675d604257e42
 ${NEG_AUTHORIZATION_TOKEN}    Bearer negativetoken
 ${BAD_AUTHORIZATION_TOKEN}    Bear sometoken
 
+${OAUTH_ENCRIPTION_ALGORITHM}    HS256
+${JOB_PERMITTED_SCOPE}    nfvmanologm:v2:log_job
+${JOB_NOT_PERMITTED_SCOPE}    nfvmanologm:v2:log_job:readonly
+${REPORT_PERMITTED_SCOPE}    nfvmanologm:v2:log_report
+${SUBSCRIPTIONS_PERMITTED_SCOPE}    nfvmanologm:v2:subscriptions
+${NOT_PERMITTED_SCOPE}    nfvmanologm:v2:nvalid
+
 ${CONTENT_TYPE}    application/json
 ${CONTENT_TYPE_JSON}    application/json
 ${ACCEPT_JSON}    application/json
diff --git a/SOL009/NFVMANOPerformanceManagement-API/IndividualPmJob.robot b/SOL009/NFVMANOPerformanceManagement-API/IndividualPmJob.robot
index 2ea7304ff2c960c5b527dbf4251d11d46aa8fec1..720195b44b51b872b8f6de1f95716983cec87592 100644
--- a/SOL009/NFVMANOPerformanceManagement-API/IndividualPmJob.robot
+++ b/SOL009/NFVMANOPerformanceManagement-API/IndividualPmJob.robot
@@ -7,7 +7,7 @@ POST Individual NFV-MANO Performance Job - Method not implemented
     ...    Test title: POST Individual NFV-MANO Performance Job - method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new NFV-MANO Performance Monitoring Job
     ...    Pre-conditions: none
-    ...    Reference: clause 6.5.4.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.4.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -19,7 +19,7 @@ GET individual NFV-MANO Performance Job
     ...    Test title: Get individual NFV-MANO Performance Job
     ...    Test objective: The objective is to test the retrieval of an individual performance monitoring job and perform a JSON schema validation of the collected job data structure
     ...    Pre-conditions: A NFV-MANO instance is instantiated.
-    ...    Reference: clause 6.5.4.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.4.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -33,7 +33,7 @@ GET individual NFV-MANO Performance Job with invalid resource identifier
     ...    Test title: Get individual NFV-MANO Performance Job with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of an individual performance monitoring job fails when using an invalid resource identifier, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more NFV-MANO performance jobs are set in the NFV-MANO.
-    ...    Reference: clause 6.5.4.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.4.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -46,7 +46,7 @@ PUT Individual NFV-MANO Performance Job - Method not implemented
     ...    Test title: PUT Individual NFV-MANO Performance Job - method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to update an existing NFV-MANO Performance Monitoring Job
     ...    Pre-conditions: none
-    ...    Reference: clause 6.5.4.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.4.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -58,7 +58,7 @@ PATCH Individual NFV-MANO Performance Job
     ...    Test title: PATCH Individual NFV-MANO Performance Job
     ...    Test objective: The objective is to test that PATCH method modify an existing individual NFV-MANO Performance Monitoring Job
     ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more NFV-MANO performance jobs are set in the NFV-MANO.
-    ...    Reference: clause 6.5.4.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.4.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: PM Job resource is modified.
@@ -71,7 +71,7 @@ DELETE Individual NFV-MANO Performance Job
     ...    Test title: Delete Individual NFV-MANO Performance Job
     ...    Test objective: The objective is to test the deletion of an individual performance monitoring job
     ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more NFV-MANO performance jobs are set in the NFV-MANO.
-    ...    Reference: clause 6.5.4.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.4.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: The NFV-MANO Performance Job is no more available.   
@@ -84,7 +84,7 @@ DELETE Individual NFV-MANO Performance Job with invalid resource identifier
     ...    Test title: Delete individual NFV-MANO Performance Job with invalid resource identifier
     ...    Test objective: The objective is to test that the deletion of an individual NFV-MANO performance monitoring job fails when using an invalid resource identifier
     ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more NFV-MANO performance jobs are set in the NFV-MANO.
-    ...    Reference: clause 6.5.4.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.4.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -96,7 +96,7 @@ PATCH Individual NFV-MANO Performance Job - Precondition failed
     ...    Test title: PATCH Individual NFV-MANO Performance Job - Precondition failed
     ...    Test objective: The objective is to test that the PATCH method cannot modify an individual NFV-MANO Performance job where the precondition was not met.
     ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more NFV-MANO performance jobs are set in the NFV-MANO.
-    ...    Reference: clause 6.5.4.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.4.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: PM Job resource is not modified.
@@ -109,10 +109,35 @@ PATCH Individual NFV-MANO Performance Job - Unprocessable content
     ...    Test title: PATCH Individual NFV-MANO Performance Job - Unprocessable content
     ...    Test objective: The objective is to test that PATCH method cannot modify an exsisting individual PM job resource when a request contains syntactically correct data but the data cannot be processed.
     ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more NFV-MANO performance jobs are set in the NFV-MANO.
-    ...    Reference: clause 6.5.4.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.4.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: PM Job resource is not modified.
     Send Patch request for individual NFV_MANO Performance Job with unprocessable content
     Check HTTP Response Status Code Is    422
     Check HTTP Response Body Json Schema Is     ProblemDetails
+
+PATCH Individual NFV-MANO Performance Job with permitted authorization scope
+    [Documentation]    Test ID: 8.3.2.2.10
+    ...    Test title: PATCH Individual NFV-MANO Performance Job with permitted authorization scope
+    ...    Test objective: The objective is to test that PATCH method with permitted authorization scope modify an existing individual NFV-MANO Performance Monitoring Job
+    ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more NFV-MANO performance jobs are set in the NFV-MANO.
+    ...    Reference: clause 6.5.4.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: PM Job resource is modified.
+    Send Patch request for individual NFV-MANO Performance Job with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is     PmJobModifications
+
+PATCH Individual NFV-MANO Performance Job with not permitted authorization scope
+    [Documentation]    Test ID: 8.3.2.2.11
+    ...    Test title: PATCH Individual NFV-MANO Performance Job with not permitted authorization scope
+    ...    Test objective: The objective is to test that PATCH method with not permitted authorization scope fails
+    ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more NFV-MANO performance jobs are set in the NFV-MANO.
+    ...    Reference: clause 6.5.4.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: PM Job resource is modified.
+    Send Patch request for individual NFV-MANO Performance Job with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
diff --git a/SOL009/NFVMANOPerformanceManagement-API/IndividualReport.robot b/SOL009/NFVMANOPerformanceManagement-API/IndividualReport.robot
index 90b0a7df98fe34c75027723d54621b8d0340870f..08af11fe6e479fe6765d7015a79e4958730bd7fe 100644
--- a/SOL009/NFVMANOPerformanceManagement-API/IndividualReport.robot
+++ b/SOL009/NFVMANOPerformanceManagement-API/IndividualReport.robot
@@ -7,7 +7,7 @@ POST Individual Performance Report - Method not implemented
     ...    Test title: POST Individual Performance Report - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new NFV-MANO performance report within a monitoring job.
     ...    Pre-conditions: none
-    ...    Reference: clause 6.5.5.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.5.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -19,7 +19,7 @@ Get Individual Performance Report
     ...    Test title: Get Individual Performance Report
     ...    Test objective: The objective is to test the retrieval of an individual performance report associated to a monitoring job and perform a JSON schema validation of the collected report data structure
     ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more NFV-MANO performance reports are set for a monitoring job.
-    ...    Reference: clause 6.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -32,7 +32,7 @@ Get Individual Performance Report with invalid resource endpoint
     ...    Test title: Get Individual Performance Report with invalid resource endpoint
     ...    Test objective:  The objective is to test that the retrieval of an individual NFV-MANO performance report associated to a monitoring job fails when using an invalid resource endpoint. 
     ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more NFV-MANO performance reports are set for a monitoring job.
-    ...    Reference: clause 6.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -44,7 +44,7 @@ PUT Individual Performance Report - Method not implemented
     ...    Test title: PUT Individual Performance Report - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to update an existing NFV-MANO performance report within a monitoring job.
     ...    Pre-conditions: none
-    ...    Reference: clause 6.5.5.3.3 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.5.3.3 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -56,7 +56,7 @@ PATCH Individual Performance Report - Method not implemented
     ...    Test title: PATCH Individual Performance Report - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to modify an existing NFV-MANO performance report within a monitoring job.
     ...    Pre-conditions: none
-    ...    Reference: clause 6.5.5.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.5.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -68,10 +68,35 @@ DELETE Individual Performance Report - Method not implemented
     ...    Test title: DELETE Individual Performance Report - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete an existing NFV-MANO performance report within a monitoring job
     ...    Pre-conditions: none
-    ...    Reference: clause 6.5.5.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.5.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANOM
     ...    Applicability: none
     ...    Post-Conditions: none
     Send Delete request for Individual Performance Report
     Check HTTP Response Status Code Is    405
 
+Get Individual Performance Report with permitted authorization scope
+    [Documentation]    Test ID: 8.3.2.3.7
+    ...    Test title: Get Individual Performance Report with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of an individual performance report associated to a monitoring job with permitted authorization scope
+    ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more NFV-MANO performance reports are set for a monitoring job.
+    ...    Reference: clause 6.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Individual Performance Report with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   PerformanceReport
+
+Get Individual Performance Report with not permitted authorization scope
+    [Documentation]    Test ID: 8.3.2.3.8
+    ...    Test title: Get Individual Performance Report with not permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of an individual performance report associated to a monitoring job fails with not permitted authorization scope
+    ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more NFV-MANO performance reports are set for a monitoring job.
+    ...    Reference: clause 6.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Individual Performance Report with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
+
diff --git a/SOL009/NFVMANOPerformanceManagement-API/IndividualThreshold.robot b/SOL009/NFVMANOPerformanceManagement-API/IndividualThreshold.robot
index 30d70c9f116045638aec847e5e7d8430076c20e9..ae9cff74ca771c109435e17a3467478e2f1b02c3 100644
--- a/SOL009/NFVMANOPerformanceManagement-API/IndividualThreshold.robot
+++ b/SOL009/NFVMANOPerformanceManagement-API/IndividualThreshold.robot
@@ -7,7 +7,7 @@ POST Individual Threshold - Method not implemented
     ...    Test title: POST Individual Threshold - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new Performance Threshold
     ...    Pre-conditions: none
-    ...    Reference: clause 6.5.7.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.7.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -19,7 +19,7 @@ GET Individual Threshold
     ...    Test title: GET Individual Threshold
     ...    Test objective: The objective is to test the retrieval of an individual NFV-MANO performance threshold and perform a JSON schema and content validation of the collected threshold data structure
     ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more performance thresholds are set.
-    ...    Reference: clause 6.5.7.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.7.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -33,7 +33,7 @@ GET Individual Threshold with invalid resource identifier
     ...    Test title: GET Individual Threshold with invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of an individual performance threshold fails when using an invalid resource identifier
     ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more performance jobs are set.
-    ...    Reference: clause 6.5.7.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.7.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -45,7 +45,7 @@ PUT Individual Threshold - Method not implemented
     ...    Test title: PUT Individual Threshold - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to update an existing Performance threshold
     ...    Pre-conditions: none
-    ...    Reference: clause 6.5.7.3.3 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.7.3.3 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -57,7 +57,7 @@ PATCH Individual Threshold
     ...    Test title: PATCH Individual Threshold
     ...    Test objective: The objective is to test that PATCH method modify an existing NFV_MANO performance threshold.
     ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more performance thresholds are set.
-    ...    Reference: clause 6.5.7.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.7.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: Threshold resource is modified.
@@ -70,7 +70,7 @@ DELETE Individual Threshold
     ...    Test title: DELETE Individual Threshold
     ...    Test objective: The objective is to test the deletion of an individual performance threshold
     ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more performance thresholds are set.
-    ...    Reference: clause 6.5.7.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.7.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: The Performance Threshold is not available anymore in the NFV-MANO    
@@ -83,7 +83,7 @@ DELETE Individual Threshold with invalid resource identifier
     ...    Test title: DELETE Individual Threshold with invalid resource identifier
     ...    Test objective: The objective is to test the deletion of an individual performance threshold
     ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more performance thresholds are set.
-    ...    Reference: clause 6.5.7.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.7.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -95,7 +95,7 @@ PATCH Individual Threshold - Precondition failed
     ...    Test title: PATCH Individual Threshold - Precondition failed
     ...    Test objective: The objective is to test that the PATCH method cannot modify an individual NFV-MANO threshold where the precondition was not met.
     ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more performance thresholds are set.
-    ...    Reference: clause 6.5.7.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.7.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: Threshold resource is not modified.
@@ -108,10 +108,35 @@ PATCH Individual Threshold - Unprocessable content
     ...    Test title: PATCH Individual Threshold - Unprocessable content
     ...    Test objective: The objective is to test that PATCH method cannot modify an exsisting individual threshold resource when a request contains syntactically correct data but the data cannot be processed.
     ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more performance thresholds are set.
-    ...    Reference: clause 6.5.7.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.7.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: Threshold resource is not modified.
     Send Patch request for individual Performance Threshold with unprocessable content
     Check HTTP Response Status Code Is    422
     Check HTTP Response Body Json Schema Is    ProblemDetails
+
+PATCH Individual Threshold with permitted authorization scope
+    [Documentation]    Test ID: 8.3.2.5.10
+    ...    Test title: PATCH Individual Threshold with permitted authorization scope
+    ...    Test objective: The objective is to test that PATCH method modify an existing NFV_MANO performance threshold with permitted authorization scope.
+    ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more performance thresholds are set.
+    ...    Reference: clause 6.5.7.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: Threshold resource is modified.
+    Send Patch request for individual Performance Threshold with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    ThresholdModifications
+
+PATCH Individual Threshold with not permitted authorization scope
+    [Documentation]    Test ID: 8.3.2.5.11
+    ...    Test title: PATCH Individual Threshold with not permitted authorization scope
+    ...    Test objective: The objective is to test that PATCH method fails with not permitted authorization scope.
+    ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more performance thresholds are set.
+    ...    Reference: clause 6.5.7.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: Threshold resource is modified.
+    Send Patch request for individual Performance Threshold with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
diff --git a/SOL009/NFVMANOPerformanceManagement-API/NFVMANOPMKeywords.robot b/SOL009/NFVMANOPerformanceManagement-API/NFVMANOPMKeywords.robot
index e44605fb8dd6866dc3f0f9510c2c10d64d1e6396..ac39e32dbf8462c067eb5ff3f5c6446a97e60c65 100644
--- a/SOL009/NFVMANOPerformanceManagement-API/NFVMANOPMKeywords.robot
+++ b/SOL009/NFVMANOPerformanceManagement-API/NFVMANOPMKeywords.robot
@@ -10,7 +10,7 @@ Library     MockServerLibrary
 Library     Process
 Library     BuiltIn
 Library     Collections
-
+Library     jwt
 
 *** Keywords ***
 GET all NFV-MANO Performance Monitoring Jobs
@@ -130,6 +130,36 @@ Send Post Request to create new NFV-MANO Performance Monitoring Job
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+Send Post Request to create new NFV-MANO Performance Monitoring Job with permitted authorization scope
+    Log    Creating a new PM Job
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${JOBS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    ${template}=    Get File    jsons/CreatePmJobRequest.json
+    ${body}=        Format String   ${template}     objectInstanceIds=${objectInstanceIds}    callbackUri=${callback_uri}
+    Check GET response from Notification Endpoint
+    POST    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs    ${body}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Send Post Request to create new NFV-MANO Performance Monitoring Job with not permitted authorization scope
+    Log    Creating a new PM Job
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${JOBS_NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    ${template}=    Get File    jsons/CreatePmJobRequest.json
+    ${body}=        Format String   ${template}     objectInstanceIds=${objectInstanceIds}    callbackUri=${callback_uri}
+    Check GET response from Notification Endpoint
+    POST    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs    ${body}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
 Send Post Request to create new NFV-MANO Performance Monitoring Job - Unreachable Endpoint
     Log    Creating a new PM Job for unreachable notification endpoint
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
@@ -280,6 +310,36 @@ Send Patch request for individual NFV-MANO Performance Job
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+Send Patch request for individual NFV-MANO Performance Job with permitted authorization scope
+    Log    Trying to perform a PATCH on PM Job
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_PATCH}"}
+    ${scopeValue}=    Create Dictionary    scope=${JOBS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Check GET response from Notification Endpoint
+    ${template}=    Get File    jsons/PmJobModifications.json
+    ${body}=    Format String    ${template}    callbackUri=${callback_uri}
+    PATCH    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs/${pmJobId}    ${body}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Send Patch request for individual NFV-MANO Performance Job with not permitted authorization scope
+    Log    Trying to perform a PATCH on PM Job
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_PATCH}"}
+    ${scopeValue}=    Create Dictionary    scope=${JOBS_NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Check GET response from Notification Endpoint
+    ${template}=    Get File    jsons/PmJobModifications.json
+    ${body}=    Format String    ${template}    callbackUri=${callback_uri}
+    PATCH    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs/${pmJobId}    ${body}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
 Send Patch request for individual NFV-MANO Performance Job - Etag mismatch
     Log    Trying to perform a PATCH on PM Job
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
@@ -348,6 +408,34 @@ Send Post Request Create new Performance Threshold
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+Send Post Request Create new Performance Threshold with permitted authorization scope
+    Log    Creating a new Threshold
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${THRESHOLD_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    ${template}=    Get File    jsons/CreateThresholdRequest.json
+    ${body}=        Format String   ${template}     objectInstanceIds=${objectInstanceIds}    callbackUri=${callback_uri}
+    POST    ${apiRoot}/${apiName}/${apiMajorVersion}/thresholds    ${body}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Send Post Request Create new Performance Threshold with not permitted authorization scope
+    Log    Creating a new Threshold
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${THRESHOLD_NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    ${template}=    Get File    jsons/CreateThresholdRequest.json
+    ${body}=        Format String   ${template}     objectInstanceIds=${objectInstanceIds}    callbackUri=${callback_uri}
+    POST    ${apiRoot}/${apiName}/${apiMajorVersion}/thresholds    ${body}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
 Send Post Request Create new Performance Threshold with unreachable notification endpoint
     Log    Creating a new Threshold
     Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":${AUTHORIZATION_TOKEN}"}
@@ -463,6 +551,42 @@ Send Patch request for individual Performance Threshold
     ${output}=    Output    response
     Set Suite Variable    @{response}    ${output}
 
+Send Patch request for individual Performance Threshold with permitted authorization scope
+    Log    Trying to PUT threshold
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_PATCH}"}
+    ${scopeValue}=    Create Dictionary    scope=${THRESHOLD_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Check GET response from Notification Endpoint
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/thresholds/${thresholdId}
+    ${origOutput}=    Output    response
+    Set Suite Variable    ${origResponse}    ${origOutput}
+    ${template}=    Get File    jsons/ThresholdModification.json
+    ${body}=    Format String    ${template}    callbackUri=${callback_uri}
+    PATCH    ${apiRoot}/${apiName}/${apiMajorVersion}/thresholds/${thresholdId}    ${body}
+    ${output}=    Output    response
+    Set Suite Variable    @{response}    ${output}
+
+Send Patch request for individual Performance Threshold with not permitted authorization scope
+    Log    Trying to PUT threshold
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_PATCH}"}
+    ${scopeValue}=    Create Dictionary    scope=${THRESHOLD_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Check GET response from Notification Endpoint
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/thresholds/${thresholdId}
+    ${origOutput}=    Output    response
+    Set Suite Variable    ${origResponse}    ${origOutput}
+    ${template}=    Get File    jsons/ThresholdModification.json
+    ${body}=    Format String    ${template}    callbackUri=${callback_uri}
+    PATCH    ${apiRoot}/${apiName}/${apiMajorVersion}/thresholds/${thresholdId}    ${body}
+    ${output}=    Output    response
+    Set Suite Variable    @{response}    ${output}
+
 Send Patch request for individual Performance Threshold - Etag mismatch
     Log    Trying to PUT threshold
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
@@ -551,6 +675,28 @@ Get Individual Performance Report
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+Get Individual Performance Report with permitted authorization scope
+    Log    Trying to get a performance report present in the NFV-MANOM
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${JOBS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs/${pmJobId}/reports/${reportId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Get Individual Performance Report with not permitted authorization scope
+    Log    Trying to get a performance report present in the NFV-MANOM
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/pm_jobs/${pmJobId}/reports/${reportId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
 Get Individual Performance Report with invalid resource endpoint
     Log    Trying to get a performance report with invalid resource endpoint
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
@@ -733,3 +879,9 @@ Create Sessions
     Start Process  java  -jar  ${MOCK_SERVER_JAR}  -serverPort  ${callback_port}  alias=mockInstance
     Wait For Process  handle=mockInstance  timeout=5s  on_timeout=continue
     Create Mock Session  ${callback_uri}
+
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded} 
+
diff --git a/SOL009/NFVMANOPerformanceManagement-API/NotificationEndpoint.robot b/SOL009/NFVMANOPerformanceManagement-API/NotificationEndpoint.robot
index ef00f429d3bec712d8c7babe8d3cf8b1fa73824d..23b5b9ac3cc01256070db4dc35401d9509216957 100644
--- a/SOL009/NFVMANOPerformanceManagement-API/NotificationEndpoint.robot
+++ b/SOL009/NFVMANOPerformanceManagement-API/NotificationEndpoint.robot
@@ -8,7 +8,7 @@ Performance Information Available Notification
     ...    Test title: Performance Information Available Notification
     ...    Test objective: The objective is to test that Performance Available Notification is delivered with success to the notification consumer
     ...    Pre-conditions: A subscription for performance available notification is available in the NFV-MANO.
-    ...    Reference: clause 6.5.10.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.10.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -21,7 +21,7 @@ Threshold Crossed Notification
     ...    Test title: Threshold Crossed Notification
     ...    Test objective: The objective is to test that Threshold Crossed Notification is delivered with success to the notification consumer
     ...    Pre-conditions: A subscription for threshold crosssed notification is available in the NFV-MANO.
-    ...    Reference: clause 6.5.10.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.10.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL009/NFVMANOPerformanceManagement-API/Notifications.robot b/SOL009/NFVMANOPerformanceManagement-API/Notifications.robot
index 8fb3977a0a9a9e64b8757005c7ba66a22c62bd65..7287db0a9b05ce9e819ba663f7473c80725bdbf4 100644
--- a/SOL009/NFVMANOPerformanceManagement-API/Notifications.robot
+++ b/SOL009/NFVMANOPerformanceManagement-API/Notifications.robot
@@ -9,7 +9,7 @@ Performance Information Availability Notification
     ...    Test title: Performance Information Availability Notification
     ...    Test objective: The objective is to test the dispatch of Performance Information Availability Notification when new performance information is available in the NFV-MANO, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A performance job is created, and a subscription for information availability notifications is available in the NFV-MANO.
-    ...    Reference: clause 6.5.10.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.10.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -22,7 +22,7 @@ Threshold Crossed Notification
     ...    Test title: Threshold Crossed Notification
     ...    Test objective: The objective is to test the dispatch of Threshold Crossed Notification when a previously set performance metric threshold is crossed, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A performance job is created, and a threshold subscription is available in the NFV-MANO.
-    ...    Reference: clause 6.5.10.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.10.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL009/NFVMANOPerformanceManagement-API/PMJobs.robot b/SOL009/NFVMANOPerformanceManagement-API/PMJobs.robot
index 1f8f764117820866033e7152323fdce3eb7f7b3c..818f5330e7fe9ccaec39dc2f2cc5b5a4078d30fe 100644
--- a/SOL009/NFVMANOPerformanceManagement-API/PMJobs.robot
+++ b/SOL009/NFVMANOPerformanceManagement-API/PMJobs.robot
@@ -7,7 +7,7 @@ POST Create new NFV-MANO Performance Monitoring Job
     ...    Test title:  POST Create a new NFV-MANO Performance Monitoring Job
     ...    Test objective: The objective is to test the creation of a new NFV-MANO performance monitoring job and perform the JSON schema validation of the returned job data structure
     ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more NFV-MANO performance jobs are set in the NFV-MANO.
-    ...    Reference: clause 6.5.3.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.3.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: The NFV-MANO Performance Job is successfully created on the NFV-MANO
@@ -21,7 +21,7 @@ GET all NFV-MANO Performance Monitoring Jobs
     ...    Test title: GET all NFV-MANO Performance Monitoring Jobs
     ...    Test objective: The objective is to test the retrieval of all the available NFV-MANO performance monitoring jobs and perform a JSON schema validation
     ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more NFV-MANO performance jobs are set in the NFV-MANO.
-    ...    Reference: clause 6.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -34,7 +34,7 @@ GET NFV-MANO Performance Monitoring Jobs with attribute-based filter
     ...    Test title: GET all NFV-MANO Performance Monitoring Jobs with attribute-based filter
     ...    Test objective: The objective is to test the retrieval of NFV-MANO performance monitoring jobs using attribute-based filter, perform a JSON schema validation of the collected jobs data structure
     ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more NFV-MANO performance jobs are set in the NFV-MANO.
-    ...    Reference: clause 6.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -47,7 +47,7 @@ GET all NFV-MANO Performance Monitoring Jobs with all_fields attribute selector
     ...    Test title: GET all NFV-MANO Performance Monitoring Jobs with all_fields attribute selector
     ...    Test objective: The objective is to test the retrieval of all NFV-MANO performance monitoring jobs all_fields attribute selector, perform a JSON schema validation of the collected jobs data structure
     ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more NFV-MANO performance jobs are set in the NFV-MANO.
-    ...    Reference: clause 6.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -60,7 +60,7 @@ GET all NFV-MANO Performance Monitoring Jobs with exclude_default attribute sele
     ...    Test title: GET all NFV-MANO Performance Monitoring Jobs with exclude_default attribute selector
     ...    Test objective: The objective is to test the retrieval of all NFV-MANO performance monitoring jobs exclude_default attribute selector, perform a JSON schema validation of the collected jobs data structure
     ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more NFV-MANO performance jobs are set in the NFV-MANO.
-    ...    Reference: clause 6.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -73,7 +73,7 @@ GET all NFV-MANO Performance Monitoring Jobs with fields attribute selector
     ...    Test title: GET all NFV-MANO Performance Monitoring Jobs with fields attribute selector
     ...    Test objective: The objective is to test the retrieval of all NFV-MANO performance monitoring jobs fields attribute selector, perform a JSON schema validation of the collected jobs data structure
     ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more NFV-MANO performance jobs are set in the NFV-MANO.
-    ...    Reference: clause 6.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: The NFV-MANO supports the use of fields attribute selector
     ...    Post-Conditions: none
@@ -86,7 +86,7 @@ GET all NFV-MANO Performance Monitoring Jobs with exclude_fields attribute selec
     ...    Test title: GET all NFV-MANO Performance Monitoring Jobs with exclude_fields attribute selector
     ...    Test objective: The objective is to test the retrieval of all NFV-MANO performance monitoring jobs exclude_fields attribute selector, perform a JSON schema validation of the collected jobs data structure
     ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more NFV-MANO performance jobs are set in the NFV-MANO.
-    ...    Reference: clause 6.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: The NFV-MANO supports the use of exclude_fields attribute selector
     ...    Post-Conditions: none
@@ -99,7 +99,7 @@ GET NFV-MANO Performance Monitoring Jobs with invalid attribute-based filter
     ...    Test title: GET NFV-MANO Performance Monitoring Jobs with invalid attribute-based filter
     ...    Test objective: The objective is to test that the retrieval of NFV-MANO performance monitoring jobs fails when using invalid attribute-based filter, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more NFV-MANO performance jobs are set in the NFV-MANO.
-    ...    Reference: clause 6.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -112,7 +112,7 @@ GET NFV-MANO Performance Monitoring Jobs with invalid attribute selector
     ...    Test title: GET NFV-MANO Performance Monitoring Jobs with invalid resource endpoint
     ...    Test objective: The objective is to test that the retrieval of NFV-MANO performance monitoring jobs fails with invalid attribute selector
     ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more NFV-MANO performance jobs are set in the NFV-MANO.
-    ...    Reference: clause 6.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -125,7 +125,7 @@ GET information about multiple Performance Monitoring Jobs to get Paged Response
     ...    Test title: GET information about multiple Performance Monitoring Jobs to get Paged Response
     ...    Test objective: The objective is to retrieve information about the performance monitoring jobs to get paged response
     ...    Pre-conditions: none
-    ...    Reference: clause 6.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions:  none
@@ -138,7 +138,7 @@ GET information about multiple Performance Monitoring Jobs for Bad Request Respo
     ...    Test title: GET information about multiple Performance Monitoring Jobs for Bad Request Response too big
     ...    Test objective: The objective is to test that GET method fail retrieving status information about performance monitoring jobs when Response is too big, and perform the JSON schema validation of the failed operation HTTP response
     ...    Pre-conditions: none
-    ...    Reference: clause 6.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -151,7 +151,7 @@ GET information about multiple Performance Monitoring Jobs with "fields" and "ex
     ...    Test title: GET all NFV-MANO Performance Monitoring Jobs with "fields" and "exclude_default" attribute selector
     ...    Test objective: The objective is to retrieve all performance monitoring jobs with fields and exclude default attribute selector, and perform the JSON schema validation of the HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -164,7 +164,7 @@ Get information about multiple Performance Monitoring Jobs with malformed author
     ...    Test title: Get information about multiple Performance Monitoring Jobs with malformed authorization token
     ...    Test objective: The objective is to test that the retrieval of information about Performance Monitoring Jobs fails when using malformed authorization token
     ...    Pre-conditions: none
-    ...    Reference: clause 6.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: The NFV-MANO entity requires the usage of access tokens for authorizing the API requests.
     ...    Post-Conditions: none
@@ -176,7 +176,7 @@ Get information about multiple Performance Monitoring Jobs without authorization
     ...    Test title: Get information about multiple Performance Monitoring Jobs without authorization token
     ...    Test objective: The objective is to test that the retrieval of information about Performance Monitoring Jobs fails when omitting the authorization token
     ...    Pre-conditions: none
-    ...    Reference: clause 6.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: The NFV-MANO entity requires the usage of access tokens for authorizing the API requests.
     ...    Post-Conditions: none
@@ -188,7 +188,7 @@ GET information about multiple Performance Monitoring Jobs with expired or revok
     ...    Test title: GET information about multiple Performance Monitoring Jobs with expired or revoked authorization token
     ...    Test objective: The objective is to test that the retrieval of information about Performance Monitoring Jobs fails when using expired or revoked authorization token
     ...    Pre-conditions: One or more Network Service Descriptors are onboarded in the NFVO
-    ...    Reference: clause 6.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: The NFV-MANO entity requires the usage of access tokens for authorizing the API requests.
     ...    Post-Conditions: none
@@ -200,7 +200,7 @@ PUT all NFV-MANO Performance Monitoring Jobs - Method not implemented
     ...    Test title: PUT all NFV-MANO Performance Monitoring Jobs - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify NFV-MANO Performance Monitoring Jobs
     ...    Pre-conditions: none
-    ...    Reference: clause 6.5.3.3.3 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.3.3.3 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -212,7 +212,7 @@ PATCH all NFV-MANO Performance Monitoring Jobs - (Method not implemented)
     ...    Test title: PATCH all NFV-MANO Performance Monitoring Jobs - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update NFV-MANO Performance Monitoring Jobs
     ...    Pre-conditions: none
-    ...    Reference: clause 6.5.3.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.3.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -224,7 +224,7 @@ DELETE all NFV-MANO Performance Monitoring Jobs - Method not implemented
     ...    Test title: DELETE all NFV-MANO Performance Monitoring Jobs - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to update NFV-MANO Performance Monitoring Jobs
     ...    Pre-conditions: none
-    ...    Reference: clause 6.5.3.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.3.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -236,10 +236,36 @@ POST Create new NFV-MANO Performance Monitoring Job - Unreachable Notification E
     ...    Test title:  POST Create a new NFV-MANO Performance Monitoring Job
     ...    Test objective: The objective is to test that a new NFV_MANO Performance Monitoring Job is not created if the notification endpoint is unreachable by the NFV-MANO.
     ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more NFV-MANO performance jobs are set in the NFV-MANO.
-    ...    Reference: clause 6.5.3.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.3.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: Notification endpoint is unreachable by the NFV-MANO.
     ...    Post-Conditions: none
     Send Post Request to create new NFV-MANO Performance Monitoring Job - Unreachable Endpoint
     Check HTTP Response Status Code Is    422
     Check HTTP Response Body Json Schema Is   ProblemDetails
+
+POST Create new NFV-MANO Performance Monitoring Job with permitted authorization scope
+    [Documentation]    Test ID: 8.3.2.1.20
+    ...    Test title:  POST Create a new NFV-MANO Performance Monitoring Job with permitted authorization scope
+    ...    Test objective: The objective is to test the creation of a new NFV-MANO performance monitoring job with permitted authorization scope
+    ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more NFV-MANO performance jobs are set in the NFV-MANO.
+    ...    Reference: clause 6.5.3.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: The NFV-MANO Performance Job is successfully created on the NFV-MANO
+    Send Post Request to create new NFV-MANO Performance Monitoring Job with permitted authorization scope
+    Check HTTP Response Status Code Is    201
+    Check HTTP Response Body Json Schema Is   PmJob
+    Check Postcondition PmJob Exists
+
+POST Create new NFV-MANO Performance Monitoring Job with not permitted authorization scope
+    [Documentation]    Test ID: 8.3.2.1.21
+    ...    Test title:  POST Create a new NFV-MANO Performance Monitoring Job with not permitted authorization scope
+    ...    Test objective: The objective is to test that the creation of a new NFV-MANO performance monitoring job fails with not permitted authorization scope
+    ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more NFV-MANO performance jobs are set in the NFV-MANO.
+    ...    Reference: clause 6.5.3.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: The NFV-MANO Performance Job is successfully created on the NFV-MANO
+    Send Post Request to create new NFV-MANO Performance Monitoring Job with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL009/NFVMANOPerformanceManagement-API/Thresholds.robot b/SOL009/NFVMANOPerformanceManagement-API/Thresholds.robot
index b5777f265eb152d227c830b2f50764caf23614c8..24a6970262e89dffd979c58476b11288550ede93 100644
--- a/SOL009/NFVMANOPerformanceManagement-API/Thresholds.robot
+++ b/SOL009/NFVMANOPerformanceManagement-API/Thresholds.robot
@@ -7,7 +7,7 @@ POST Create new Performance Threshold
     ...    Test title:  POST Create new Performance Threshold
     ...    Test objective: The objective is to test the creation of a new NFV-MANO performance threshold and perform the JSON schema validation of the returned threshold data structure.
     ...    Pre-conditions: A NFV-MANO instance is instantiated.
-    ...    Reference: clause 6.5.6.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.6.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: The NFV-MANO Performance Threshold is successfully created on the NFV-MANO
@@ -22,7 +22,7 @@ GET All Performance Thresholds
     ...    Test title: GET All Performance Thresholds
     ...    Test objective: The objective is to test the retrieval of all the available NFV-MANO performance thresholds and perform a JSON schema validation of the collected thresholds data structure.
     ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more NFV-MANO performance thresholds are set.
-    ...    Reference: clause 6.5.6.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.6.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -35,7 +35,7 @@ GET Performance Thresholds with attribute-based filter
     ...    Test title: GET Performance Thresholds with attribute-based filter
     ...    Test objective: The objective is to test the retrieval of all the available NFV-MANO performance thresholds when using attribute-based filters, perform a JSON schema validation of the collected thresholds data structure, and verify that the retrieved information matches the issued attribute-based filter
     ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more NFV-MANO performance thresholds are set in the NFV-MANO.
-    ...    Reference: clause 6.5.6.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.6.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -49,7 +49,7 @@ GET Performance Threshold with Paged Response
     ...    Test title: GET Performance Threshold with Paged Response
     ...    Test objective: The objective is to query information about NFV-MANO Performance Thresholds to get Paged Response.
     ...    Pre-conditions:  A NFV-MANO instance is instantiated. One or more NFV-MANO performance thresholds are set.
-    ...    Reference: clause 6.5.6.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.6.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -62,7 +62,7 @@ GET Performance Thresholds - Invalid attribute-based filter
     ...    Test title: GET Performance Thresholds - Invalid attribute-based filter
     ...    Test objective: The objective is to test that the retrieval of NFV-MANO performance thresholds fails when using invalid attribute-based filter, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: A NFV-MANO instance is instantiated. One or more NFV-MANO performance thresholds are set.
-    ...    Reference: clause 6.5.6.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.6.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -75,7 +75,7 @@ GET Performance Threshold - Bad Request Response too Big
     ...    Test title: GET Performance Threshold - Bad Request Response too Big
     ...    Test objective: The objective is to test that the retrieval of NFV-MANO performance thresholds fails when response is too big, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions:  A NFV-MANO instance is instantiated. One or more NFV-MANO performance thresholds are set.
-    ...    Reference: clause 6.5.6.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.6.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -88,7 +88,7 @@ PUT Performance Thresholds - Method not implemented
     ...    Test title: PUT Performance Thresholds - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify NFV-MANO Performance Thresholds
     ...    Pre-conditions: none
-    ...    Reference: clause 6.5.6.3.3 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.6.3.3 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -100,7 +100,7 @@ PATCH Performance Thresholds - Method not implemented
     ...    Test title: PATCH Performance Thresholds - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to modify NFV-MANO Performance Thresholds
     ...    Pre-conditions: none
-    ...    Reference: clause 6.5.6.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.6.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -112,7 +112,7 @@ DELETE Performance Thresholds - Method not implemented
     ...    Test title: DELETE Performance Thresholds - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to update NFV-MANO Performance Thresholds
     ...    Pre-conditions: none
-    ...    Reference: clause 6.5.6.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.6.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -125,10 +125,37 @@ POST Create new Performance Threshold - Unprocessable content
     ...    Test objective: The objective is to test the creation of a new NFV-MANO performance threshold and perform the JSON schema validation of the returned threshold data structure.
     ...    Test objective: The objective is to test that a new NFV-MANO performance threshold is not created if the notification endpoint is unreachable by the NFV-MANO.
     ...    Pre-conditions: A NFV-MANO instance is instantiated.
-    ...    Reference: clause 6.5.6.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 6.5.6.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: Notification endpoint is unreachable by the NFV-MANO.
     ...    Post-Conditions: none
     Send Post Request Create new Performance Threshold with unreachable notification endpoint
     Check HTTP Response Status Code Is    422
     Check HTTP Response Body Json Schema Is   ProblemDetails
+
+POST Create new Performance Threshold with permitted authorization scope
+    [Documentation]    Test ID: 8.3.2.4.11
+    ...    Test title:  POST Create new Performance Threshold with permitted authorization scope
+    ...    Test objective: The objective is to test the creation of a new NFV-MANO performance threshold with permitted authorization scope.
+    ...    Pre-conditions: A NFV-MANO instance is instantiated.
+    ...    Reference: clause 6.5.6.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: The NFV-MANO Performance Threshold is successfully created on the NFV-MANO
+    Send Post Request Create new Performance Threshold with permitted authorization scope
+    Check HTTP Response Status Code Is    201
+    Check HTTP Response Body Json Schema Is   Threshold
+    Check HTTP Response Header Contains    Location
+    Check Postcondition Threshold Exists
+
+POST Create new Performance Threshold with not permitted authorization scope
+    [Documentation]    Test ID: 8.3.2.4.12
+    ...    Test title:  POST Create new Performance Threshold with not permitted authorization scope
+    ...    Test objective: The objective is to test the creation of a new NFV-MANO performance threshold fails with not permitted authorization scope.
+    ...    Pre-conditions: A NFV-MANO instance is instantiated.
+    ...    Reference: clause 6.5.6.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: The NFV-MANO Performance Threshold is successfully created on the NFV-MANO
+    Send Post Request Create new Performance Threshold with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
diff --git a/SOL009/NFVMANOPerformanceManagement-API/environment/variables.txt b/SOL009/NFVMANOPerformanceManagement-API/environment/variables.txt
index bc36f6f1c21fd462ef6dd74d47d63bb8ec6b5195..c58fdd8ced044f1bb1c30599d4e465c2ba52aa52 100644
--- a/SOL009/NFVMANOPerformanceManagement-API/environment/variables.txt
+++ b/SOL009/NFVMANOPerformanceManagement-API/environment/variables.txt
@@ -9,6 +9,14 @@ ${AUTHORIZATION_TOKEN}    Bearer 0b79bab50daca910b000d4f1a2b675d604257e42
 ${NEG_AUTHORIZATION_TOKEN}    Bearer negativetoken
 ${BAD_AUTHORIZATION_TOKEN}    Bear sometoken
 
+${OAUTH_ENCRIPTION_ALGORITHM}    HS256
+${JOBS_PERMITTED_SCOPE}    nfvmanopm:v2:pm_job_info
+${JOBS_NOT_PERMITTED_SCOPE}    nfvmanopm:v2:pm_job_info:readonly
+${THREHSOLD_PERMITTED_SCOPE}    nfvmanopm:v2:thresold_info
+${THRESHOLD_NOT_PERMITTED_SCOPE}    nfvmanopm:v2:threshold_info:readonly
+${NOT_PERMITTED_SCOPE}    nfvmanopm:v2:invalid
+
+
 ${CONTENT_TYPE_JSON}    application/json
 ${CONTENT_TYPE_PATCH}   application/merge-patch+json
 ${ACCEPT_JSON}    application/json
diff --git a/SOL009/NFVManoConfigurationAndInformationManagement-API/ChangeInterfaceStateTask.robot b/SOL009/NFVManoConfigurationAndInformationManagement-API/ChangeInterfaceStateTask.robot
index 2d4a64d775a6568680b32f4cad71a8d0d4ed16a8..256dc21570a69ed64f8cad0562de890ba449164a 100644
--- a/SOL009/NFVManoConfigurationAndInformationManagement-API/ChangeInterfaceStateTask.robot
+++ b/SOL009/NFVManoConfigurationAndInformationManagement-API/ChangeInterfaceStateTask.robot
@@ -13,7 +13,7 @@ POST Change interface state task
     ...    Test title: POST Change interface state task
     ...    Test objective: The objective is send put request to change the state of the NFV-MANO service interface produced by the NFV-MANO functional entity
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.12.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.12.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: interface status changed
@@ -27,7 +27,7 @@ POST Change interface state task - Conflict
     ...    Test title: POST Change interface state task - Conflict
     ...    Test objective: The objective is to test that request to cchange the state of the NFV-MANO service interface produced by the NFV-MANO functional entity failed due to a conflict with the state of the NFV-MANO entity resource and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.12.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.12.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -40,7 +40,7 @@ GET Change interface state task - Method not implemented
     ...    Test title: GET Change interface state task - Method not implemented
     ...    Test objective: The objective is to test that GET method is not allowed to retrieve the changed state of the NFV-MANO functional entity application.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.12.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.12.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -52,7 +52,7 @@ PUT Change interface state task - Conflict - Method not implemented
     ...    Test title: PUT Change interface state task - Conflict - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to update the changed state of the NFV-MANO functional entity application.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.12.3.3 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.12.3.3 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -64,7 +64,7 @@ PATCH Change interface state task - Conflict - Method not implemented
     ...    Test title: PATCH Change interface state task - Conflict - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update the changed state of the NFV-MANO functional entity application.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.12.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.12.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -76,9 +76,35 @@ DELETE Change interface state task - Conflict - Method not implemented
     ...    Test title: DELETE Change interface state task - Conflict - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete the changed state of the NFV-MANO functional entity application.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.12.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.12.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send Delete request for Change interface state task
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+POST Change interface state task with permitted authorization scope
+    [Documentation]    Test ID: 8.3.1.7.7
+    ...    Test title: POST Change interface state task with permitted authorization scope
+    ...    Test objective: The objective is send put request to change the state of the NFV-MANO service interface with permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: clause 5.5.12.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: interface status changed
+    Send Post request for Change interface state task with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Header Contains Location
+    Check PostCondition NFV-MANO service interface state matches the requested state
+
+POST Change interface state task with not permitted authorization scope
+    [Documentation]    Test ID: 8.3.1.7.8
+    ...    Test title: POST Change interface state task with permitted authorization scope
+    ...    Test objective: The objective is to verify that put request to change the state of the NFV-MANO service interface fails with not permitted authorization scope
+    ...    Pre-conditions: none
+    ...    Reference: clause 5.5.12.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: interface status changed
+    Send Post request for Change interface state task with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL009/NFVManoConfigurationAndInformationManagement-API/ChangeNFVMANOEntityStateTask.robot b/SOL009/NFVManoConfigurationAndInformationManagement-API/ChangeNFVMANOEntityStateTask.robot
index 23655cdcc7b4784872be30853b21dc4ee3868be2..450faa0922f3dbca29f8e33487708799fd18eadf 100644
--- a/SOL009/NFVManoConfigurationAndInformationManagement-API/ChangeNFVMANOEntityStateTask.robot
+++ b/SOL009/NFVManoConfigurationAndInformationManagement-API/ChangeNFVMANOEntityStateTask.robot
@@ -12,7 +12,7 @@ POST NFV-MANO functional entity application state change
     ...    Test title: POST NFV-MANO functional entity application state change
     ...    Test objective: The objective is to request state change of the NFV-MANO functional entity application.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.7.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.7.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: entity status changed
@@ -26,7 +26,7 @@ POST NFV-MANO functional entity application state change - Conflict
     ...    Test title: POST NFV-MANO functional entity application state change - Conflict
     ...    Test objective: The objective is to test that request to change the state of the NFV-MANO functional entity application fails due to a conflict with the state of the NFV-MANO entity resource and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.7.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.7.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -39,7 +39,7 @@ GET NFV-MANO functional entity application state change - Method not implemented
     ...    Test title: GET NFV-MANO functional entity application state change - Method not implemented
     ...    Test objective: The objective is to test that GET method is not allowed to retrieve the changed state of the NFV-MANO functional entity application.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.7.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.7.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -51,7 +51,7 @@ PUT NFV-MANO functional entity application state change - Method not implemented
     ...    Test title: PUT NFV-MANO functional entity application state change - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to update the changed state of the NFV-MANO functional entity application.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.7.3.3 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.7.3.3 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -63,7 +63,7 @@ PATCH NFV-MANO functional entity application state change - Method not implement
     ...    Test title: PATCH NFV-MANO functional entity application state change - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update the changed state of the NFV-MANO functional entity application.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.7.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.7.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -75,9 +75,35 @@ DELETE NFV-MANO functional entity application state change - Method not implemen
     ...    Test title: DELETE NFV-MANO functional entity application state change - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete the changed state of the NFV-MANO functional entity application.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.7.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.7.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send Delete request for NFV-MANO functional entity application state change
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+POST NFV-MANO functional entity application state change with permitted authorization scope
+    [Documentation]    Test ID: 8.3.1.2.7
+    ...    Test title: POST NFV-MANO functional entity application state change with permitted authorization scope
+    ...    Test objective: The objective is to test a state change of the NFV-MANO functional entity application with permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: clause 5.5.7.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: entity status changed
+    Send Post request for NFV-MANO functional entity application state change with permitted authorization scope
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Header Contains Location
+    Wait for entity state change success notification and validate status
+
+POST NFV-MANO functional entity application state change with not permitted authorization scope
+    [Documentation]    Test ID: 8.3.1.2.8
+    ...    Test title: POST NFV-MANO functional entity application state change with not permitted authorization scope
+    ...    Test objective: The objective is to test that state change of the NFV-MANO functional entity application fails with not permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: clause 5.5.7.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: entity status changed
+    Send Post request for NFV-MANO functional entity application state change with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL009/NFVManoConfigurationAndInformationManagement-API/ChangeStateOperationOccurrences.robot b/SOL009/NFVManoConfigurationAndInformationManagement-API/ChangeStateOperationOccurrences.robot
index bb0c97c0097b529ad3c24b3ed02e35b3607029a6..03058d004bbb94b8cd65ff3d37abe83ede4ba359 100644
--- a/SOL009/NFVManoConfigurationAndInformationManagement-API/ChangeStateOperationOccurrences.robot
+++ b/SOL009/NFVManoConfigurationAndInformationManagement-API/ChangeStateOperationOccurrences.robot
@@ -13,7 +13,7 @@ POST Change State Operation Occurrences - Method not implemented
     ...    Test title: POST Change State Operation Occurrences - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemeted.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.8.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.8.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -25,7 +25,7 @@ GET Change State Operation Occurrences
     ...    Test title: GET Change State Operation Occurrences
     ...    Test objective: The objective is to query status information about multiple change state operation occurrences, and perform the JSON schema validation of the HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -38,7 +38,7 @@ GET Change State Operation Occurrences - invalid attribute-based filter
     ...    Test title: GET Change State Operation Occurrences - invalid attribute-based filter
     ...    Test objective:  The objective is to test that the retrieval of Change State Operation Occurrences fails when using invalid attribute-based filter, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -51,7 +51,7 @@ GET Change State Operation Occurrences - invalid attribute selector
     ...    Test title: GET Change State Operation Occurrences - invalid attribute selector
     ...    Test objective: The objective is to test that the retrieval of Change State Operation Occurrences fails when using invalid attribute selector, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -64,7 +64,7 @@ GET Change State Operation Occurrences - Bad Request Response too Big
     ...    Test title: GET Change State Operation Occurrences - Bad Request Response too Big
     ...    Test objective: The objective is to test that the retrieval of Change State Operation Occurrences fails when response is too big, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -77,7 +77,7 @@ GET Change State Operation Occurrences with attribute-based filter
     ...    Test title: GET Change State Operation Occurrences with attribute-based filter
     ...    Test objective: The objective is to query status information about multiple change state operation occurrences with attribute filters, and perform the JSON schema validation of the HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -90,7 +90,7 @@ GET Change State Operation Occurrences with "all_fields" attribute selector
     ...    Test title: GET Change State Operation Occurrences with "all_fields" attribute selector
     ...    Test objective: The objective is to retrieve Change State Operation Occurrences with "all_fields" attribute selector, and perform the JSON schema validation of the HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -103,7 +103,7 @@ GET Change State Operation Occurrences with "exclude_default" attribute selector
     ...    Test title: GET Change State Operation Occurrence with "exclude_default" attribute selector
     ...    Test objective: The objective is to retrieve Change State Operation Occurrence with "exclude_default" attribute selector, and perform the JSON schema validation of the HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -116,7 +116,7 @@ GET Change State Operation Occurrences with "fields" attribute selector
     ...    Test title: GET Change State Operation Occurrences with "fields" attribute selector
     ...    Test objective: The objective is to retrieve Change State Operation Occurrences with fields attribute selector, and perform the JSON schema validation of the HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -129,7 +129,7 @@ GET Change State Operation Occurrences with "exclude_fields" attribute selector
     ...    Test title: GET Change State Operation Occurrences with "exclude_fields" attribute selector
     ...    Test objective: The objective is to retrieve Change State Operation Occurrences with "exclude_fields" attribute selector, and perform the JSON schema validation of the HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -142,7 +142,7 @@ GET Change State Operation Occurrences with Paged Response
     ...    Test title: GET Change State Operation Occurrence with Paged Response
     ...    Test objective: The objective is to query Change State Operation Occurrence to get Paged Response.
     ...    Pre-conditions:  none
-    ...    Reference: clause 5.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -155,7 +155,7 @@ GET Change State Operation Occurrences with "fields" and "exclude_default" attri
     ...    Test title: GET Change State Operation Occurrences with "fields" and "exclude_default" attribute selector
     ...    Test objective: The objective is to retrieve Change State Operation Occurrences with fields and exclude default attribute selector, and perform the JSON schema validation of the HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -168,7 +168,7 @@ PUT Change State Operation Occurrences - Method not implemented
     ...    Test title: PUT Change State Operation Occurrences - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemeted.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.8.3.3 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.8.3.3 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -180,7 +180,7 @@ PATCH Change State Operation Occurrences - Method not implemented
     ...    Test title: PATCH Change State Operation Occurrences - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemeted.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.8.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.8.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -192,9 +192,34 @@ DELETE Change State Operation Occurrences - Method not implemented
     ...    Test title: DELETE Change State Operation Occurrences - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemeted.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.8.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.8.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send Delete request for Change State Operation Occurrences
     Check HTTP Response Status Code Is    405
+
+GET Change State Operation Occurrences with permitted authorization scope
+    [Documentation]    Test ID: 8.3.1.3.16
+    ...    Test title: GET Change State Operation Occurrences with permitted authorization scope
+    ...    Test objective: The objective is to query status information about multiple change state operation occurrences with permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: clause 5.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: none 
+    Get Change State Operation Occurrences with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    ChangeStateOpOccs
+
+GET Change State Operation Occurrences with not permitted authorization scope
+    [Documentation]    Test ID: 8.3.1.3.17
+    ...    Test title: GET Change State Operation Occurrences with not permitted authorization scope
+    ...    Test objective: The objective is to query status information about multiple change state operation occurrences and verify the failure when using a not permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: clause 5.5.8.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: none 
+    Get Change State Operation Occurrences with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
diff --git a/SOL009/NFVManoConfigurationAndInformationManagement-API/IndividualNFVMANOServiceInterface.robot b/SOL009/NFVManoConfigurationAndInformationManagement-API/IndividualNFVMANOServiceInterface.robot
index bd06a94f91d5d79abbf4000aae3c630f7adbb1b2..c4aee2ba18fb47216c2bc3d47cd0854c24510983 100644
--- a/SOL009/NFVManoConfigurationAndInformationManagement-API/IndividualNFVMANOServiceInterface.robot
+++ b/SOL009/NFVManoConfigurationAndInformationManagement-API/IndividualNFVMANOServiceInterface.robot
@@ -13,7 +13,7 @@ POST Individual NFV-MANO Service Interface - Method not implemented
     ...    Test title: POST Individual NFV-MANO Service Interface - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemeted.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.11.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.11.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -25,7 +25,7 @@ GET Individual NFV-MANO Service Interface
     ...    Test title: GET Individual NFV-MANO Service Interface
     ...    Test objective: The objective is to query status information about an NFV-MANO service interface of the producer NFV-MANO functional entity by reading an "Individual NFV-MANO service interface" resource, and perform the JSON schema validation of the HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.11.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.11.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions:  none
@@ -38,7 +38,7 @@ GET Individual NFV-MANO Service Interface - Not Found
     ...    Test title: GET Individual NFV-MANO Service Interface - Not Found
     ...    Test objective: The objective is to test the retrieval of information about an NFV-MANO service interface of the producer NFV-MANO functional entity by reading an "Individual NFV-MANO service interface" resource fails when the resource is not present.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.11.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.11.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -51,7 +51,7 @@ PUT Individual NFV-MANO Service Interface - Method not implemented
     ...    Test title: PUT Individual NFV-MANO Service Interface - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemeted.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.11.3.3 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.11.3.3 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -63,7 +63,7 @@ PATCH Individual NFV-MANO Service Interface
     ...    Test title: PATCH Individual NFV-MANO Service Interface
     ...    Test objective: This method modifies the Individual NFV-MANO Service Interface resource, and perform the JSON schema validation of the HTTP response.
     ...    Pre-conditions: Individual NFV-MANO Service Interface resource is already created.
-    ...    Reference: clause 5.5.11.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.11.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: The Individual NFV-MANO Service Interface is modified by the operation
@@ -76,7 +76,7 @@ PATCH Individual NFV-MANO Service Interface - Conflict
     ...    Test title: PATCH Individual NFV-MANO Service Interface - Conflict
     ...    Test objective: The objective is to test that the modification of the Individual NFV-MANO Service Interface resource failed due to a conflict with the state of the Individual NFV-MANO Service Interface resource and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: Individual NFV-MANO Service Interface resource is already created.
-    ...    Reference: clause 5.5.11.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.11.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: The Individual NFV-MANO Service Interface is not modified by the operation
@@ -89,7 +89,7 @@ PATCH Individual NFV-MANO Service Interface - PreCondition Failed
     ...    Test title: PATCH Individual NFV-MANO Service Interface - PreCondition Failed
     ...    Test objective: The objective is to test that the modification of the Individual NFV-MANO Service Interface resource failed because precondition given in an HTTP request header is not fulfilled and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: Individual NFV-MANO Service Interface resource is already created.
-    ...    Reference: clause 5.5.11.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.11.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: The Individual NFV-MANO Service Interface is not modified by the operation
@@ -102,9 +102,35 @@ DELETE Individual NFV-MANO Service Interface - Method not implemented
     ...    Test title: DELETE Individual NFV-MANO Service Interface - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemeted.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.11.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.11.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send Delete request for Individual NFV-MANO Service Interface
     Check HTTP Response Status Code Is    405
+
+PATCH Individual NFV-MANO Service Interface with permitted authorization scope
+    [Documentation]    Test ID: 8.3.1.6.9
+    ...    Test title: PATCH Individual NFV-MANO Service Interface with permitted authorization scope
+    ...    Test objective: This method modifies the Individual NFV-MANO Service Interface resource with permitted authorization scope.
+    ...    Pre-conditions: Individual NFV-MANO Service Interface resource is already created.
+    ...    Reference: clause 5.5.11.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: The Individual NFV-MANO Service Interface is modified by the operation
+    Send Patch request for Individual NFV-MANO Service Interface with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   ManoServiceInterfaceModifications
+
+PATCH Individual NFV-MANO Service Interface with not permitted authorization scope
+    [Documentation]    Test ID: 8.3.1.6.10
+    ...    Test title: PATCH Individual NFV-MANO Service Interface with not permitted authorization scope
+    ...    Test objective: The objective is to test that modification of Individual NFV-MANO Service Interface resource fails with not permitted authorization scope.
+    ...    Pre-conditions: Individual NFV-MANO Service Interface resource is already created.
+    ...    Reference: clause 5.5.11.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: The Individual NFV-MANO Service Interface is modified by the operation
+    Send Patch request for Individual NFV-MANO Service Interface with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
+
diff --git a/SOL009/NFVManoConfigurationAndInformationManagement-API/IndividualPeerEntity.robot b/SOL009/NFVManoConfigurationAndInformationManagement-API/IndividualPeerEntity.robot
index 1e4bb41f4897835639183d6e5509d8e9ea269e01..fa7ed065acc8ec7042ae73dfb9f5ae48dfbd7d5a 100644
--- a/SOL009/NFVManoConfigurationAndInformationManagement-API/IndividualPeerEntity.robot
+++ b/SOL009/NFVManoConfigurationAndInformationManagement-API/IndividualPeerEntity.robot
@@ -13,7 +13,7 @@ POST Individual Peer Entity - Method not implemented
     ...    Test title: POST Individual Peer Entity - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemeted.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.14.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.14.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -25,7 +25,7 @@ GET Individual Peer Entity
     ...    Test title: GET Individual Peer Entity
     ...    Test objective: The objective is to retrieves information and configuration hold in the producer NFV-MANO functional entity with regards to a peer entity by reading an individual peer entity resource
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.14.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.14.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions:  none
@@ -38,7 +38,7 @@ GET Individual Peer Entity - Not Found
     ...    Test title: GET Individual Peer Entity - Not Found
     ...    Test objective: The objective is to test the retrieval of information and configuration hold in the producer NFV-MANO functional entity with regards to a peer entity by reading an individual peer entity resource fails when the resource is not present.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.14.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.14.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -50,7 +50,7 @@ PUT Individual Peer Entity - Method not implemented
     ...    Test title: PUT Individual Peer Entity - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemeted.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.14.3.3 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.14.3.3 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -62,7 +62,7 @@ PATCH Individual Peer Entity
     ...    Test title: PATCH Individual Peer Entity
     ...    Test objective: This method modifies configuration and information of the producer NFV-MANO functional entity with regards to a peer functional entity by updating the corresponding "Individual peer entity" resource.
     ...    Pre-conditions: At least one Peer Entity resource is created
-    ...    Reference: clause 5.5.14.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.14.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: Peer Entity Resource is modified by the operation
@@ -75,7 +75,7 @@ PATCH Individual Peer Entity - Conflict
     ...    Test title: PATCH Individual Peer Entity - Conflict
     ...    Test objective: The objective is to test that the modification of configuration and information of the producer NFV-MANO functional entity with regards to a peer functional entity by updating the corresponding "Individual peer entity" resource failed due to a conflict with the state of the Individual Peer Entity resource and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: At least one Peer Entity resource is created
-    ...    Reference: clause 5.5.14.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.14.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: Peer Entity Resource is not modified by the operation
@@ -88,7 +88,7 @@ PATCH Individual Peer Entity - PreCondition Failed
     ...    Test title: PATCH Individual Peer Entity - PreCondition Failed
     ...    Test objective: The objective is to test that the modification of the Individual Peer Entity resource failed because precondition given in an HTTP request header is not fulfilled and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: At least one Peer Entity resource is created
-    ...    Reference: clause 5.5.14.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.14.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: Peer Entity Resource is not modified by the operation
@@ -101,9 +101,34 @@ DELETE Individual Peer Entity - Method not implemented
     ...    Test title: DELETE Individual Peer Entity - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemeted.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.14.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.14.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send Delete request for Individual Peer Entity
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+PATCH Individual Peer Entity with permitted authorization scope
+    [Documentation]    Test ID: 8.3.1.9.9
+    ...    Test title: PATCH Individual Peer Entity with permitted authorization scope
+    ...    Test objective: This method modifies configuration and information of the producer NFV-MANO functional entity with permitted authorization scope.
+    ...    Pre-conditions: At least one Peer Entity resource is created
+    ...    Reference: clause 5.5.14.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: Peer Entity Resource is modified by the operation
+    Send Patch request for Individual Peer Entity with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   PeerEntityConfigModifications
+
+PATCH Individual Peer Entity with not permitted authorization scope
+    [Documentation]    Test ID: 8.3.1.9.10
+    ...    Test title: PATCH Individual Peer Entity with not permitted authorization scope
+    ...    Test objective: This method tests that modification of configuration and information of the producer NFV-MANO functional entity fails with not permitted authorization scope.
+    ...    Pre-conditions: At least one Peer Entity resource is created
+    ...    Reference: clause 5.5.14.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: Peer Entity Resource is modified by the operation
+    Send Patch request for Individual Peer Entity with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL009/NFVManoConfigurationAndInformationManagement-API/IndividualStateChangeOperationOccurrence.robot b/SOL009/NFVManoConfigurationAndInformationManagement-API/IndividualStateChangeOperationOccurrence.robot
index 9939a17006928baa1fb72057caef3103e61aa781..0227dd086722acd1f5099100742287d9fb4cc371 100644
--- a/SOL009/NFVManoConfigurationAndInformationManagement-API/IndividualStateChangeOperationOccurrence.robot
+++ b/SOL009/NFVManoConfigurationAndInformationManagement-API/IndividualStateChangeOperationOccurrence.robot
@@ -13,7 +13,7 @@ POST Individual Change State Operation Occurrence - Method not implemented
     ...    Test title: POST Individual Change State Operation Occurrence - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemeted.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.9.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.9.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -25,7 +25,7 @@ GET Individual Change State Operation Occurrence
     ...    Test title: GET Individual Change State Operation Occurrence
     ...    Test objective: The objective is to query status information about Individual change state operation occurrence.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.9.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.9.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions:  none
@@ -38,7 +38,7 @@ GET Individual Change State Operation Occurrence - Not Found
     ...    Test title: GET Individual Change State Operation Occurrence - Not Found
     ...    Test objective: The objective is to test the retrieval of information about individual change state operation occurence fails when the resource is not present.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.9.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.9.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -50,7 +50,7 @@ PUT Individual Change State Operation Occurrence - Method not implemented
     ...    Test title: PUT Individual Change State Operation Occurrence - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemeted.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.9.3.3 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.9.3.3 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -62,7 +62,7 @@ PATCH Individual Change State Operation Occurrence - Method not implemented
     ...    Test title: PATCH Individual Change State Operation Occurrence - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemeted.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.9.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.9.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -74,9 +74,35 @@ DELETE Individual Change State Operation Occurrence - Method not implemented
     ...    Test title: DELETE Individual Change State Operation Occurrence - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemeted.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.9.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.9.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send Delete request for Individual Change State Operation Occurrence
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+GET Individual Change State Operation Occurrence with permitted authorization scope
+    [Documentation]    Test ID: 8.3.1.4.7
+    ...    Test title: GET Individual Change State Operation Occurrence with permitted authorization scope
+    ...    Test objective: The objective is to query status information about Individual change state operation occurrence with permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: clause 5.5.9.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions:  none
+    Get Individual Change State Operation Occurrence with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    ChangeStateOpOcc
+
+GET Individual Change State Operation Occurrence with not permitted authorization scope
+    [Documentation]    Test ID: 8.3.1.4.8
+    ...    Test title: GET Individual Change State Operation Occurrence with not permitted authorization scope
+    ...    Test objective: The objective is test that the query status information about Individual change state operation occurrence fails with not permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: clause 5.5.9.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions:  none
+    Get Individual Change State Operation Occurrence with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
+
diff --git a/SOL009/NFVManoConfigurationAndInformationManagement-API/IndividualSubscription.robot b/SOL009/NFVManoConfigurationAndInformationManagement-API/IndividualSubscription.robot
index d2b46bdd3d9c328a90164176f8f3b01e39496b76..9065294648ccb446f54e588232ede0e65234adab 100644
--- a/SOL009/NFVManoConfigurationAndInformationManagement-API/IndividualSubscription.robot
+++ b/SOL009/NFVManoConfigurationAndInformationManagement-API/IndividualSubscription.robot
@@ -12,7 +12,7 @@ GET Individual Subscription
     ...    Test title: GET Individual  Subscription
     ...    Test objective: The objective is to test the retrieval of individual subscription and perform a JSON schema and content validation of the returned subscription data structure
     ...    Pre-conditions: At least one subscription is available in the NFV-MANO.
-    ...    Reference: clause 5.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -26,7 +26,7 @@ GET Individual Subscription - invalid resource identifier
     ...    Test title: GET Individual Subscription - invalid resource identifier
     ...    Test objective: The objective is to test that the retrieval of an individual subscription fails when using an invalid resource identifier
     ...    Pre-conditions: At least one subscription is available in the NFV-MANO.
-    ...    Reference: clause 5.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -38,7 +38,7 @@ DELETE Individual Subscription
     ...    Test title: DELETE Individual Subscription
     ...    Test objective: The objective is to test the deletion of an individual subscription
     ...    Pre-conditions: At least one subscription is available in the NFV-MANO.
-    ...    Reference: clause 5.5.5.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.5.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: The resource is not available anymore in the NFV-MANO    
@@ -51,7 +51,7 @@ DELETE Individual Subscription - invalid resource identifier
     ...    Test title: DELETE Individual Subscription - invalid resource identifier
     ...    Test objective: The objective is to test that the deletion of an individual  subscription fails when using an invalid resource identifier
     ...    Pre-conditions: At least one subscription is available in the NFV-MANO.
-    ...    Reference: clause 5.5.5.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.5.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -63,7 +63,7 @@ POST Individual Subscription - Method not implemented
     ...    Test title: POST Individual Subscription - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create a new Subscription
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.5.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.5.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -75,7 +75,7 @@ PUT Individual Subscription - Method not implemented
     ...    Test title: PUT Individual Subscription - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to update an existing subscription
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.5.3.3 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.5.3.3 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -87,9 +87,37 @@ PATCH Individual Subscription - Method not implemented
     ...    Test title: PATCH Individual Subscription - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to modify an existing subscription
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.5.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.5.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send Patch request for individual Subscription
     Check HTTP Response Status Code Is    405
+
+GET Individual Subscription with permitted authorization scope
+    [Documentation]    Test ID: 8.3.1.11.8
+    ...    Test title: GET Individual  Subscription with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of individual subscription when a permitted authorization scope is used.
+    ...    Pre-conditions: At least one subscription is available in the NFV-MANO.
+    ...    Reference: clause 5.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Individual Subscription with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   CimSubscription
+    Check HTTP Response Body Subscription Identifier matches the requested Subscription
+
+GET Individual Subscription with not permitted authorization scope
+    [Documentation]    Test ID: 8.3.1.11.9
+    ...    Test title: GET Individual  Subscription with not permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of individual subscription fails when a not permitted authorization scope is used.
+    ...    Pre-conditions: At least one subscription is available in the NFV-MANO.
+    ...    Reference: clause 5.5.5.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get Individual Subscription with not permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   CimSubscription
+    Check HTTP Response Body Subscription Identifier matches the requested Subscription
\ No newline at end of file
diff --git a/SOL009/NFVManoConfigurationAndInformationManagement-API/NFVMANOCimKeywords.robot b/SOL009/NFVManoConfigurationAndInformationManagement-API/NFVMANOCimKeywords.robot
index c77617894e89bbe8fe106bf4cd43185e0914039f..a14ce3a309e1719645bf422383b3c58e2f376bfc 100644
--- a/SOL009/NFVManoConfigurationAndInformationManagement-API/NFVMANOCimKeywords.robot
+++ b/SOL009/NFVManoConfigurationAndInformationManagement-API/NFVMANOCimKeywords.robot
@@ -9,6 +9,7 @@ Library    JSONLibrary
 Library    Collections
 Library    JSONSchemaLibrary    schemas/
 Library    Process
+Library    jwt
 
 *** Keywords ***
 Check HTTP Response Status Code Is
@@ -46,6 +47,28 @@ GET NFV-MANO entity resource
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
 
+GET NFV-MANO entity resource with permitted authorization scope
+    Log    Trying to get a NFV-MANO entity resource 
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${ENTITY_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/mano_entity
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+GET NFV-MANO entity resource with not permitted authorization scope
+    Log    Trying to get a NFV-MANO entity resource 
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${ENTITY_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/mano_entity
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
 Send Put request for NFV-MANO Entity  
     Log    Trying to perform a PUT (method should not be implemented)
     Set Headers    {"Accept": "${ACCEPT_JSON}"}
@@ -84,6 +107,32 @@ Send Post request for NFV-MANO functional entity application state change
     POST    ${apiRoot}/${apiName}/${apiMajorVersion}/mano_entity/change_state
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
+
+Send Post request for NFV-MANO functional entity application state change with permitted authorization scope
+    Log    Trying to perform a POST for NFV-MANO functional entity application state change
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${CHANGE_STATE_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Log    Authorization Token: ${authorizationToken}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/ChangeStateRequest.json
+    ${body}=        Format String   ${template}    state=${state}     stateAction=${stateAction} 
+    POST    ${apiRoot}/${apiName}/${apiMajorVersion}/mano_entity/change_state
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Send Post request for NFV-MANO functional entity application state change with not permitted authorization scope
+    Log    Trying to perform a POST for NFV-MANO functional entity application state change
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Log    Authorization Token: ${authorizationToken}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/ChangeStateRequest.json
+    ${body}=        Format String   ${template}    state=${state}     stateAction=${stateAction} 
+    POST    ${apiRoot}/${apiName}/${apiMajorVersion}/mano_entity/change_state
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
     
 Wait for entity state change success notification and validate status
     Wait Until Keyword Succeeds    ${retry}   ${polling}    Check entity state    
@@ -149,6 +198,30 @@ Get Change State Operation Occurrences
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/change_state_ops
     ${outputResponse}=    Output    response
 	Set Global Variable    @{response}    ${outputResponse}
+
+Get Change State Operation Occurrences with permitted authorization scope
+    Log    Query to GET information about multiple change state operation occurrences.
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    ${scopeValue}=    Create Dictionary    scope=${CHANGE_STATE_OPS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Log    Execute Query and validate response
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/change_state_ops
+    ${outputResponse}=    Output    response
+	Set Global Variable    @{response}    ${outputResponse}
+
+Get Change State Operation Occurrences with not permitted authorization scope
+    Log    Query to GET information about multiple change state operation occurrences.
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Log    Execute Query and validate response
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/change_state_ops
+    ${outputResponse}=    Output    response
+	Set Global Variable    @{response}    ${outputResponse}
 	
 Get Change State Operation Occurrences with invalid filter
     Set Headers  {"Accept":"${ACCEPT_JSON}"}  
@@ -259,11 +332,34 @@ Get Individual Change State Operation Occurrence
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/change_state_ops/${changeStateOpOccId}
     ${outputResponse}=    Output    response
 	Set Global Variable    @{response}    ${outputResponse}
-	
+
+
+Get Individual Change State Operation Occurrence with permitted authorization scope
+    Log    Query to GET information about individual change state operation occurrences.
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    ${scopeValue}=    Create Dictionary    scope=${CHANGE_STATE_OPS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Execute Query and validate response
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/change_state_ops/${changeStateOpOccId}
+    ${outputResponse}=    Output    response
+	Set Global Variable    @{response}    ${outputResponse}
+
+Get Individual Change State Operation Occurrence with not permitted authorization scope
+    Log    Query to GET information about individual change state operation occurrences.
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Execute Query and validate response
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/change_state_ops/${changeStateOpOccId}
+    ${outputResponse}=    Output    response
+	Set Global Variable    @{response}    ${outputResponse}
+
 Send Put request for Individual Change State Operation Occurrence
     log    Trying to perform a PUT. This method should not be implemented
     Set Headers  {"Accept":"${ACCEPT_JSON}"}  
-    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+
     Put    ${apiRoot}/${apiName}/${apiMajorVersion}/change_state_ops/${changeStateOpOccId}
     ${outputResponse}=    Output    response
 	Set Global Variable    @{response}    ${outputResponse}
@@ -300,6 +396,30 @@ Get NFV-MANO Service Interfaces
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/mano_entity/mano_interfaces
     ${outputResponse}=    Output    response
 	Set Global Variable    @{response}    ${outputResponse}
+
+Get NFV-MANO Service Interfaces with permitted authorization scope
+    Log    Query to GET information about multiple NFV-MANO service interfaces of the NFV-MANO functional entity.
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    ${scopeValue}=    Create Dictionary    scope=${ENTITY_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Log    Execute Query and validate response
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/mano_entity/mano_interfaces
+    ${outputResponse}=    Output    response
+	Set Global Variable    @{response}    ${outputResponse}
+
+Get NFV-MANO Service Interfaces with not permitted authorization scope
+    Log    Query to GET information about multiple NFV-MANO service interfaces of the NFV-MANO functional entity.
+    Set Headers  {"Accept":"${ACCEPT_JSON}"}  
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    Log    Execute Query and validate response
+    Get    ${apiRoot}/${apiName}/${apiMajorVersion}/mano_entity/mano_interfaces
+    ${outputResponse}=    Output    response
+	Set Global Variable    @{response}    ${outputResponse}
 	
 Get NFV-MANO Service Interfaces with invalid filter
     Set Headers  {"Accept":"${ACCEPT_JSON}"}  
@@ -406,7 +526,7 @@ Send Put request for Individual NFV-MANO Service Interface
     ${outputResponse}=    Output    response
 	Set Global Variable    @{response}    ${outputResponse}
 	
-Send Patch request for Individual NFV-MANO Service Interface
+Send Patch request for Individual NFV-MANO Service Interface 
     log    Trying to modify an NFV-MANO Entity
     Set Headers    {"Accept":"${ACCEPT_JSON}"}  
     Set Headers    {"Content-Type": "${CONTENT_TYPE_PATCH}"}
@@ -415,6 +535,32 @@ Send Patch request for Individual NFV-MANO Service Interface
     Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/mano_entity/mano_interfaces/${manoServiceInterfaceId}   ${body}	
     ${outputResponse}=    Output    response
 	Set Global Variable    @{response}    ${outputResponse}
+
+Send Patch request for Individual NFV-MANO Service Interface with permitted authorization scope
+    log    Trying to modify an NFV-MANO Entity
+    Set Headers    {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_PATCH}"}
+    ${scopeValue}=    Create Dictionary    scope=${ENTITY_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    ${body}=    Get File    jsons/ManoServiceInterfaceModificationRequest.json
+    Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/mano_entity/mano_interfaces/${manoServiceInterfaceId}   ${body}	
+    ${outputResponse}=    Output    response
+	Set Global Variable    @{response}    ${outputResponse}
+
+Send Patch request for Individual NFV-MANO Service Interface with not permitted authorization scope
+    log    Trying to modify an NFV-MANO Entity
+    Set Headers    {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_PATCH}"}
+    ${scopeValue}=    Create Dictionary    scope=${ENTITY_NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    ${body}=    Get File    jsons/ManoServiceInterfaceModificationRequest.json
+    Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/mano_entity/mano_interfaces/${manoServiceInterfaceId}   ${body}	
+    ${outputResponse}=    Output    response
+	Set Global Variable    @{response}    ${outputResponse}
 	
 Send Delete request for Individual NFV-MANO Service Interface
     log    Trying to perform a DELETE. This method should not be implemented
@@ -433,6 +579,32 @@ Send Post request for Change interface state task
     POST    ${apiRoot}/${apiName}/${apiMajorVersion}/mano_entity/mano_interfaces/${manoServiceInterfaceId}/change_state    ${body}
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
+
+Send Post request for Change interface state task with permitted authorization scope
+    Log    Trying to perform a POST for Change interface state task
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${CHANGE_STATE_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Log    Authorization Token: ${authorizationToken}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${template}=    Get File    jsons/ChangeStateRequest.json
+    ${body}=        Format String   ${template}    state=${state}     stateAction=${stateAction}
+    POST    ${apiRoot}/${apiName}/${apiMajorVersion}/mano_entity/mano_interfaces/${manoServiceInterfaceId}/change_state    ${body}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Send Post request for Change interface state task with not permitted authorization scope
+    Log    Trying to perform a POST for Change interface state task
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Log    Authorization Token: ${authorizationToken}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"} 
+    ${template}=    Get File    jsons/ChangeStateRequest.json
+    ${body}=        Format String   ${template}    state=${state}     stateAction=${stateAction}
+    POST    ${apiRoot}/${apiName}/${apiMajorVersion}/mano_entity/mano_interfaces/${manoServiceInterfaceId}/change_state    ${body}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
     
 Check PostCondition NFV-MANO service interface state matches the requested state
     Wait Until Keyword Succeeds    ${retry}   ${polling}    Check interface state    
@@ -491,7 +663,33 @@ Send Post request for Peer Entity
     POST    ${apiRoot}/${apiName}/${apiMajorVersion}/peer_entities    ${body}
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
-    
+
+Send Post request for Peer Entity with permitted authorization scope
+    Log    Trying to perform a POST for Peer Entity
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${PEER_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    ${template}=    Get File    jsons/CreatePeerEntityRequest.json
+    ${body}=        Format String   ${template}     peerEntityId=${peerEntityId}    name=${name}    type=${type}
+    POST    ${apiRoot}/${apiName}/${apiMajorVersion}/peer_entities    ${body}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Send Post request for Peer Entity with not permitted authorization scope
+    Log    Trying to perform a POST for Peer Entity
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${PEER_NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    ${template}=    Get File    jsons/CreatePeerEntityRequest.json
+    ${body}=        Format String   ${template}     peerEntityId=${peerEntityId}    name=${name}    type=${type}
+    POST    ${apiRoot}/${apiName}/${apiMajorVersion}/peer_entities    ${body}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+       
 Get Peer Entities
     Log    Query to GET information about multiple peer entities.
     Set Headers  {"Accept":"${ACCEPT_JSON}"}  
@@ -615,6 +813,32 @@ Send Patch request for Individual Peer Entity
     Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/peer_entities/${peerEntityId}   ${body}	
     ${outputResponse}=    Output    response
 	Set Global Variable    @{response}    ${outputResponse}
+
+Send Patch request for Individual Peer Entity with permitted authorization scope
+    log    Trying to modify an NFV-MANO Entity
+    Set Headers    {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_PATCH}"}
+    ${scopeValue}=    Create Dictionary    scope=${PEER_NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    ${body}=    Get File    jsons/PeerEntityConfigModificationRequest.json
+    Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/peer_entities/${peerEntityId}   ${body}	
+    ${outputResponse}=    Output    response
+	Set Global Variable    @{response}    ${outputResponse}
+
+Send Patch request for Individual Peer Entity with not permitted authorization scope
+    log    Trying to modify an NFV-MANO Entity
+    Set Headers    {"Accept":"${ACCEPT_JSON}"}  
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_PATCH}"}
+    ${scopeValue}=    Create Dictionary    scope=${PEER_NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    ${body}=    Get File    jsons/PeerEntityConfigModificationRequest.json
+    Patch    ${apiRoot}/${apiName}/${apiMajorVersion}/peer_entities/${peerEntityId}   ${body}	
+    ${outputResponse}=    Output    response
+	Set Global Variable    @{response}    ${outputResponse}
 	
 Send Delete request for Individual Peer Entity
     log    Trying to perform a DELETE. This method should not be implemented
@@ -646,7 +870,31 @@ Get all Subscriptions
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
-    
+
+Get all Subscriptions with permitted authorization scope
+    [Documentation]    The api consumer can use this method to query the list of active subscriptions to log management notifications
+    Set headers    {"Accept": "application/json"}
+    Set headers    {"Content-Type": "application/json"}
+    ${scopeValue}=    Create Dictionary    scope=${SUBSCRIPTIONS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Get all Subscriptions with not permitted authorization scope
+    [Documentation]    The api consumer can use this method to query the list of active subscriptions to log management notifications
+    Set headers    {"Accept": "application/json"}
+    Set headers    {"Content-Type": "application/json"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
  Get Subscriptions with attribute-based filters
     [Documentation]    The api consumer can use this method to query the list of active subscriptions to log management notifications
     Set headers    {"Accept": "${ACCEPT_JSON}"}
@@ -762,6 +1010,26 @@ Get Individual Subscription
     GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
+
+Get Individual Subscription with permitted authorization scope
+    Set headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${SUBSCRIPTIONS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
+
+Get Individual Subscription with not permitted authorization scope
+    Set headers    {"Accept": "${ACCEPT_JSON}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Authorization Token: ${authorizationToken}
+    GET    ${apiRoot}/${apiName}/${apiMajorVersion}/subscriptions/${subscriptionId}
+    ${output}=    Output    response
+    Set Suite Variable    ${response}    ${output}
     
 Check HTTP Response Body Subscription Identifier matches the requested Subscription
     Log    Trying to check response ID
@@ -858,3 +1126,9 @@ GET Peer Entities with expired or revoked authorization token
     Get    ${apiRoot}/${apiName}/${apiMajorVersion}/peer_entities
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
+
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded} 
+
diff --git a/SOL009/NFVManoConfigurationAndInformationManagement-API/NFVMANOEntity.robot b/SOL009/NFVManoConfigurationAndInformationManagement-API/NFVMANOEntity.robot
index 05fe34388ca070cf589850d3d919e7c434dc6ad0..1d32a2804d414dd820ba9a8b869b73360bf9d5ba 100644
--- a/SOL009/NFVManoConfigurationAndInformationManagement-API/NFVMANOEntity.robot
+++ b/SOL009/NFVManoConfigurationAndInformationManagement-API/NFVMANOEntity.robot
@@ -13,7 +13,7 @@ POST NFV-MANO entity - Method not implemented
     ...    Test title: POST NFV-MANO entity - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed to create an NFV-MANO Entity.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.3.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.3.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -25,7 +25,7 @@ GET NFV-MANO entity
     ...    Test title: Get NFV-MANO entity
     ...    Test objective: The objective is to test the retrieval of information about an NFV-MANO functional entity by reading the NFV-MANO entity resource and perform a JSON schema and content validation of the collected job data structure.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -38,7 +38,7 @@ GET NFV-MANO entity - Not Found
     ...    Test title: Get NFV-MANO entity - Not Found
     ...    Test objective: The objective is to test the retrieval of information about an NFV-MANO functional entity by reading the NFV-MANO entity resource fails when the resource is not present.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -50,7 +50,7 @@ PUT NFV-MANO entity - Method not implemented
     ...    Test title: PUT NFV-MANO entity - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to update an NFV-MANO Entity.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.3.3.3 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.3.3.3 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -62,7 +62,7 @@ PATCH NFV-MANO entity
     ...    Test title: PATCH NFV-MANO entity
     ...    Test objective: The objective is to test that PATCH method modifies the NFV-MANO entity resource and perform a JSON schema and content validation of the modified response.
     ...    Pre-conditions: NFV-MANO entity resource is already created.
-    ...    Reference: clause 5.5.3.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.3.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: The NFV-MANO entity is modified by the operation
@@ -75,7 +75,7 @@ PATCH NFV-MANO entity - Conflict
     ...    Test title: PATCH NFV-MANO entity - Conflict
     ...    Test objective: The objective is to test that the modification of the NFV-MANO entity resource failed due to a conflict with the state of the NFV-MANO entity resource and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: NFV-MANO entity resource is already created.
-    ...    Reference: clause 5.5.3.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.3.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: The NFV-MANO entity is not modified by the operation
@@ -88,7 +88,7 @@ PATCH NFV-MANO entity - PreCondition Failed
     ...    Test title: PATCH NFV-MANO entity - PreCondition Failed
     ...    Test objective: The objective is to test that the modification of the NFV-MANO entity resource failed because precondition given in an HTTP request header is not fulfilled and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: NFV-MANO entity resource is already created.
-    ...    Reference: clause 5.5.3.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.3.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: The NFV-MANO entity is not modified by the operation
@@ -101,9 +101,34 @@ DELETE NFV-MANO entity - Method not implemented
     ...    Test title: DELETE NFV-MANO entity - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete an NFV-MANO Entity.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.3.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.3.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send Delete request for NFV-MANO Entity
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+GET NFV-MANO entity with permitted authorization scope
+    [Documentation]    Test ID: 8.3.1.1.9
+    ...    Test title: Get NFV-MANO entity with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of information about an NFV-MANO functional entity by reading the NFV-MANO entity resource when a permitted authorization scope is used.
+    ...    Pre-conditions: none
+    ...    Reference: clause 5.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET NFV-MANO entity resource with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   ManoEntity
+
+GET NFV-MANO entity with not permitted authorization scope
+    [Documentation]    Test ID: 8.3.1.1.10
+    ...    Test title: Get NFV-MANO entity with not permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of information about an NFV-MANO functional entity fails when a not permitted authorization scope is used.
+    ...    Pre-conditions: none
+    ...    Reference: clause 5.5.3.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET NFV-MANO entity resource with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL009/NFVManoConfigurationAndInformationManagement-API/NFVMANOServiceInterfaces.robot b/SOL009/NFVManoConfigurationAndInformationManagement-API/NFVMANOServiceInterfaces.robot
index 9f4f28d151d28ca1e1faed3e5905cadde1bc4ccf..f9fd44d8c60b0aa45f03f95c6da8a09b053b7591 100644
--- a/SOL009/NFVManoConfigurationAndInformationManagement-API/NFVMANOServiceInterfaces.robot
+++ b/SOL009/NFVManoConfigurationAndInformationManagement-API/NFVMANOServiceInterfaces.robot
@@ -13,7 +13,7 @@ POST NFV-MANO Service Interfaces - Method not implemented
     ...    Test title: POST NFV-MANO Service Interfaces - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemeted.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.10.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.10.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -25,7 +25,7 @@ GET NFV-MANO Service Interfaces
     ...    Test title: GET NFV-MANO Service Interfaces
     ...    Test objective: The objective is to query status information about multiple NFV-MANO service interfaces of the NFV-MANO functional entity, and perform the JSON schema validation of the HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.10.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.10.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions:  none
@@ -38,7 +38,7 @@ GET NFV-MANO Service Interfaces - invalid attribute-based filter
     ...    Test title: GET NFV-MANO Service Interfaces - invalid attribute-based filter
     ...    Test objective:  The objective is to test that the retrieval of NFV-MANO Service Interfaces fails when using invalid attribute-based filter, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.10.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.10.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -51,7 +51,7 @@ GET NFV-MANO Service Interfaces - invalid attribute selector
     ...    Test title: GET NFV-MANO Service Interfaces - invalid attribute selector
     ...    Test objective: The objective is to test that the retrieval of NFV-MANO Service Interfaces fails when using invalid attribute selector, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.10.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.10.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -64,7 +64,7 @@ GET NFV-MANO Service Interfaces - Bad Request Response too Big
     ...    Test title: GET NFV-MANO Service Interfaces - Bad Request Response too Big
     ...    Test objective: The objective is to test that the retrieval of NFV-MANO Service Interfaces fails when response is too big, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.10.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.10.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -77,7 +77,7 @@ GET NFV-MANO Service Interfaces with attribute-based filter
     ...    Test title: GET NFV-MANO Service Interfaces with attribute-based filter
     ...    Test objective: The objective is to query status information about multiple NFV-MANO service interfaces of the NFV-MANO functional entities with attribute filters, and perform the JSON schema validation of the HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.10.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.10.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -90,7 +90,7 @@ GET NFV-MANO Service Interfaces with "all_fields" attribute selector
     ...    Test title: GET NFV-MANO Service Interface with "all_fields" attribute selector
     ...    Test objective: The objective is to retrieve NFV-MANO Service Interfaces with "all_fields" attribute selector, and perform the JSON schema validation of the HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.10.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.10.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -103,7 +103,7 @@ GET NFV-MANO Service Interfaces with "exclude_default" attribute selector
     ...    Test title: GET NFV-MANO Service Interfaces with "exclude_default" attribute selector
     ...    Test objective: The objective is to retrieve NFV-MANO Service Interfaces with "exclude_default" attribute selector, and perform the JSON schema validation of the HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.10.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.10.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -116,7 +116,7 @@ GET NFV-MANO Service Interfaces with "fields" attribute selector
     ...    Test title: GET NFV-MANO Service Interfaces with "fields" attribute selector
     ...    Test objective: The objective is to retrieve NFV-MANO Service Interfaces with fields attribute selector, and perform the JSON schema validation of the HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.10.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.10.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -129,7 +129,7 @@ GET NFV-MANO Service Interfaces with "exclude_fields" attribute selector
     ...    Test title: GET NFV-MANO Service Interfaces with "exclude_fields" attribute selector
     ...    Test objective: The objective is to retrieve NFV-MANO Service Interfaces with "exclude_fields" attribute selector, and perform the JSON schema validation of the HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.10.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.10.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -142,7 +142,7 @@ GET NFV-MANO Service Interfaces with "exclude_default" and "fields" attribute se
     ...    Test title: GET NFV-MANO Service Interfaces with "exclude_default" and "fields" attribute selector
     ...    Test objective: The objective is to retrieve NFV-MANO Service Interfaces with "exclude_default" and "fields" attribute selector, and perform the JSON schema validation of the HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.10.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.10.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -155,7 +155,7 @@ GET NFV-MANO Service Interfaces with Paged Response
     ...    Test title: GET NFV-MANO Service Interfaces with Paged Response
     ...    Test objective: The objective is to query NFV-MANO Service Interface to get Paged Response.
     ...    Pre-conditions:  none
-    ...    Reference: clause 5.5.10.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.10.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -168,7 +168,7 @@ PUT NFV-MANO Service Interfaces - Method not implemented
     ...    Test title: PUT NFV-MANO Service Interfaces - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemeted.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.10.3.3 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.10.3.3 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -180,7 +180,7 @@ PATCH NFV-MANO Service Interfaces - Method not implemented
     ...    Test title: PATCH NFV-MANO Service Interfaces - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemeted.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.10.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.10.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -192,9 +192,34 @@ DELETE NFV-MANO Service Interfaces - Method not implemented
     ...    Test title: DELETE NFV-MANO Service Interfaces - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemeted.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.10.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.10.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send Delete request for NFV-MANO Service Interfaces
-    Check HTTP Response Status Code Is    405
\ No newline at end of file
+    Check HTTP Response Status Code Is    405
+
+GET NFV-MANO Service Interfaces with permitted authorization scope
+    [Documentation]    Test ID: 8.3.1.5.16
+    ...    Test title: GET NFV-MANO Service Interfaces with permitted authorization scope
+    ...    Test objective: The objective is to query status information about multiple NFV-MANO service interfaces of the NFV-MANO functional entity with permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: clause 5.5.10.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions:  none
+    Get NFV-MANO Service Interfaces with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    ManoServiceInterfaces
+
+GET NFV-MANO Service Interfaces with not permitted authorization scope
+    [Documentation]    Test ID: 8.3.1.5.17
+    ...    Test title: GET NFV-MANO Service Interfaces with not permitted authorization scope
+    ...    Test objective: The objective is test that the query status information about multiple NFV-MANO service interfaces of the NFV-MANO functional entity fails when using not permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: clause 5.5.10.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions:  none
+    Get NFV-MANO Service Interfaces with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL009/NFVManoConfigurationAndInformationManagement-API/NotificationEndpoint.robot b/SOL009/NFVManoConfigurationAndInformationManagement-API/NotificationEndpoint.robot
index f12d35bf0ce286c13c1d412f1d734e314068adaf..4bab4eeb21bab0c0f2b19799d3fc0be4743b3eb9 100644
--- a/SOL009/NFVManoConfigurationAndInformationManagement-API/NotificationEndpoint.robot
+++ b/SOL009/NFVManoConfigurationAndInformationManagement-API/NotificationEndpoint.robot
@@ -13,7 +13,7 @@ Information Changed Notification
     ...    Test title: Information Changed Notification
     ...    Test objective: The objective is to test that Information Changed Notification is delivered with success to the notification consumer
     ...    Pre-conditions: A subscription for information availability notification is available in the NFV-MANO.
-    ...    Reference: clause 5.5.6.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.6.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -25,7 +25,7 @@ Change State Notification
     ...    Test title: Change State Notification
     ...    Test objective: The objective is to test that Change State Notification is delivered with success to the notification consumer
     ...    Pre-conditions: A subscription for change state notification is available in the NFV-MANO.
-    ...    Reference: clause 5.5.6.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.6.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL009/NFVManoConfigurationAndInformationManagement-API/Notifications.robot b/SOL009/NFVManoConfigurationAndInformationManagement-API/Notifications.robot
index 60541f73463663ff3249122511ebec4d2c565bd3..758082b681ad76ab85bc447c92656d99acd016fc 100644
--- a/SOL009/NFVManoConfigurationAndInformationManagement-API/Notifications.robot
+++ b/SOL009/NFVManoConfigurationAndInformationManagement-API/Notifications.robot
@@ -16,7 +16,7 @@ Information Changed Notification
     ...    Test title: Information Changed Notification
     ...    Test objective: The objective is to test the dispatch of Information Changed Notification when configuration or information is changed in the NFV-MANO, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A subscription for information availability notifications is available in the NFV-MANO.
-    ...    Reference: clause 5.5.6.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.6.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -29,7 +29,7 @@ Change State Notification
     ...    Test title: Change State Notification
     ...    Test objective: The objective is to test the dispatch of Change State Notification when state changes of the NFV-MANO functional entity and its managed objects, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A performance job is created, and a state change subscription is available in the NFV-MANO.
-    ...    Reference: clause 5.5.6.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.6.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANOz
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL009/NFVManoConfigurationAndInformationManagement-API/PeerEntities.robot b/SOL009/NFVManoConfigurationAndInformationManagement-API/PeerEntities.robot
index d8f9a0f6a0ed7af3fa0f2f4d06405ebe42ba8e37..dac2d78fdd50e8e94a2f8f4638938b63ecbb089e 100644
--- a/SOL009/NFVManoConfigurationAndInformationManagement-API/PeerEntities.robot
+++ b/SOL009/NFVManoConfigurationAndInformationManagement-API/PeerEntities.robot
@@ -13,7 +13,7 @@ POST Peer Entity
     ...    Test title: POST Peer Entity
     ...    Test objective: The objective is to creates in the producer NFV-MANO functional entity a new peer entity resource which contains configuration and information with regards to the peer functional entity and perform the JSON schema validation of the returned job data structure.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.13.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.13.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: Peer Entity is created
@@ -28,7 +28,7 @@ GET Peer Entities
     ...    Test title: GET Peer Entities
     ...    Test objective: The objective is to query information and configuration in the producer NFV-MANO functional entity with regards to multiple peer entities, and perform the JSON schema validation of the returned job data structure.
     ...    Pre-conditions: At least one Peer Entity is already created.
-    ...    Reference: clause 5.5.13.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.13.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions:  none
@@ -41,7 +41,7 @@ GET Peer Entities - invalid attribute-based filter
     ...    Test title: GET Peer Entities - invalid attribute-based filter
     ...    Test objective:  The objective is to test that the retrieval of information and configuration in the producer NFV-MANO functional entity with regards to multiple peer entities fails when using invalid attribute-based filter, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: At least one Peer Entity is already created. 
-    ...    Reference: clause 5.5.13.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.13.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -54,7 +54,7 @@ GET Peer Entities - invalid attribute selector
     ...    Test title: GET Peer Entities - invalid attribute selector
     ...    Test objective: The objective is to test that the retrieval of information and configuration in the producer NFV-MANO functional entity with regards to multiple peer entities fails when using invalid attribute selector, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: At least one Peer Entity is already created. 
-    ...    Reference: clause 5.5.13.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.13.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -67,7 +67,7 @@ GET Peer Entities - Bad Request Response too Big
     ...    Test title: GET Peer Entities - Bad Request Response too Big
     ...    Test objective: The objective is to test that the retrieval of information and configuration in the producer NFV-MANO functional entity with regards to multiple peer entities fails when response is too big, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: At least one Peer Entity is already created. 
-    ...    Reference: clause 5.5.13.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.13.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -80,7 +80,7 @@ GET Peer Entities with attribute-based filter
     ...    Test title: GET Peer Entities with attribute-based filter
     ...    Test objective: The objective is to query information and configuration in the producer NFV-MANO functional entity with regards to multiple peer entities with attribute filters, and perform the JSON schema validation of the returned job data structure.
     ...    Pre-conditions: At least one Peer Entity is already created. 
-    ...    Reference: clause 5.5.13.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.13.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -93,7 +93,7 @@ GET Peer Entities with "all_fields" attribute selector
     ...    Test title: GET Peer Entities with "all_fields" attribute selector
     ...    Test objective: The objective is to retrieve information and configuration in the producer NFV-MANO functional entity with regards to multiple peer entities with "all_fields" attribute selector, and perform the JSON schema validation of the returned job data structure.
     ...    Pre-conditions: At least one Peer Entity is already created. 
-    ...    Reference: clause 5.5.13.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.13.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -106,7 +106,7 @@ GET Peer Entities with "exclude_default" attribute selector
     ...    Test title: GET Peer Entities with "exclude_default" attribute selector
     ...    Test objective: The objective is to retrieve information and configuration in the producer NFV-MANO functional entity with regards to multiple peer entities with "exclude_default" attribute selector, and perform the JSON schema validation of the returned job data structure.
     ...    Pre-conditions: At least one Peer Entity is already created. 
-    ...    Reference: clause 5.5.13.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.13.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -119,7 +119,7 @@ GET Peer Entities with "fields" attribute selector
     ...    Test title: GET Peer Entities with "fields" attribute selector
     ...    Test objective: The objective is to retrieve information and configuration in the producer NFV-MANO functional entity with regards to multiple peer entities with fields attribute selector, and perform the JSON schema validation of the returned job data structure.
     ...    Pre-conditions: At least one Peer Entity is already created. 
-    ...    Reference: clause 5.5.13.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.13.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -132,7 +132,7 @@ GET Peer Entities with "exclude_fields" attribute selector
     ...    Test title: GET Peer Entities with "exclude_fields" attribute selector
     ...    Test objective: The objective is to retrieve information and configuration in the producer NFV-MANO functional entity with regards to multiple peer entities with "exclude_fields" attribute selector, and perform the JSON schema validation of the returned job data structure.
     ...    Pre-conditions: At least one Peer Entity is already created. 
-    ...    Reference: clause 5.5.13.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.13.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -145,7 +145,7 @@ GET Peer Entities with "exclude_default" and "fields" attribute selector
     ...    Test title: GET Peer Entities with "exclude_default" and "fields" attribute selector
     ...    Test objective: The objective is to retrieve information and configuration in the producer NFV-MANO functional entity with regards to multiple peer entities with "exclude_default" and "fields" attribute selector, and perform the JSON schema validation of the returned job data structure.
     ...    Pre-conditions: At least one Peer Entity is already created. 
-    ...    Reference: clause 5.5.13.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.13.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -158,7 +158,7 @@ GET Peer Entity with Paged Response
     ...    Test title: GET Peer Entity with Paged Response
     ...    Test objective: The objective is to query information and configuration in the producer NFV-MANO functional entity with regards to multiple peer entities to get Paged Response.
     ...    Pre-conditions: At least one Peer Entity is already created.  
-    ...    Reference: clause 5.5.13.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.13.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -171,7 +171,7 @@ Get Peer Entity with malformed authorization token
     ...    Test title: Get Peer Entity with malformed authorization token
     ...    Test objective: The objective is to test that the retrieval of information and configuration in the producer NFV-MANO functional entity with regards to multiple peer entities fails when using malformed authorization token.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.13.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.13.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: The Peer Entity requires the usage of access tokens for authorizing the API requests.
     ...    Post-Conditions: none
@@ -183,7 +183,7 @@ Get Peer Entity without authorization token
     ...    Test title: Get Peer Entity without authorization token
     ...    Test objective: The objective is to test that the retrieval of information and configuration in the producer NFV-MANO functional entity with regards to multiple peer entities fails when omitting the authorization token.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.13.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.13.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: The Peer Entity requires the usage of access tokens for authorizing the API requests.
     ...    Post-Conditions: none
@@ -195,7 +195,7 @@ GET information about multiple alarms with expired or revoked authorization toke
     ...    Test title: GET information about multiple alarms with expired or revoked authorization token
     ...    Test objective: The objective is to test that the retrieval of information and configuration in the producer NFV-MANO functional entity with regards to multiple peer entities fails when using expired or revoked authorization token.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.13.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.13.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: The Peer Entity requires the usage of access tokens for authorizing the API requests.
     ...    Post-Conditions: none
@@ -207,7 +207,7 @@ PUT Peer Entities - Method not implemented
     ...    Test title: PUT Peer Entities - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemeted.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.13.3.3 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.13.3.3 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -219,7 +219,7 @@ PATCH Peer Entities - Method not implemented
     ...    Test title: PATCH Peer Entities - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemeted.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.13.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.13.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -231,9 +231,39 @@ DELETE Peer Entities - Method not implemented
     ...    Test title: DELETE Peer Entities - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemeted.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.13.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.13.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
     Send Delete request for Peer Entities
     Check HTTP Response Status Code Is    405
+
+POST Peer Entity with permitted authorization scope
+    [Documentation]    Test ID: 8.3.1.8.19
+    ...    Test title: POST Peer Entity with permitted authorization scope
+    ...    Test objective: The objective is to create in the producer NFV-MANO functional entity a new peer entity resource with permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: clause 5.5.13.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: Peer Entity is created
+    Send Post request for Peer Entity with permitted authorization scope
+    Check HTTP Response Status Code Is    201
+    Check HTTP Response Body Json Schema Is    PeerEntity
+    Check HTTP Response Header Contains Location
+    Check Postcondition Peer Entity Resource is created
+
+POST Peer Entity with not permitted authorization scope
+    [Documentation]    Test ID: 8.3.1.8.20
+    ...    Test title: POST Peer Entity with not permitted authorization scope
+    ...    Test objective: The objective is to test that creation in the producer NFV-MANO functional entity of a new peer entity resource fails with not permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: clause 5.5.13.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: Peer Entity is created
+    Send Post request for Peer Entity with not permitted authorization scope
+    Check HTTP Response Status Code Is    201
+    Check HTTP Response Body Json Schema Is    PeerEntity
+    Check HTTP Response Header Contains Location
+    Check Postcondition Peer Entity Resource is created
\ No newline at end of file
diff --git a/SOL009/NFVManoConfigurationAndInformationManagement-API/Subscriptions.robot b/SOL009/NFVManoConfigurationAndInformationManagement-API/Subscriptions.robot
index dc69dd1f4b9d820af93658269d2ce684a2c8b652..11e52620a0fd44520541a4bdbb0ce94d31037e63 100644
--- a/SOL009/NFVManoConfigurationAndInformationManagement-API/Subscriptions.robot
+++ b/SOL009/NFVManoConfigurationAndInformationManagement-API/Subscriptions.robot
@@ -16,7 +16,7 @@ GET all Subscriptions
     ...    Test title: GET all Subscriptions
     ...    Test objective: The objective is to test the retrieval list of active subscriptions of API consumer and perform a JSON schema validation of the returned subscriptions data structure.
     ...    Pre-conditions:  At least one subscription is available in the NFV-MANO.
-    ...    Reference: clause 5.5.4.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.4.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -29,7 +29,7 @@ GET Subscriptions with attribute-based filter
     ...    Test title: GET Subscriptions with attribute-based filter
     ...    Test objective: The objective is to test the retrieval of active subscriptions list of API consumer using attribute-based filter and perform a JSON schema validation of the collected indicators data structure. 
     ...    Pre-conditions: At least one subscription is available in the NFV-MANO.
-    ...    Reference: clause 5.5.4.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.4.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -42,7 +42,7 @@ GET Subscriptions with Paged Response
     ...    Test title: GET Subscriptions with Paged Response
     ...    Test objective: The objective is to query information of active subscriptions list to of API consumer to get Paged Response.
     ...    Pre-conditions:  At least one subscription is available in the NFV-MANO.
-    ...    Reference: clause 5.5.4.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.4.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: 
     ...    Post-Conditions: 
@@ -55,7 +55,7 @@ GET Subscriptions - invalid attribute-based filter
     ...    Test title: GET Subscriptions - invalid attribute-based filter
     ...    Test objective: The objective is to test that the retrieval of active subscriptions list of API consumer fails when using invalid attribute-based filters, and perform the JSON schema validation of the failed operation HTTP response. 
     ...    Pre-conditions: At least one subscription is available in the NFV-MANO.
-    ...    Reference: clause 5.5.4.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.4.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -69,7 +69,7 @@ GET Subscriptions - Bad Request Response too Big
     ...    Test title: GET Subscriptions - Bad Request Response too Big
     ...    Test objective: The objective is to test that the retrieval of active subscriptions list of API consumer fails when response is too big, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: At least one subscription is available in the NFV-MANO.
-    ...    Reference: clause 5.5.4.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.4.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -82,7 +82,7 @@ GET Subscriptions - invalid resource endpoint
     ...    Test title: GET Subscriptions - invalid resource endpoint
     ...    Test objective: The objective is to test that the retrieval of active subscriptions list of API consumer fails when using invalid resource endpoint.
     ...    Pre-conditions: At least one subscription is available in the NFV-MANO.
-    ...    Reference: clause 5.5.4.3.2 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.4.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -94,7 +94,7 @@ POST Create new Subscription
     ...    Test title: Create new Subscription
     ...    Test objective: The objective is to test the creation of a new subscription and perform a JSON schema and content validation of the returned subscription data structure
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.4.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.4.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: The subscription is successfully set and it matches the issued subscription    
@@ -111,7 +111,7 @@ POST Create request for duplicated Subscription not creating duplicated subscrip
     ...    Test title: Create request for duplicated Subscription not creating duplicated subscriptions
     ...    Test objective: The objective is to test the attempt of a creation of a duplicated subscription failed and check that no new subscription is created and a link to the original subscription is returned
     ...    Pre-conditions: At least one subscription is available in the NFV-MANO.
-    ...    Reference: clause 5.5.4.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.4.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: The NFV-MANO does not support the creation of duplicated subscriptions
     ...    Post-Conditions: The existing Subscription returned is available in the NFV-MANO 
@@ -127,7 +127,7 @@ POST Create request for duplicated Subscription creating duplicated subscription
     ...    Test title: Create request for duplicated Subscription creating duplicated subscriptions
     ...    Test objective: The objective is to test the creation of a duplicated subscription and perform a JSON schema and content validation of the returned duplicated subscription data structure
     ...    Pre-conditions: At least one subscription is available in the NFV-MANO.
-    ...    Reference: clause 5.5.4.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.4.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: The NFV-MANO supports the creation of duplicated subscriptions
     ...    Post-Conditions: The duplicated subscription is successfully set and it matches the issued subscription
@@ -142,7 +142,7 @@ PUT Subscriptions - Method not implemented
     ...    Test title: PUT Subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to modify subscriptions
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.4.3.3 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.4.3.3 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -154,7 +154,7 @@ PATCH Subscriptions - Method not implemented
     ...    Test title: PATCH Subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to update subscriptions
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.4.3.4 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.4.3.4 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -166,7 +166,7 @@ DELETE Subscriptions - Method not implemented
     ...    Test title: DELETE Subscriptions - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to delete subscriptions
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.4.3.5 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.4.3.5 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none   
@@ -178,10 +178,35 @@ POST Create a new subscription - Unprocessable Content
     ...    Test title: POST Create a new Subscription - Unprocessable Content
     ...    Test objective: The objective is to test that a new subscription is not created if the notification endpoint is unreachable by the NFV-MANO.
     ...    Pre-conditions: none
-    ...    Reference: clause 5.5.4.3.1 - ETSI GS NFV-SOL 009 [7] v4.4.1
+    ...    Reference: clause 5.5.4.3.1 - ETSI GS NFV-SOL 009 [7] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: Notification endpoint is unreachable by the NFV-MANO
     ...    Post-Conditions: none 
     Send Post Request for Subscription with Unreachable callbackUri
     Check HTTP Response Status Code Is    422
     Check HTTP Response Body Json Schema Is  ProblemDetails
+
+GET all Subscriptions with permitted authorization scope
+    [Documentation]    Test ID: 8.3.1.10.14
+    ...    Test title: GET all Subscriptions with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval list of active subscriptions of API consumer when a permitted authorization scope is used.
+    ...    Pre-conditions:  At least one subscription is available in the NFV-MANO.
+    ...    Reference: clause 5.5.4.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: none    
+    Get all Subscriptions with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    CimSubscriptions
+
+GET all Subscriptions with not permitted authorization scope
+    [Documentation]    Test ID: 8.3.1.10.15
+    ...    Test title: GET all Subscriptions with not permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval list of active subscriptions of API consumer ffails when a not permitted authorization scope is used.
+    ...    Pre-conditions:  At least one subscription is available in the NFV-MANO.
+    ...    Reference: clause 5.5.4.3.2 - ETSI GS NFV-SOL 009 [7] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: none    
+    Get all Subscriptions with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
diff --git a/SOL009/NFVManoConfigurationAndInformationManagement-API/environment/variables.txt b/SOL009/NFVManoConfigurationAndInformationManagement-API/environment/variables.txt
index 1a293958428658fe957b223b8bb6cb5017cc0f51..843004f34b7165ecd6c2f42b63c48d2ea144dcff 100644
--- a/SOL009/NFVManoConfigurationAndInformationManagement-API/environment/variables.txt
+++ b/SOL009/NFVManoConfigurationAndInformationManagement-API/environment/variables.txt
@@ -5,9 +5,20 @@ ${NFVMANO_SCHEMA}    https
 
 ${AUTHORIZATION_TOKEN}    Bearer 0b79bab50daca910b000d4f1a2b675d604257e42
 ${NEG_AUTHORIZATION_TOKEN}    Bearer negativetoken
+${AUTHORIZATION_HEADER}    Authorization
 
 ${BAD_AUTHORIZATION_TOKEN}    Bear sometoken
 
+${OAUTH_ENCRIPTION_ALGORITHM}    HS256
+${ENTITY_PERMITTED_SCOPE}    nfvmanocim:v2:mano_entity_info
+${ENTITY_NOT_PERMITTED_SCOPE}    nfvmanocim:v2:mano_entity_info:readonly
+${PEER_PERMITTED_SCOPE}    nfvmanocim:v2:peer_entity_info
+${PEER_NOT_PERMITTED_SCOPE}    nfvmanocim:v2:peer_entity_info:readonly
+${SUBSCRIPTIONS_PERMITTED_SCOPE}    nfvmanocim:v2:subscriptions
+${CHANGE_STATE_PERMITTED_SCOPE}    nfvmanocim:v2:change_state
+${CHANGE_STATE_OPS_PERMITTED_SCOPE}    nfvmanocim:v2:change_state_ops
+${NOT_PERMITTED_SCOPE}    nfvmanocim:v2:policies:invalid
+
 ${CONTENT_TYPE_JSON}    application/json
 ${ACCEPT_JSON}    application/json
 ${CONTENT_TYPE_PATCH}    application/merge-patch+json
@@ -67,4 +78,4 @@ ${stateAction}    START
 ${retry}   2 min
 ${polling}    10 sec
 
-${callbackResp}		127.0.0.1
\ No newline at end of file
+${callbackResp}		127.0.0.1
diff --git a/SOL009/NFVManoConfigurationAndInformationManagement-API/schemas/ManoEntity.schema.json b/SOL009/NFVManoConfigurationAndInformationManagement-API/schemas/ManoEntity.schema.json
index 233330f759a633f7a253cbcfd96815129b0c6e09..65b3892607d841f3bd10b801af6ac68153afa15e 100644
--- a/SOL009/NFVManoConfigurationAndInformationManagement-API/schemas/ManoEntity.schema.json
+++ b/SOL009/NFVManoConfigurationAndInformationManagement-API/schemas/ManoEntity.schema.json
@@ -1,645 +1,689 @@
 {
-	"description": "This type represents an NFV-MANO functional entity. *  NOTE 1:\tIt shall be present when \"type\" attribute is \"NFVO\", and it shall be absent in any other case. *  NOTE 2:\tIt shall be present when \"type\" attribute is \"VNFM\", and it shall be absent in any other case. *  NOTE 3:\tIt shall be present when \"type\" attribute is \"VIM\", and it shall be absent in any other case. *  NOTE 4:\tThe information about the NFV-MANO services offered by a specific type of NFV-MANO functional\n            entity is specified by the manoServices attribute.\n*  NOTE 5:\tIt is optional for the API producer to support the \"manoEntityComponents\" attribute. *  NOTE 6:\tIt shall be present when \"type\" attribute is \"WIM\", and it shall be absent in any other case. *  NOTE 7:\tIt shall be present when \"type\" attribute is \"CISM\", and it shall be absent in any other case.  *  NOTE 8:\tIt shall be present when \"type\" attribute is \"CIR\", and it shall be absent in any other case.  *  NOTE 9:\tIt shall be present when \"type\" attribute is \"CCM\", and it shall be absent in any other case. \n",
-	"type": "object",
-	"required": [
-		"id",
-		"type",
-		"name",
-		"description",
-		"provider",
-		"softwareVersion",
-		"manoConfigurableParams",
-		"manoApplicationState",
-		"_links"
-	],
-	"properties": {
-		"id": {
-			"description": "An identifier with the intention of being globally unique.\n",
-			"type": "string"
-		},
-		"type": {
-			"description": "The enumeration ManoEntityEnumType defines the permitted values to represent NFV-MANO functional entities. It shall comply with the provisions :\n  - NFVO\tThe NFV-MANO functional entity is an NFVO.\n  - VNFM\tThe NFV-MANO functional entity is a VNFM.\n  - VIM\t  The NFV-MANO functional entity is a VIM.\n  - WIM   The NFV-MANO functional entity is a WIM.\n  - CISM  The NFV-MANO functional entity is a CISM. \n  - CIR   The NFV-MANO functional entity is a CIR.\n  - CCM   The NFV-MANO functional entity is a CCM.\n",
-			"type": "string",
-			"enum": [
-				"NFVO",
-				"VNFM",
-				"VIM",
-				"WIM",
-				"CISM",
-				"CIR",
-				"CCM"
-			]
-		},
-		"name": {
-			"description": "Human-readable name of the NFV-MANO functional entity.\nThis attribute can be modified with the PATCH method.\n",
-			"type": "string"
-		},
-		"description": {
-			"description": "Human-readable description of the NFV-MANO functional entity.\nThis attribute can be modified with the PATCH method.\n",
-			"type": "string"
-		},
-		"provider": {
-			"description": "Information about the provider of the NFV-MANO functional entity. It typically includes the name of the provider.\n",
-			"type": "string"
-		},
-		"softwareVersion": {
-			"description": "A version.\n",
-			"type": "string"
-		},
-		"softwareInfo": {
-			"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
-			"type": "object"
-		},
-		"manoEntityComponents": {
-			"description": "The deployed NFV-MANO functional entity components which realize the NFV-MANO functional entity. See note 5.\n",
-			"type": "array",
-			"items": {
-				"description": "This type represents information of a deployed component realizing part of an NFV-MANO functional entity. It is optional for the API producer to support this type.\n",
-				"type": "object",
-				"required": [
-					"id"
-				],
-				"properties": {
-					"id": {
-						"description": "An identifier that is unique for the respective type within a NFV-MANO functional entity, but that need not be globally unique. Representation: string of variable length..\n",
-						"type": "string"
-					},
-					"manoServiceIds": {
-						"description": "References to the NFV-MANO services that depend on the NFV-MANO functional entity component. The identifier of the ManoService is referred. A service may depend on multiple components. Multiple services may depend on the same component.\n",
-						"type": "array",
-						"items": {
-							"description": "An identifier that is unique for the respective type within a NFV-MANO functional entity, but that need not be globally unique. Representation: string of variable length..\n",
-							"type": "string"
-						}
-					}
-				}
-			}
-		},
-		"manoServices": {
-			"description": "Information about the NFV-MANO services provided by the NFV-MANO functional entity.\n",
-			"type": "array",
-			"items": {
-				"description": "This type represents information about an NFV-MANO service provided by the NFV-MANO functional entity. * NOTE:\tA cardinality greater than one supports having different interface versions or api Endpoints\n        to be used for accessing the same instance of an NFV-MANO service.\n",
-				"type": "object",
-				"required": [
-					"id",
-					"name",
-					"description",
-					"manoServiceInterfaceIds",
-					"_links"
-				],
-				"properties": {
-					"id": {
-						"description": "An identifier that is unique for the respective type within a NFV-MANO functional entity, but that need not be globally unique. Representation: string of variable length..\n",
-						"type": "string"
-					},
-					"name": {
-						"description": "Human-readable name of the NFV-MANO service.\nThis attribute can be modified with the PATCH method.\n",
-						"type": "string"
-					},
-					"description": {
-						"description": "Human-readable description of the NFV-MANO service.\nThis attribute can be modified with the PATCH method.\n",
-						"type": "string"
-					},
-					"manoServiceInterfaceIds": {
-						"description": "Reference to the NFV-MANO interfaces associated to the NFV-MANO service. If cardinality is greater than one, the type of ManoServiceInterface (see clause 5.6.3.3) shall be the same. The identifier of the ManoServiceInterface is referred. See note\n",
-						"type": "array",
-						"items": {
-							"description": "An identifier that is unique for the respective type within a NFV-MANO functional entity, but that need not be globally unique. Representation: string of variable length..\n",
-							"type": "string"
-						},
-						"minItems": 1
-					},
-					"_links": {
-						"description": "Links to resources related to this resource.\n",
-						"type": "object",
-						"properties": {
-							"manoServiceInterfaces": {
-								"description": "Link to the \"individual NFV-MANO service interface\" resources with information about the associated interfaces to the NFV-MANO service.\n",
-								"type": "array",
-								"items": {
-									"description": "This type represents a link to a resource using an absolute URI.\n",
-									"type": "object",
-									"required": [
-										"href"
-									],
-									"properties": {
-										"href": {
-											"description": "String formatted according to IETF RFC 3986.\n",
-											"type": "string"
-										}
-									}
-								},
-								"minItems": 1
-							}
-						},
-						"required": [
-							"manoServiceInterfaces"
-						]
-					}
-				}
-			}
-		},
-		"manoConfigurableParams": {
-			"description": "ManoConfigurableParams\n"
-		},
-		"manoApplicationState": {
-			"description": "Information and current values of the NFV-MANO functional entity’s application state.\n",
-			"type": "object",
-			"required": [
-				"operationalState",
-				"administrativeState",
-				"usageState"
-			],
-			"properties": {
-				"operationalState": {
-					"description": "The enumeration OperationalStateEnumType defines values representing the operational state of an NFV-MANO functional application type of managed entity. The OperationalStateEnumType shall comply with the provisions:\n  - STARTED\tThe managed entity is operational.\n  - STOPPED\tThe managed entity is not operational.\n  - STOPPING\tThe managed entity is in the transition to stop.\n  - STARTING\tThe managed entity is in the transition to start and become operational.\n  - RESTARTING\tThe managed entity is in the transition to stop and start again.\n",
-					"type": "string",
-					"enum": [
-						"STARTED",
-						"STOPPED",
-						"STOPPING",
-						"STARTING",
-						"RESTARTING"
-					]
-				},
-				"administrativeState": {
-					"description": "The enumeration AdministrativeStateEnumType defines values representing the administrative state of a managed entity. The AdministrativeStateEnumType shall comply with the provisions:\n  - LOCKED\tThe managed entity is administratively prohibited to be used.\n  - UNLOCKED\tThe managed entity is administratively allowed to be used.\n  - LOCKING\tThe managed entity is in the transition to be locked.\n",
-					"type": "string",
-					"enum": [
-						"LOCKED",
-						"UNLOCKED",
-						"LOCKING"
-					]
-				},
-				"usageState": {
-					"description": "The enumeration UsageStateEnumType defines values representing the usage state of a managed entity. The UsageStateEnumType shall comply with the provisions:\n  - IN_USE\tThe managed entity is currently being used.\n  - NOT_IN_USE\tThe managed entity is currently not being used.\n",
-					"type": "string",
-					"enum": [
-						"IN_USE",
-						"NOT_IN_USE"
-					]
-				}
-			}
-		},
-		"nfvoSpecificInfo": {
-			"description": "This type represents information attributes specific to an NFVO entity, and that can be relevant to more than one NFV-MANO service offered by an NFVO entity. * NOTE 1:\tThe information to be provided in this attribute shall relate to the specification and version\n            of the specification. For instance, \"ETSI GS NFV-SOL 001 (V2.5.1)\".\n  NOTE 2:\tIf this attribute is not present, the value of this parameter is undefined.\n",
-			"type": "object",
-			"required": [
-				"supportedVnfdFormats",
-				"supportedNsdFormats"
-			],
-			"properties": {
-				"maxOnboardedNsdNum": {
-					"description": "Maximum number of NSDs that can be on-boarded on the NFVO. See note 2.\n",
-					"type": "integer"
-				},
-				"maxOnboardedVnfPkgNum": {
-					"description": "Maximum number of VNF Packages that can be on-boarded on the NFVO. See note 2.\n",
-					"type": "integer"
-				},
-				"supportedVnfdFormats": {
-					"description": "Supported VNFD data formats.\n",
-					"type": "object",
-					"properties": {
-						"vnfdFormat": {
-							"description": "Name of the VNFD format.\nPermitted values:\n  - TOSCA: The VNFD follows TOSCA definition, according to ETSI\n  GS NFV-SOL 001 standard.\n  - YANG: The VNFD follows YANG definition according to ETSI\n  GS NFV-SOL 006 standard.\n",
-							"type": "string",
-							"enum": [
-								"TOSCA",
-								"YANG"
-							]
-						},
-						"standardVersion": {
-							"description": "A version.\n",
-							"type": "string"
-						}
-					},
-					"required": [
-						"vnfdFormat",
-						"standardVersion"
-					]
-				},
-				"supportedNsdFormats": {
-					"description": "Supported NSD data formats.\n",
-					"type": "object",
-					"properties": {
-						"nsdFormat": {
-							"description": "Name of the NSD format.\nPermitted values:\n  - TOSCA: The VNFD follows TOSCA definition, according to ETSI\n  GS NFV-SOL 001 standard.\n  - YANG: The VNFD follows YANG definition according to ETSI\n  GS NFV-SOL 006 standard.\n",
-							"type": "string",
-							"enum": [
-								"TOSCA",
-								"YANG"
-							]
-						},
-						"standardVersion": {
-							"description": "A version.\n",
-							"type": "string"
-						}
-					},
-					"required": [
-						"nsdFormat",
-						"standardVersion"
-					]
-				}
-			}
-		},
-		"vnfmSpecificInfo": {
-			"description": "This type represents information attributes specific to a VNFM entity, and that can be relevant to more than one NFV-MANO service offered by a VNFM entity. * NOTE:\tThe information to be provided in this attribute shall relate to the specification and version\n        of the specification. For instance, \"ETSI GS NFV-SOL 001 (V2.5.1)\".\n",
-			"type": "object",
-			"required": [
-				"resoruceMgmtModeSupport",
-				"managedVnfInstanceInfos",
-				"supportedVnfdFormats"
-			],
-			"properties": {
-				"resoruceMgmtModeSupport": {
-					"description": "The supported resource management modes of the VNFM.\nPermitted values:\n  - DIRECT: The VNFM supports direct mode only.\n  - INDIRECT: The VNFM supports indirect mode only.\n  - BOTH: The VNFM supports both direct and indirect mode.\n",
-					"type": "string",
-					"enum": [
-						"DIRECT",
-						"INDIRECT",
-						"BOTH"
-					]
-				},
-				"managedVnfInstanceInfos": {
-					"description": "The kinds of VNF instances that can be managed, e.g. to determine the compatibility of a VNF with certain VNFM according to the vnfmInfo attribute in the VNFD (see table 7.1.2.2-1 in ETSI GS NFV-IFA 011).\n",
-					"type": "array",
-					"items": {
-						"type": "string"
-					},
-					"minItems": 1
-				},
-				"supportedVnfdFormats": {
-					"description": "Supported VNFD data formats.\n",
-					"type": "array",
-					"items": {
-						"type": "object",
-						"properties": {
-							"vnfdFormat": {
-								"description": "Name of the VNFD format.\nPermitted values:\n  - TOSCA: The VNFD follows TOSCA definition, according to ETSI\n  GS NFV-SOL 001 standard.\n  - YANG: The VNFD follows YANG definition according to ETSI\n  GS NFV-SOL 006 standard.\n",
-								"type": "string",
-								"enum": [
-									"TOSCA",
-									"YANG"
-								]
-							},
-							"standardVersion": {
-								"description": "A version.\n",
-								"type": "string"
-							}
-						},
-						"required": [
-							"vnfdFormat",
-							"standardVersion"
-						]
-					},
-					"minItems": 1
-				}
-			}
-		},
-		"vimSpecificInfo": {
-			"description": "This type represents information attributes specific to a VIM entity, and that can be relevant to more than one NFV MANO service offered by a VIM entity. It shall comply with the provisions defined in table 5.6.3.6-1. The present document version does not specify the support for \"maximum number of virtualised resources (attribute \"maxVirtualResourceNum\")\" as specified in clause 7.2.9.2 of ETSI GS NFV IFA 031 [1].\nNOTE:\tRecommendations on appropriate algorithms and key lengths are given e.g., in NIST Special Publication 800-57 Part 3 Revision 1 [i.26] or in documents related to local legislation.\n",
-			"type": "object",
-			"required": [
-				"imageContainerFormats",
-				"imageDiskFormats",
-				"imageSignatureVerification",
-				"imageDigestAlgorithms"
-			],
-			"properties": {
-				"imageContainerFormats": {
-					"description": "List of supported image container formats. Container format indicates whether a software image is in a file that also contains metadata about the actual software. Valid values are all values for \"container_format\" as defined in ETSI GS NFV-SOL 001 [16] and all values for \"container-format\" as defined in ETSI GS NFV-SOL 006 [i.17].\n",
-					"type": "array",
-					"items": {
-						"type": "string"
-					}
-				},
-				"imageDiskFormats": {
-					"description": "List of supported image disk formats. The Disk format of a software image is the format of the underlying disk image. Valid values are all values for \"disk_format\" as defined in ETSI GS NFV-SOL 001 [16] and all values of \"disk-format\" as defined in ETSI GS NFV-SOL 006 [i.17].\n",
-					"type": "array",
-					"items": {
-						"type": "string"
-					}
-				},
-				"imageSignatureVerification": {
-					"description": "Information about the supported mechanisms, algorithms, and protocols for verifying the signature of software images.\n",
-					"type": "object",
-					"required": [
-						"signatureVerificationAlgorithms"
-					],
-					"properties": {
-						"additionalVerificationCapabilities": {
-							"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
-							"type": "object"
-						},
-						"signatureVerificationAlgorithms": {
-							"description": "List of algorithms for verifying the signature of software images that are supported by the VIM.\n",
-							"type": "array",
-							"items": {
-								"type": "object",
-								"required": [
-									"algorithm",
-									"keyLengths"
-								],
-								"properties": {
-									"algorithm": {
-										"description": "The name of the algorithm. Permitted values are: \"RSA\", \"DSA\", \"ECDSA\".\n",
-										"type": "string"
-									},
-									"keyLengths": {
-										"description": "List of supported key lengths of the algorithm. The key length indicates the number of bits, such as “256”, “512”, etc. See note.\n",
-										"type": "array",
-										"items": {
-											"type": "string"
-										}
-									},
-									"additionalAlgParams": {
-										"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
-										"type": "object"
-									}
-								}
-							}
-						}
-					}
-				},
-				"imageDigestAlgorithms": {
-					"description": "List of supported digest algorithms that can be used for digital signatures.\n",
-					"type": "array",
-					"items": {
-						"type": "object",
-						"required": [
-							"algorithm",
-							"keyLengths"
-						],
-						"properties": {
-							"algorithm": {
-								"description": "The name of the algorithm. Permitted values are: “SHA2“,“SHA3“.\n",
-								"type": "string"
-							},
-							"keyLengths": {
-								"description": "List of supported key lengths of the algorithm. The key length indicates the number of bits, such as “256”, “512”, etc. See note.\n",
-								"type": "array",
-								"items": {
-									"type": "string"
-								}
-							}
-						}
-					}
-				}
-			}
-		},
-		"wimSpecificInfo": {
-			"description": "This type represents information attributes specific to a WIM entity, and that can be relevant to more than one NFV MANO service offered by a WIM entity.\n",
-			"type": "object",
-			"required": [
-				"maxMscsNums",
-				"maxMsncNum",
-				"mscsLayerProtocolSupport"
-			],
-			"properties": {
-				"maxMscsNums": {
-					"description": "Maximum number of MSCS that the WIM can manage.\n",
-					"type": "object",
-					"required": [
-						"numMscs"
-					],
-					"properties": {
-						"numMscs": {
-							"description": "Maximum number of MSCS.\n",
-							"type": "integer"
-						},
-						"criteriaNumMscs": {
-							"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
-							"type": "object"
-						}
-					}
-				},
-				"maxMsncNum": {
-					"description": "Maximum number of MSNC that the WIM can manage\n",
-					"type": "object",
-					"required": [
-						"numMsnc"
-					],
-					"properties": {
-						"numMsnc": {
-							"description": "Maximum number of MSNC..\n",
-							"type": "integer"
-						},
-						"criteriaNumMsnc": {
-							"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
-							"type": "object"
-						}
-					}
-				},
-				"mscsLayerProtocolSupport": {
-					"description": "List of protocols of particular layers used to realize an MSCS that are supported by the WIM.\nPermitted values:\n  - EVPN_BGP_MPLS: L2 MSCS realized by BGP MPLS-based Ethernet VPN (EVPN) as specified in IETF RFC 7432.\n  - EVPN_VPWS: L2 MSCS realized by EVPN Virtual Private Wire Service (VPWS) as specified in IETF RFC 8214.\n  - VPLS_BGP: L2 MSCS realized by Virtual Private LAN Service (VPLS) using BGP as specified\n    in IETF RFC 4761 and IETF RFC.\n  - VPLS_LDP_L2TP: L2 MSCS realized by VPLS using Label Distribution Protocol (LDP) Layer 2\n    Tunnelling Protocol (L2TP) as specified in IETF RFC 4762 and IETF RFC 6074.\n  - VPWS_LDP_L2TP: L2 MSCS realized by VPWS using LDP L2TP as specified in IETF RFC 6074.\n  - BGP_IP_VPN: L3 MSCS realized by BGP/MPLS based IP VPN as specified in IETF RFC 4364.\n",
-					"type": "string",
-					"enum": [
-						"EVPN_BGP_MPLS",
-						"EVPN_VPWS",
-						"VPLS_BGP",
-						"VPLS_LDP_L2TP",
-						"VPWS_LDP_L2TP",
-						"BGP_IP_VPN"
-					]
-				}
-			}
-		},
-		"cismSpecificInfo": {
-			"description": "This type represents information attributes specific to a CISM entity, and that  can be relevant to more than one NFV-MANO service offered by a CISM entity. It  shall comply with the provisions defined in table 5.6.3.14-1.  NOTE:\tNo attributes are specified in the present document version. The definition of attributes is left for future specification. \n",
-			"type": "object",
-			"properties": {
-				"none": {
-					"type": "object"
-				}
-			}
-		},
-		"cirSpecificInfo": {
-			"description": "This type represents information attributes specific to a CIR entity, and that can be relevant to more than one NFV- MANO service offered by a CIR entity. It shall comply with the provisions defined in table 5.6.3.15-1. NOTE: Recommendations on appropriate algorithms and key lengths are given e.g. in NIST Special Publication 800-57 \n      Part 3 Revision 1 or in documents related to local legislation.\n",
-			"type": "object",
-			"required": [
-				"osContainerImageFormats",
-				"imageSignatureVerification",
-				"imageDigestAlgorithms"
-			],
-			"properties": {
-				"osContainerImageFormats": {
-					"description": "List of supported OS container image formats. Valid values are all values for \"container_format\" as defined in ETSI GS NFV-SOL 001 and all values for \"container-format\" as defined in ETSI GS NFV-SOL 006.\n",
-					"type": "array",
-					"minItems": 1,
-					"items": {
-						"type": "string"
-					}
-				},
-				"imageSignatureVerification": {
-					"description": "Information about the supported mechanisms, algorithms, and protocols for verifying the of software images.\n",
-					"type": "object",
-					"required": [
-						"signatureVerificationAlgorithms"
-					],
-					"properties": {
-						"signatureVerificationAlgorithms": {
-							"description": "List of algorithms for verifying the signature of software images  that are supported by the CIR.\n",
-							"type": "array",
-							"items": {
-								"description": "List of algorithms for verifying the signature of software images that are supported by the CIR.\n",
-								"type": "object",
-								"required": [
-									"algorithm",
-									"keyLengths"
-								],
-								"properties": {
-									"algorithm": {
-										"description": "The name of the algorithm. Permitted values are: \"RSA\", \"DSA\", \"ECDSA\".\n",
-										"type": "string"
-									},
-									"keyLengths": {
-										"description": "List of supported key lengths of the algorithm. The key length indicates the number of bits, such as \"256\", \"512\", etc. See note\n",
-										"type": "array",
-										"minItems": 1,
-										"items": {
-											"type": "string"
-										}
-									},
-									"additionalAlgParams": {
-										"description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
-										"type": "object"
-									}
-								}
-							}
-						}
-					}
-				},
-				"imageDigestAlgorithms": {
-					"type": "array",
-					"items": {
-						"description": "List of supported digest algorithms that can be used for digital signatures.\n",
-						"type": "object",
-						"required": [
-							"algorithm",
-							"keyLengths"
-						],
-						"properties": {
-							"algorithm": {
-								"description": "The name of the algorithm. Permitted values are: \"SHA2\", \"SHA3\".\n",
-								"type": "string",
-								"enum": [
-									"SHA2",
-									"SHA3"
-								]
-							},
-							"keyLengths": {
-								"description": "List of supported key lengths of the algorithm. The key length indicates the number of bits, such as \"256\", \"512\", etc. See note.\n",
-								"type": "array",
-								"items": {
-									"type": "string"
-								}
-							}
-						}
-					}
-				}
-			}
-		},
-		"ccmSpecificInfo": {
-			"description": "The supported cluster resource management modes. Available modes include: virtual and bare-metal resources, and for both types, on-demand (i.e., CCM requests to corresponding infrastructure managers to build  necessary pools of resources) or pooled (i.e., CCM manages resources from pre-allocated resource pools).  Multiple values can be specified. See note.  Permitted values: - VIRTUAL-ON-DEMAND: virtual resourceson demand. - VIRTUAL-POOLED: virtual resources from a pre-allocated resource pool. - BARE-METAL-ON-DEMAND: bare-metal resources on demand. - BARE-METAL-POOLED: bare-metal resources from a pre-allocated resource pool.\nNOTE: Hybrid CIS clusters include both physical and virtual CIS cluster nodes and can be supported by a\n      combination of relevant \"clusterResourceMgmtModes\".\n",
-			"type": "object",
-			"required": [
-				"clusterResourceMgmtModes"
-			],
-			"properties": {
-				"clusterResourceMgmtModes": {
-					"type": "array",
-					"minItems": 1,
-					"items": {
-						"type": "string",
-						"enum": [
-							"VIRTUAL-ON-DEMAND",
-							"VIRTUAL-POOLED",
-							"BARE-METAL-ON-DEMAND",
-							"BARE-METAL-POOLED"
-						]
-					}
-				}
-			}
-		},
-		"_links": {
-			"description": "Links to resources related to this resource.\n",
-			"type": "object",
-			"required": [
-				"self",
-				"manoServiceInterfaces",
-				"peerEntities",
-				"changeState",
-				"changeStateOpOccs"
-			],
-			"properties": {
-				"self": {
-					"description": "This type represents a link to a resource using an absolute URI.\n",
-					"type": "object",
-					"required": [
-						"href"
-					],
-					"properties": {
-						"href": {
-							"description": "String formatted according to IETF RFC 3986.\n",
-							"type": "string"
-						}
-					}
-				},
-				"manoServiceInterfaces": {
-					"description": "This type represents a link to a resource using an absolute URI.\n",
-					"type": "object",
-					"required": [
-						"href"
-					],
-					"properties": {
-						"href": {
-							"description": "String formatted according to IETF RFC 3986.\n",
-							"type": "string"
-						}
-					}
-				},
-				"peerEntities": {
-					"description": "This type represents a link to a resource using an absolute URI.\n",
-					"type": "object",
-					"required": [
-						"href"
-					],
-					"properties": {
-						"href": {
-							"description": "String formatted according to IETF RFC 3986.\n",
-							"type": "string"
-						}
-					}
-				},
-				"changeState": {
-					"description": "This type represents a link to a resource using an absolute URI.\n",
-					"type": "object",
-					"required": [
-						"href"
-					],
-					"properties": {
-						"href": {
-							"description": "String formatted according to IETF RFC 3986.\n",
-							"type": "string"
-						}
-					}
-				},
-				"changeStateOpOccs": {
-					"description": "This type represents a link to a resource using an absolute URI.\n",
-					"type": "object",
-					"required": [
-						"href"
-					],
-					"properties": {
-						"href": {
-							"description": "String formatted according to IETF RFC 3986.\n",
-							"type": "string"
-						}
-					}
-				}
-			}
-		}
-	}
+    "description": "This type represents an NFV-MANO functional entity. *  NOTE 1:\tIt shall be present when \"type\" attribute is \"NFVO\", and it shall be absent in any other case. *  NOTE 2:\tIt shall be present when \"type\" attribute is \"VNFM\", and it shall be absent in any other case. *  NOTE 3:\tIt shall be present when \"type\" attribute is \"VIM\", and it shall be absent in any other case. *  NOTE 4:\tThe information about the NFV-MANO services offered by a specific type of NFV-MANO functional\n            entity is specified by the manoServices attribute.\n*  NOTE 5:\tIt is optional for the API producer to support the \"manoEntityComponents\" attribute. *  NOTE 6:\tIt shall be present when \"type\" attribute is \"WIM\", and it shall be absent in any other case. *  NOTE 7:\tIt shall be present when \"type\" attribute is \"CISM\", and it shall be absent in any other case.  *  NOTE 8:\tIt shall be present when \"type\" attribute is \"CIR\", and it shall be absent in any other case.  *  NOTE 9:\tIt shall be present when \"type\" attribute is \"CCM\", and it shall be absent in any other case.  *  NOTE 10: It shall be present when \"type\" attribute is \"MDAF\", and it shall be absent in any other case. *  NOTE 11: It shall be present when \"type\" attribute is \"CMF\", and it shall be absent in any other case.\n",
+    "type": "object",
+    "required": [
+        "id",
+        "type",
+        "name",
+        "description",
+        "provider",
+        "softwareVersion",
+        "manoConfigurableParams",
+        "manoApplicationState",
+        "_links"
+    ],
+    "properties": {
+        "id": {
+            "description": "An identifier with the intention of being globally unique.\n",
+            "type": "string"
+        },
+        "type": {
+            "description": "The enumeration ManoEntityEnumType defines the permitted values to represent NFV-MANO functional entities. It shall comply with the provisions :\n  - NFVO\tThe NFV-MANO functional entity is an NFVO.\n  - VNFM\tThe NFV-MANO functional entity is a VNFM.\n  - VIM\t  The NFV-MANO functional entity is a VIM.\n  - WIM   The NFV-MANO functional entity is a WIM.\n  - CISM  The NFV-MANO functional entity is a CISM. \n  - CIR   The NFV-MANO functional entity is a CIR.\n  - CCM   The NFV-MANO functional entity is a CCM.\n  - MDAF  The NFV-MANO functional entity is a MDAF.\n  - CMF   The NFV-MANO functional entity is a CMF.\n",
+            "type": "string",
+            "enum": [
+                "NFVO",
+                "VNFM",
+                "VIM",
+                "WIM",
+                "CISM",
+                "CIR",
+                "CCM",
+                "MDAF",
+                "CMF"
+            ]
+        },
+        "name": {
+            "description": "Human-readable name of the NFV-MANO functional entity.\nThis attribute can be modified with the PATCH method.\n",
+            "type": "string"
+        },
+        "description": {
+            "description": "Human-readable description of the NFV-MANO functional entity.\nThis attribute can be modified with the PATCH method.\n",
+            "type": "string"
+        },
+        "provider": {
+            "description": "Information about the provider of the NFV-MANO functional entity. It typically includes the name of the provider.\n",
+            "type": "string"
+        },
+        "softwareVersion": {
+            "description": "A version.\n",
+            "type": "string"
+        },
+        "softwareInfo": {
+            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+            "type": "object"
+        },
+        "manoEntityComponents": {
+            "description": "The deployed NFV-MANO functional entity components which realize the NFV-MANO functional entity. See note 5.\n",
+            "type": "array",
+            "items": {
+                "description": "This type represents information of a deployed component realizing part of an NFV-MANO functional entity. It is optional for the API producer to support this type.\n",
+                "type": "object",
+                "required": [
+                    "id"
+                ],
+                "properties": {
+                    "id": {
+                        "description": "An identifier that is unique for the respective type within a NFV-MANO functional entity, but that need not be globally unique. Representation: string of variable length..\n",
+                        "type": "string"
+                    },
+                    "manoServiceIds": {
+                        "description": "References to the NFV-MANO services that depend on the NFV-MANO functional entity component. The identifier of the ManoService is referred. A service may depend on multiple components. Multiple services may depend on the same component.\n",
+                        "type": "array",
+                        "items": {
+                            "description": "An identifier that is unique for the respective type within a NFV-MANO functional entity, but that need not be globally unique. Representation: string of variable length..\n",
+                            "type": "string"
+                        }
+                    }
+                }
+            }
+        },
+        "manoServices": {
+            "description": "Information about the NFV-MANO services provided by the NFV-MANO functional entity.\n",
+            "type": "array",
+            "items": {
+                "description": "This type represents information about an NFV-MANO service provided by the NFV-MANO functional entity. * NOTE:\tA cardinality greater than one supports having different interface versions or api Endpoints\n        to be used for accessing the same instance of an NFV-MANO service.\n",
+                "type": "object",
+                "required": [
+                    "id",
+                    "name",
+                    "description",
+                    "manoServiceInterfaceIds",
+                    "_links"
+                ],
+                "properties": {
+                    "id": {
+                        "description": "An identifier that is unique for the respective type within a NFV-MANO functional entity, but that need not be globally unique. Representation: string of variable length..\n",
+                        "type": "string"
+                    },
+                    "name": {
+                        "description": "Human-readable name of the NFV-MANO service.\nThis attribute can be modified with the PATCH method.\n",
+                        "type": "string"
+                    },
+                    "description": {
+                        "description": "Human-readable description of the NFV-MANO service.\nThis attribute can be modified with the PATCH method.\n",
+                        "type": "string"
+                    },
+                    "manoServiceInterfaceIds": {
+                        "description": "Reference to the NFV-MANO interfaces associated to the NFV-MANO service. If cardinality is greater than one, the type of ManoServiceInterface (see clause 5.6.3.3) shall be the same. The identifier of the ManoServiceInterface is referred. See note\n",
+                        "type": "array",
+                        "items": {
+                            "description": "An identifier that is unique for the respective type within a NFV-MANO functional entity, but that need not be globally unique. Representation: string of variable length..\n",
+                            "type": "string"
+                        },
+                        "minItems": 1
+                    },
+                    "_links": {
+                        "description": "Links to resources related to this resource.\n",
+                        "type": "object",
+                        "properties": {
+                            "manoServiceInterfaces": {
+                                "description": "Link to the \"individual NFV-MANO service interface\" resources with information about the associated interfaces to the NFV-MANO service.\n",
+                                "type": "array",
+                                "items": {
+                                    "description": "This type represents a link to a resource using an absolute URI.\n",
+                                    "type": "object",
+                                    "required": [
+                                        "href"
+                                    ],
+                                    "properties": {
+                                        "href": {
+                                            "description": "String formatted according to IETF RFC 3986.\n",
+                                            "type": "string"
+                                        }
+                                    }
+                                },
+                                "minItems": 1
+                            }
+                        },
+                        "required": [
+                            "manoServiceInterfaces"
+                        ]
+                    }
+                }
+            }
+        },
+        "manoConfigurableParams": {
+            "description": "# Warning: No definition found in the document ManoConfigurableParams\n"
+        },
+        "manoApplicationState": {
+            "description": "Information and current values of the NFV-MANO functional entity’s application state.\n",
+            "type": "object",
+            "required": [
+                "operationalState",
+                "administrativeState",
+                "usageState"
+            ],
+            "properties": {
+                "operationalState": {
+                    "description": "The enumeration OperationalStateEnumType defines values representing the operational state of an NFV-MANO functional application type of managed entity. The OperationalStateEnumType shall comply with the provisions:\n  - STARTED\tThe managed entity is operational.\n  - STOPPED\tThe managed entity is not operational.\n  - STOPPING\tThe managed entity is in the transition to stop.\n  - STARTING\tThe managed entity is in the transition to start and become operational.\n  - RESTARTING\tThe managed entity is in the transition to stop and start again.\n",
+                    "type": "string",
+                    "enum": [
+                        "STARTED",
+                        "STOPPED",
+                        "STOPPING",
+                        "STARTING",
+                        "RESTARTING"
+                    ]
+                },
+                "administrativeState": {
+                    "description": "The enumeration AdministrativeStateEnumType defines values representing the administrative state of a managed entity. The AdministrativeStateEnumType shall comply with the provisions:\n  - LOCKED\tThe managed entity is administratively prohibited to be used.\n  - UNLOCKED\tThe managed entity is administratively allowed to be used.\n  - LOCKING\tThe managed entity is in the transition to be locked.\n",
+                    "type": "string",
+                    "enum": [
+                        "LOCKED",
+                        "UNLOCKED",
+                        "LOCKING"
+                    ]
+                },
+                "usageState": {
+                    "description": "The enumeration UsageStateEnumType defines values representing the usage state of a managed entity. The UsageStateEnumType shall comply with the provisions:\n  - IN_USE\tThe managed entity is currently being used.\n  - NOT_IN_USE\tThe managed entity is currently not being used.\n",
+                    "type": "string",
+                    "enum": [
+                        "IN_USE",
+                        "NOT_IN_USE"
+                    ]
+                }
+            }
+        },
+        "nfvoSpecificInfo": {
+            "description": "This type represents information attributes specific to an NFVO entity, and that can be relevant to more than one NFV-MANO service offered by an NFVO entity. * NOTE 1:\tThe information to be provided in this attribute shall relate to the specification and version\n            of the specification. For instance, \"ETSI GS NFV-SOL 001 (V2.5.1)\".\n  NOTE 2:\tIf this attribute is not present, the value of this parameter is undefined.\n",
+            "type": "object",
+            "required": [
+                "supportedVnfdFormats",
+                "supportedNsdFormats",
+                "certificateManagementMode"
+            ],
+            "properties": {
+                "maxOnboardedNsdNum": {
+                    "description": "Maximum number of NSDs that can be on-boarded on the NFVO. See note 2.\n",
+                    "type": "integer"
+                },
+                "maxOnboardedVnfPkgNum": {
+                    "description": "Maximum number of VNF Packages that can be on-boarded on the NFVO. See note 2.\n",
+                    "type": "integer"
+                },
+                "supportedVnfdFormats": {
+                    "description": "Supported VNFD data formats.\n",
+                    "type": "object",
+                    "properties": {
+                        "vnfdFormat": {
+                            "description": "Name of the VNFD format.\nPermitted values:\n  - TOSCA: The VNFD follows TOSCA definition, according to ETSI\n  GS NFV-SOL 001 standard.\n  - YANG: The VNFD follows YANG definition according to ETSI\n  GS NFV-SOL 006 standard.\n",
+                            "type": "string",
+                            "enum": [
+                                "TOSCA",
+                                "YANG"
+                            ]
+                        },
+                        "standardVersion": {
+                            "description": "A version.\n",
+                            "type": "string"
+                        }
+                    },
+                    "required": [
+                        "vnfdFormat",
+                        "standardVersion"
+                    ]
+                },
+                "supportedNsdFormats": {
+                    "description": "Supported NSD data formats.\n",
+                    "type": "object",
+                    "properties": {
+                        "nsdFormat": {
+                            "description": "Name of the NSD format.\nPermitted values:\n  - TOSCA: The VNFD follows TOSCA definition, according to ETSI\n  GS NFV-SOL 001 standard.\n  - YANG: The VNFD follows YANG definition according to ETSI\n  GS NFV-SOL 006 standard.\n",
+                            "type": "string",
+                            "enum": [
+                                "TOSCA",
+                                "YANG"
+                            ]
+                        },
+                        "standardVersion": {
+                            "description": "A version.\n",
+                            "type": "string"
+                        }
+                    },
+                    "required": [
+                        "nsdFormat",
+                        "standardVersion"
+                    ]
+                },
+                "certificateManagementMode": {
+                    "description": "The supported list of VNF certificate management mode. Permitted Values: - DELEGATION-MODE: the CMF supports delegation-mode. - DIRECT-MODE: the CMF supports direct-mode.\n",
+                    "type": "array",
+                    "items": {
+                        "type": "string",
+                        "minItems": 1,
+                        "enum": [
+                            "DELEGATION-MODE",
+                            "DIRECT-MODE"
+                        ]
+                    }
+                }
+            }
+        },
+        "vnfmSpecificInfo": {
+            "description": "This type represents information attributes specific to a VNFM entity, and that can be relevant to more than one NFV-MANO service offered by a VNFM entity. * NOTE:\tThe information to be provided in this attribute shall relate to the specification and version\n        of the specification. For instance, \"ETSI GS NFV-SOL 001 (V2.5.1)\".\n",
+            "type": "object",
+            "required": [
+                "resoruceMgmtModeSupport",
+                "managedVnfInstanceInfos",
+                "supportedVnfdFormats",
+                "certificateManagementMode"
+            ],
+            "properties": {
+                "resoruceMgmtModeSupport": {
+                    "description": "The supported resource management modes of the VNFM.\nPermitted values:\n  - DIRECT: The VNFM supports direct mode only.\n  - INDIRECT: The VNFM supports indirect mode only.\n  - BOTH: The VNFM supports both direct and indirect mode.\n",
+                    "type": "string",
+                    "enum": [
+                        "DIRECT",
+                        "INDIRECT",
+                        "BOTH"
+                    ]
+                },
+                "managedVnfInstanceInfos": {
+                    "description": "The kinds of VNF instances that can be managed, e.g. to determine the compatibility of a VNF with certain VNFM according to the vnfmInfo attribute in the VNFD (see table 7.1.2.2-1 in ETSI GS NFV-IFA 011).\n",
+                    "type": "array",
+                    "items": {
+                        "type": "string"
+                    },
+                    "minItems": 1
+                },
+                "supportedVnfdFormats": {
+                    "description": "Supported VNFD data formats.\n",
+                    "type": "array",
+                    "items": {
+                        "type": "object",
+                        "properties": {
+                            "vnfdFormat": {
+                                "description": "Name of the VNFD format.\nPermitted values:\n  - TOSCA: The VNFD follows TOSCA definition, according to ETSI\n  GS NFV-SOL 001 standard.\n  - YANG: The VNFD follows YANG definition according to ETSI\n  GS NFV-SOL 006 standard.\n",
+                                "type": "string",
+                                "enum": [
+                                    "TOSCA",
+                                    "YANG"
+                                ]
+                            },
+                            "standardVersion": {
+                                "description": "A version.\n",
+                                "type": "string"
+                            }
+                        },
+                        "required": [
+                            "vnfdFormat",
+                            "standardVersion"
+                        ]
+                    },
+                    "minItems": 1
+                },
+                "certificateManagementMode": {
+                    "description": "The supported list of VNF certificate management mode. Permitted Values: - DELEGATION-MODE: the CMF supports delegation-mode. - DIRECT-MODE: the CMF supports direct-mode.\n",
+                    "type": "array",
+                    "items": {
+                        "type": "string",
+                        "minItems": 1,
+                        "enum": [
+                            "DELEGATION-MODE",
+                            "DIRECT-MODE"
+                        ]
+                    }
+                }
+            }
+        },
+        "vimSpecificInfo": {
+            "description": "This type represents information attributes specific to a VIM entity, and that can be relevant to more than one NFV MANO service offered by a VIM entity. It shall comply with the provisions defined in table 5.6.3.6-1. The present document version does not specify the support for \"maximum number of virtualised resources (attribute \"maxVirtualResourceNum\")\" as specified in clause 7.2.9.2 of ETSI GS NFV IFA 031 [1].\nNOTE:\tRecommendations on appropriate algorithms and key lengths are given e.g., in NIST Special Publication 800-57 Part 3 Revision 1 [i.26] or in documents related to local legislation.\n",
+            "type": "object",
+            "required": [
+                "imageContainerFormats",
+                "imageDiskFormats",
+                "imageSignatureVerification",
+                "imageDigestAlgorithms"
+            ],
+            "properties": {
+                "imageContainerFormats": {
+                    "description": "List of supported image container formats. Container format indicates whether a software image is in a file that also contains metadata about the actual software. Valid values are all values for \"container_format\" as defined in ETSI GS NFV-SOL 001 [16] and all values for \"container-format\" as defined in ETSI GS NFV-SOL 006 [i.17].\n",
+                    "type": "array",
+                    "items": {
+                        "type": "string"
+                    }
+                },
+                "imageDiskFormats": {
+                    "description": "List of supported image disk formats. The Disk format of a software image is the format of the underlying disk image. Valid values are all values for \"disk_format\" as defined in ETSI GS NFV-SOL 001 [16] and all values of \"disk-format\" as defined in ETSI GS NFV-SOL 006 [i.17].\n",
+                    "type": "array",
+                    "items": {
+                        "type": "string"
+                    }
+                },
+                "imageSignatureVerification": {
+                    "description": "Information about the supported mechanisms, algorithms, and protocols for verifying the signature of software images.\n",
+                    "type": "object",
+                    "required": [
+                        "signatureVerificationAlgorithms"
+                    ],
+                    "properties": {
+                        "additionalVerificationCapabilities": {
+                            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                            "type": "object"
+                        },
+                        "signatureVerificationAlgorithms": {
+                            "description": "List of algorithms for verifying the signature of software images that are supported by the VIM.\n",
+                            "type": "array",
+                            "items": {
+                                "type": "object",
+                                "required": [
+                                    "algorithm",
+                                    "keyLengths"
+                                ],
+                                "properties": {
+                                    "algorithm": {
+                                        "description": "The name of the algorithm. Permitted values are: \"RSA\", \"DSA\", \"ECDSA\".\n",
+                                        "type": "string"
+                                    },
+                                    "keyLengths": {
+                                        "description": "List of supported key lengths of the algorithm. The key length indicates the number of bits, such as “256”, “512”, etc. See note.\n",
+                                        "type": "array",
+                                        "items": {
+                                            "type": "string"
+                                        }
+                                    },
+                                    "additionalAlgParams": {
+                                        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                                        "type": "object"
+                                    }
+                                }
+                            }
+                        }
+                    }
+                },
+                "imageDigestAlgorithms": {
+                    "description": "List of supported digest algorithms that can be used for digital signatures.\n",
+                    "type": "array",
+                    "items": {
+                        "type": "object",
+                        "required": [
+                            "algorithm",
+                            "keyLengths"
+                        ],
+                        "properties": {
+                            "algorithm": {
+                                "description": "The name of the algorithm. Permitted values are: “SHA2“,“SHA3“.\n",
+                                "type": "string"
+                            },
+                            "keyLengths": {
+                                "description": "List of supported key lengths of the algorithm. The key length indicates the number of bits, such as “256”, “512”, etc. See note.\n",
+                                "type": "array",
+                                "items": {
+                                    "type": "string"
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+        },
+        "wimSpecificInfo": {
+            "description": "This type represents information attributes specific to a WIM entity, and that can be relevant to more than one NFV MANO service offered by a WIM entity.\n",
+            "type": "object",
+            "required": [
+                "maxMscsNums",
+                "maxMsncNum",
+                "mscsLayerProtocolSupport"
+            ],
+            "properties": {
+                "maxMscsNums": {
+                    "description": "Maximum number of MSCS that the WIM can manage.\n",
+                    "type": "object",
+                    "required": [
+                        "numMscs"
+                    ],
+                    "properties": {
+                        "numMscs": {
+                            "description": "Maximum number of MSCS.\n",
+                            "type": "integer"
+                        },
+                        "criteriaNumMscs": {
+                            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                            "type": "object"
+                        }
+                    }
+                },
+                "maxMsncNum": {
+                    "description": "Maximum number of MSNC that the WIM can manage\n",
+                    "type": "object",
+                    "required": [
+                        "numMsnc"
+                    ],
+                    "properties": {
+                        "numMsnc": {
+                            "description": "Maximum number of MSNC..\n",
+                            "type": "integer"
+                        },
+                        "criteriaNumMsnc": {
+                            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                            "type": "object"
+                        }
+                    }
+                },
+                "mscsLayerProtocolSupport": {
+                    "description": "List of protocols of particular layers used to realize an MSCS that are supported by the WIM.\nPermitted values:\n  - EVPN_BGP_MPLS: L2 MSCS realized by BGP MPLS-based Ethernet VPN (EVPN) as specified in IETF RFC 7432.\n  - EVPN_VPWS: L2 MSCS realized by EVPN Virtual Private Wire Service (VPWS) as specified in IETF RFC 8214.\n  - VPLS_BGP: L2 MSCS realized by Virtual Private LAN Service (VPLS) using BGP as specified\n    in IETF RFC 4761 and IETF RFC.\n  - VPLS_LDP_L2TP: L2 MSCS realized by VPLS using Label Distribution Protocol (LDP) Layer 2\n    Tunnelling Protocol (L2TP) as specified in IETF RFC 4762 and IETF RFC 6074.\n  - VPWS_LDP_L2TP: L2 MSCS realized by VPWS using LDP L2TP as specified in IETF RFC 6074.\n  - BGP_IP_VPN: L3 MSCS realized by BGP/MPLS based IP VPN as specified in IETF RFC 4364.\n",
+                    "type": "string",
+                    "enum": [
+                        "EVPN_BGP_MPLS",
+                        "EVPN_VPWS",
+                        "VPLS_BGP",
+                        "VPLS_LDP_L2TP",
+                        "VPWS_LDP_L2TP",
+                        "BGP_IP_VPN"
+                    ]
+                }
+            }
+        },
+        "cismSpecificInfo": {
+            "description": "This type represents information attributes specific to a CISM entity, and that  can be relevant to more than one NFV-MANO service offered by a CISM entity. It  shall comply with the provisions defined in table 5.6.3.14-1.  NOTE:\tNo attributes are specified in the present document version. The definition of attributes is left for future specification. \n",
+            "type": "object",
+            "properties": {
+                "none": {
+                    "type": "object"
+                }
+            }
+        },
+        "cirSpecificInfo": {
+            "description": "This type represents information attributes specific to a CIR entity, and that can be relevant to more than one NFV- MANO service offered by a CIR entity. It shall comply with the provisions defined in table 5.6.3.15-1. NOTE: Recommendations on appropriate algorithms and key lengths are given e.g. in NIST Special Publication 800-57 \n      Part 3 Revision 1 or in documents related to local legislation.\n",
+            "type": "object",
+            "required": [
+                "osContainerImageFormats",
+                "imageSignatureVerification",
+                "imageDigestAlgorithms"
+            ],
+            "properties": {
+                "osContainerImageFormats": {
+                    "description": "List of supported OS container image formats. Valid values are all values for \"container_format\" as defined in ETSI GS NFV-SOL 001 and all values for \"container-format\" as defined in ETSI GS NFV-SOL 006.\n",
+                    "type": "array",
+                    "minItems": 1,
+                    "items": {
+                        "type": "string"
+                    }
+                },
+                "imageSignatureVerification": {
+                    "description": "Information about the supported mechanisms, algorithms, and protocols for verifying the of software images.\n",
+                    "type": "object",
+                    "required": [
+                        "signatureVerificationAlgorithms"
+                    ],
+                    "properties": {
+                        "signatureVerificationAlgorithms": {
+                            "description": "List of algorithms for verifying the signature of software images  that are supported by the CIR.\n",
+                            "type": "array",
+                            "items": {
+                                "description": "List of algorithms for verifying the signature of software images that are supported by the CIR.\n",
+                                "type": "object",
+                                "required": [
+                                    "algorithm",
+                                    "keyLengths"
+                                ],
+                                "properties": {
+                                    "algorithm": {
+                                        "description": "The name of the algorithm. Permitted values are: \"RSA\", \"DSA\", \"ECDSA\".\n",
+                                        "type": "string"
+                                    },
+                                    "keyLengths": {
+                                        "description": "List of supported key lengths of the algorithm. The key length indicates the number of bits, such as \"256\", \"512\", etc. See note\n",
+                                        "type": "array",
+                                        "minItems": 1,
+                                        "items": {
+                                            "type": "string"
+                                        }
+                                    },
+                                    "additionalAlgParams": {
+                                        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                                        "type": "object"
+                                    }
+                                }
+                            }
+                        }
+                    }
+                },
+                "imageDigestAlgorithms": {
+                    "type": "array",
+                    "items": {
+                        "description": "List of supported digest algorithms that can be used for digital signatures.\n",
+                        "type": "object",
+                        "required": [
+                            "algorithm",
+                            "keyLengths"
+                        ],
+                        "properties": {
+                            "algorithm": {
+                                "description": "The name of the algorithm. Permitted values are: \"SHA2\", \"SHA3\".\n",
+                                "type": "string",
+                                "enum": [
+                                    "SHA2",
+                                    "SHA3"
+                                ]
+                            },
+                            "keyLengths": {
+                                "description": "List of supported key lengths of the algorithm. The key length indicates the number of bits, such as \"256\", \"512\", etc. See note.\n",
+                                "type": "array",
+                                "items": {
+                                    "type": "string"
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+        },
+        "ccmSpecificInfo": {
+            "description": "The supported cluster resource management modes. Available modes include: virtual and bare-metal resources, and for both types, on-demand (i.e., CCM requests to corresponding infrastructure managers to build  necessary pools of resources) or pooled (i.e., CCM manages resources from pre-allocated resource pools).  Multiple values can be specified. See note.  Permitted values: - VIRTUAL-ON-DEMAND: virtual resourceson demand. - VIRTUAL-POOLED: virtual resources from a pre-allocated resource pool. - BARE-METAL-ON-DEMAND: bare-metal resources on demand. - BARE-METAL-POOLED: bare-metal resources from a pre-allocated resource pool.\nNOTE: Hybrid CIS clusters include both physical and virtual CIS cluster nodes and can be supported by a\n      combination of relevant \"clusterResourceMgmtModes\".\n",
+            "type": "object",
+            "required": [
+                "clusterResourceMgmtModes"
+            ],
+            "properties": {
+                "clusterResourceMgmtModes": {
+                    "type": "array",
+                    "minItems": 1,
+                    "items": {
+                        "type": "string",
+                        "enum": [
+                            "VIRTUAL-ON-DEMAND",
+                            "VIRTUAL-POOLED",
+                            "BARE-METAL-ON-DEMAND",
+                            "BARE-METAL-POOLED"
+                        ]
+                    }
+                }
+            }
+        },
+        "mdafSpecificInfo": {
+            "description": "The supported list of data analytics types. Examples include \"Network service alarm incident analysis\" and others  specified in ETSI GS NFV-IFA 047 [i.30]).\n",
+            "type": "object",
+            "required": [
+                "dataAnalyticsTypes"
+            ],
+            "properties": {
+                "dataAnalyticsTypes": {
+                    "type": "array",
+                    "minItems": 1,
+                    "items": {
+                        "type": "string"
+                    }
+                }
+            }
+        },
+        "_links": {
+            "description": "Links to resources related to this resource.\n",
+            "type": "object",
+            "required": [
+                "self",
+                "manoServiceInterfaces",
+                "peerEntities",
+                "changeState",
+                "changeStateOpOccs"
+            ],
+            "properties": {
+                "self": {
+                    "description": "This type represents a link to a resource using an absolute URI.\n",
+                    "type": "object",
+                    "required": [
+                        "href"
+                    ],
+                    "properties": {
+                        "href": {
+                            "description": "String formatted according to IETF RFC 3986.\n",
+                            "type": "string"
+                        }
+                    }
+                },
+                "manoServiceInterfaces": {
+                    "description": "This type represents a link to a resource using an absolute URI.\n",
+                    "type": "object",
+                    "required": [
+                        "href"
+                    ],
+                    "properties": {
+                        "href": {
+                            "description": "String formatted according to IETF RFC 3986.\n",
+                            "type": "string"
+                        }
+                    }
+                },
+                "peerEntities": {
+                    "description": "This type represents a link to a resource using an absolute URI.\n",
+                    "type": "object",
+                    "required": [
+                        "href"
+                    ],
+                    "properties": {
+                        "href": {
+                            "description": "String formatted according to IETF RFC 3986.\n",
+                            "type": "string"
+                        }
+                    }
+                },
+                "changeState": {
+                    "description": "This type represents a link to a resource using an absolute URI.\n",
+                    "type": "object",
+                    "required": [
+                        "href"
+                    ],
+                    "properties": {
+                        "href": {
+                            "description": "String formatted according to IETF RFC 3986.\n",
+                            "type": "string"
+                        }
+                    }
+                },
+                "changeStateOpOccs": {
+                    "description": "This type represents a link to a resource using an absolute URI.\n",
+                    "type": "object",
+                    "required": [
+                        "href"
+                    ],
+                    "properties": {
+                        "href": {
+                            "description": "String formatted according to IETF RFC 3986.\n",
+                            "type": "string"
+                        }
+                    }
+                }
+            }
+        }
+    }
 }
\ No newline at end of file
diff --git a/SOL009/NFVManoConfigurationAndInformationManagement-API/schemas/PeerEntities.schema.json b/SOL009/NFVManoConfigurationAndInformationManagement-API/schemas/PeerEntities.schema.json
index 12b4645badc2b495f13adc9be5b4256cef34aa39..dc9cc2e443460b554a6d567c33e01db5c39002c6 100644
--- a/SOL009/NFVManoConfigurationAndInformationManagement-API/schemas/PeerEntities.schema.json
+++ b/SOL009/NFVManoConfigurationAndInformationManagement-API/schemas/PeerEntities.schema.json
@@ -1,230 +1,232 @@
 {
-	"type": "array",
-	"items": {
-	  "description": "This type represents an individual peer entity. * NOTE 1:\tThe value of the \"peerEntityId\" attribute is the same as the value of the \"id\" attribute in the\n          \"ManoEntity\" of the corresponding NFV-MANO functional entity that acts as peer entity, and shall\n          follow the uniqueness requirements set out in clause 5.6.2.2 for the \"id\" attribute.\n* NOTE 2: With this information, the NFVO has available information about the set of VIMs and associated VIM\n          connection information that have been configured into the VNFM.\n",
-	  "type": "object",
-	  "required": [
-		"id",
-		"peerEntityId",
-		"name",
-		"type",
-		"peerEntityState"
-	  ],
-	  "properties": {
-		"id": {
-		  "description": "An identifier with the intention of being globally unique.\n",
-		  "type": "string"
-		},
-		"peerEntityId": {
-		  "description": "An identifier with the intention of being globally unique.\n",
-		  "type": "string"
-		},
-		"name": {
-		  "description": "Human-readable name of the peer functional entity.\nThis attribute can be modified with the PATCH method.\n",
-		  "type": "string"
-		},
-		"type": {
-		  "description": "The enumeration PeerEntityEnumType defines the permitted values to represent peer functional entities. it shall complains with the provisions : - NFVO\tThe peer functional entity is an NFVO. - VNFM\tThe peer functional entity is a VNFM. - VIM\t  The peer functional entity is a VIM. - WIM\t  The peer functional entity is a WIM. - CISM   The peer functional entity is a CISM.  - CIR   The NFV-MANO functional entity is a CIR. - CCM   The NFV-MANO functional entity is a CCM. - EM\t  The peer functional entity is an EM. - OSS\t  The peer functional entity is an OSS/BSS.\n",
-		  "type": "string",
-		  "enum": [
-			"NFVO",
-			"VNFM",
-			"VIM",
-			"WIM",
-			"CISM",
-			"CIR",
-			"CCM",
-			"EM",
-			"OSS"
-		  ]
-		},
-		"description": {
-		  "description": "Human-readable description of the peer functional entity.\nThis attribute can be modified with the PATCH method.\n",
-		  "type": "string"
-		},
-		"consumedManoInterfaces": {
-		  "description": "Information of the interface consumed by the NFV-MANO functional entity from the peer functional entity.\nThis attribute can be modified with the PATCH method.\nThe keys of the map, each of which identifies information about a particular consumed NFV-MANO interface, are managed by the API consumer and referenced from other data structures via the \"consumedManoInterfaceIds\" attribute.\n",
-		  "type": "object"
-		},
-		"vimConnectionInfos": {
-		  "description": "Map of VIM connection information. The VimConnectionInfo is specified in clause 4.4.1.6 of ETSI GS NFV-SOL 003. This attribute can be modified with the PATCH method. May be present only if the \"type\" attribute in the \"PeerEntity” is either a \"VIM\", a \"CISM\" or a \"CIR\", and the NFV-MANO entity being configured is a \"VNFM\" or \"NFVO\" as indicated by the \"type\" attribute in the \"ManoEntity\". In case it is present, the value of the \"vimId\" in the \"VimConnectionInfo\" shall be equal to the value of \"peerEntityId\". In addition, the content of \"interfaceInfo\", \"accessInfo” and \"extra\" (if applicable) of the “VimConnectionInfo\" shall be provided by means in scope of the present document.\n",
-		  "type": "array",
-		  "items": {
-			"type": "object"
-		  }
-		},
-		"vnfmConfiguredVimConnectionInfoIds": {
-		  "description": "List of VIM connection information identifiers that identify the set of VIMs and associated VIM connection information that have been configured into the VNFM whose identifier is equal to the “peerEntityId“. See note 2. Only applicable if the \"type” attribute in the \"ManoEntity\" is \"NFVO\" and the \"type” attribute in the \"PeerEntity\" is a \"VNFM\".\n",
-		  "type": "array",
-		  "items": {
-			"description": "An identifier with the intention of being globally unique.\n",
-			"type": "string"
-		  },
-		  "additionalProperties": {
-			"description": "This type represents an interface consumed by the producer NFV MANO functional entity from another peer functional entity. * NOTE 1:\tThe information to be provided in this attribute shall relate to the specification and its version.\n            For instance, \"ETSI GS NFV-SOL 003 (V2.4.1)\".\n* NOTE 2:\tDue to the security sensitive information associated to the attribute, based on access control\n            policies, the API consumer might have read only, write only, read/write, or no access at all to\n            the attribute's value. In case the API consumer is not allowed to read the value of the security\n            sensitive attribute, the attribute shall be omitted when the information is to be provided in a\n            response message, and shall be provided otherwise. In case the API consumer is not allowed to\n            modify the value of the security sensitive attribute, and the modification request includes new\n            attribute values, the whole modification request shall be rejected, and proper error information returned.\n",
-			"type": "object",
-			"required": [
-			  "id",
-			  "name",
-			  "type",
-			  "standardVersion",
-			  "apiVersion",
-			  "apiEndpoint"
-			],
-			"properties": {
-			  "name": {
-				"description": "Human-readable name of the NFV-MANO interface.\n",
-				"type": "string"
-			  },
-			  "type": {
-				"description": "Type of the NFV-MANO service interface consumed by the NFV-MANO functional entity. Valid values are defined in clause 5.6.4.3.\n",
-				"type": "string"
-			  },
-			  "standardVersion": {
-				"description": "A version.\n",
-				"type": "string"
-			  },
-			  "apiVersion": {
-				"description": "A version.\n",
-				"type": "string"
-			  },
-			  "apiEndpoint": {
-				"description": "Consumable API endpoint of the interface. It provides the information relevant about the protocol, host and port, and path where the interface API can be accessed.\n",
-				"type": "object",
-				"properties": {
-				  "apiRoot": {
-					"description": "String formatted according to IETF RFC 3986.\n",
-					"type": "string"
-				  },
-				  "apiName": {
-					"description": "Indicates the interface name in an abbreviated form. Shall be present for ETSI NFV specified RESTful NFV-MANO APIs. The {apiName} of each interface is defined in the standard the interface is compliant to (see also clause 4.1 of ETSI GS NFV-SOL 013). May be present otherwise.\n",
-					"type": "string"
-				  },
-				  "apiMajorVersion": {
-					"description": "Indicates the current major version of the API. Shall be present for ETSI NFV specified RESTful NFV-MANO APIs. The major version is defined in the standard the interface is compliant to (see also clause 4.1 of ETSI GS NFV-SOL 013). May be present otherwise.\n",
-					"type": "string"
-				  },
-				  "apiUri": {
-					"description": "String formatted according to IETF RFC 3986.\n",
-					"type": "string"
-				  }
-				},
-				"required": [
-				  "apiUri"
-				]
-			  },
-			  "securityInfo": {
-				"description": "This type represents security related information for accessing an NFV-MANO service interface produced by an NFV-MANO functional entity. * NOTE:\tProvided configuration of the OAuth 2.0 authorization server information and configuration\n        shall be supported, and dynamic configuration may be supported.\n",
-				"type": "object",
-				"required": [
-				  "authType",
-				  "oauthServerInfo"
-				],
-				"properties": {
-				  "authType": {
-					"description": "Type of API request authorization to be used by the API consumer accessing the API.\nThe support of authorization methods for the API consumer is specified in clause 8.3.6 of ETSI GS NFV-SOL 013.\nPermitted values: - TLS_TUNNEL: Using TLS tunnel, as defined by TLS 1.2 in IETF RFC 5246. - TLS_TUNNEL_13: Using TLS tunnel, as defined by TLS 1.3 in IETF RFC 8446. - OAUTH2: Using access token, as defined by the OAuth 2.0 specification in IETF RFC 6749.\n",
-					"type": "array",
-					"items": {
-					  "type": "string",
-					  "enum": [
-						"TLS_TUNNEL",
-						"TLS_TUNNEL_13",
-						"OAUTH2"
-					  ]
-					},
-					"minItems": 1
-				  },
-				  "oauthServerInfo": {
-					"description": "OAuth 2.0 authorization server information and configuration.\n",
-					"type": "object",
-					"properties": {
-					  "dynamicDiscovery": {
-						"description": "Configuration data used when performing dynamic discovery of the authorization server identifier. See note.\n",
-						"type": "object",
-						"required": [
-						  "webFingerHost"
-						],
-						"properties": {
-						  "webFingerHost": {
-							"description": "Server where the WebFinger service is hosted. When used, the request to the WebFinger resource shall conform as specified in clause 5.1.3 of ETSI GS NFV-SEC 022.\n",
-							"type": "string",
-							"format": "uri"
-						  }
-						}
-					  },
-					  "providedConfiguration": {
-						"description": "Configuration data used to setup the authorization server identifier. See note.\n",
-						"type": "object",
-						"required": [
-						  "authServerId"
-						],
-						"properties": {
-						  "authServerId": {
-							"description": "Authorization server identifier as defined in ETSI GS NFV-SEC 022.\n",
-							"type": "string",
-							"format": "uri"
-						  }
-						}
-					  },
-					  "tlsCipherSuites": {
-						"description": "List of cipher suites that shall be declared as supported by the API consumer when performing the SSL or TLS negotiation with the authorization server. Valid values of cipher suites are defined in IETF RFC 8447.\n",
-						"type": "array",
-						"items": {
-						  "type": "string",
-						  "minItems": 1
-						}
-					  }
-					}
-				  },
-				  "tlsTunnelInfo": {
-					"description": "Information and configuration related to the use of TLS tunnel. Shall be present if authType contains \"TLS_TUNNEL\".\n",
-					"type": "object",
-					"properties": {
-					  "tlsTunnelCipherSuites": {
-						"description": "List of cipher suites that shall be declared as supported by the API consumer when performing the SSL or TLS negotiation with the API producer. Valid values of cipher suites are defined in IETF RFC 8447.\n",
-						"type": "array",
-						"items": {
-						  "type": "string",
-						  "minItems": 1
-						}
-					  }
-					}
-				  }
-				}
-			  }
-			}
-		  }
-		},
-		"peerEntityState": {
-		  "description": "State of the peer functional entity as provided by the API consumer when creating the resource or when updating it with the PATCH method.\n",
-		  "type": "object",
-		  "properties": {
-			"operationalState": {
-			  "description": "The enumeration OperationalStateEnumType defines values representing the operational state of an NFV-MANO functional application type of managed entity. The OperationalStateEnumType shall comply with the provisions:\n  - STARTED\tThe managed entity is operational.\n  - STOPPED\tThe managed entity is not operational.\n  - STOPPING\tThe managed entity is in the transition to stop.\n  - STARTING\tThe managed entity is in the transition to start and become operational.\n  - RESTARTING\tThe managed entity is in the transition to stop and start again.\n",
-			  "type": "string",
-			  "enum": [
-				"STARTED",
-				"STOPPED",
-				"STOPPING",
-				"STARTING",
-				"RESTARTING"
-			  ]
-			},
-			"administrativeState": {
-			  "description": "The enumeration AdministrativeStateEnumType defines values representing the administrative state of a managed entity. The AdministrativeStateEnumType shall comply with the provisions:\n  - LOCKED\tThe managed entity is administratively prohibited to be used.\n  - UNLOCKED\tThe managed entity is administratively allowed to be used.\n  - LOCKING\tThe managed entity is in the transition to be locked.\n",
-			  "type": "string",
-			  "enum": [
-				"LOCKED",
-				"UNLOCKED",
-				"LOCKING"
-			  ]
-			}
-		  },
-		  "required": [
-			"operationalState",
-			"administrativeState"
-		  ]
-		}
-	  }
-	}
-  }
\ No newline at end of file
+    "type": "array",
+    "items": {
+        "description": "This type represents an individual peer entity. * NOTE 1:\tThe value of the \"peerEntityId\" attribute is the same as the value of the \"id\" attribute in the\n          \"ManoEntity\" of the corresponding NFV-MANO functional entity that acts as peer entity, and shall\n          follow the uniqueness requirements set out in clause 5.6.2.2 for the \"id\" attribute.\n* NOTE 2: With this information, the NFVO has available information about the set of VIMs and associated VIM\n          connection information that have been configured into the VNFM.\n",
+        "type": "object",
+        "required": [
+            "id",
+            "peerEntityId",
+            "name",
+            "type",
+            "peerEntityState"
+        ],
+        "properties": {
+            "id": {
+                "description": "An identifier with the intention of being globally unique.\n",
+                "type": "string"
+            },
+            "peerEntityId": {
+                "description": "An identifier with the intention of being globally unique.\n",
+                "type": "string"
+            },
+            "name": {
+                "description": "Human-readable name of the peer functional entity.\nThis attribute can be modified with the PATCH method.\n",
+                "type": "string"
+            },
+            "type": {
+                "description": "The enumeration PeerEntityEnumType defines the permitted values to represent peer functional entities. it shall complains with the provisions : - NFVO\tThe peer functional entity is an NFVO. - VNFM\tThe peer functional entity is a VNFM. - VIM\t  The peer functional entity is a VIM. - WIM\t  The peer functional entity is a WIM. - CISM  The peer functional entity is a CISM.  - CIR   The NFV-MANO functional entity is a CIR. - CCM   The NFV-MANO functional entity is a CCM. - MDAF  The peer functional entity is a MDAF. - CMF   The peer functional entity is a CMF. - EM\t  The peer functional entity is an EM. - OSS\t  The peer functional entity is an OSS/BSS.\n",
+                "type": "string",
+                "enum": [
+                    "NFVO",
+                    "VNFM",
+                    "VIM",
+                    "WIM",
+                    "CISM",
+                    "CIR",
+                    "CCM",
+                    "MDAF",
+                    "CMF",
+                    "EM",
+                    "OSS"
+                ]
+            },
+            "description": {
+                "description": "Human-readable description of the peer functional entity.\nThis attribute can be modified with the PATCH method.\n",
+                "type": "string"
+            },
+            "consumedManoInterfaces": {
+                "description": "Information of the interface consumed by the NFV-MANO functional entity from the peer functional entity.\nThis attribute can be modified with the PATCH method.\nThe keys of the map, each of which identifies information about a particular consumed NFV-MANO interface, are managed by the API consumer and referenced from other data structures via the \"consumedManoInterfaceIds\" attribute.\n",
+                "type": "object"
+            },
+            "vimConnectionInfos": {
+                "description": "Map of VIM connection information. The VimConnectionInfo is specified in clause 4.4.1.6 of ETSI GS NFV-SOL 003. This attribute can be modified with the PATCH method. May be present only if the \"type\" attribute in the \"PeerEntity” is either a \"VIM\", a \"CISM\" or a \"CIR\", and the NFV-MANO entity being configured is a \"VNFM\" or \"NFVO\" as indicated by the \"type\" attribute in the \"ManoEntity\". In case it is present, the value of the \"vimId\" in the \"VimConnectionInfo\" shall be equal to the value of \"peerEntityId\". In addition, the content of \"interfaceInfo\", \"accessInfo” and \"extra\" (if applicable) of the “VimConnectionInfo\" shall be provided by means in scope of the present document.\n",
+                "type": "array",
+                "items": {
+                    "type": "object"
+                }
+            },
+            "vnfmConfiguredVimConnectionInfoIds": {
+                "description": "List of VIM connection information identifiers that identify the set of VIMs and associated VIM connection information that have been configured into the VNFM whose identifier is equal to the “peerEntityId“. See note 2. Only applicable if the \"type” attribute in the \"ManoEntity\" is \"NFVO\" and the \"type” attribute in the \"PeerEntity\" is a \"VNFM\".\n",
+                "type": "array",
+                "items": {
+                    "description": "An identifier with the intention of being globally unique.\n",
+                    "type": "string"
+                },
+                "additionalProperties": {
+                    "description": "This type represents an interface consumed by the producer NFV MANO functional entity from another peer functional entity. * NOTE 1:\tThe information to be provided in this attribute shall relate to the specification and its version.\n            For instance, \"ETSI GS NFV-SOL 003 (V2.4.1)\".\n* NOTE 2:\tDue to the security sensitive information associated to the attribute, based on access control\n            policies, the API consumer might have read only, write only, read/write, or no access at all to\n            the attribute's value. In case the API consumer is not allowed to read the value of the security\n            sensitive attribute, the attribute shall be omitted when the information is to be provided in a\n            response message, and shall be provided otherwise. In case the API consumer is not allowed to\n            modify the value of the security sensitive attribute, and the modification request includes new\n            attribute values, the whole modification request shall be rejected, and proper error information returned.\n",
+                    "type": "object",
+                    "required": [
+                        "id",
+                        "name",
+                        "type",
+                        "standardVersion",
+                        "apiVersion",
+                        "apiEndpoint"
+                    ],
+                    "properties": {
+                        "name": {
+                            "description": "Human-readable name of the NFV-MANO interface.\n",
+                            "type": "string"
+                        },
+                        "type": {
+                            "description": "Type of the NFV-MANO service interface consumed by the NFV-MANO functional entity. Valid values are defined in clause 5.6.4.3.\n",
+                            "type": "string"
+                        },
+                        "standardVersion": {
+                            "description": "A version.\n",
+                            "type": "string"
+                        },
+                        "apiVersion": {
+                            "description": "A version.\n",
+                            "type": "string"
+                        },
+                        "apiEndpoint": {
+                            "description": "Consumable API endpoint of the interface. It provides the information relevant about the protocol, host and port, and path where the interface API can be accessed.\n",
+                            "type": "object",
+                            "properties": {
+                                "apiRoot": {
+                                    "description": "String formatted according to IETF RFC 3986.\n",
+                                    "type": "string"
+                                },
+                                "apiName": {
+                                    "description": "Indicates the interface name in an abbreviated form. Shall be present for ETSI NFV specified RESTful NFV-MANO APIs. The {apiName} of each interface is defined in the standard the interface is compliant to (see also clause 4.1 of ETSI GS NFV-SOL 013). May be present otherwise.\n",
+                                    "type": "string"
+                                },
+                                "apiMajorVersion": {
+                                    "description": "Indicates the current major version of the API. Shall be present for ETSI NFV specified RESTful NFV-MANO APIs. The major version is defined in the standard the interface is compliant to (see also clause 4.1 of ETSI GS NFV-SOL 013). May be present otherwise.\n",
+                                    "type": "string"
+                                },
+                                "apiUri": {
+                                    "description": "String formatted according to IETF RFC 3986.\n",
+                                    "type": "string"
+                                }
+                            },
+                            "required": [
+                                "apiUri"
+                            ]
+                        },
+                        "securityInfo": {
+                            "description": "This type represents security related information for accessing an NFV-MANO service interface produced by an NFV-MANO functional entity. * NOTE:\tProvided configuration of the OAuth 2.0 authorization server information and configuration\n        shall be supported, and dynamic configuration may be supported.\n",
+                            "type": "object",
+                            "required": [
+                                "authType",
+                                "oauthServerInfo"
+                            ],
+                            "properties": {
+                                "authType": {
+                                    "description": "Type of API request authorization to be used by the API consumer accessing the API.\nThe support of authorization methods for the API consumer is specified in clause 8.3.6 of ETSI GS NFV-SOL 013.\nPermitted values: - TLS_TUNNEL: Using TLS tunnel, as defined by TLS 1.2 in IETF RFC 5246. - TLS_TUNNEL_13: Using TLS tunnel, as defined by TLS 1.3 in IETF RFC 8446. - OAUTH2: Using access token, as defined by the OAuth 2.0 specification in IETF RFC 6749.\n",
+                                    "type": "array",
+                                    "items": {
+                                        "type": "string",
+                                        "enum": [
+                                            "TLS_TUNNEL",
+                                            "TLS_TUNNEL_13",
+                                            "OAUTH2"
+                                        ]
+                                    },
+                                    "minItems": 1
+                                },
+                                "oauthServerInfo": {
+                                    "description": "OAuth 2.0 authorization server information and configuration.\n",
+                                    "type": "object",
+                                    "properties": {
+                                        "dynamicDiscovery": {
+                                            "description": "Configuration data used when performing dynamic discovery of the authorization server identifier. See note.\n",
+                                            "type": "object",
+                                            "required": [
+                                                "webFingerHost"
+                                            ],
+                                            "properties": {
+                                                "webFingerHost": {
+                                                    "description": "Server where the WebFinger service is hosted. When used, the request to the WebFinger resource shall conform as specified in clause 5.1.3 of ETSI GS NFV-SEC 022.\n",
+                                                    "type": "string",
+                                                    "format": "uri"
+                                                }
+                                            }
+                                        },
+                                        "providedConfiguration": {
+                                            "description": "Configuration data used to setup the authorization server identifier. See note.\n",
+                                            "type": "object",
+                                            "required": [
+                                                "authServerId"
+                                            ],
+                                            "properties": {
+                                                "authServerId": {
+                                                    "description": "Authorization server identifier as defined in ETSI GS NFV-SEC 022.\n",
+                                                    "type": "string",
+                                                    "format": "uri"
+                                                }
+                                            }
+                                        },
+                                        "tlsCipherSuites": {
+                                            "description": "List of cipher suites that shall be declared as supported by the API consumer when performing the SSL or TLS negotiation with the authorization server. Valid values of cipher suites are defined in IETF RFC 8447.\n",
+                                            "type": "array",
+                                            "items": {
+                                                "type": "string",
+                                                "minItems": 1
+                                            }
+                                        }
+                                    }
+                                },
+                                "tlsTunnelInfo": {
+                                    "description": "Information and configuration related to the use of TLS tunnel. Shall be present if authType contains \"TLS_TUNNEL\".\n",
+                                    "type": "object",
+                                    "properties": {
+                                        "tlsTunnelCipherSuites": {
+                                            "description": "List of cipher suites that shall be declared as supported by the API consumer when performing the SSL or TLS negotiation with the API producer. Valid values of cipher suites are defined in IETF RFC 8447.\n",
+                                            "type": "array",
+                                            "items": {
+                                                "type": "string",
+                                                "minItems": 1
+                                            }
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    }
+                }
+            },
+            "peerEntityState": {
+                "description": "State of the peer functional entity as provided by the API consumer when creating the resource or when updating it with the PATCH method.\n",
+                "type": "object",
+                "properties": {
+                    "operationalState": {
+                        "description": "The enumeration OperationalStateEnumType defines values representing the operational state of an NFV-MANO functional application type of managed entity. The OperationalStateEnumType shall comply with the provisions:\n  - STARTED\tThe managed entity is operational.\n  - STOPPED\tThe managed entity is not operational.\n  - STOPPING\tThe managed entity is in the transition to stop.\n  - STARTING\tThe managed entity is in the transition to start and become operational.\n  - RESTARTING\tThe managed entity is in the transition to stop and start again.\n",
+                        "type": "string",
+                        "enum": [
+                            "STARTED",
+                            "STOPPED",
+                            "STOPPING",
+                            "STARTING",
+                            "RESTARTING"
+                        ]
+                    },
+                    "administrativeState": {
+                        "description": "The enumeration AdministrativeStateEnumType defines values representing the administrative state of a managed entity. The AdministrativeStateEnumType shall comply with the provisions:\n  - LOCKED\tThe managed entity is administratively prohibited to be used.\n  - UNLOCKED\tThe managed entity is administratively allowed to be used.\n  - LOCKING\tThe managed entity is in the transition to be locked.\n",
+                        "type": "string",
+                        "enum": [
+                            "LOCKED",
+                            "UNLOCKED",
+                            "LOCKING"
+                        ]
+                    }
+                },
+                "required": [
+                    "operationalState",
+                    "administrativeState"
+                ]
+            }
+        }
+    }
+}
\ No newline at end of file
diff --git a/SOL009/NFVManoConfigurationAndInformationManagement-API/schemas/PeerEntity.schema.json b/SOL009/NFVManoConfigurationAndInformationManagement-API/schemas/PeerEntity.schema.json
index 24ae5429928335e9c638299afc1cccb078df34fb..70f8cc29be7cc072326f61015019bf9aa5d9f6f2 100644
--- a/SOL009/NFVManoConfigurationAndInformationManagement-API/schemas/PeerEntity.schema.json
+++ b/SOL009/NFVManoConfigurationAndInformationManagement-API/schemas/PeerEntity.schema.json
@@ -1,227 +1,229 @@
 {
-	"description": "This type represents an individual peer entity. * NOTE 1:\tThe value of the \"peerEntityId\" attribute is the same as the value of the \"id\" attribute in the\n          \"ManoEntity\" of the corresponding NFV-MANO functional entity that acts as peer entity, and shall\n          follow the uniqueness requirements set out in clause 5.6.2.2 for the \"id\" attribute.\n* NOTE 2: With this information, the NFVO has available information about the set of VIMs and associated VIM\n          connection information that have been configured into the VNFM.\n",
-	"type": "object",
-	"required": [
-		"id",
-		"peerEntityId",
-		"name",
-		"type",
-		"peerEntityState"
-	],
-	"properties": {
-		"id": {
-			"description": "An identifier with the intention of being globally unique.\n",
-			"type": "string"
-		},
-		"peerEntityId": {
-			"description": "An identifier with the intention of being globally unique.\n",
-			"type": "string"
-		},
-		"name": {
-			"description": "Human-readable name of the peer functional entity.\nThis attribute can be modified with the PATCH method.\n",
-			"type": "string"
-		},
-		"type": {
-			"description": "The enumeration PeerEntityEnumType defines the permitted values to represent peer functional entities. it shall complains with the provisions : - NFVO\tThe peer functional entity is an NFVO. - VNFM\tThe peer functional entity is a VNFM. - VIM\t  The peer functional entity is a VIM. - WIM\t  The peer functional entity is a WIM. - CISM   The peer functional entity is a CISM.  - CIR   The NFV-MANO functional entity is a CIR. - CCM   The NFV-MANO functional entity is a CCM. - EM\t  The peer functional entity is an EM. - OSS\t  The peer functional entity is an OSS/BSS.\n",
-			"type": "string",
-			"enum": [
-				"NFVO",
-				"VNFM",
-				"VIM",
-				"WIM",
-				"CISM",
-				"CIR",
-				"CCM",
-				"EM",
-				"OSS"
-			]
-		},
-		"description": {
-			"description": "Human-readable description of the peer functional entity.\nThis attribute can be modified with the PATCH method.\n",
-			"type": "string"
-		},
-		"consumedManoInterfaces": {
-			"description": "Information of the interface consumed by the NFV-MANO functional entity from the peer functional entity.\nThis attribute can be modified with the PATCH method.\nThe keys of the map, each of which identifies information about a particular consumed NFV-MANO interface, are managed by the API consumer and referenced from other data structures via the \"consumedManoInterfaceIds\" attribute.\n",
-			"type": "object"
-		},
-		"vimConnectionInfos": {
-			"description": "Map of VIM connection information. The VimConnectionInfo is specified in clause 4.4.1.6 of ETSI GS NFV-SOL 003. This attribute can be modified with the PATCH method. May be present only if the \"type\" attribute in the \"PeerEntity” is either a \"VIM\", a \"CISM\" or a \"CIR\", and the NFV-MANO entity being configured is a \"VNFM\" or \"NFVO\" as indicated by the \"type\" attribute in the \"ManoEntity\". In case it is present, the value of the \"vimId\" in the \"VimConnectionInfo\" shall be equal to the value of \"peerEntityId\". In addition, the content of \"interfaceInfo\", \"accessInfo” and \"extra\" (if applicable) of the “VimConnectionInfo\" shall be provided by means in scope of the present document.\n",
-			"type": "array",
-			"items": {
-				"type": "object"
-			}
-		},
-		"vnfmConfiguredVimConnectionInfoIds": {
-			"description": "List of VIM connection information identifiers that identify the set of VIMs and associated VIM connection information that have been configured into the VNFM whose identifier is equal to the “peerEntityId“. See note 2. Only applicable if the \"type” attribute in the \"ManoEntity\" is \"NFVO\" and the \"type” attribute in the \"PeerEntity\" is a \"VNFM\".\n",
-			"type": "array",
-			"items": {
-				"description": "An identifier with the intention of being globally unique.\n",
-				"type": "string"
-			},
-			"additionalProperties": {
-				"description": "This type represents an interface consumed by the producer NFV MANO functional entity from another peer functional entity. * NOTE 1:\tThe information to be provided in this attribute shall relate to the specification and its version.\n            For instance, \"ETSI GS NFV-SOL 003 (V2.4.1)\".\n* NOTE 2:\tDue to the security sensitive information associated to the attribute, based on access control\n            policies, the API consumer might have read only, write only, read/write, or no access at all to\n            the attribute's value. In case the API consumer is not allowed to read the value of the security\n            sensitive attribute, the attribute shall be omitted when the information is to be provided in a\n            response message, and shall be provided otherwise. In case the API consumer is not allowed to\n            modify the value of the security sensitive attribute, and the modification request includes new\n            attribute values, the whole modification request shall be rejected, and proper error information returned.\n",
-				"type": "object",
-				"required": [
-					"id",
-					"name",
-					"type",
-					"standardVersion",
-					"apiVersion",
-					"apiEndpoint"
-				],
-				"properties": {
-					"name": {
-						"description": "Human-readable name of the NFV-MANO interface.\n",
-						"type": "string"
-					},
-					"type": {
-						"description": "Type of the NFV-MANO service interface consumed by the NFV-MANO functional entity. Valid values are defined in clause 5.6.4.3.\n",
-						"type": "string"
-					},
-					"standardVersion": {
-						"description": "A version.\n",
-						"type": "string"
-					},
-					"apiVersion": {
-						"description": "A version.\n",
-						"type": "string"
-					},
-					"apiEndpoint": {
-						"description": "Consumable API endpoint of the interface. It provides the information relevant about the protocol, host and port, and path where the interface API can be accessed.\n",
-						"type": "object",
-						"properties": {
-							"apiRoot": {
-								"description": "String formatted according to IETF RFC 3986.\n",
-								"type": "string"
-							},
-							"apiName": {
-								"description": "Indicates the interface name in an abbreviated form. Shall be present for ETSI NFV specified RESTful NFV-MANO APIs. The {apiName} of each interface is defined in the standard the interface is compliant to (see also clause 4.1 of ETSI GS NFV-SOL 013). May be present otherwise.\n",
-								"type": "string"
-							},
-							"apiMajorVersion": {
-								"description": "Indicates the current major version of the API. Shall be present for ETSI NFV specified RESTful NFV-MANO APIs. The major version is defined in the standard the interface is compliant to (see also clause 4.1 of ETSI GS NFV-SOL 013). May be present otherwise.\n",
-								"type": "string"
-							},
-							"apiUri": {
-								"description": "String formatted according to IETF RFC 3986.\n",
-								"type": "string"
-							}
-						},
-						"required": [
-							"apiUri"
-						]
-					},
-					"securityInfo": {
-						"description": "This type represents security related information for accessing an NFV-MANO service interface produced by an NFV-MANO functional entity. * NOTE:\tProvided configuration of the OAuth 2.0 authorization server information and configuration\n        shall be supported, and dynamic configuration may be supported.\n",
-						"type": "object",
-						"required": [
-							"authType",
-							"oauthServerInfo"
-						],
-						"properties": {
-							"authType": {
-								"description": "Type of API request authorization to be used by the API consumer accessing the API.\nThe support of authorization methods for the API consumer is specified in clause 8.3.6 of ETSI GS NFV-SOL 013.\nPermitted values: - TLS_TUNNEL: Using TLS tunnel, as defined by TLS 1.2 in IETF RFC 5246. - TLS_TUNNEL_13: Using TLS tunnel, as defined by TLS 1.3 in IETF RFC 8446. - OAUTH2: Using access token, as defined by the OAuth 2.0 specification in IETF RFC 6749.\n",
-								"type": "array",
-								"items": {
-									"type": "string",
-									"enum": [
-										"TLS_TUNNEL",
-										"TLS_TUNNEL_13",
-										"OAUTH2"
-									]
-								},
-								"minItems": 1
-							},
-							"oauthServerInfo": {
-								"description": "OAuth 2.0 authorization server information and configuration.\n",
-								"type": "object",
-								"properties": {
-									"dynamicDiscovery": {
-										"description": "Configuration data used when performing dynamic discovery of the authorization server identifier. See note.\n",
-										"type": "object",
-										"required": [
-											"webFingerHost"
-										],
-										"properties": {
-											"webFingerHost": {
-												"description": "Server where the WebFinger service is hosted. When used, the request to the WebFinger resource shall conform as specified in clause 5.1.3 of ETSI GS NFV-SEC 022.\n",
-												"type": "string",
-												"format": "uri"
-											}
-										}
-									},
-									"providedConfiguration": {
-										"description": "Configuration data used to setup the authorization server identifier. See note.\n",
-										"type": "object",
-										"required": [
-											"authServerId"
-										],
-										"properties": {
-											"authServerId": {
-												"description": "Authorization server identifier as defined in ETSI GS NFV-SEC 022.\n",
-												"type": "string",
-												"format": "uri"
-											}
-										}
-									},
-									"tlsCipherSuites": {
-										"description": "List of cipher suites that shall be declared as supported by the API consumer when performing the SSL or TLS negotiation with the authorization server. Valid values of cipher suites are defined in IETF RFC 8447.\n",
-										"type": "array",
-										"items": {
-											"type": "string",
-											"minItems": 1
-										}
-									}
-								}
-							},
-							"tlsTunnelInfo": {
-								"description": "Information and configuration related to the use of TLS tunnel. Shall be present if authType contains \"TLS_TUNNEL\".\n",
-								"type": "object",
-								"properties": {
-									"tlsTunnelCipherSuites": {
-										"description": "List of cipher suites that shall be declared as supported by the API consumer when performing the SSL or TLS negotiation with the API producer. Valid values of cipher suites are defined in IETF RFC 8447.\n",
-										"type": "array",
-										"items": {
-											"type": "string",
-											"minItems": 1
-										}
-									}
-								}
-							}
-						}
-					}
-				}
-			}
-		},
-		"peerEntityState": {
-			"description": "State of the peer functional entity as provided by the API consumer when creating the resource or when updating it with the PATCH method.\n",
-			"type": "object",
-			"properties": {
-				"operationalState": {
-					"description": "The enumeration OperationalStateEnumType defines values representing the operational state of an NFV-MANO functional application type of managed entity. The OperationalStateEnumType shall comply with the provisions:\n  - STARTED\tThe managed entity is operational.\n  - STOPPED\tThe managed entity is not operational.\n  - STOPPING\tThe managed entity is in the transition to stop.\n  - STARTING\tThe managed entity is in the transition to start and become operational.\n  - RESTARTING\tThe managed entity is in the transition to stop and start again.\n",
-					"type": "string",
-					"enum": [
-						"STARTED",
-						"STOPPED",
-						"STOPPING",
-						"STARTING",
-						"RESTARTING"
-					]
-				},
-				"administrativeState": {
-					"description": "The enumeration AdministrativeStateEnumType defines values representing the administrative state of a managed entity. The AdministrativeStateEnumType shall comply with the provisions:\n  - LOCKED\tThe managed entity is administratively prohibited to be used.\n  - UNLOCKED\tThe managed entity is administratively allowed to be used.\n  - LOCKING\tThe managed entity is in the transition to be locked.\n",
-					"type": "string",
-					"enum": [
-						"LOCKED",
-						"UNLOCKED",
-						"LOCKING"
-					]
-				}
-			},
-			"required": [
-				"operationalState",
-				"administrativeState"
-			]
-		}
-	}
+    "description": "This type represents an individual peer entity. * NOTE 1:\tThe value of the \"peerEntityId\" attribute is the same as the value of the \"id\" attribute in the\n          \"ManoEntity\" of the corresponding NFV-MANO functional entity that acts as peer entity, and shall\n          follow the uniqueness requirements set out in clause 5.6.2.2 for the \"id\" attribute.\n* NOTE 2: With this information, the NFVO has available information about the set of VIMs and associated VIM\n          connection information that have been configured into the VNFM.\n",
+    "type": "object",
+    "required": [
+        "id",
+        "peerEntityId",
+        "name",
+        "type",
+        "peerEntityState"
+    ],
+    "properties": {
+        "id": {
+            "description": "An identifier with the intention of being globally unique.\n",
+            "type": "string"
+        },
+        "peerEntityId": {
+            "description": "An identifier with the intention of being globally unique.\n",
+            "type": "string"
+        },
+        "name": {
+            "description": "Human-readable name of the peer functional entity.\nThis attribute can be modified with the PATCH method.\n",
+            "type": "string"
+        },
+        "type": {
+            "description": "The enumeration PeerEntityEnumType defines the permitted values to represent peer functional entities. it shall complains with the provisions : - NFVO\tThe peer functional entity is an NFVO. - VNFM\tThe peer functional entity is a VNFM. - VIM\t  The peer functional entity is a VIM. - WIM\t  The peer functional entity is a WIM. - CISM  The peer functional entity is a CISM.  - CIR   The NFV-MANO functional entity is a CIR. - CCM   The NFV-MANO functional entity is a CCM. - MDAF  The peer functional entity is a MDAF. - CMF   The peer functional entity is a CMF. - EM\t  The peer functional entity is an EM. - OSS\t  The peer functional entity is an OSS/BSS.\n",
+            "type": "string",
+            "enum": [
+                "NFVO",
+                "VNFM",
+                "VIM",
+                "WIM",
+                "CISM",
+                "CIR",
+                "CCM",
+                "MDAF",
+                "CMF",
+                "EM",
+                "OSS"
+            ]
+        },
+        "description": {
+            "description": "Human-readable description of the peer functional entity.\nThis attribute can be modified with the PATCH method.\n",
+            "type": "string"
+        },
+        "consumedManoInterfaces": {
+            "description": "Information of the interface consumed by the NFV-MANO functional entity from the peer functional entity.\nThis attribute can be modified with the PATCH method.\nThe keys of the map, each of which identifies information about a particular consumed NFV-MANO interface, are managed by the API consumer and referenced from other data structures via the \"consumedManoInterfaceIds\" attribute.\n",
+            "type": "object"
+        },
+        "vimConnectionInfos": {
+            "description": "Map of VIM connection information. The VimConnectionInfo is specified in clause 4.4.1.6 of ETSI GS NFV-SOL 003. This attribute can be modified with the PATCH method. May be present only if the \"type\" attribute in the \"PeerEntity” is either a \"VIM\", a \"CISM\" or a \"CIR\", and the NFV-MANO entity being configured is a \"VNFM\" or \"NFVO\" as indicated by the \"type\" attribute in the \"ManoEntity\". In case it is present, the value of the \"vimId\" in the \"VimConnectionInfo\" shall be equal to the value of \"peerEntityId\". In addition, the content of \"interfaceInfo\", \"accessInfo” and \"extra\" (if applicable) of the “VimConnectionInfo\" shall be provided by means in scope of the present document.\n",
+            "type": "array",
+            "items": {
+                "type": "object"
+            }
+        },
+        "vnfmConfiguredVimConnectionInfoIds": {
+            "description": "List of VIM connection information identifiers that identify the set of VIMs and associated VIM connection information that have been configured into the VNFM whose identifier is equal to the “peerEntityId“. See note 2. Only applicable if the \"type” attribute in the \"ManoEntity\" is \"NFVO\" and the \"type” attribute in the \"PeerEntity\" is a \"VNFM\".\n",
+            "type": "array",
+            "items": {
+                "description": "An identifier with the intention of being globally unique.\n",
+                "type": "string"
+            },
+            "additionalProperties": {
+                "description": "This type represents an interface consumed by the producer NFV MANO functional entity from another peer functional entity. * NOTE 1:\tThe information to be provided in this attribute shall relate to the specification and its version.\n            For instance, \"ETSI GS NFV-SOL 003 (V2.4.1)\".\n* NOTE 2:\tDue to the security sensitive information associated to the attribute, based on access control\n            policies, the API consumer might have read only, write only, read/write, or no access at all to\n            the attribute's value. In case the API consumer is not allowed to read the value of the security\n            sensitive attribute, the attribute shall be omitted when the information is to be provided in a\n            response message, and shall be provided otherwise. In case the API consumer is not allowed to\n            modify the value of the security sensitive attribute, and the modification request includes new\n            attribute values, the whole modification request shall be rejected, and proper error information returned.\n",
+                "type": "object",
+                "required": [
+                    "id",
+                    "name",
+                    "type",
+                    "standardVersion",
+                    "apiVersion",
+                    "apiEndpoint"
+                ],
+                "properties": {
+                    "name": {
+                        "description": "Human-readable name of the NFV-MANO interface.\n",
+                        "type": "string"
+                    },
+                    "type": {
+                        "description": "Type of the NFV-MANO service interface consumed by the NFV-MANO functional entity. Valid values are defined in clause 5.6.4.3.\n",
+                        "type": "string"
+                    },
+                    "standardVersion": {
+                        "description": "A version.\n",
+                        "type": "string"
+                    },
+                    "apiVersion": {
+                        "description": "A version.\n",
+                        "type": "string"
+                    },
+                    "apiEndpoint": {
+                        "description": "Consumable API endpoint of the interface. It provides the information relevant about the protocol, host and port, and path where the interface API can be accessed.\n",
+                        "type": "object",
+                        "properties": {
+                            "apiRoot": {
+                                "description": "String formatted according to IETF RFC 3986.\n",
+                                "type": "string"
+                            },
+                            "apiName": {
+                                "description": "Indicates the interface name in an abbreviated form. Shall be present for ETSI NFV specified RESTful NFV-MANO APIs. The {apiName} of each interface is defined in the standard the interface is compliant to (see also clause 4.1 of ETSI GS NFV-SOL 013). May be present otherwise.\n",
+                                "type": "string"
+                            },
+                            "apiMajorVersion": {
+                                "description": "Indicates the current major version of the API. Shall be present for ETSI NFV specified RESTful NFV-MANO APIs. The major version is defined in the standard the interface is compliant to (see also clause 4.1 of ETSI GS NFV-SOL 013). May be present otherwise.\n",
+                                "type": "string"
+                            },
+                            "apiUri": {
+                                "description": "String formatted according to IETF RFC 3986.\n",
+                                "type": "string"
+                            }
+                        },
+                        "required": [
+                            "apiUri"
+                        ]
+                    },
+                    "securityInfo": {
+                        "description": "This type represents security related information for accessing an NFV-MANO service interface produced by an NFV-MANO functional entity. * NOTE:\tProvided configuration of the OAuth 2.0 authorization server information and configuration\n        shall be supported, and dynamic configuration may be supported.\n",
+                        "type": "object",
+                        "required": [
+                            "authType",
+                            "oauthServerInfo"
+                        ],
+                        "properties": {
+                            "authType": {
+                                "description": "Type of API request authorization to be used by the API consumer accessing the API.\nThe support of authorization methods for the API consumer is specified in clause 8.3.6 of ETSI GS NFV-SOL 013.\nPermitted values: - TLS_TUNNEL: Using TLS tunnel, as defined by TLS 1.2 in IETF RFC 5246. - TLS_TUNNEL_13: Using TLS tunnel, as defined by TLS 1.3 in IETF RFC 8446. - OAUTH2: Using access token, as defined by the OAuth 2.0 specification in IETF RFC 6749.\n",
+                                "type": "array",
+                                "items": {
+                                    "type": "string",
+                                    "enum": [
+                                        "TLS_TUNNEL",
+                                        "TLS_TUNNEL_13",
+                                        "OAUTH2"
+                                    ]
+                                },
+                                "minItems": 1
+                            },
+                            "oauthServerInfo": {
+                                "description": "OAuth 2.0 authorization server information and configuration.\n",
+                                "type": "object",
+                                "properties": {
+                                    "dynamicDiscovery": {
+                                        "description": "Configuration data used when performing dynamic discovery of the authorization server identifier. See note.\n",
+                                        "type": "object",
+                                        "required": [
+                                            "webFingerHost"
+                                        ],
+                                        "properties": {
+                                            "webFingerHost": {
+                                                "description": "Server where the WebFinger service is hosted. When used, the request to the WebFinger resource shall conform as specified in clause 5.1.3 of ETSI GS NFV-SEC 022.\n",
+                                                "type": "string",
+                                                "format": "uri"
+                                            }
+                                        }
+                                    },
+                                    "providedConfiguration": {
+                                        "description": "Configuration data used to setup the authorization server identifier. See note.\n",
+                                        "type": "object",
+                                        "required": [
+                                            "authServerId"
+                                        ],
+                                        "properties": {
+                                            "authServerId": {
+                                                "description": "Authorization server identifier as defined in ETSI GS NFV-SEC 022.\n",
+                                                "type": "string",
+                                                "format": "uri"
+                                            }
+                                        }
+                                    },
+                                    "tlsCipherSuites": {
+                                        "description": "List of cipher suites that shall be declared as supported by the API consumer when performing the SSL or TLS negotiation with the authorization server. Valid values of cipher suites are defined in IETF RFC 8447.\n",
+                                        "type": "array",
+                                        "items": {
+                                            "type": "string",
+                                            "minItems": 1
+                                        }
+                                    }
+                                }
+                            },
+                            "tlsTunnelInfo": {
+                                "description": "Information and configuration related to the use of TLS tunnel. Shall be present if authType contains \"TLS_TUNNEL\".\n",
+                                "type": "object",
+                                "properties": {
+                                    "tlsTunnelCipherSuites": {
+                                        "description": "List of cipher suites that shall be declared as supported by the API consumer when performing the SSL or TLS negotiation with the API producer. Valid values of cipher suites are defined in IETF RFC 8447.\n",
+                                        "type": "array",
+                                        "items": {
+                                            "type": "string",
+                                            "minItems": 1
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+        },
+        "peerEntityState": {
+            "description": "State of the peer functional entity as provided by the API consumer when creating the resource or when updating it with the PATCH method.\n",
+            "type": "object",
+            "properties": {
+                "operationalState": {
+                    "description": "The enumeration OperationalStateEnumType defines values representing the operational state of an NFV-MANO functional application type of managed entity. The OperationalStateEnumType shall comply with the provisions:\n  - STARTED\tThe managed entity is operational.\n  - STOPPED\tThe managed entity is not operational.\n  - STOPPING\tThe managed entity is in the transition to stop.\n  - STARTING\tThe managed entity is in the transition to start and become operational.\n  - RESTARTING\tThe managed entity is in the transition to stop and start again.\n",
+                    "type": "string",
+                    "enum": [
+                        "STARTED",
+                        "STOPPED",
+                        "STOPPING",
+                        "STARTING",
+                        "RESTARTING"
+                    ]
+                },
+                "administrativeState": {
+                    "description": "The enumeration AdministrativeStateEnumType defines values representing the administrative state of a managed entity. The AdministrativeStateEnumType shall comply with the provisions:\n  - LOCKED\tThe managed entity is administratively prohibited to be used.\n  - UNLOCKED\tThe managed entity is administratively allowed to be used.\n  - LOCKING\tThe managed entity is in the transition to be locked.\n",
+                    "type": "string",
+                    "enum": [
+                        "LOCKED",
+                        "UNLOCKED",
+                        "LOCKING"
+                    ]
+                }
+            },
+            "required": [
+                "operationalState",
+                "administrativeState"
+            ]
+        }
+    }
 }
\ No newline at end of file
diff --git a/SOL011/NSInstanceUsageNotification-API/IndividualSubscription.robot b/SOL011/NSInstanceUsageNotification-API/IndividualSubscription.robot
index 5f11fda6ff81b636f1a4e101f4e154c067c8361e..f5ddf660efa0205352f4ac71ed57482e671a29ed 100644
--- a/SOL011/NSInstanceUsageNotification-API/IndividualSubscription.robot
+++ b/SOL011/NSInstanceUsageNotification-API/IndividualSubscription.robot
@@ -12,7 +12,7 @@ POST Individual Subscription - Method not implemented
     ...    Test title: POST Individual Subscription - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.5.4.3.1 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 8.5.4.3.1 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -24,7 +24,7 @@ GET Information about an individual subscription - Successful
     ...    Test title: GET Information about an individual subscription - Successful
     ...    Test objective: The objective is to test the retrieval of NS instance usage notification subscription and perform a JSON schema validation of the returned subscription data structure
     ...    Pre-conditions: An NS instance is instantiated. At least one NS instance usage notification subscription is available in the NFVO.
-    ...    Reference: Clause 8.5.4.3.2 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 8.5.4.3.2 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -37,7 +37,7 @@ PUT an individual subscription - Method not implemented
     ...    Test title: PUT an individual subscription - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.5.4.3.3 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 8.5.4.3.3 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -49,7 +49,7 @@ PATCH an individual subscription - Method not implemented
     ...    Test title: PATCH an individual subscription - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.5.4.3.4 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 8.5.4.3.4 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -61,7 +61,7 @@ DELETE an individual subscription
     ...    Test title: DELETE an individual subscription
     ...    Test objective: The objective is to test that DELETE method deletes an individual subscription
     ...    Pre-conditions: At least one instance usage notification subscription is available in the NFVO
-    ...    Reference: Clause 8.5.4.3.5 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 8.5.4.3.5 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: The NS instance usage notification subscription is not available anymore on NFVO
@@ -74,10 +74,34 @@ GET Information about an individual subscription - NOT FOUND
     ...    Test title: GET Information about an individual subscription - NOT FOUND
     ...    Test objective: The objective is to test that the retrieval of individual NS instance usage notification subscription fails when using an invalid resource identifier.
     ...    Pre-conditions: An NS instance is instantiated. At least one NS instance usage notification subscription is available in the NFVO.
-    ...    Reference: Clause 8.5.4.3.2 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 8.5.4.3.2 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
     GET Individual subscription
     Check HTTP Response Status Code Is    404
-    Check HTTP Response Body Json Schema Is   ProblemDetails
\ No newline at end of file
+    Check HTTP Response Body Json Schema Is   ProblemDetails
+GET Information about an individual subscription with permitted authorization scope - Successful
+     [Documentation]    Test ID: 9.3.2.2.7
+    ...    Test title: GET Information about an individual subscription with permitted authorization scope - Successful
+    ...    Test objective: The objective is to test the retrieval of NS instance usage notification subscription and perform a JSON schema validation of the returned subscription data structure
+    ...    Pre-conditions: An NS instance is instantiated. At least one NS instance usage notification subscription is available in the NFVO.
+    ...    Reference: Clause 8.5.4.3.2 - ETSI GS NFV-SOL 011 [8] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual subscription with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   subscription
+GET Information about an individual subscription with not permitted authorization scope - Successful
+     [Documentation]    Test ID: 9.3.2.2.8
+    ...    Test title: GET Information about an individual subscription with not permitted authorization scope - Successful
+    ...    Test objective: The objective is to test the retrieval of NS instance usage notification subscription and perform a JSON schema validation of the returned subscription data structure
+    ...    Pre-conditions: An NS instance is instantiated. At least one NS instance usage notification subscription is available in the NFVO.
+    ...    Reference: Clause 8.5.4.3.2 - ETSI GS NFV-SOL 011 [8] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual subscription with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is   ProblemDetails
diff --git a/SOL011/NSInstanceUsageNotification-API/NSInstanceUsageNotificationKeywords.robot b/SOL011/NSInstanceUsageNotification-API/NSInstanceUsageNotificationKeywords.robot
index 87ccabc70035778456267642a6eff955112445dd..cc1a04fcb8d4381e153ff00e3844a37a7c14b48a 100644
--- a/SOL011/NSInstanceUsageNotification-API/NSInstanceUsageNotificationKeywords.robot
+++ b/SOL011/NSInstanceUsageNotification-API/NSInstanceUsageNotificationKeywords.robot
@@ -5,6 +5,7 @@ Library    OperatingSystem
 Library    JSONLibrary
 Library    JSONSchemaLibrary    schemas/
 Library    String
+Library    jwt
 
 *** Keywords ***
 Check HTTP Response Status Code Is
@@ -261,4 +262,50 @@ Check Postcondition Subscription Resource Returned in Location Header Is Availab
 
 Check Postcondition Subscriptions Exist
     Log    Checking that subscriptions exists
-    Get Subscriptions 
\ No newline at end of file
+    Get Subscriptions 
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded}
+POST subscriptions with permitted authorization scope
+    Log    Create subscription instance by POST to ${apiRoot}/${apiName}/${apiVersion}/subscriptions
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${SUBSCRIPTION_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"Authorization":"${authorizationToken}"}
+    ${body}=    Get File    jsons/NsInstanceUsageSubscriptionRequest.json
+    Post    ${apiRoot}/${apiName}/${apiVersion}/subscriptions    ${body}    allow_redirects=false
+	${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+POST subscriptions with not permitted authorization scope
+    Log    Create subscription instance by POST to ${apiRoot}/${apiName}/${apiVersion}/subscriptions
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"Authorization":"${authorizationToken}"}
+    ${body}=    Get File    jsons/NsInstanceUsageSubscriptionRequest.json
+    Post    ${apiRoot}/${apiName}/${apiVersion}/subscriptions    ${body}    allow_redirects=false
+	${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+GET Individual subscription with permitted authorization scope
+    log    Trying to get information about an individual subscription
+    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${SUBSCRIPTION_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"Authorization":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiVersion}/subscriptions/${subscriptionId}  
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+GET Individual subscription with not permitted authorization scope
+    log    Trying to get information about an individual subscription
+    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"Authorization":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiVersion}/subscriptions/${subscriptionId}  
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
\ No newline at end of file
diff --git a/SOL011/NSInstanceUsageNotification-API/NotificationEndpoint.robot b/SOL011/NSInstanceUsageNotification-API/NotificationEndpoint.robot
index 28bb3cce7ed3cb7410dff67a258d577f796ba160..65c1e98a1e435e87b97e010149c248a8c5d70b5d 100644
--- a/SOL011/NSInstanceUsageNotification-API/NotificationEndpoint.robot
+++ b/SOL011/NSInstanceUsageNotification-API/NotificationEndpoint.robot
@@ -13,7 +13,7 @@ NS Instance Usage Notification
     ...    Test title: NS Instance Usage Notification
     ...    Test objective: The objective is to test that NS Instance Usage Notification is delivered with success to the notification consumer
     ...    Pre-conditions: A subscription for instance usage notification is available in the NFVO.
-    ...    Reference: Clause 8.5.5.3.1 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 8.5.5.3.1 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL011/NSInstanceUsageNotification-API/Notifications.robot b/SOL011/NSInstanceUsageNotification-API/Notifications.robot
index a299608dc1d8e979aac52e31decd378cdc760d77..d9e25466f9ac234dfbee04c181957b669ef52b3b 100644
--- a/SOL011/NSInstanceUsageNotification-API/Notifications.robot
+++ b/SOL011/NSInstanceUsageNotification-API/Notifications.robot
@@ -13,7 +13,7 @@ NS Instance Usage START Notification
     ...    Test title: NS Instance Usage START Notification
     ...    Test objective: The objective is to test the dispatch of NS Instance Usage Start Notification when the usage of an NS instance is started, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A subscription for NS instance usage notification is available in the NFVO.
-    ...    Reference: Clause 8.5.5.3.1 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 8.5.5.3.1 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -27,7 +27,7 @@ NS Instance Usage END Notification
     ...    Test title: NS Instance Usage END Notification
     ...    Test objective: The objective is to test the dispatch of NS Instance Usage End Notification when the usage of an NS instance is ended, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A subscription for NS instance usage notification is available in the NFVO.
-    ...    Reference: Clause 8.5.5.3.1 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 8.5.5.3.1 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL011/NSInstanceUsageNotification-API/Subscriptions.robot b/SOL011/NSInstanceUsageNotification-API/Subscriptions.robot
index 36d4389e644dd762f311ea4764e7b43d8eb07e91..f0363ae8d0ebff6921da2f607bd7020aff4597d7 100644
--- a/SOL011/NSInstanceUsageNotification-API/Subscriptions.robot
+++ b/SOL011/NSInstanceUsageNotification-API/Subscriptions.robot
@@ -12,7 +12,7 @@ POST Create a new subscription
     ...    Test title: POST Create a new subscription
     ...    Test objective: The objective is to test that POST method creates a subscription
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.5.3.3.1 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 8.5.3.3.1 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: Subscription is created in the NFVO     
@@ -28,7 +28,7 @@ POST Create a new Subscription - DUPLICATION
     ...    Test title: POST Create a new subscription - DUPLICATION
     ...    Test objective: The objective is to test that POST method creates a duplicate subscription 
     ...    Pre-conditions: A subscription shall already exist 
-    ...    Reference: Clause 8.5.3.3.1 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 8.5.3.3.1 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: Duplication supported by NFVO-C
     ...    Post-Conditions: Duplicate subscription is created in the NFVO     
@@ -44,7 +44,7 @@ POST Create a new Subscription - NO-DUPLICATION
     ...    Test title: POST Create a new subscription - NO-DUPLICATION
     ...    Test objective: The objective is to test that POST method cannot create a duplicate subscription 
     ...    Pre-conditions: A subscription shall already exist
-    ...    Reference: Clause 8.5.3.3.1 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 8.5.3.3.1 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: Duplication NOT supported by NFVO-C
     ...    Post-Conditions: Duplicate subscription is not created in the NFVO     
@@ -58,7 +58,7 @@ GET Subscriptions
     ...    Test title: GET Subscriptions
     ...    Test objective: The objective is to test that GET method retrieves the list of existing subscriptions
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.5.3.3.2 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 8.5.3.3.2 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -71,7 +71,7 @@ GET Subscription - Filter
     ...    Test title: GET Subscription - Filter
     ...    Test objective: The objective is GET the list of active subscriptions using a filter
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.5.3.3.2 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 8.5.3.3.2 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -84,7 +84,7 @@ GET subscriptions - Bad Request Invalid attribute-based filtering parameters
     ...    Test title: GET subscriptions - Bad Request Invalid attribute-based filtering parameters
     ...    Test objective: The objective is GET the list of active subscriptions using an invalid filter
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.5.3.3.2 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 8.5.3.3.2 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -97,7 +97,7 @@ GET subscriptions - Bad Request Response too Big
     ...    Test title: GET subscriptions - Bad Request Response too Big
     ...    Test objective: The objective is test that the retrieval of active subscriptions list fails because response is too big, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.5.3.3.2 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 8.5.3.3.2 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -110,7 +110,7 @@ GET subscriptions with "all_fields" attribute selector
     ...    Test title: GET subscriptions with "all_fields" attribute selector
     ...    Test objective: The objective is to retrieve the list of active subscriptions with "all_fields" attribute selector
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.5.3.3.2 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 8.5.3.3.2 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none 
     ...    Post-Conditions: none
@@ -123,7 +123,7 @@ GET subscriptions with "exclude_default" attribute selector
     ...    Test title: GET subscriptions with "exclude_default" attribute selector
     ...    Test objective: The objective is to retrieve the list of active subscriptions with "exclude_default"s attribute selector
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.5.3.3.2 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 8.5.3.3.2 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -136,7 +136,7 @@ GET subscriptions with "fields" attribute selector
     ...    Test title: GET subscriptions with "fields" attribute selector
     ...    Test objective: The objective is to retrieve the list of active subscriptions with "fields" attribute selector
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.5.3.3.2 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 8.5.3.3.2 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -149,7 +149,7 @@ GET subscriptions with "exclude_fields" attribute selector
     ...    Test title: GET subscriptions with "exclude_fields" attribute selector
     ...    Test objective: The objective is to retrieve the list of active subscriptions with "exclude_fields" attribute selector
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.5.3.3.2 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 8.5.3.3.2 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -162,7 +162,7 @@ GET Subscriptions as Paged Response
     ...    Test title: GET Subscriptions as Paged Response
     ...    Test objective: The objective is to test that GET method  retrieve the list of existing subscriptions as paged response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.5.3.3.2 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 8.5.3.3.2 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -175,7 +175,7 @@ PUT subscriptions - Method not implemented
     ...    Test title: PUT subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PUT method cannot modify a NS instance usage subscription
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.5.3.3.3 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 8.5.3.3.3 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -187,7 +187,7 @@ PATCH subscriptions - Method not implemented
     ...    Test title: PATCH subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PUT method cannot modify a NS instance usage subscription
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.5.3.3.4 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 8.5.3.3.4 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -199,7 +199,7 @@ DELETE subscriptions - Method not implemented
     ...    Test title: DELETE subscriptions - Method not implemented
     ...    Test objective: The objective is to test that DELETE method cannot delete a NS instance usage subscription
     ...    Pre-conditions: none
-    ...    Reference: Clause 8.5.3.3.5 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 8.5.3.3.5 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: Subscriptions are not deleted
@@ -212,10 +212,37 @@ GET subscriptions with "exclude_default" and "fields" attribute selector
     ...    Test title: GET subscriptions with "exclude_default" and "fields" attribute selector
     ...    Test objective: The objective is to retrieve the list of active subscriptions with "exclude_default" and "fields" attribute selector
     ...    Pre-conditions: 
-    ...    Reference: Clause 8.5.3.3.2 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 8.5.3.3.2 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none 
     ...    Post-Conditions: none
     Get subscriptions with exclude_default and fields attribute selector
     Check HTTP Response Status Code Is    200
-    Check HTTP Response Body Json Schema Is   subscriptions  
\ No newline at end of file
+    Check HTTP Response Body Json Schema Is   subscriptions  
+POST Create a new subscription with permitted authorization scope
+    [Documentation]    Test ID: 9.3.2.1.17
+    ...    Test title: POST Create a new subscription with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method creates a subscription
+    ...    Pre-conditions: none
+    ...    Reference: Clause 8.5.3.3.1 - ETSI GS NFV-SOL 011 [8] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: Subscription is created in the NFVO     
+    POST subscriptions with permitted authorization scope
+    Check HTTP Response Status Code Is    201
+    Check HTTP Response Header Contains    Location
+    Check HTTP Response Body Json Schema Is    subscription
+    Check HTTP Response Header Contains Resource URI
+    Check Postcondition Subscription Is Set 
+POST Create a new subscription with NOT permitted authorization scope
+    [Documentation]    Test ID: 9.3.2.1.18
+    ...    Test title: POST Create a new subscription with not permitted authorization scope
+    ...    Test objective: The objective is to test that POST method creates a subscription
+    ...    Pre-conditions: none
+    ...    Reference: Clause 8.5.3.3.1 - ETSI GS NFV-SOL 011 [8] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: Subscription is created in the NFVO     
+    POST subscriptions with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
\ No newline at end of file
diff --git a/SOL011/NSInstanceUsageNotification-API/environment/variables.txt b/SOL011/NSInstanceUsageNotification-API/environment/variables.txt
index b9ab0f0f18995b8806e00ff9cc34ab6104273955..5ccf61726e71e0b3495b685c575542aabf94ec44 100644
--- a/SOL011/NSInstanceUsageNotification-API/environment/variables.txt
+++ b/SOL011/NSInstanceUsageNotification-API/environment/variables.txt
@@ -24,6 +24,10 @@ ${VNFM_SCHEMA}    https
 ${CONTENT_TYPE_PATCH}    application/merge-patch+json
 ${WRONG_AUTHORIZATION}    Bearer    XXXXXWRONGXXXXX
 
+${SUBSCRIPTION_SCOPE}   nsiun:v1:all
+${NEG_SCOPE}    nsiun:v1:invalid
+${OAUTH_Encryption_ALGORITHM}   HS256
+
 ${vnfInstanceDescription}    description vnf
 ${vnfInstanceDescription_Update}    Updated description vnf 
 ${SINGLE_FILE_VNFD}    1    # If VNFD is PLAIN TEXT
diff --git a/SOL011/NSLifecycleOperationGranting-API/Grants.robot b/SOL011/NSLifecycleOperationGranting-API/Grants.robot
index ff8921e307e5ef39f8897ccc20d7cc3ba21e457f..7742892b47d294cab1fb4f6bb1c666fe6cc13aeb 100644
--- a/SOL011/NSLifecycleOperationGranting-API/Grants.robot
+++ b/SOL011/NSLifecycleOperationGranting-API/Grants.robot
@@ -12,7 +12,7 @@ Requests a grant for a particular NS lifecycle operation
     ...    Test title: Requests a grant for a particular NS lifecycle operation
     ...    Test objective: The objective is to request a grant for a particular NS lifecycle operation and perform a JSON schema validation on the returned grant data structure
     ...    Pre-conditions: 
-    ...    Reference: Clause 7.5.3.3.1 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 7.5.3.3.1 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: The NFVO can decide immediately what to respond to a grant request
     ...    Post-Conditions: The grant information is available to the NFVO.
@@ -27,7 +27,7 @@ Requests a grant for a particular NS lifecycle operation - Forbidden
     ...    Test title: Requests a grant for a particular NS lifecycle operation - Forbidden 
     ...    Test objective: The objective is to request a grant for a particular NS lifecycle operation and the grant is rejected
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.5.3.3.1 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 7.5.3.3.1 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -40,7 +40,7 @@ GET Grants - Method not implemented
     ...    Test title: GET Grants - Method not implemented
     ...    Test objective: The objective is to test that GET method is not allowed for Lifecycle operation granting 
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.5.3.3.2 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 7.5.3.3.2 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions:   none
@@ -52,7 +52,7 @@ PUT Grants - Method not implemented
     ...    Test title: PUT Grants - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed for Lifecycle operation granting 
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.5.3.3.3 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 7.5.3.3.3 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -64,7 +64,7 @@ PATCH Grants - Method not implemented
     ...    Test title: PATCH Grants - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed for Lifecycle operation granting  
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.5.3.3.4 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 7.5.3.3.4 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -76,10 +76,36 @@ DELETE Grants - Method not implemented
     ...    Test title: DELETE Grants - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed for Lifecycle operation granting  
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.5.3.3.5 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 7.5.3.3.5 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions:  Resources are not deleted
     Delete Grants
     Check HTTP Response Status Code Is    405
-    Check Postcondition Grants Exist
\ No newline at end of file
+    Check Postcondition Grants Exist
+Requests a grant for a particular NS lifecycle operation with permitted authorization scope
+    [Documentation]    Test ID: 9.3.1.1.7
+    ...    Test title: Requests a grant for a particular NS lifecycle operation with permitted authorization scope
+    ...    Test objective: The objective is to request a grant for a particular NS lifecycle operation and perform a JSON schema validation on the returned grant data structure
+    ...    Pre-conditions: 
+    ...    Reference: Clause 7.5.3.3.1 - ETSI GS NFV-SOL 011 [8] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: The NFVO can decide immediately what to respond to a grant request
+    ...    Post-Conditions: The grant information is available to the NFVO.
+    Send Post Request for Grant with permitted authorization scope
+    Check HTTP Response Status Code Is    201
+    Check HTTP Response Body Json Schema Is    Grant
+    Check HTTP Response Header Contains  Location 
+    Check Postcondition Grant Is Set 
+Requests a grant for a particular NS lifecycle operation with NOT permitted authorization scope
+    [Documentation]    Test ID: 9.3.1.1.8
+    ...    Test title: Requests a grant for a particular NS lifecycle operation with not permitted authorization scope
+    ...    Test objective: The objective is to request a grant for a particular NS lifecycle operation and perform a JSON schema validation on the returned grant data structure
+    ...    Pre-conditions: 
+    ...    Reference: Clause 7.5.3.3.1 - ETSI GS NFV-SOL 011 [8] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: The NFVO can decide immediately what to respond to a grant request
+    ...    Post-Conditions: The grant information is available to the NFVO.
+    Send Post Request for Grant with not permitted authorization scope
+    Check HTTP Response Status Code Is    403
+    Check HTTP Response Body Json Schema Is    ProblemDetails
\ No newline at end of file
diff --git a/SOL011/NSLifecycleOperationGranting-API/IndividualGrant.robot b/SOL011/NSLifecycleOperationGranting-API/IndividualGrant.robot
index 0bad5cd0dc39257ea2c7c8c0fef86b3662dc087d..403ed67a492f9513af9cca24cec34f7e752940b5 100644
--- a/SOL011/NSLifecycleOperationGranting-API/IndividualGrant.robot
+++ b/SOL011/NSLifecycleOperationGranting-API/IndividualGrant.robot
@@ -15,7 +15,7 @@ POST Individual Grant - Method not implemented
     ...    Test title: POST Individual Grant - Method not implemented
     ...    Test objective: The objective is to test that POST method is not allowed for Lifecycle operation granting  
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.5.4.3.1 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 7.5.4.3.1 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -27,7 +27,7 @@ GET an individual grant - Successful
     ...    Test title: GET an individual grant - Successful
     ...    Test objective: The objective is to retrieve a grant for a particular NS Lifecycle Operation.
     ...    Pre-conditions: The  grant information is available to the NFVO
-    ...    Reference: Clause 7.5.4.3.2 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 7.5.4.3.2 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -40,7 +40,7 @@ PUT an individual grant - Method not implemented
     ...    Test title: PUT an individual grant - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not allowed to for Lifecycle operation granting  
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.5.4.3.3 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 7.5.4.3.3 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -52,7 +52,7 @@ PATCH an individual grant - Method not implemented
     ...    Test title: PATCH an individual grant - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not allowed to for Lifecycle operation granting  
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.5.4.3.4 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 7.5.4.3.4 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -64,7 +64,7 @@ DELETE an individual grant - Method not implemented
     ...    Test title: DELETE an individual grant - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not allowed to for Lifecycle operation granting  
     ...    Pre-conditions: none
-    ...    Reference: Clause 7.5.4.3.5 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 7.5.4.3.5 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -76,10 +76,34 @@ GET an individual grant - NOT FOUND
     ...    Test title: GET an individual grant - NOT FOUND
     ...    Test objective: The objective is to test that the retrieval of individual grant for a particular Lifecycle operation fails when using an invalid resource identifier
     ...    Pre-conditions: The  grant information is available to the NFVO
-    ...    Reference: Clause 7.5.4.3.2 - ETSI GS NFV-SOL 011 [8] v4.4.1
+    ...    Reference: Clause 7.5.4.3.2 - ETSI GS NFV-SOL 011 [8] v4.5.1
     ...    Config ID: Config_prod_NFVO
     ...    Applicability: Invalid resource identifier is used
     ...    Post-Conditions: none
     Get individual grant
     Check HTTP Response Status Code Is    404
+    Check HTTP Response Body Json Schema Is    ProblemDetails
+GET an individual grant with permitted authorization scope - Successful
+    [Documentation]    Test ID: 9.3.1.2.7
+    ...    Test title: GET an individual grant with permitted authorization scope - Successful
+    ...    Test objective: The objective is to retrieve a grant for a particular NS Lifecycle Operation.
+    ...    Pre-conditions: The  grant information is available to the NFVO
+    ...    Reference: Clause 7.5.4.3.2 - ETSI GS NFV-SOL 011 [8] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get individual grant with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    Grant
+GET an individual grant with not permitted authorization scope - Successful
+    [Documentation]    Test ID: 9.3.1.2.8
+    ...    Test title: GET an individual grant with not permitted authorization scope - Successful
+    ...    Test objective: The objective is to retrieve a grant for a particular NS Lifecycle Operation.
+    ...    Pre-conditions: The  grant information is available to the NFVO
+    ...    Reference: Clause 7.5.4.3.2 - ETSI GS NFV-SOL 011 [8] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    Get individual grant with permitted not authorization scope
+    Check HTTP Response Status Code Is    403
     Check HTTP Response Body Json Schema Is    ProblemDetails
\ No newline at end of file
diff --git a/SOL011/NSLifecycleOperationGranting-API/NSLCOperationGrantingKeywords.robot b/SOL011/NSLifecycleOperationGranting-API/NSLCOperationGrantingKeywords.robot
index 9838b930b4a6edcf90a3a18669ae269eb5c713ca..be8cfda5865acee80b51816df9749c1a442dc938 100644
--- a/SOL011/NSLifecycleOperationGranting-API/NSLCOperationGrantingKeywords.robot
+++ b/SOL011/NSLifecycleOperationGranting-API/NSLCOperationGrantingKeywords.robot
@@ -4,6 +4,7 @@ Library    REST    ${NFVO_SCHEMA}://${NFVO_HOST}:${NFVO_PORT}    ssl_verify=fals
 Library    OperatingSystem
 Library    JSONLibrary
 Library    JSONSchemaLibrary    schemas/
+Library    jwt
 
 *** Keywords ***
 Send Post Request for Grant
@@ -141,4 +142,50 @@ Check Postcondition Grant Is Set
     GET    ${apiRoot}/${apiName}/${apiVersion}/grants/${response['body']['id']}
     ${output}=    Output    response
     Set Suite Variable    ${response}    ${output}
-    Check HTTP Response Status Code Is    200
\ No newline at end of file
+    Check HTTP Response Status Code Is    200
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded}
+Send Post Request for Grant with permitted authorization scope
+    Log    Request a new Grant for an NS LCM operation by POST to ${apiRoot}/${apiName}/${apiVersion}/grants
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${OPERATION_GRANTING_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"Authorization":"${authorizationToken}"}
+    ${body}=    Get File    jsons/grantNSLifecycleOperationRequest.json
+    Post    ${apiRoot}/${apiName}/${apiVersion}/grants    ${body}
+    ${body}=    Output    response
+    Set Suite Variable    ${response}    ${body}
+Send Post Request for Grant with not permitted authorization scope
+    Log    Request a new Grant for an NS LCM operation by POST to ${apiRoot}/${apiName}/${apiVersion}/grants
+    Set Headers    {"Accept": "${ACCEPT}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"Authorization":"${authorizationToken}"}
+    ${body}=    Get File    jsons/grantNSLifecycleOperationRequest.json
+    Post    ${apiRoot}/${apiName}/${apiVersion}/grants    ${body}
+    ${body}=    Output    response
+    Set Suite Variable    ${response}    ${body}
+Get individual grant with permitted authorization scope
+    log    Trying to read an individual grant
+    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Content-Type":"${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${OPERATION_GRANTING_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"Authorization":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiVersion}/grants/${grantId}
+    ${body}=    Output    response
+    Set Suite Variable    ${response}    ${body}
+Get individual grant with permitted not authorization scope
+    log    Trying to read an individual grant
+    Set Headers    {"Accept":"${ACCEPT}"}  
+    Set Headers    {"Content-Type":"${CONTENT_TYPE}"}
+    ${scope_value}=    Create Dictionary    scopeValue=${NEG_SCOPE}
+    ${authorizationToken}=    JWT Encode    payload=${scope_value}    key=''    algorithm=${OAUTH_Encryption_ALGORITHM}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"Authorization":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiVersion}/grants/${grantId}
+    ${body}=    Output    response
+    Set Suite Variable    ${response}    ${body}
\ No newline at end of file
diff --git a/SOL011/NSLifecycleOperationGranting-API/environment/variables.txt b/SOL011/NSLifecycleOperationGranting-API/environment/variables.txt
index e69f12ee20d695ca539fc9042cebdcec0281a32b..816f5f1fcbbf1a9eee78b29b2bed11282aceb0d5 100644
--- a/SOL011/NSLifecycleOperationGranting-API/environment/variables.txt
+++ b/SOL011/NSLifecycleOperationGranting-API/environment/variables.txt
@@ -25,6 +25,10 @@ ${VNFM_SCHEMA}    https
 ${CONTENT_TYPE_PATCH}    application/merge-patch+json
 ${WRONG_AUTHORIZATION}    Bearer    XXXXXWRONGXXXXX
 
+${OPERATION_GRANTING_SCOPE}     nslcog:v1:all
+${NEG_SCOPE}     nslcog:v1:invalid
+${OAUTH_Encryption_ALGORITHM}   HS256
+
 ${vnfInstanceDescription}    description vnf
 ${vnfInstanceDescription_Update}    Updated description vnf 
 ${SINGLE_FILE_VNFD}    1    # If VNFD is PLAIN TEXT
diff --git a/SOL011/README.md b/SOL011/README.md
index bdd8bde54470ff210d661c793642389ae0d16c97..dd99d87b4f97e564be6e285713c36d9a0a9da3a7 100644
--- a/SOL011/README.md
+++ b/SOL011/README.md
@@ -2,7 +2,7 @@
 
 This folder includes the NFV API conformance test descriptions for NFV SOL011 APIs.
 
-The reference spec version is v4.4.1: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/011/04.04.01_60/gs_NFV-SOL011v040401p.pdf
+The reference spec version is v4.5.1: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/011/04.05.01_60/gs_NFV-SOL011v040501p.pdf
 
 ## Applicable Tests
 In addition to the SOL011 tests included in this folder for NS Instance Usage Notification API and NS Lifecycle Operation Granting API, the SOL011 tests make use of applicable SOL005 tests.
diff --git a/SOL012/PolicyManagement-API/IndividualPolicy.robot b/SOL012/PolicyManagement-API/IndividualPolicy.robot
index b6d5f1e3f4818e3a78fd943c1660603cdaacd0f1..badd0b5ceb1762f43afc89127ed1291d00fe1b26 100644
--- a/SOL012/PolicyManagement-API/IndividualPolicy.robot
+++ b/SOL012/PolicyManagement-API/IndividualPolicy.robot
@@ -8,7 +8,7 @@ POST Individual Policy - Method not implemented
     ...    Test title: POST Individual Policy - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemented.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.4.3.1 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.4.3.1 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -20,7 +20,7 @@ GET Information about an individual policy - Successful
     ...    Test title: GET Information about an individual policy - Successful
     ...    Test objective: The objective is to test the retrieval of Individual Policy and perform a JSON schema validation of the returned Policy data structure.
     ...    Pre-conditions: At least one policy is available in the NFV-MANO.
-    ...    Reference: Clause 5.5.4.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.4.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -33,7 +33,7 @@ GET Information about an individual policy - NOT FOUND
     ...    Test title: GET Information about an individual policy - NOT FOUND
     ...    Test objective: The objective is to test that the retrieval of individual policy fails when using an invalid resource identifier.
     ...    Pre-conditions: At least one individual policy is available in the NFV-MANO.
-    ...    Reference: Clause 5.5.8.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.8.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -46,7 +46,7 @@ PUT an individual policy - Method not implemented
     ...    Test title: PUT an individual policy - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.4.3.3 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.4.3.3 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -58,7 +58,7 @@ PATCH an individual policy - Successful
     ...    Test title: PATCH an individual policy - Successful
     ...    Test objective: The objective is to test that an individual policy is modified successfully when there is no conflict using PATCH method.
     ...    Pre-conditions: There should not exist a conflict as described in Reference.
-    ...    Reference: Clause 5.5.4.3.4 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.4.3.4 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -71,7 +71,7 @@ PATCH an individual policy - Conflict
     ...    Test title: PATCH an individual policy - Conflict
     ...    Test objective: The objective is to test that an individual policy is not modified when there is a conflict using PATCH method.
     ...    Pre-conditions: There exists a conflict as described in Reference.
-    ...    Reference: Clause 5.5.4.3.4 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.4.3.4 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -85,7 +85,7 @@ DELETE an individual policy - Successful
     ...    Test title: DELETE an individual policy - Successful
     ...    Test objective: The objective is to test that DELETE method deletes a deactivated individual policy.
     ...    Pre-conditions: The activation status of individual policy to be deleted is not set to ACTIVATED.
-    ...    Reference: Clause 5.5.8.3.5 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.8.3.5 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: The individual policy is not available anymore in the NFV-MANO.
@@ -98,11 +98,36 @@ DELETE an individual policy - CONFLICT
     ...    Test title: DELETE an individual policy - CONFLICT
     ...    Test objective: The objective is to test that DELETE method does not delete an activated individual policy.
     ...    Pre-conditions: The activation status of individual policy to be deleted is set to ACTIVATED.
-    ...    Reference: Clause 5.5.8.3.5 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.8.3.5 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: The individual policy is not deleted.
     DELETE Individual Policy in status ACTIVATED
     Check HTTP Response Status Code Is    409
     Check HTTP Response Body Json Schema Is   ProblemDetails    
-    Check Postcondition Individual Policy is Not Deleted
\ No newline at end of file
+    Check Postcondition Individual Policy is Not Deleted
+
+PATCH an individual policy with permitted authorization scope 
+     [Documentation]    Test ID: 10.3.1.3.9
+    ...    Test title: PATCH an individual policy with permitted authorization scope 
+    ...    Test objective: The objective is to test that an individual policy is modified successfully when a permitted authorization scope is used.
+    ...    Pre-conditions: There should not exist a conflict as described in Reference.
+    ...    Reference: Clause 5.5.4.3.4 - ETSI GS NFV-SOL 012 [9] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    PATCH Individual Policy with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   PolicyModifications
+
+PATCH an individual policy with permitted authorization scope 
+     [Documentation]    Test ID: 10.3.1.3.10
+    ...    Test title: PATCH an individual policy with not permitted authorization scope 
+    ...    Test objective: The objective is to test that an individual policy is not modified when a not permitted authorization scope is used.
+    ...    Pre-conditions: There should not exist a conflict as described in Reference.
+    ...    Reference: Clause 5.5.4.3.4 - ETSI GS NFV-SOL 012 [9] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    PATCH Individual Policy with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL012/PolicyManagement-API/IndividualSubscription.robot b/SOL012/PolicyManagement-API/IndividualSubscription.robot
index 82755dae1e90db8527376abe4d982af6942b3381..5d870bf09cefa316158d3d761d1bdf75c4b565b3 100644
--- a/SOL012/PolicyManagement-API/IndividualSubscription.robot
+++ b/SOL012/PolicyManagement-API/IndividualSubscription.robot
@@ -8,7 +8,7 @@ POST Individual Subscription - Method not implemented
     ...    Test title: POST Individual Subscription - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemented for this resource.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.8.3.1 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.8.3.1 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -20,7 +20,7 @@ GET Information about an individual subscription - Successful
     ...    Test title: GET Information about an individual subscription - Successful
     ...    Test objective: The objective is to test the retrieval of Policy Management subscription and perform a JSON schema validation of the returned PolicySubscription data structure
     ...    Pre-conditions: At least one policy management subscription is available in the NFV-MANO.
-    ...    Reference: Clause 5.5.8.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.8.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -33,7 +33,7 @@ GET Information about an individual subscription - NOT FOUND
     ...    Test title: GET Information about an individual subscription - NOT FOUND
     ...    Test objective: The objective is to test that the retrieval of individual Policy Management subscription fails when using an invalid resource identifier.
     ...    Pre-conditions: At least one Policy Management subscription is available in the NFV-MANO.
-    ...    Reference: Clause 5.5.8.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.8.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -46,7 +46,7 @@ PUT an individual subscription - Method not implemented
     ...    Test title: PUT an individual subscription - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented for this resource.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.8.3.3 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.8.3.3 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -58,7 +58,7 @@ PATCH an individual subscription - Method not implemented
     ...    Test title: PATCH an individual subscription - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented for this resource.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.8.3.4 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.8.3.4 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -70,10 +70,35 @@ DELETE an individual subscription
     ...    Test title: DELETE an individual subscription
     ...    Test objective: The objective is to test that DELETE method deletes an individual subscription
     ...    Pre-conditions: At least one policy management subscription is available in the NFV-MANO.
-    ...    Reference: Clause 5.5.8.3.5 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.8.3.5 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: The Policy Management subscription is no longer available in the NFV-MANO.
     DELETE Individual Subscription
     Check HTTP Response Status Code Is    204
-    Check Postcondition Individual Subscription is Deleted
\ No newline at end of file
+    Check Postcondition Individual Subscription is Deleted
+
+GET Information about an individual subscription with permitted authorization scope
+     [Documentation]    Test ID: 10.3.1.7.7
+    ...    Test title: GET Information about an individual subscription with permitted authorization scope
+    ...    Test objective: The objective is to test the retrieval of Policy Management subscription when a permitted authorization scope is used.
+    ...    Pre-conditions: At least one policy management subscription is available in the NFV-MANO.
+    ...    Reference: Clause 5.5.8.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual subscription with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is   PolicySubscription
+
+GET Information about an individual subscription with not permitted authorization scope
+     [Documentation]    Test ID: 10.3.1.7.8
+    ...    Test title: GET Information about an individual subscription with not permitted authorization scope
+    ...    Test objective: The objective is to test that retrieval of Policy Management subscription fails when a not permitted authorization scope is used.
+    ...    Pre-conditions: At least one policy management subscription is available in the NFV-MANO.
+    ...    Reference: Clause 5.5.8.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual subscription with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL012/PolicyManagement-API/NotificationEndpoint.robot b/SOL012/PolicyManagement-API/NotificationEndpoint.robot
index 48089c6547c208a4345a3c64ae31c85aa3a39242..ae7efc4b3e2ee5b0d0d59788aeaac71198b03682 100644
--- a/SOL012/PolicyManagement-API/NotificationEndpoint.robot
+++ b/SOL012/PolicyManagement-API/NotificationEndpoint.robot
@@ -9,7 +9,7 @@ Policy Change Notification
     ...    Test title: Policy Change Notification
     ...    Test objective: The objective is to test that Policy Change Notification is delivered with success to the notification consumer.
     ...    Pre-conditions: A subscription for policy change notification is available in the NFV-MANO.
-    ...    Reference: Clause 5.5.9.3.1 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.9.3.1 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -21,7 +21,7 @@ Policy Conflict Notification
     ...    Test title: Policy Conflict Notification
     ...    Test objective: The objective is to test that Policy Conflict Notification is delivered with success to the notification consumer.
     ...    Pre-conditions: A subscription for policy conflict notification is available in the NFV-MANO.
-    ...    Reference: Clause 5.5.9.3.1 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.9.3.1 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -33,7 +33,7 @@ Test the Notification Endpoint - Successful
     ...    Test title: Test the Notification Endpoint - Successful
     ...    Test objective: The objective is to test the Notification Endpoint provided by the notification consumer.
     ...    Pre-conditions: A notification endpoint is provided by the API consumer upon subscription.
-    ...    Reference: Clause 5.5.9.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.9.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -45,7 +45,7 @@ Test the Notification Endpoint - UNREACHABLE
     ...    Test title: Test the Notification Endpoint - UNREACHABLE
     ...    Test objective: The objective is to test the Notification Endpoint provided by the notification consumer.
     ...    Pre-conditions: A notification endpoint is provided by the API consumer upon subscription.
-    ...    Reference: Clause 5.5.7.3.1 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.7.3.1 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: The notification endpoint is unreachable by the API producer.
     ...    Post-Conditions: none 
@@ -58,7 +58,7 @@ PUT Notification endpoint - Method Not Implemented
     ...    Test title: PUT Notification endpoint - Method Not Implemented
     ...    Test objective: The objective is to test the PUT method for Notification Endpoint provided by the consumer is not implemented.
     ...    Pre-conditions: A notification endpoint is provided by the API consumer upon subscription.
-    ...    Reference: Clause 5.5.9.3.3 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.9.3.3 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -70,7 +70,7 @@ PATCH Notification endpoint - Method Not Implemented
     ...    Test title: PATCH Notification endpoint - Method Not Implemented
     ...    Test objective: The objective is to test the PATCH method for Notification Endpoint provided by the consumer is not implemented.
     ...    Pre-conditions: A notification endpoint is provided by the API consumer upon subscription.
-    ...    Reference: Clause 5.5.9.3.4 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.9.3.4 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -82,7 +82,7 @@ DELETE Notification endpoint - Method Not Implemented
     ...    Test title: DELETE Notification endpoint - Method Not Implemented
     ...    Test objective: The objective is to test the DELETE method for Notification Endpoint provided by the consumer is not implemented.
     ...    Pre-conditions: A notification endpoint is provided by the API consumer upon subscription.
-    ...    Reference: Clause 5.5.9.3.5 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.9.3.5 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_Notif_Endpoint
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL012/PolicyManagement-API/Notifications.robot b/SOL012/PolicyManagement-API/Notifications.robot
index 0ef06146979b0e4ad47c0d4a90792e9362cb2cae..84c7d0b2d431315c84990cad8ff336d5918f2808 100644
--- a/SOL012/PolicyManagement-API/Notifications.robot
+++ b/SOL012/PolicyManagement-API/Notifications.robot
@@ -13,7 +13,7 @@ Policy Change Notification
     ...    Test title: Policy Change Notification
     ...    Test objective: The objective is to test the dispatch of Policy Change Notification when the policy is changed, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A subscription for policy change notification is available in the NFV-MANO.
-    ...    Reference: Clause 5.5.9.3.1 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.9.3.1 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -26,7 +26,7 @@ Policy Conflict Notification
     ...    Test title: Policy Conflict Notification
     ...    Test objective: The objective is to test the dispatch of Policy Conflict Notification when a conflict in policy is detected, and perform a JSON schema and content validation of the delivered notification. The action that triggers the notification under test is an explicit test step, but it is not performed by the test system.
     ...    Pre-conditions: A subscription for policy conflict notification is available in the NFV-MANO.
-    ...    Reference: Clause 5.5.9.3.1 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.9.3.1 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none 
diff --git a/SOL012/PolicyManagement-API/ParticularVersionOfAnIndividualPolicy.robot b/SOL012/PolicyManagement-API/ParticularVersionOfAnIndividualPolicy.robot
index 464523ad8044b5433f62dc4ad8a182f5bc55e490..8d91316ea7dde866faca1961d013549f82f71646 100644
--- a/SOL012/PolicyManagement-API/ParticularVersionOfAnIndividualPolicy.robot
+++ b/SOL012/PolicyManagement-API/ParticularVersionOfAnIndividualPolicy.robot
@@ -8,7 +8,7 @@ POST Particular Version of an Individual Policy - Method not implemented
     ...    Test title: POST Particular Version of an Individual Policy - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemented for this resource.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.6.3.1 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.6.3.1 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -20,7 +20,7 @@ GET Information about a Particular Version of an Individual Policy - Successful
     ...    Test title: GET Information about a Particular Version of an Individual Policy - Successful
     ...    Test objective: The objective is to test that GET method fetches the content of a particular version of an individual policy.
     ...    Pre-conditions: Individual policy is available in the NFV-MANO. Policy contents are provided in the json/PolicyContent folder.
-    ...    Reference: Clause 5.5.6.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.6.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: The policy content type is either JSON, YAML or ZIP.
     ...    Post-Conditions: none
@@ -33,7 +33,7 @@ GET Information about a Particular Version of an Individual Policy - NOT FOUND
     ...    Test title: GET Information about a Particular Version of an Individual Policy - NOT FOUND
     ...    Test objective: The objective is to test that the information about a particular version of an individual policy fails when using an invalid resource identifier.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.6.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.6.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -46,7 +46,7 @@ PUT Particular Version of an individual policy - Successful
     ...    Test title: PUT Particular Version of an individual policy - Successful
     ...    Test objective: The objective is to test that the PUT method transfers the content of a particular version of an individual policy.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.6.3.3 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.6.3.3 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: The policy content type is either JSON, YAML or ZIP.
     ...    Post-Conditions: none
@@ -58,7 +58,7 @@ PUT Particular Version of an individual policy - CONFLICT
     ...    Test title: PUT Particular Version of an individual policy - CONFLICT
     ...    Test objective: The objective is to test that the PUT method does not transfer the content of a particular version in case of a conflict.
     ...    Pre-conditions: The particular version has already been transferred to the API producer.
-    ...    Reference: Clause 5.5.6.3.3 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.6.3.3 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: The policy content type is either JSON, YAML or ZIP.
     ...    Post-Conditions: none
@@ -71,7 +71,7 @@ PATCH Particular Version of an individual policy - Method not implemented
     ...    Test title: PATCH Particular Version of an individual policy - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented for this resource.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.6.3.4 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.6.3.4 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -83,7 +83,7 @@ DELETE Particular Version of an individual policy - Successful
     ...    Test title: DELETE Particular Version of an individual policy - Successful
     ...    Test objective: The objective is to test that the DELETE method deletes a particular version of an individual policy.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.6.3.5 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.6.3.5 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -95,10 +95,34 @@ DELETE Particular Version of an individual policy - CONFLICT
     ...    Test title: DELETE Particular Version of an individual policy - CONFLICT
     ...    Test objective: The objective is to test that the DELETE method does not delete a particular version of an individual policy in case of a conflict.
     ...    Pre-conditions:  The requested version of the individual policy is the selected version.
-    ...    Reference: Clause 5.5.6.3.5 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.6.3.5 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE Particular Version of an Individual Policy
     Check HTTP Response Status Code Is    409
     Check HTTP Response Body Json Schema Is   ProblemDetails
+
+PUT Particular Version of an individual policy with permitted authorization scope
+     [Documentation]    Test ID: 10.3.1.5.9
+    ...    Test title: PUT Particular Version of an individual policy with permitted authorization scope
+    ...    Test objective: The objective is to test that the PUT method transfers the content of a particular version of an individual policy when a permitted authorization scope is used.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.5.6.3.3 - ETSI GS NFV-SOL 012 [9] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: The policy content type is either JSON, YAML or ZIP.
+    ...    Post-Conditions: none
+    PUT Particular Version of an Individual Policy with permitted authorization scope
+    Check HTTP Response Status Code Is    201
+
+PUT Particular Version of an individual policy with not permitted authorization scope
+     [Documentation]    Test ID: 10.3.1.5.10
+    ...    Test title: PUT Particular Version of an individual policy with not permitted authorization scope
+    ...    Test objective: The objective is to test that the PUT method fails to transfer the content of a particular version of an individual policy when a not permitted authorization scope is used..
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.5.6.3.3 - ETSI GS NFV-SOL 012 [9] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: The policy content type is either JSON, YAML or ZIP.
+    ...    Post-Conditions: none
+    PUT Particular Version of an Individual Policy with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
diff --git a/SOL012/PolicyManagement-API/Policies.robot b/SOL012/PolicyManagement-API/Policies.robot
index 18c4837b501b82a952efc1ceabb9a9a3b90151b0..ee4fe887191e447c09349b7a62c05a4aef8a701b 100644
--- a/SOL012/PolicyManagement-API/Policies.robot
+++ b/SOL012/PolicyManagement-API/Policies.robot
@@ -8,7 +8,7 @@ POST Create a new Policy
     ...    Test title: POST Create a new Policy
     ...    Test objective: The objective is to test that POST method creates a policy.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.3.3.1 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.3.3.1 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: Policy is created.     
@@ -22,7 +22,7 @@ GET Policies
     ...    Test title: GET Policies
     ...    Test objective: The objective is to test that GET method retrieves the list of existing policies.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.3.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.3.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -35,7 +35,7 @@ GET Policies - Filter
     ...    Test title: GET Policies - Filter
     ...    Test objective: The objective is to GET the list of existing policies using a filter.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.3.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.3.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -48,7 +48,7 @@ GET Policies - Bad Request Invalid attribute-based filtering parameters
     ...    Test title: GET Policies - Bad Request Invalid attribute-based filtering parameters
     ...    Test objective: The objective is to GET the list of existing policies using an invalid filter.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.3.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.3.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -61,7 +61,7 @@ GET Policies - Bad Request Response too Big
     ...    Test title: GET Policies - Bad Request Response too Big
     ...    Test objective: The objective is test that the retrieval of existing policies list fails because response is too big, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.3.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.3.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: NFV-MANO does not support paged response.
     ...    Post-Conditions: none 
@@ -74,7 +74,7 @@ GET Policies with "all_fields" attribute selector
     ...    Test title: GET Policies with "all_fields" attribute selector
     ...    Test objective: The objective is to retrieve the list of existing policies with "all_fields" attribute selector.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.3.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.3.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none 
     ...    Post-Conditions: none
@@ -87,7 +87,7 @@ GET Policies with "exclude_default" attribute selector
     ...    Test title: GET policies with "exclude_default" attribute selector
     ...    Test objective: The objective is to retrieve the list of existing policies with "exclude_default"s attribute selector.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.3.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.3.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -100,7 +100,7 @@ GET Policies with "fields" attribute selector
     ...    Test title: GET Policies with "fields" attribute selector
     ...    Test objective: The objective is to retrieve the list of existing policies with "fields" attribute selector.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.3.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.3.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -113,7 +113,7 @@ GET Policies with "exclude_fields" attribute selector
     ...    Test title: GET Policies with "exclude_fields" attribute selector
     ...    Test objective: The objective is to retrieve the list of existing policies with "exclude_fields" attribute selector.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.3.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.3.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -126,7 +126,7 @@ GET Policies with "exclude_default" and "fields" attribute selector
     ...    Test title: GET Policies with "exclude_default" and "fields" attribute selector
     ...    Test objective: The objective is to retrieve the list of existing policies with "exclude_default" and "fields" attribute selector
     ...    Pre-conditions: 
-    ...    Reference: Clause 5.5.3.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.3.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none 
     ...    Post-Conditions: none
@@ -139,7 +139,7 @@ GET Policies as Paged Response
     ...    Test title: GET Policies as Paged Response
     ...    Test objective: The objective is to test that GET method retrieves the list of existing policies as paged response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.3.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.3.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: NFV-MANO supports paged response.
     ...    Post-Conditions: none    
@@ -152,7 +152,7 @@ PUT Policies - Method not implemented
     ...    Test title: PUT Policies - Method not implemented
     ...    Test objective: The objective is to test that PUT method cannot modify policies.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.3.3.3 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.3.3.3 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -164,7 +164,7 @@ PATCH Policies - Method not implemented
     ...    Test title: PATCH Policies - Method not implemented
     ...    Test objective: The objective is to test that PATCH method cannot modify policies.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.3.3.4 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.3.3.4 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -176,10 +176,36 @@ DELETE Policies - Method not implemented
     ...    Test title: DELETE Policies - Method not implemented
     ...    Test objective: The objective is to test that DELETE method cannot delete policies.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.3.3.5 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.3.3.5 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: Policies are not deleted
     DELETE Policies
     Check HTTP Response Status Code Is    405
     Check Postcondition Policies Exist
+
+POST Create a new Policy with permitted authorization scope
+    [Documentation]    Test ID: 10.3.1.2.15
+    ...    Test title: POST Create a new Policy with permitted authorization scope
+    ...    Test objective: The objective is to test that POST method creates a policy with permitted authorization scope.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.5.3.3.1 - ETSI GS NFV-SOL 012 [9] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: Policy is created.     
+    POST Policies with permitted authorization scope
+    Check HTTP Response Status Code Is    201
+    Check HTTP Response Body Json Schema Is    Policy
+    Check HTTP Response Header Contains    Location
+
+POST Create a new Policy with not permitted authorization scope
+    [Documentation]    Test ID: 10.3.1.2.16
+    ...    Test title: POST Create a new Policy with not permitted authorization scope
+    ...    Test objective: The objective is to test that POST method to create a policy fails when a not permitted authorization scope is used.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.5.3.3.1 - ETSI GS NFV-SOL 012 [9] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: none.     
+    POST Policies with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
\ No newline at end of file
diff --git a/SOL012/PolicyManagement-API/PolicyManagementKeywords.robot b/SOL012/PolicyManagement-API/PolicyManagementKeywords.robot
index b6fd1f0e88eb2b072ca01b4dee311c60592e1be8..bddba0dea153447924ab6517f05dfc047f081ca7 100644
--- a/SOL012/PolicyManagement-API/PolicyManagementKeywords.robot
+++ b/SOL012/PolicyManagement-API/PolicyManagementKeywords.robot
@@ -7,6 +7,7 @@ Library    JSONSchemaLibrary    schemas/
 Library    String
 Library    MockServerLibrary
 Library    Process
+Library    jwt
 
 *** Keywords ***
 Create Sessions
@@ -199,6 +200,32 @@ GET Subscriptions
     Get    ${apiRoot}/${apiName}/${apiVersion}/subscriptions
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
+
+GET Subscriptions with permitted authorization scope
+    Log    Get the list of active subscriptions
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scope=${SUBSCRIPTIONS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Log    Authorization Token: ${authorizationToken}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Execute Query and validate response
+    Get    ${apiRoot}/${apiName}/${apiVersion}/subscriptions
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+GET Subscriptions with not permitted authorization scope
+    Log    Get the list of active subscriptions
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Log    Authorization Token: ${authorizationToken}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Log    Execute Query and validate response
+    Get    ${apiRoot}/${apiName}/${apiVersion}/subscriptions
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
 	
 Get subscriptions with all_fields attribute selector
     Log    Get the list of active subscriptions, using fields
@@ -305,6 +332,28 @@ GET Individual subscription
     Get    ${apiRoot}/${apiName}/${apiVersion}/subscriptions/${subscriptionId}  
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
+
+GET Individual subscription with permitted authorization scope
+    log    Trying to get information about an individual subscription
+    Set Headers    {"Accept":"${ACCEPT}"}  
+    ${scopeValue}=    Create Dictionary    scope=${SUBSCRIPTIONS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Log    Authorization Token: ${authorizationToken}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiVersion}/subscriptions/${subscriptionId}  
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+GET Individual subscription with not permitted authorization scope
+    log    Trying to get information about an individual subscription
+    Set Headers    {"Accept":"${ACCEPT}"}  
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Log    Authorization Token: ${authorizationToken}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiVersion}/subscriptions/${subscriptionId}  
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
 	
 GET Individual subscription with Invalid URI
     log    Trying to get information about an individual subscription with invalid subscription ID
@@ -427,6 +476,32 @@ POST Policies
 	${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
 
+POST Policies with permitted authorization scope
+    Log    Create policy instance by POST to ${apiRoot}/${apiName}/${apiVersion}/policies
+    ${scopeValue}=    Create Dictionary    scope=${POLICIES_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Log    Authorization Token: ${authorizationToken}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${body}=    Get File    jsons/CreatePolicyRequest.json
+    Post    ${apiRoot}/${apiName}/${apiVersion}/policies    ${body}    
+	${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+POST Policies with not permitted authorization scope
+    Log    Create policy instance by POST to ${apiRoot}/${apiName}/${apiVersion}/policies
+    ${scopeValue}=    Create Dictionary    scope=${POLICIES_NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Log    Authorization Token: ${authorizationToken}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${body}=    Get File    jsons/CreatePolicyRequest.json
+    Post    ${apiRoot}/${apiName}/${apiVersion}/policies    ${body}    
+	${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
 GET Policies
     Log    Get the list of existing policies
     Set Headers  {"Accept":"${ACCEPT}"}  
@@ -573,6 +648,32 @@ PATCH Individual Policy
     Patch    ${apiRoot}/${apiName}/${apiVersion}/policies/${policyId}    ${body}    
 	${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
+
+PATCH Individual Policy with permitted authorization scope
+    Log    Modify individual policy instance by PATCH to ${apiRoot}/${apiName}/${apiVersion}/policies/${policyId}
+    ${scopeValue}=    Create Dictionary    scope=${POLICIES_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Log    Authorization Token: ${authorizationToken}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${body}=    Get File    jsons/PolicyModifications.json
+    Patch    ${apiRoot}/${apiName}/${apiVersion}/policies/${policyId}    ${body}    
+	${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+PATCH Individual Policy with not permitted authorization scope
+    Log    Modify individual policy instance by PATCH to ${apiRoot}/${apiName}/${apiVersion}/policies/${policyId}
+    ${scopeValue}=    Create Dictionary    scope=${POLICIES_NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Log    Authorization Token: ${authorizationToken}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${body}=    Get File    jsons/PolicyModifications.json
+    Patch    ${apiRoot}/${apiName}/${apiVersion}/policies/${policyId}    ${body}    
+	${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
 	
 DELETE Individual Policy
     log    Trying to delete an individual policy, no conflict
@@ -630,7 +731,29 @@ GET Selected Version of an Individual Policy
     Get    ${apiRoot}/${apiName}/${apiVersion}/policies/${policyId}/selected_version  
     ${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
+
+GET Selected Version of an Individual Policy with permitted authorization scope
+    log    Trying to get information about the selected version of an individual policy
+    ${scopeValue}=    Create Dictionary    scope=${SELECTED_VERSION_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Log    Authorization Token: ${authorizationToken}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiVersion}/policies/${policyId}/selected_version  
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
 	
+GET Selected Version of an Individual Policy with not permitted authorization scope
+    log    Trying to get information about the selected version of an individual policy
+    ${scopeValue}=    Create Dictionary    scope=${NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Log    Authorization Token: ${authorizationToken}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    Get    ${apiRoot}/${apiName}/${apiVersion}/policies/${policyId}/selected_version  
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
 GET Selected Version of an Individual Policy in CREATED state
     log    Trying to get information about the selected version of an individual policy which is in CREATED state
     Set Headers    {"Accept":"${ACCEPT}"}  
@@ -702,6 +825,34 @@ PUT Particular Version of an Individual Policy
 	${outputResponse}=    Output    response
 	Set Global Variable    ${response}    ${outputResponse}
 
+PUT Particular Version of an Individual Policy with permitted authorization scope
+    Log    Using PUT method to transfer the content of a particular version of an individual policy.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Determine Policy Content Type
+    Set Headers  {"Content-Type": "${POLICY_CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scope=${VERSIONS_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Log    Authorization Token: ${authorizationToken}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${body}=    Get File    ${POLICY_CONTENT_FILENAME}
+    Put    ${apiRoot}/${apiName}/${apiVersion}/policies/${policyId}/versions/${policyVersion}    ${body}    
+	${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+PUT Particular Version of an Individual Policy with not permitted authorization scope
+    Log    Using PUT method to transfer the content of a particular version of an individual policy.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Determine Policy Content Type
+    Set Headers  {"Content-Type": "${POLICY_CONTENT_TYPE}"}
+    ${scopeValue}=    Create Dictionary    scope=${VERSIONS_NOT_PERMITTED_SCOPE} 
+    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=''    algorithm=${OAUTH_ENCRIPTION_ALGORITHM}
+    Log    Authorization Token: ${authorizationToken}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}
+    ${body}=    Get File    ${POLICY_CONTENT_FILENAME}
+    Put    ${apiRoot}/${apiName}/${apiVersion}/policies/${policyId}/versions/${policyVersion}    ${body}    
+	${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
 PUT Particular Version of an Individual Policy CONFLICT
     Log    Using PUT method to transfer the content of a particular version of an already transferred policy.
     Set Headers  {"Accept":"${ACCEPT}"}  
@@ -741,4 +892,9 @@ Check that the Content-Type Header Is Set
     Determine Policy Content Type
     Log    Validating content type
     Should Be Equal    ${response['headers']['Content-Type']}    ${POLICY_CONTENT_TYPE}
-    Log    Content Type validated 
\ No newline at end of file
+    Log    Content Type validated 
+
+JWT Encode
+    [Arguments]    ${payload}    ${key}    ${algorithm}
+    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})
+    [Return]    ${encoded}   
\ No newline at end of file
diff --git a/SOL012/PolicyManagement-API/SelectedVersionOfAnIndividualPolicy.robot b/SOL012/PolicyManagement-API/SelectedVersionOfAnIndividualPolicy.robot
index 7394c56d416a304297ade3f04865634bc5384544..f993f768bc79282c9e2095173fced9c612836363 100644
--- a/SOL012/PolicyManagement-API/SelectedVersionOfAnIndividualPolicy.robot
+++ b/SOL012/PolicyManagement-API/SelectedVersionOfAnIndividualPolicy.robot
@@ -8,7 +8,7 @@ POST Selected Version of an Individual Policy - Method not implemented
     ...    Test title: POST Selected Version of an Individual Policy - Method not implemented
     ...    Test objective: The objective is to test that POST method is not implemented for this resource.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.5.3.1 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.5.3.1 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -20,7 +20,7 @@ GET Information about the Selected Version of an Individual Policy - Successful
     ...    Test title: GET Information about the Selected Version of an Individual Policy - Successful
     ...    Test objective: The objective is to test The GET method fetches contents of the selected version of an individual policy and check that the HTTP Content-Type header is set according to the type of content.
     ...    Pre-conditions: Individual policy is available in the NFV-MANO. Policy contents are provided in the json/PolicyContent folder.
-    ...    Reference: Clause 5.5.5.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.5.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: The policy content type is either JSON, YAML or ZIP. 
     ...    Post-Conditions: none
@@ -33,7 +33,7 @@ GET Information about the Selected Version of an Individual Policy - NOT FOUND
     ...    Test title: GET Information about the Selected Version of an Individual Policy - NOT FOUND
     ...    Test objective: The objective is to test that the information about the selected version of an individual policy fails when using an invalid resource identifier.
     ...    Pre-conditions: The API producer did not find the current representation for the target resource.
-    ...    Reference: Clause 5.5.5.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.5.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -46,7 +46,7 @@ GET Information about the Selected Version of an Individual Policy - CREATED STA
     ...    Test title: GET Information about the Selected Version of an Individual Policy - NOT FOUND
     ...    Test objective: The objective is to test that the information about the selected version of an individual policy is not retrieved when it is in CREATED state.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.5.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.5.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -59,7 +59,7 @@ PUT Selected Version of an individual policy - Method not implemented
     ...    Test title: PUT Selected Version of an individual policy - Method not implemented
     ...    Test objective: The objective is to test that PUT method is not implemented for this resource.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.5.3.3 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.5.3.3 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -71,7 +71,7 @@ PATCH Selected Version of an individual policy - Method not implemented
     ...    Test title: PATCH Selected Version of an individual policy - Method not implemented
     ...    Test objective: The objective is to test that PATCH method is not implemented for this resource.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.5.3.4 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.5.3.4 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -83,9 +83,34 @@ DELETE Selected Version of an individual policy - Method not implemented
     ...    Test title: DELETE Selected Version of an individual policy - Method not implemented
     ...    Test objective: The objective is to test that DELETE method is not implemented for this resource.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.5.3.5 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.5.3.5 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
     DELETE Selected Version of an Individual Policy
     Check HTTP Response Status Code Is    405
+
+GET Information about the Selected Version of an Individual Policy with permitted authorization scope
+     [Documentation]    Test ID: 10.3.1.4.8
+    ...    Test title: GET Information about the Selected Version of an Individual Policy with permitted authorization scope
+    ...    Test objective: The objective is to test The GET method fetches contents of the selected version of an individual policy when a permitted authorization scope is used.
+    ...    Pre-conditions: Individual policy is available in the NFV-MANO. Policy contents are provided in the json/PolicyContent folder.
+    ...    Reference: Clause 5.5.5.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: The policy content type is either JSON, YAML or ZIP. 
+    ...    Post-Conditions: none
+    GET Selected Version of an Individual Policy with permitted authorization scope
+    Check HTTP Response Status Code Is    200
+    Check that the Content-Type Header Is Set
+
+GET Information about the Selected Version of an Individual Policy with not permitted authorization scope
+     [Documentation]    Test ID: 10.3.1.4.9
+    ...    Test title: GET Information about the Selected Version of an Individual Policy with not permitted authorization scope
+    ...    Test objective: The objective is to test the GET method fails to fetch a selected version of an individual policy when a not permitted authorization scope is used.
+    ...    Pre-conditions: Individual policy is available in the NFV-MANO. Policy contents are provided in the json/PolicyContent folder.
+    ...    Reference: Clause 5.5.5.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: The policy content type is either JSON, YAML or ZIP. 
+    ...    Post-Conditions: none
+    GET Selected Version of an Individual Policy with not permitted authorization scope
+    Check HTTP Response Status Code Is    401
diff --git a/SOL012/PolicyManagement-API/Subscriptions.robot b/SOL012/PolicyManagement-API/Subscriptions.robot
index e45cfdf8ee4354921adcb4d657e07df7994a7c12..9908826ea8d86d94b761cb918b7e4351b06753ad 100644
--- a/SOL012/PolicyManagement-API/Subscriptions.robot
+++ b/SOL012/PolicyManagement-API/Subscriptions.robot
@@ -11,7 +11,7 @@ POST Create a new subscription
     ...    Test title: POST Create a new subscription
     ...    Test objective: The objective is to test that POST method creates a subscription.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.7.3.1 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.7.3.1 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: Policy subscription is created.     
@@ -26,7 +26,7 @@ POST Create a new Subscription - DUPLICATION NOT ALLOWED
     ...    Test title: POST Create a new subscription - DUPLICATION NOT ALLOWED
     ...    Test objective: The objective is to test that POST method cannot create a duplicate subscription. 
     ...    Pre-conditions: A subscription shall already exist. 
-    ...    Reference: Clause 5.5.7.3.1 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.7.3.1 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: Duplication is not supported by NFVMANO.
     ...    Post-Conditions: Individual subscription resource returned in the location header is available.      
@@ -40,7 +40,7 @@ POST Create a new Subscription - UNPROCESSABLE CONTENT
     ...    Test title: POST Create a new Subscription - UNPROCESSABLE CONTENT
     ...    Test objective: The objective is to test that correct error code is generated when data in the request body cannot be processed. 
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.7.3.1 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.7.3.1 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: Callback URI is not reachable by the API producer.
     ...    Post-Conditions: none     
@@ -53,7 +53,7 @@ GET Subscriptions
     ...    Test title: GET Subscriptions
     ...    Test objective: The objective is to test that GET method retrieves the list of existing subscriptions.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.7.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.7.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -66,7 +66,7 @@ GET Subscription - Filter
     ...    Test title: GET Subscription - Filter
     ...    Test objective: The objective is to GET the list of active subscriptions using a filter.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.7.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.7.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none    
@@ -79,7 +79,7 @@ GET subscriptions - Bad Request Invalid attribute-based filtering parameters
     ...    Test title: GET subscriptions - Bad Request Invalid attribute-based filtering parameters
     ...    Test objective: The objective is to GET the list of active subscriptions using an invalid filter.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.7.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.7.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none 
@@ -92,7 +92,7 @@ GET subscriptions - Bad Request Response too Big
     ...    Test title: GET subscriptions - Bad Request Response too Big
     ...    Test objective: The objective is test that the retrieval of active subscriptions list fails because response is too big, and perform the JSON schema validation of the failed operation HTTP response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.7.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.7.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: NFV-MANO does not support paged response.
     ...    Post-Conditions: none 
@@ -105,7 +105,7 @@ GET subscriptions with "all_fields" attribute selector
     ...    Test title: GET subscriptions with "all_fields" attribute selector
     ...    Test objective: The objective is to retrieve the list of active subscriptions with "all_fields" attribute selector
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.7.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.7.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none 
     ...    Post-Conditions: none
@@ -118,7 +118,7 @@ GET subscriptions with "exclude_default" attribute selector
     ...    Test title: GET subscriptions with "exclude_default" attribute selector
     ...    Test objective: The objective is to retrieve the list of active subscriptions with "exclude_default"s attribute selector
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.7.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.7.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -131,7 +131,7 @@ GET subscriptions with "fields" attribute selector
     ...    Test title: GET subscriptions with "fields" attribute selector
     ...    Test objective: The objective is to retrieve the list of active subscriptions with "fields" attribute selector
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.7.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.7.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -144,7 +144,7 @@ GET subscriptions with "exclude_fields" attribute selector
     ...    Test title: GET subscriptions with "exclude_fields" attribute selector
     ...    Test objective: The objective is to retrieve the list of active subscriptions with "exclude_fields" attribute selector
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.7.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.7.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability:  none
     ...    Post-Conditions: none
@@ -157,7 +157,7 @@ GET Subscriptions as Paged Response
     ...    Test title: GET Subscriptions as Paged Response
     ...    Test objective: The objective is to test that GET method retrieves the list of existing subscriptions as paged response.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.7.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.7.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: NFV-MANO supports paged response.
     ...    Post-Conditions: none    
@@ -170,7 +170,7 @@ GET subscriptions with "exclude_default" and "fields" attribute selector
     ...    Test title: GET subscriptions with "exclude_default" and "fields" attribute selector
     ...    Test objective: The objective is to retrieve the list of active subscriptions with "exclude_default" and "fields" attribute selector
     ...    Pre-conditions: 
-    ...    Reference: Clause 5.5.7.3.2 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.7.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none 
     ...    Post-Conditions: none
@@ -183,7 +183,7 @@ PUT subscriptions - Method not implemented
     ...    Test title: PUT subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PUT method cannot modify a policy management subscription.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.7.3.3 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.7.3.3 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -195,7 +195,7 @@ PATCH subscriptions - Method not implemented
     ...    Test title: PATCH subscriptions - Method not implemented
     ...    Test objective: The objective is to test that PATCH method cannot modify a policy management subscription.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.7.3.4 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.7.3.4 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: none
@@ -207,10 +207,35 @@ DELETE subscriptions - Method not implemented
     ...    Test title: DELETE subscriptions - Method not implemented
     ...    Test objective: The objective is to test that DELETE method cannot delete a policy management subscription.
     ...    Pre-conditions: none
-    ...    Reference: Clause 5.5.7.3.5 - ETSI GS NFV-SOL 012 [7] v4.4.1
+    ...    Reference: Clause 5.5.7.3.5 - ETSI GS NFV-SOL 012 [9] v4.5.1
     ...    Config ID: Config_prod_NFV-MANO
     ...    Applicability: none
     ...    Post-Conditions: Subscriptions are not deleted
     DELETE subscriptions
     Check HTTP Response Status Code Is    405
     Check Postcondition Subscriptions Exist
+
+GET Subscriptions with permitted authorization scope
+    [Documentation]    Test ID: 10.3.1.6.17
+    ...    Test title: GET Subscriptions with permitted authorization scope
+    ...    Test objective: The objective is to test that GET method retrieves the list of existing subscriptions when a permitted authorization scope is used.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.5.7.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: none    
+    GET Subscriptions with permitted authorization scope
+    Check HTTP Response Status Code Is  200
+    Check HTTP Response Body Json Schema Is  subscriptions
+
+GET Subscriptions with not permitted authorization scope
+    [Documentation]    Test ID: 10.3.1.6.18
+    ...    Test title: GET Subscriptions with not permitted authorization scope
+    ...    Test objective: The objective is to test that GET method fails to retrieve the list of existing subscriptions when a not permitted authorization scope is used.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.5.7.3.2 - ETSI GS NFV-SOL 012 [9] v4.5.1
+    ...    Config ID: Config_prod_NFV-MANO
+    ...    Applicability: none
+    ...    Post-Conditions: none    
+    GET Subscriptions with not permitted authorization scope
+    Check HTTP Response Status Code Is  401
\ No newline at end of file
diff --git a/SOL012/PolicyManagement-API/environment/variables.txt b/SOL012/PolicyManagement-API/environment/variables.txt
index edba991e99ddc7395f83ae250a20bf858c40efe5..8d6db9734b88c701af233e528cc5eceef00c2b92 100644
--- a/SOL012/PolicyManagement-API/environment/variables.txt
+++ b/SOL012/PolicyManagement-API/environment/variables.txt
@@ -4,6 +4,16 @@ ${NFVMANO_PORT}      8081    # Listening port of the NFVO
 ${NFVMANO_SCHEMA}    https
 ${AUTHORIZATION_HEADER}    Authorization
 ${AUTHORIZATION_TOKEN}    Bearer    QWxhZGRpbjpvcGVuIHNlc2FtZQ==
+
+${OAUTH_ENCRIPTION_ALGORITHM}    HS256
+${POLICIES_PERMITTED_SCOPE}    nfvpolicy:v2:policies
+${POLICIES_NOT_PERMITTED_SCOPE}    nfvpolicy:v2:policies:readonly
+${SELECTED_VERSION_PERMITTED_SCOPE}    nfvpolicy:v2:policies:selected_version
+${NOT_PERMITTED_SCOPE}    nfvpolicy:v2:policies:invalid
+${VERSIONS_PERMITTED_SCOPE}    nfvpolicy:v2:versions
+${VERSIONS_NOT_PERMITTED_SCOPE}    nfvpolicy:v2:versions:readonly
+${SUBSCRIPTIONS_PERMITTED_SCOPE}    nfvpolicy:v2:subscriptions
+
 ${CONTENT_TYPE}    application/json
 ${CONTENT_TYPE_JSON}    application/json
 ${ACCEPT}         application/json
diff --git a/indexes/ic_tests_index.csv b/indexes/ic_tests_index.csv
new file mode 100644
index 0000000000000000000000000000000000000000..8a89ebf4d6b5119e94ea3127cabefe13a1263deb
--- /dev/null
+++ b/indexes/ic_tests_index.csv
@@ -0,0 +1,12 @@
+11,Interconnected Test Cases,interconnectedTestCases
+11.3.1,SOL003 Interconnected Test Cases,SOL003
+11.3.1.1,VNF Instance Creation and Query,VNFInstanceCreationAndQuery.robot
+11.3.1.2,VNF Instance Modification,VNFInstanceModification.robot
+11.3.1.3,VNF Instance Deletion,VNFInstanceDeletion.robot
+11.3.1.4,VNF Instance Instantation,VNFInstanceInstantiation.robot
+11.3.1.5,VNF Instance Termination,VNFInstanceTermination.robot
+11.3.1.6,VNF Instance Operation Occurrences,VNFInstanceOperationOccurrences.robot
+11.3.1.7,Subscription Creation and Query,SubscriptionCreationAndQuery.robot
+11.3.1.8,Subscription Deletion,SubscriptionDeletion.robot
+11.3.1.9,VNF Instance Scale Out,VNFInstanceScaleOut.robot
+11.3.1.10,VNF Instance Scale In,VNFInstanceScaleIn.robot
\ No newline at end of file
diff --git a/interconnectedTestCases/SOL003/.gitkeep b/interconnectedTestCases/SOL003/.gitkeep
new file mode 100644
index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
diff --git a/interconnectedTestCases/SOL003/IC_TC_Keywords.robot b/interconnectedTestCases/SOL003/IC_TC_Keywords.robot
new file mode 100644
index 0000000000000000000000000000000000000000..d77d6c81b2e44f69ade8bb0aa7e6834507a72eeb
--- /dev/null
+++ b/interconnectedTestCases/SOL003/IC_TC_Keywords.robot
@@ -0,0 +1,822 @@
+*** Settings ***
+Library           JSONSchemaLibrary    schemas/
+Resource          environment/variables.txt    # Generic Parameters
+Library           OperatingSystem
+Library           JSONLibrary
+Library           Process
+Library           String
+Library           Collections
+Library           String
+Library           MockServerLibrary
+Variables         descriptors/SOL001/VNFD/vnfd_SOL001.yaml
+Variables         descriptors/SOL006/VNFD/vnfd_SOL006.yaml
+Library           REST    ${None}    ssl_verify=${False}
+
+*** Keywords ***
+Initialize System
+    Create Sessions
+
+Create Sessions   
+    Start Process  java  -jar  ${MOCK_SERVER_JAR}    -serverPort  ${callback_port}  alias=mockInstance
+    Wait For Process  handle=mockInstance  timeout=5s  on_timeout=continue
+    Create Mock Session  ${callback_uri}:${callback_port}
+
+GET Individual VNF Package
+    [Documentation]    Test ID: 7.3.3.2.1
+    ...    Test title: GET Individual VNF Package
+    ...    Test objective: The objective is to test the retrieval of an individual VNF package information perform a JSON schema validation of the collected data structure
+    ...    Pre-conditions: One or more VNF packages are onboarded in the NFVO.
+    ...    Reference: Clause 10.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual VNF Package [Keyword]
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    vnfPkgInfo
+    Check HTTP Response Body vnfPkgInfo Identifier matches the requested VNF Package
+    Check HTTP Response Body of Individual VNF Package content against VNF Descriptor
+
+POST Create a new vnfInstance
+    [Documentation]    Test ID: 7.3.1.1.1
+    ...    Test title: POST Create a new vnfInstance
+    ...    Test objective: The objective is to create a new VNF instance resource
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: VNF instance created
+    POST Create a new vnfInstance [keyword]
+    Check HTTP Response Status Code Is    201
+    Check HTTP Response Body Json Schema Is    vnfInstance
+
+GET information about multiple VNF instances
+    [Documentation]    Test ID: 7.3.1.1.2
+    ...    Test title: GET information about multiple VNF instances
+    ...    Test objective: The objective is to query information about multiple VNF instances
+    ...    Pre-conditions:    none
+    ...    Reference: Clause 5.4.2.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET multiple vnfInstances
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    vnfInstances
+
+Get Information about an individual VNF Instance
+    [Documentation]    Test ID: 7.3.1.2.2
+    ...    Test title: Get Information about an individual VNF Instance
+    ...    Test objective: The objective is to create a new VNF instance resource
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.3.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET individual vnfInstance
+    Check HTTP Response Header Contains ETag and Last-Modified
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    vnfInstance
+    Check HTTP Response Body vnfInstance content against VNF Descriptor
+
+DELETE Individual VNFInstance
+    [Documentation]    Test ID: 7.3.1.2.7
+    ...    Test title: DELETE Individual VNFInstance
+    ...    Test objective: The objective is to delete a VNF instance
+    ...    Pre-conditions: the VNF instance resource is existing
+    ...    Reference: Clause 5.4.3.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: VNFInstance deleted
+    DELETE individual vnfInstance [Keyword]
+    Check HTTP Response Status Code Is    204
+
+PATCH Individual VNFInstance
+    [Documentation]    Test ID: 7.3.1.2.4
+    ...    Test title: PATCH Individual VNFInstance
+    ...    Test objective: This method modifies an individual VNF instance resource
+    ...    Pre-conditions: an existing VNF instance resource
+    ...    Reference: Clause 5.4.3.3.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: VNFInstance modified
+    PATCH individual vnfInstance [keyword]
+    Check HTTP Response Status Code Is    202
+    Check Operation Occurrence Id existence
+
+Instantiate a vnfInstance
+    [Documentation]    Test ID: 7.3.1.3.1
+    ...    Test title: Post Instantiate Individual VNFInstance
+    ...    Test objective: The objective is to instantiate a VNF instance
+    ...    Pre-conditions: VNF instance resource is in NOT INSTANTIATED state
+    ...    Reference: Clause 5.4.4.4.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST instantiate individual vnfInstance
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Header Contains    Location
+    Check Individual VNF LCM operation occurrence operationState is    STARTING
+
+VNF Instantiation
+    [Documentation]    Test ID: 7.3.1.26.1
+    ...    Test title: VNF Instantiation workflow
+    ...    Test objective: The objective is to test the workflow for the instantiation of a VNF instance
+    ...    Pre-conditions: VNF instance resources is already created. NFVO is subscribed to VNF LCM Operation Occurrence notifications 
+    ...    Reference: Clause 5.4.4 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability:  NFVO is able to receive notifications from VNFM
+    ...    Post-Conditions: VNF instance in INSTANTIATED state
+    Send VNF Instantiation Request
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Header Contains    Location
+    Check Operation Occurrence Id existence
+    Check Operation Notification For Instantiation  STARTING
+    Check Operation Notification For Instantiation  PROCESSING
+    Check Operation Notification For Instantiation  COMPLETED
+    Check Postcondition VNF Status  INSTANTIATED
+
+POST Terminate a vnfInstance
+    [Documentation]    Test ID: 7.3.1.7.1
+    ...    Test title: POST Terminate a vnfInstance
+    ...    Test objective: The objective is to test that POST method terminate a VNF instance
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.8.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    POST Terminate VNF
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Header Contains    Location
+    Check Individual VNF LCM operation occurrence operationState is    STARTING
+
+Terminate a VNF Instance
+    [Documentation]    Test ID: 7.3.1.33.1
+    ...    Test title: Terminate a VNF Instance
+    ...    Test objective: The objective is to terminate a VNF instance.
+    ...    Pre-conditions: VNF instance in INSTANTIATED state 
+    ...    Reference: Clause 5.3.3 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: NFVO is able to receive notifications from VNFM. 
+    ...    Post-Conditions: VNF instance in NOT_INSTANTIATED state 
+    Send Terminate VNF Request
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Header Contains    Location 
+    Check Operation Occurrence Id existence
+    Check Operation Notification For Terminate    STARTING
+    Check Operation Notification For Terminate    PROCESSING
+    Check Operation Notification For Terminate    COMPLETED
+    Check Postcondition VNF Terminate
+
+GET status information about multiple VNF LCM Operation OCC 
+    [Documentation]    Test ID: 7.3.1.11.2
+    ...    Test title: GET status information about multiple VNF LCM Operation OCC
+    ...    Test objective: The objective is to test that GET method retrieve Query status information about multiple VNF lifecycle management operation occurrences.
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.12.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none   
+    GET VNF LCM Operation occurrences
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Body Json Schema Is    VnfLcmOpOccs 
+
+Get Individual VNF LCM Operation occurrence
+    [Documentation]    Test ID: 7.3.1.12.2
+    ...    Test title: Get Individual VNF LCM Operation occurrences
+    ...    Test objective: The objective is to test that this method retrieve information about a VNF lifecycle management operation occurrence 
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.13.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none 
+    Get Individual VNF LCM Operation occurrence [keyword]
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    VnfLcmOpOcc 
+    Check HTTP Response Body of Individual VNF LCM Operation occurrences content against VNF Descriptor
+
+POST Create a new subscription
+    [Documentation]    Test ID: 7.3.1.17.1
+    ...    Test title: POST Create a new subscription
+    ...    Test objective: The POST method creates a new subscription
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.18.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: in response header Location shall not be null
+    Post Create subscription
+    Check HTTP Response Status Code Is    201
+    Check HTTP Response Body Json Schema Is    Subscription
+
+GET Subscriptions
+    [Documentation]    Test ID: 7.3.1.17.4
+    ...    Test title: GET Subscriptions
+    ...    Test objective: The objective is Get the list of active subscriptions
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.18.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none 
+    Get subscriptions [keyword]
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    Subscriptions
+
+GET Individual Subscription
+    [Documentation]    Test ID: 7.3.1.18.2
+    ...    Test title: GET Individual Subscription
+    ...    Test objective: The objective is to test the Get individual subscription
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.19.3.2 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none 
+    Get Individual Subscription [keyword]
+    Check HTTP Response Status Code Is    200
+    Check HTTP Response Body Json Schema Is    Subscription
+
+DELETE an individual subscription
+    [Documentation]    Test ID: 7.3.1.18.5
+    ...    Test title: DELETE an individual subscription
+    ...    Test objective: The objective is to test that the individual subscription is succesfully deleted
+    ...    Pre-conditions: none
+    ...    Reference: Clause 5.4.19.3.5 - ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: Subscription deleted from VNFM
+    Delete Individual subscription
+	Check HTTP Response Status Code Is    204
+    Check Postcondition Subscription Resource is Deleted
+
+VNF Instance Scale Out
+    [Documentation]    Test ID: 7.3.1.32.1
+    ...    Test title: VNF Instance Scale Out workflow
+    ...    Test objective: The objective is to test the workflow for the scaling out a VNF instance
+    ...    Pre-conditions: VNF instance in INSTANTIATED state (Test ID 5.4.4.1). NFVO is subscribed to VNF LCM Operation Occurrence notifications (Test ID 5.4.20.1)
+    ...    Reference: Clause 5.4.5 - ETSI GS NFV-SOL 003 [1] v4.4.1
+    ...    Config ID: Config_prod_VNFM
+    ...    Applicability:  NFVO is able to receive notifications from VNFM. Scale operation is supported for the VNF (as capability in the VNFD)
+    ...    Post-Conditions: VNF instance still in INSTANTIATED state and VNF is scaled out
+    Send VNF Scale Out Request
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Header Contains    Location 
+    Check Operation Occurrence Id existence
+    Check Operation Notification For Scale   STARTING
+    Check Operation Notification For Scale    PROCESSING
+    Check Operation Notification For Scale    COMPLETED
+    Check Postcondition VNF    SCALE_OUT
+
+VNF Instance Scale In
+    Send VNF Scale In Request
+    Check HTTP Response Status Code Is    202
+    Check HTTP Response Header Contains    Location 
+    Check Operation Occurrence Id existence
+    Check Operation Notification For Scale   STARTING
+    Check Operation Notification For Scale    PROCESSING
+    Check Operation Notification For Scale    COMPLETED
+    Check Postcondition VNF    SCALE_IN
+
+GET Individual VNF Package [keyword]
+    Log    Trying to get a VNF Package present in the NFVO Catalogue
+    Set Headers    {"Accept": "${ACCEPT_JSON}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    GET    ${NFVO}/${NFVO_API_ROOT}/${NFVO_API_NAME}/${NFVO_API_MAJOR_VERSION}/vnf_packages/${vnfPackageId}
+    ${output}=    Output    response
+    Set Global Variable    ${response}    ${output}
+
+POST Create a new vnfInstance [keyword]
+    Log    Create VNF instance by POST to /vnf_instances
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    ${template}=    Get File    jsons/createVnfRequest.json
+    ${body}=    Format String    ${template}    vnfdId=${vnfdId}
+    Post    ${VNFM}/${VNFM_API_ROOT}/${VNFM_API_NAME}/${VNFM_API_MAJOR_VERSION}/vnf_instances    ${body}
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+    Set Global Variable    ${vnfid}    ${outputResponse['body']['id']}
+
+GET multiple vnfInstances
+    Log    Query VNF The GET method queries information about multiple VNF instances.
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    Log    Execute Query and validate response
+    GET    ${VNFM}/${VNFM_API_ROOT}/${VNFM_API_NAME}/${VNFM_API_MAJOR_VERSION}/vnf_instances
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+
+GET individual vnfInstance
+    log    Trying to get information about an individual VNF instance
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    GET    ${VNFM}/${VNFM_API_ROOT}/${VNFM_API_NAME}/${VNFM_API_MAJOR_VERSION}/vnf_instances/${vnfid}
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+
+DELETE individual vnfInstance [Keyword]
+    log    Trying to delete an individual VNF instance
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    Delete    ${VNFM}/${VNFM_API_ROOT}/${VNFM_API_NAME}/${VNFM_API_MAJOR_VERSION}/vnf_instances/${response['body']['id']}
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+
+PATCH individual vnfInstance [Keyword]
+    log    Trying to modify an individual VNF instance
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE_PATCH}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    Run Keyword If    ${check_descriptors} == 1    PARSE the Descriptor File
+    ${template}=    Get File    jsons/patchBodyRequest.json
+    ${body}=    Format String    ${template}    vnfdId=${Descriptor_ID}    vnfdVersion= ${Descriptor_Version}
+    Patch    ${VNFM}/${VNFM_API_ROOT}/${VNFM_API_NAME}/${VNFM_API_MAJOR_VERSION}/vnf_instances/${response['body']['id']}    ${body}
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+
+POST instantiate individual vnfInstance
+    Log    Trying to Instantiate a vnf Instance
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    ${body}=    Get File    jsons/instantiateVnfRequest.json
+    Post    ${VNFM}/${VNFM_API_ROOT}/${VNFM_API_NAME}/${VNFM_API_MAJOR_VERSION}/vnf_instances/${response['body']['id']}/instantiate    ${body}
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+
+POST Terminate VNF
+    Log    Trying to terminate a VNF instance.
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    ${template}=    Get File    jsons/terminateVnfRequest.json
+    ${body}=    Format String    ${template}    terminationType=${terminationType}
+    Post    ${VNFM}/${VNFM_API_ROOT}/${VNFM_API_ROOT}/${VNFM_API_MAJOR_VERSION}/vnf_instances/${response['body']['id']}/terminate    ${body}
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+#-----------------------------------------Individual VNF Package------------------------------
+
+Check HTTP Response Body of Individual VNF Package content against VNF Descriptor
+    Run Keyword If    ${check_descriptors} == 1    Check Individual VNF Package Content
+
+Check Individual VNF Package Content
+    PARSE the Descriptor File
+    Match the VNF Package Response Attributes with Descriptors
+#-------------------------------------------Individual Instance------------------------
+
+Check HTTP Response Body vnfInstance content against VNF Descriptor
+    Run Keyword If    ${check_descriptors} == 1    Check Individual VNF Instance Content
+
+Check Individual VNF Instance Content
+    PARSE the Descriptor File
+    Match the VNF Instance Response Attributes with Descriptors
+#-------------------------------------------descriptor------------------------
+
+PARSE the Descriptor File
+    Run Keyword If    '${descriptorType}'=='SOL001'    Fetch Information from SOL001 descriptor file    ELSE    Fetch Information from SOL006 descriptor file
+
+Fetch Information from SOL001 descriptor file
+    Import Variables    ${CURDIR}/descriptors/SOL001/VNFD/vnfd_SOL001.yaml
+    @{VDU_labels}=    Create List
+    @{VNF_labels}=    Create List
+    @{VirtualLink_labels}=    Create List
+    @{CP_labels}=    Create List
+    @{Storage_labels}=    Create List
+    FOR    ${key}    IN    @{node_types.keys()}
+        ${node_type}=    Get Variable Value    ${node_types['${key}']['derived_from']}
+        ${is_VNF}=    Run Keyword And Return Status    Should Be Equal As Strings    ${node_type}    ${tosca_type_VNF}
+        Run Keyword If    ${is_VNF}    Set Global Variable    ${tosca_type_derived_from_VNF}    ${key}
+    END
+    ${derived_type_is_used}=    Run Keyword And Return Status    Should not be empty    ${tosca_type_derived_from_VNF}
+    Run Keyword If    ${derived_type_is_used}    Set Global Variable    ${tosca_type_VNF}    ${tosca_type_derived_from_VNF}
+    FOR    ${key}    IN    @{topology_template.node_templates.keys()}
+        ${key_type}=    Get Variable Value    ${topology_template.node_templates['${key}'].type}
+        ${VDU_check}=    Run Keyword And Return Status    Should Be Equal As Strings    ${key_type}    ${tosca_type_VDU_compute}
+        ${VNF_check}=    Run Keyword And Return Status    Should Be Equal As Strings    ${key_type}    ${tosca_type_VNF}
+        ${Link_check}=    Run Keyword And Return Status    Should Be Equal As Strings    ${key_type}    ${tosca_type_virtual_link}
+        ${VDUcp_check}=    Run Keyword And Return Status    Should Be Equal As Strings    ${key_type}    ${tosca_type_VDU_cp}
+        ${Storage_check}=    Run Keyword And Return Status    Should Be Equal As Strings    ${key_type}    ${tosca_type_storage}
+        Run Keyword If    ${VDU_check}    Append To List    ${VDU_labels}    ${key}
+        Run Keyword If    ${VNF_check}    Append To List    ${VNF_labels}    ${key}
+        Run Keyword If    ${VNF_check}    Get VNF Attributes from SOL001    ${key}
+        Run Keyword If    ${Link_check}    Append To List    ${VirtualLink_labels}    ${key}
+        Run Keyword If    ${VDUcp_check}    Append To List    ${CP_labels}    ${key}
+        Run Keyword If    ${Storage_check}    Append To List    ${Storage_labels}    ${key}
+    END
+    Set Global Variable    @{VDU_IDs}    @{VDU_labels}
+    Set Global Variable    @{VNF_IDs}    @{VNF_labels}
+    Set Global Variable    @{VirtualLink_IDs}    @{VirtualLink_labels}
+    Set Global Variable    @{CP_IDs}    @{CP_labels}
+    Set Global Variable    @{Storage_IDs}    @{Storage_labels}
+
+Get VNF Attributes from SOL001
+    [Arguments]    ${VNF_label}
+    Import Variables    ${CURDIR}/descriptors/SOL001/VNFD/vnfd_SOL001.yaml
+    ${descriptor_id}=    Get Variable Value    ${topology_template.node_templates['${VNF_label}'].properties.descriptor_id}
+    ${provider}=    Get Variable Value    ${topology_template.node_templates['${VNF_label}'].properties.provider}
+    ${product_name}=    Get Variable Value    ${topology_template.node_templates['${VNF_label}'].properties.product_name}
+    ${software_version}=    Get Variable Value    ${topology_template.node_templates['${VNF_label}'].properties.software_version}
+    ${descriptor_version}=    Get Variable Value    ${topology_template.node_templates['${VNF_label}'].properties.descriptor_version}
+    ${flavour_id}=    Get Variable Value    ${topology_template.node_templates['${VNF_label}'].properties.flavour_id}
+    Set Global Variable    ${Descriptor_ID}    ${descriptor_id}
+    Set Global Variable    ${Provider}    ${provider}
+    Set Global Variable    ${Product_Name}    ${product_name}
+    Set Global Variable    ${Software_Version}    ${software_version}
+    Set Global Variable    ${Descriptor_Version}    ${descriptor_version}
+    Set Global Variable    ${Flavour_ID}    ${flavour_id}
+
+Fetch Information from SOL006 descriptor file
+    Import Variables    ${CURDIR}/descriptors/SOL006/VNFD/vnfd_SOL006.yaml
+    ${descriptor_id}=    Get Variable Value    ${nfv.vnfd[0].id}
+    ${provider}=    Get Variable Value    ${nfv.vnfd[0].provider}
+    ${product_name}=    Get Variable Value    ${nfv.vnfd[0]['product-name']}
+    ${software_version}=    Get Variable Value    ${nfv.vnfd[0]['software-version']}
+    ${descriptor_version}=    Get Variable Value    ${nfv.vnfd[0].version}
+    ${VDUcount}=    Get Length    ${nfv.vnfd[0].vdu}
+    ${extCP_count}=    Get Length    ${nfv.vnfd[0]['ext-cpd']}
+    ${virtualLink_count}=    Get length    ${nfv.vnfd[0]['int-virtual-link-desc']}
+    ${instantiation_levels}=    Get Length    ${nfv.vnfd[0].df['instantiation-level']}
+    FOR    ${key}    IN    @{nfv.vnfd[0].keys()}
+        ${VDU_check}=    Run Keyword And Return Status    Should Be Equal As Strings    ${key}    vdu
+        Run Keyword If    ${VDU_check}    Get VDU IDs    ${VDUcount}
+        ${extCP_check}=    Run Keyword And Return Status    Should Be Equal As Strings    ${key}    ext-cpd
+        Run Keyword If    ${extCP_check}    Get External CP IDs    ${extCP_count}
+        ${virtualLink_check}=    Run Keyword And Return Status    Should Be Equal As Strings    ${key}    int-virtual-link-desc
+        Run Keyword If    ${virtualLink_check}    Get Virtual Link IDs    ${virtualLink_count}
+        ${DF_check}=    Run Keyword And Return Status    Should Be Equal As Strings    ${key}    df
+        Run Keyword If    ${DF_check}    Get Instantiation Levels    ${instantiation_levels}
+    END
+    Set Global Variable    ${Descriptor_ID}    ${descriptor_id}
+    Set Global Variable    ${Provider}    ${provider}
+    Set Global Variable    ${Product_Name}    ${product_name}
+    Set Global Variable    ${Software_Version}    ${software_version}
+    Set Global Variable    ${Descriptor_Version}    ${descriptor_version}
+
+Get VDU IDs
+    [Arguments]    ${count}
+    Import Variables    ${CURDIR}/descriptors/SOL006/VNFD/vnfd_SOL006.yaml
+    @{VDU_labels}=    Create List
+    ${Storage_labels}=    Create List
+    FOR    ${i}    IN RANGE    ${count}
+        Append To List    ${VDU_labels}    ${nfv.vnfd[0].vdu[${i}]['id']}
+        Append To List    ${Storage_labels}    ${nfv.vnfd[0].vdu[${i}]['virtual-storage-desc']}
+        Get Internal CPs for each VDU    ${i}
+    END
+    Set Global Variable    ${VDU_IDs}    ${VDU_labels}
+    Set Global Variable    ${Storage_IDs}    ${Storage_labels}
+
+Get Internal CPs for each VDU
+    [Arguments]    ${vdu}
+    Import Variables    ${CURDIR}/descriptors/SOL006/VNFD/vnfd_SOL006.yaml
+    ${count}=    Get Length    ${nfv.vnfd[0].vdu[${vdu}]['int-cpd']}
+    ${internal_CPs}=    Create List
+    FOR    ${i}    IN RANGE    ${count}
+        Append To List    ${internal_CPs}    ${nfv.vnfd[0].vdu[${vdu}]['int-cpd'][${i}]['id']}
+    END
+    Set Global Variable    ${internalCP_IDs}    ${internal_CPs}
+
+Get External CP IDs
+    [Arguments]    ${count}
+    Import Variables    ${CURDIR}/descriptors/SOL006/VNFD/vnfd_SOL006.yaml
+    @{external_CPs}=    Create List
+    FOR    ${i}    IN RANGE    ${count}
+        Append To List    ${external_CPs}    ${nfv.vnfd[0].ext_cpd[${i}].id}
+    END
+    Set Global Variable    ${externalCP_IDs}    ${external_CPs}
+
+Get Virtual Link IDs
+    [Arguments]    ${count}
+    Import Variables    ${CURDIR}/descriptors/SOL006/VNFD/vnfd_SOL006.yaml
+    ${VirtualLink_labels}=    Create List
+    FOR    ${i}    IN RANGE    ${count}
+        Append To List    ${VirtualLink_labels}    ${nfv.vnfd[0]['int-virtual-link-desc'][${i}]['id']}
+    END
+    Set Global Variable    ${VirtualLink_IDs}    ${VirtualLink_labels}
+
+Get Instantiation Levels
+    [Arguments]    ${count}
+    Import Variables    ${CURDIR}/descriptors/SOL006/VNFD/vnfd_SOL006.yaml
+    @{Instantiation_Levels}=    Create List
+    FOR    ${i}    IN RANGE    ${count}
+        Append To List    ${Instantiation_Levels}    ${nfv.vnfd[0].df['instantiation-level'][${i}]['id']}
+    END
+    Set Global Variable    ${InstantiationLevel_IDs}    ${Instantiation_Levels}
+
+Match the VNF Package Response Attributes with Descriptors
+    #Checking Response attributes with VNF Descriptors
+    Should Be Equal As Strings    ${response['body']['vnfdId']}    ${Descriptor_ID}
+    Should Be Equal As Strings    ${response['body']['vnfProvider']}    ${Provider}
+    Should Be Equal As Strings    ${response['body']['vnfProductName']}    ${Product_Name}
+    Should Be Equal As Strings    ${response['body']['vnfSoftwareVersion']}    ${Software_Version}
+    Should Be Equal As Strings    ${response['body']['vnfdVersion']}    ${Descriptor_Version}
+
+Match the VNF Instance Response Attributes with Descriptors
+    #Checking Response attributes with VNF Descriptors
+    Should Be Equal As Strings    ${response['body']['vnfdId']}    ${Descriptor_ID}
+    Should Be Equal As Strings    ${response['body']['vnfProvider']}    ${Provider}
+    Should Be Equal As Strings    ${response['body']['vnfProductName']}    ${Product_Name}
+    Should Be Equal As Strings    ${response['body']['vnfSoftwareVersion']}    ${Software_Version}
+    Should Be Equal As Strings    ${response['body']['vnfdVersion']}    ${Descriptor_Version}
+    Should Be Equal As Strings    ${response['body']['instantiatedVnfInfo']['flavourId']}    ${Flavour_ID}
+    Run Keyword If    '${descriptorType}'=='SOL006'List Should Contain Value    ${VDU_IDs}    ${response['body']['instantiatedVnfInfo']['vnfcResourceInfo']['vduId']}
+    Run Keyword If    '${descriptorType}'=='SOL006'    List Should Contain Value    ${externalCP_IDs}    ${response['body']['instantiatedVnfInfo']['extCpInfo'][0]['cpdId']}
+    Run Keyword If    '${descriptorType}'=='SOL006'    List Should Contain Value    ${internalCP_IDs}    ${response['body']['instantiatedVnfInfo']['vnfcResourceInfo'][0]['vnfcCpInfo'][0]['cpdId']}
+    Run Keyword If    '${descriptorType}'=='SOL001'    List Should Contain Value    @{CP_IDs}    ${response['body']['instantiatedVnfInfo']['extCpInfo'][0]['cpdId']}
+    Run Keyword If    '${descriptorType}'=='SOL001'    List Should Contain Value    @{CP_IDs}    ${response['body']['instantiatedVnfInfo']['vnfcResourceInfo'][0]['vnfcCpInfo'][0]['cpdId']}
+    Run Keyword If    '${descriptorType}'=='SOL006'List Should Contain value    ${Storage_IDs}    ${response['body']['instantiatedVnfInfo']['virtualStorageResourceInfo'][0]['virtualStorageDescId']}
+    Run Keyword If    '${descriptorType}'=='SOL006'List Should Contain Value    ${VirtualLink_IDs}    ${response['body']['instantiatedVnfInfo']['extManagedVirtualLinkInfo'][0]['vnfVirtualLinkDescId']}
+#-----------------------------------------Common------------------------------
+
+Check HTTP Response Header Contains ETag and Last-Modified
+    Pass Execution If    ${HEADER_TEST_SUPPORTED} == 0    Headers testing not supported. Skipping the Test.
+    Log    ${response['headers']}
+    Should Contain    ${response['headers']}    Etag
+    Should Contain    ${response['headers']}    Last-Modified
+    Log    Etag and Last-Modified Headers are present
+
+Check HTTP Response Body vnfPkgInfo Identifier matches the requested VNF Package
+    Log    Going to validate pacakge info retrieved
+    Should Be Equal    ${response['body']['id']}    ${vnfPackageId}
+    Log    Pacakge identifier as expected
+
+Check HTTP Response Status Code Is
+    [Arguments]    ${expected_status}
+    Should Be Equal As Strings    ${response['status']}    ${expected_status}
+    Log    Status code validated
+
+Check HTTP Response Body Json Schema Is
+    [Arguments]    ${input}
+    Run Keyword If    '${input}' == 'ProblemDetails'    Should Contain    ${response['headers']['Content-Type']}    application/problem+json
+    ...    ELSE    Should Contain    ${response['headers']['Content-Type']}    application/json
+    ${schema} =    Catenate    SEPARATOR=    ${input}    .schema.json
+    Validate Json    ${schema}    ${response['body']}
+    Log    Json Schema Validation OK
+
+Check Operation Occurrence Id existence
+    ${vnfLcmOpOccId}=    Get Value From Json    ${response['headers']}    $..Location
+    Should Not Be Empty    ${vnfLcmOpOccId}
+    Set Global Variable    ${globalVnfLcmOpOccId}    ${vnfLcmOpOccId}
+
+Check HTTP Response Header Contains
+    [Arguments]    ${CONTENT_TYPE}
+    Should Contain    ${response['headers']}    ${CONTENT_TYPE}
+    Log    Header is present
+
+Check Individual VNF LCM operation occurrence operationState is
+    [Arguments]    ${status}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    ${opOccResponse}=    Get    ${response['headers']['Location']}
+    Log    Validate operationState
+    Should Be Equal as Strings    ${opOccResponse['body']['operationState']}    ${status}
+    Log    operationState validated
+
+Send VNF Instantiation Request
+    Log    Instantiate a VNF Instance
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    ${body}=    Get File    jsons/instantiateVnfRequest.json
+    Post    ${VNFM_API_ROOT}/${VNFM_API_NAME}/${VNFM_API_MAJOR_VERSION}/vnf_instances/${vnfid}/instantiate    ${body}
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+
+Configure Notification Status Handler
+    [Arguments]    ${endpoint}    ${status}=""
+    ${json}=     Create Dictionary
+    ${value}=    Run Keyword And Return Status    Should Not Be Equal As Strings    ${status}        ""
+    Run Keyword If   ${value} == True      Set to dictionary    ${json}    operationState    ${status}
+    Log  Creating mock request and response to handle ${element}
+    ${notification_request}=  Create Mock Request Matcher	POST  ${endpoint}  body_type='JSON'    body=${json}
+    &{headers}=  Create Dictionary  Content-Type=application/json
+    ${notification_response}=  Create Mock Response	    status_code=${status}    headers=${headers}     
+    Create Mock Expectation  ${notification_request}  ${notification_response}
+    [Return]    ${notification_request}
+    
+Configure Notification VNF Instance Handler
+    [Arguments]    ${endpoint}    ${instanceId}=""
+    ${json}=     Create Dictionary
+    ${value}=    Run Keyword And Return Status    Should Not Be Equal As Strings    ${instanceId}        ""
+    Run Keyword If   ${value} == True      Set to dictionary    ${json}    vnfInstanceId    ${instanceId}
+    Log  Creating mock request and response to handle ${element}
+    ${notification_request}=  Create Mock Request Matcher	POST  ${endpoint}    body_type='JSON'  body=${json}
+    &{headers}=  Create Dictionary  Content-Type=application/json
+    ${notification_response}=  Create Mock Response     204    headers=${headers}    
+    Log    ${notification_request}
+    Log    ${notification_response}
+    Create Mock Expectation  ${notification_request}  ${notification_response}
+    [Return]    ${notification_request}
+
+Configure Notification Forward
+    [Arguments]    ${element}    ${endpoint}    ${endpoint_fwd}
+    ${json}=    Get File    schemas/${element}.schema.json
+    Log  Creating mock HTTP forward to handle ${element}
+    ${notification_tmp}=  Create Mock Request Matcher	POST  ${endpoint}  body_type='JSON_SCHEMA'    body=${json}
+    ${notification_fwd}=  Create Mock Http Forward	${endpoint_fwd}
+    Create Mock Expectation With Http Forward  ${notification_tmp}  ${notification_fwd}
+    [Return]  ${notification_tmp}
+
+Check Operation Notification
+    [Arguments]    ${element}    ${status}=""
+    ${json}=	Get File	schemas/${element}.schema.json
+    ${req1}=    Configure Notification Forward    ${element}    ${callback_endpoint}    ${callback_endpoint_fwd}
+    ${req2}=    Configure Notification Status Handler    ${callback_endpoint_fwd}    ${status}
+    Wait Until Keyword Succeeds    12 sec   3 sec   Verify Mock Expectation    ${req2}
+    Clear Requests    ${callback_endpoint}
+    Clear Requests    ${callback_endpoint_fwd}
+    
+Check VNF Instance Operation Notification
+    [Arguments]    ${element}   ${instance_id}
+    ${json}=	Get File	schemas/${element}.schema.json
+    ${req1}=  Configure Notification Forward   ${element}    ${callback_endpoint}    ${callback_endpoint_fwd}
+    ${req2}=  Configure Notification VNF Instance Handler    ${callback_endpoint_fwd}    ${instance_id}
+    Wait Until Keyword Succeeds    12 sec  3 sec   Verify Mock Expectation    ${req2}
+    Clear Requests    ${callback_endpoint}
+    Clear Requests    ${callback_endpoint_fwd}
+
+Check Operation Notification For Instantiation
+    [Arguments]    ${status}
+    Check Operation Notification    VnfLcmOperationOccurrenceNotification   ${status}
+
+Check Postcondition VNF Status
+    [Arguments]    ${status}
+    Log    Retrieve VNF Instance
+    Check VNF Instance    ${vnfid}
+    Should Not Be Empty    ${response}
+    Check HTTP Response Status Code Is    200
+    Should Be Equal    ${response['body']['id']}    ${vnfInstanceId}    
+    Check HTTP Response Header Contains    Content-Type
+    Check HTTP Response Body Json Schema Is    vnfInstance.schema.json
+    Check VNF Status    ${response['body']['instantiationState']}    ${status}
+
+Check VNF Instance
+    [Arguments]    ${vnfid}
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    Get    ${VNFM_API_ROOT}/${VNFM_API_NAME}/${VNFM_API_MAJOR_VERSION}/vnf_instances/${vnfid}
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+
+Check VNF Status
+    [Arguments]    ${current}    ${expected}
+    Should Be Equal As Strings    ${current}    ${expected}
+    Log    VNF Status in the correct status
+
+Send Terminate VNF Request
+    Log    Trying to terminate a VNF instance.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    ${body}=    Get File    jsons/terminateVnfRequest.json
+    Post    ${VNFM_API_ROOT}/${VNFM_API_NAME}/${VNFM_API_MAJOR_VERSION}/vnf_instances/${vnfid}/terminate    ${body}
+    ${outputResponse}=    Output    response
+    Set Global Variable    ${response}    ${outputResponse}
+
+Check Operation Notification For Terminate 
+    [Arguments]    ${status}
+    Check Operation Notification    VnfLcmOperationOccurrenceNotification   ${status}
+
+Check Postcondition VNF Terminate
+    Check resource not Instantiated
+
+Check resource not Instantiated
+    Check VNF Instance    ${vnfid}
+    Check HTTP Response Status Code Is    200
+    Check VNF Status    ${response['body']['instantiationState']}     NOT_INSTANTIATED
+
+GET VNF LCM Operation occurrences
+    Log    Query status information about multiple VNF lifecycle management operation occurrences.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    Log    Execute Query and validate response
+    Get    ${VNFM_API_ROOT}/${VNFM_API_NAME}/${VNFM_API_MAJOR_VERSION}/vnf_lcm_op_occs
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}	
+
+Get Individual VNF LCM Operation occurrence [keyword]
+    Log    Query status information about multiple VNF lifecycle management operation occurrences.
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    Log    Execute Query and validate response
+    Get    ${VNFM_API_ROOT}/${VNFM_API_NAME}/${VNFM_API_MAJOR_VERSION}/vnf_lcm_op_occs/${globalVnfLcmOpOccId}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+Check HTTP Response Body of Individual VNF LCM Operation occurrences content against VNF Descriptor
+    Run Keyword If    ${check_descriptors} == 1    Check Individual VNF LCM Operation Occurence Content
+    
+Check Individual VNF LCM Operation Occurence Content
+    PARSE the Descriptor File
+    Match the VNF LCM Operation Occurence Response Attributes with Descriptors
+    
+Match the VNF LCM Operation Occurence Response Attributes with Descriptors
+    #Checking Response attributes with VNF Descriptors
+    Should Be Equal As Strings    ${response['body']['changedInfo']['vnfdId']}    ${Descriptor_ID}
+    Should Be Equal As Strings    ${response['body']['changedInfo']['vnfdVersion']}    ${Descriptor_Version}
+    List Should Contain Value    ${VDU_IDs}    ${response['body']['resourceChanges']['affectedVnfcs'][0]['vduId']}
+    List Should Contain value    ${Storage_IDs}    ${response['body']['resourceChanges']['affectedVirtualStorages'][0]['virtualStorageDescId']}
+    List Should Contain Value    ${VirtualLink_IDs}    ${response['body']['resourceChanges']['affectedVirtualLinks'][0]['virtualStorageDescId']}
+
+Post Create subscription
+    Log    Create subscription instance by POST to ${VNFM_API_ROOT}/${VNFM_API_NAME}/${VNFM_API_MAJOR_VERSION}/subscriptions
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    ${template}=    Get File    jsons/lccnSubscriptionRequest.json
+    ${body}=        Format String   ${template}     callback_uri=${callback_uri}:${callback_port}    callback_endpoint=${callback_endpoint}
+    Log  Creating mock request and response to handle GET operation on notification endpoint
+    &{notification_request}=  Create Mock Request Matcher	GET  ${callback_endpoint}
+    &{notification_response}=  Create Mock Response	status_code=204
+    Log    Issue the subscription request
+    Create Mock Expectation  ${notification_request}  ${notification_response}
+    Post    ${VNFM_API_ROOT}/${VNFM_API_NAME}/${VNFM_API_MAJOR_VERSION}/subscriptions    ${body}    allow_redirects=false
+	${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+    Set Global Variable    ${globalSubscriptionId}    ${outputResponse['body']['id']}
+	Log    Verify notification endpoint is tested
+	Verify Mock Expectation    ${notification_request}
+	Clear Requests    ${callback_endpoint}
+
+Get subscriptions [keyword]
+    Log    Get the list of active subscriptions
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Set Headers  {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    Log    Execute Query and validate response
+    Get    ${VNFM_API_ROOT}/${VNFM_API_NAME}/${VNFM_API_MAJOR_VERSION}/subscriptions	
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}	
+
+Get Individual subscription [keyword]
+    log    Trying to get information about an individual subscription
+    Set Headers    {"Accept":"${ACCEPT}"}  
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    Get    ${VNFM_API_ROOT}/${VNFM_API_NAME}/${VNFM_API_MAJOR_VERSION}/subscriptions/${globalSubscriptionId}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+Delete Individual subscription
+    log    Try to delete an individual subscription
+    Set Headers  {"Accept":"${ACCEPT}"}  
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}
+    Delete    ${VNFM_API_ROOT}/${VNFM_API_NAME}/${VNFM_API_MAJOR_VERSION}/subscriptions/${globalSubscriptionId}  	
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+Check Postcondition Subscription Resource Is Deleted
+    Get Individual subscription [keyword] 
+    Integer    response status    404
+    Log    Subscription Resource deleted
+
+Send VNF Scale Out Request
+    Log    Trying to scale a vnf Instance
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}  
+    ${template}=    Get File    jsons/scaleVnfRequest.json
+    ${body}=        Format String   ${template}     scaletype=${scaleOutType}    scaleAspectId=${scaleAspectId}
+    Post    ${VNFM_API_ROOT}/${VNFM_API_NAME}/${VNFM_API_MAJOR_VERSION}/vnf_instances/${vnfid}/scale    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+Send VNF Scale In Request
+    Log    Trying to scale a vnf Instance
+    Set Headers    {"Accept":"${ACCEPT}"}
+    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}
+    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"}  
+    ${template}=    Get File    jsons/scaleVnfRequest.json
+    ${body}=        Format String   ${template}     scaletype=${scaleInType}    scaleAspectId=${scaleAspectId}
+    Post    ${VNFM_API_ROOT}/${VNFM_API_NAME}/${VNFM_API_MAJOR_VERSION}/vnf_instances/${vnfid}/scale    ${body}
+    ${outputResponse}=    Output    response
+	Set Global Variable    ${response}    ${outputResponse}
+
+Check Postcondition VNF
+    [Arguments]    ${operation}
+    Check resource instantiated
+    ${newScaleInfo}=    Get Vnf Scale Info    ${vnfInstanceId}
+    Compare ScaleInfos    ${operation}    ${scaleInfo}    ${newScaleInfo}
+
+Compare ScaleInfos
+    [Arguments]    ${type}    ${old_scaleinfo}    ${new_scaleinfo}
+    FOR    ${element}    IN    ${old_scaleinfo}
+        ${old_level}=    Set Variable If    ${element.aspectId}==${aspectId}   ${element.scaleLevel}
+        ${old_level_value}=    Convert To Integer    ${old_level}
+    END
+    FOR    ${element}    IN    ${new_scaleinfo}
+        ${new_level}=    Set Variable If    ${element.aspectId}==${aspectId}   ${element.scaleLevel}
+        ${new_level_value}=    Convert To Integer    ${new_level}
+    END
+    Run Keyword If    ${type}==SCALE_OUT    Should Be True    ${old_level_value}<${new_level_value}
+    ...    ELSE    Should Be True    ${old_level_value}<${new_level_value}
+    
+Check Operation Notification For Scale
+    [Arguments]    ${status}
+    Check Operation Notification    VnfLcmOperationOccurrenceNotification   ${status}
+
+Check resource Instantiated
+    Check VNF Instance    ${vnfid}
+    Check HTTP Response Status Code Is    200
+    Check VNF Status    ${response['body']['instantiationState']}    INSTANTIATED
+
+Get Vnf Scale Info
+    [Arguments]    ${vnfInstanceId}
+    ${vnfInstance}=    Check VNF Instance    ${vnfid}
+    ${scaleInfo}=    Get Value From Json    ${vnfInstance}    $..scaleStatus
+    [Return]   ${scaleInfo} 
\ No newline at end of file
diff --git a/interconnectedTestCases/SOL003/SubscriptionCreationAndQuery.robot b/interconnectedTestCases/SOL003/SubscriptionCreationAndQuery.robot
new file mode 100644
index 0000000000000000000000000000000000000000..1a9bc2c915d5b10fa9fb059eee057cf11ca0e7a0
--- /dev/null
+++ b/interconnectedTestCases/SOL003/SubscriptionCreationAndQuery.robot
@@ -0,0 +1,20 @@
+*** Settings ***
+Resource        environment/variables.txt
+Resource        IC_TC_Keywords.robot
+Library         JSONLibrary
+
+*** Test Cases ***
+
+Create a new subscription and query information about multiple and individual subscription resources
+        [Documentation]         Test ID: 11.3.1.7.1
+        ...     Test title: Create a new subscription and query information about multiple and individual subscription resources
+        ...     Test objective: The objective is to test the interconnected case of subscription resource creation and query multiple and individual resources
+        ...     Pre-conditions: None
+        ...     Reference: ETSI GS NFV-SOL 003 [1] v4.5.1
+        ...     Config ID: Config_prod_NFVO, Config_prod_VNFM
+        ...     Applicability: None
+        ...     Post-conditions: None
+        GET Individual VNF Package
+        POST Create a new subscription
+        GET Subscriptions
+        GET Individual Subscription
\ No newline at end of file
diff --git a/interconnectedTestCases/SOL003/SubscriptionDeletion.robot b/interconnectedTestCases/SOL003/SubscriptionDeletion.robot
new file mode 100644
index 0000000000000000000000000000000000000000..68ab3e21b6a60181b3378c1ec5e09632a710ff16
--- /dev/null
+++ b/interconnectedTestCases/SOL003/SubscriptionDeletion.robot
@@ -0,0 +1,24 @@
+*** Settings ***
+Resource          environment/variables.txt    # Generic Parameters
+Resource          IC_TC_Keywords.robot
+Library           JSONLibrary
+
+*** Test Cases ***
+
+Delete individual subscription
+    [Documentation]    Test ID: 11.3.1.8.1
+    ...    Test title: Delete individual subscription
+    ...    Test objective: The objective is to test the interconnected case of subscription resource creation and deletion
+    ...    Pre-conditions: none
+    ...    Reference: ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO, Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: Subscription deleted from VNFM
+    GET Individual VNF Package
+    POST Create a new subscription
+    GET Subscriptions
+    GET Individual Subscription
+    DELETE an individual subscription
+
+
+
diff --git a/interconnectedTestCases/SOL003/VNFInstanceCreationAndQuery.robot b/interconnectedTestCases/SOL003/VNFInstanceCreationAndQuery.robot
new file mode 100644
index 0000000000000000000000000000000000000000..933f3868d183bedc291aa8ef2e51d30f84afb357
--- /dev/null
+++ b/interconnectedTestCases/SOL003/VNFInstanceCreationAndQuery.robot
@@ -0,0 +1,20 @@
+*** Settings ***
+Resource        environment/variables.txt
+Resource        IC_TC_Keywords.robot
+Library         JSONLibrary
+
+*** Test Cases ***
+
+Create a new VNF instance resource and query information about multiple and individual VNF instance
+        [Documentation]         Test ID: 11.3.1.1.1
+        ...     Test title: Create a new VNF instance resource and query information about multiple and individual VNF instance
+        ...     Test objective: The objective is to test the interconnected case of VNF instance resource creation and query multiple and individual resources
+        ...     Pre-conditions: None
+        ...     Reference: ETSI GS NFV-SOL 003 [1] v4.5.1
+        ...     Config ID: Config_prod_NFVO, Config_prod_VNFM
+        ...     Applicability: None
+        ...     Post-conditions: None
+        GET Individual VNF Package
+        POST Create a new vnfInstance
+        GET information about multiple VNF Instances
+        GET information about an individual VNF Instance
\ No newline at end of file
diff --git a/interconnectedTestCases/SOL003/VNFInstanceDeletion.robot b/interconnectedTestCases/SOL003/VNFInstanceDeletion.robot
new file mode 100644
index 0000000000000000000000000000000000000000..365d58b2ccd281045f977aede9afbfcc2b1ced8c
--- /dev/null
+++ b/interconnectedTestCases/SOL003/VNFInstanceDeletion.robot
@@ -0,0 +1,20 @@
+*** Settings ***
+Resource          environment/variables.txt    # Generic Parameters
+Resource          IC_TC_Keywords.robot
+Library           JSONLibrary
+Library           REST
+*** Test Cases ***
+
+
+Delete an individual VNF instance
+    [Documentation]    Test ID: 11.3.1.3.1
+    ...    Test title: Delete an individual VNF instance
+    ...    Test objective: The objective is to test the interconnected case of VNF instance resource creation and deletion
+    ...    Pre-conditions: none
+    ...    Reference: ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO, Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual VNF Package
+    POST Create a new vnfInstance
+    DELETE Individual VNFInstance
\ No newline at end of file
diff --git a/interconnectedTestCases/SOL003/VNFInstanceInstantiation.robot b/interconnectedTestCases/SOL003/VNFInstanceInstantiation.robot
new file mode 100644
index 0000000000000000000000000000000000000000..e2a1d2eace0d76058bc5d7afc0a7828ff43635f2
--- /dev/null
+++ b/interconnectedTestCases/SOL003/VNFInstanceInstantiation.robot
@@ -0,0 +1,20 @@
+*** Settings ***
+Suite Setup       Initialize System
+Suite Teardown    Terminate All Processes    kill=true
+Resource          environment/variables.txt    # Generic Parameters
+Resource          IC_TC_Keywords.robot
+Library           JSONLibrary
+
+*** Test Cases ***
+Instantiate a VNF instance
+    [Documentation]    Test ID: 11.3.1.4.1
+    ...    Test title: Instantiate a VNF instance
+    ...    Test objective: The objective is to test the interconnected case of VNF instance resource creation and instantiation
+    ...    Pre-conditions: none
+    ...    Reference: ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO, Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual VNF Package
+    POST Create a new vnfInstance
+    VNF Instantiation
diff --git a/interconnectedTestCases/SOL003/VNFInstanceModification.robot b/interconnectedTestCases/SOL003/VNFInstanceModification.robot
new file mode 100644
index 0000000000000000000000000000000000000000..40cc49cfd7a15ecf5d3770971f16b1bca51271a8
--- /dev/null
+++ b/interconnectedTestCases/SOL003/VNFInstanceModification.robot
@@ -0,0 +1,18 @@
+*** Settings ***
+Resource          environment/variables.txt    # Generic Parameters
+Resource          IC_TC_Keywords.robot
+Library           JSONLibrary
+
+*** Test Cases ***
+Modify an individual VNF instance resource
+    [Documentation]    Test ID: 11.3.1.2.1
+    ...    Test title: Modify an individual VNF instance resource
+    ...    Test objective: The objective is to test the interconnected case of VNF instance resource creation and modification
+    ...    Pre-conditions: none
+    ...    Reference: ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO, Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual VNF Package
+    POST Create a new vnfInstance
+    PATCH Individual VNFInstance
diff --git a/interconnectedTestCases/SOL003/VNFInstanceOperationOccurrences.robot b/interconnectedTestCases/SOL003/VNFInstanceOperationOccurrences.robot
new file mode 100644
index 0000000000000000000000000000000000000000..dd1ceb8655a95c33cee81deddef56a0c88effe5b
--- /dev/null
+++ b/interconnectedTestCases/SOL003/VNFInstanceOperationOccurrences.robot
@@ -0,0 +1,24 @@
+*** Settings ***
+Suite Setup       Initialize System
+Suite Teardown    Terminate All Processes    kill=true
+Resource          environment/variables.txt    # Generic Parameters
+Resource          IC_TC_Keywords.robot
+Library           JSONLibrary
+
+*** Test Cases ***
+Retrieve VNF instance Operation Occurrences
+    [Documentation]    Test ID: 11.3.1.6.1
+    ...    Test title: Retrieve VNF instance Operation Occurrences
+    ...    Test objective: The objective is to test the interconnected case of VNF instance resource creation, instantiation and retrieval of information about VNF lifecycle management operation occurrences
+    ...    Pre-conditions: none
+    ...    Reference: ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO, Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual VNF Package
+    POST Create a new vnfInstance
+    VNF Instantiation
+    GET status information about multiple VNF LCM Operation OCC
+    Get Individual VNF LCM Operation occurrence
+
+
diff --git a/interconnectedTestCases/SOL003/VNFInstanceScaleIn.robot b/interconnectedTestCases/SOL003/VNFInstanceScaleIn.robot
new file mode 100644
index 0000000000000000000000000000000000000000..1d155b28f655bfd2c8a64f27f63056fe3ef30255
--- /dev/null
+++ b/interconnectedTestCases/SOL003/VNFInstanceScaleIn.robot
@@ -0,0 +1,21 @@
+*** Settings ***
+Suite Setup       Initialize System
+Suite Teardown    Terminate All Processes    kill=true
+Resource          environment/variables.txt    # Generic Parameters
+Resource          IC_TC_Keywords.robot
+Library           JSONLibrary
+
+*** Test Cases ***
+Scale In a VNF instance
+    [Documentation]    Test ID: 11.3.1.10.1
+    ...    Test title: Scale In a VNF instance
+    ...    Test objective: The objective is to test the interconnected case of VNF instance resource creation, instantiation and scale in
+    ...    Pre-conditions: none
+    ...    Reference: ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO, Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual VNF Package
+    POST Create a new vnfInstance
+    VNF Instantiation
+    VNF Instance Scale In
diff --git a/interconnectedTestCases/SOL003/VNFInstanceScaleOut.robot b/interconnectedTestCases/SOL003/VNFInstanceScaleOut.robot
new file mode 100644
index 0000000000000000000000000000000000000000..5648508a0dbb50d6fa129ef2e74e64aaf7f0c513
--- /dev/null
+++ b/interconnectedTestCases/SOL003/VNFInstanceScaleOut.robot
@@ -0,0 +1,21 @@
+*** Settings ***
+Suite Setup       Initialize System
+Suite Teardown    Terminate All Processes    kill=true
+Resource          environment/variables.txt    # Generic Parameters
+Resource          IC_TC_Keywords.robot
+Library           JSONLibrary
+
+*** Test Cases ***
+Scale Out a VNF instance
+    [Documentation]    Test ID: 11.3.1.9.1
+    ...    Test title: Scale Out a VNF instance
+    ...    Test objective: The objective is to test the interconnected case of VNF instance resource creation, instantiation and scale out
+    ...    Pre-conditions: none
+    ...    Reference: ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO, Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual VNF Package
+    POST Create a new vnfInstance
+    VNF Instantiation
+    VNF Instance Scale Out
diff --git a/interconnectedTestCases/SOL003/VNFInstanceTermination.robot b/interconnectedTestCases/SOL003/VNFInstanceTermination.robot
new file mode 100644
index 0000000000000000000000000000000000000000..1a734ca178c2485ea939700d9d8c7a169f8261fd
--- /dev/null
+++ b/interconnectedTestCases/SOL003/VNFInstanceTermination.robot
@@ -0,0 +1,22 @@
+*** Settings ***
+Suite Setup       Initialize System
+Suite Teardown    Terminate All Processes    kill=true
+Resource          environment/variables.txt    # Generic Parameters
+Resource          IC_TC_Keywords.robot
+Library           JSONLibrary
+
+*** Test Cases ***
+Terminate a VNF instance
+    [Documentation]    Test ID: 11.3.1.5.1
+    ...    Test title: Terminate a VNF instance
+    ...    Test objective: The objective is to test the interconnected case of VNF instance resource creation, instantiation and termination
+    ...    Pre-conditions: none
+    ...    Reference: ETSI GS NFV-SOL 003 [1] v4.5.1
+    ...    Config ID: Config_prod_NFVO, Config_prod_VNFM
+    ...    Applicability: none
+    ...    Post-Conditions: none
+    GET Individual VNF Package
+    POST Create a new vnfInstance
+    VNF Instantiation
+    Terminate a VNF Instance
+    
diff --git a/interconnectedTestCases/SOL003/descriptors/SOL001/VNFD/vnfd_SOL001.yaml b/interconnectedTestCases/SOL003/descriptors/SOL001/VNFD/vnfd_SOL001.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..2ca16800d6f623974376efc2096a1ffb06392ce3
--- /dev/null
+++ b/interconnectedTestCases/SOL003/descriptors/SOL001/VNFD/vnfd_SOL001.yaml
@@ -0,0 +1,165 @@
+tosca_definitions_version: tosca_simple_yaml_1_3
+description: "TST010 reference VNF-B"
+
+imports:
+  - https://forge.etsi.org/rep/nfv/SOL001/raw/v4.4.1/etsi_nfv_sol001_vnfd_types.yaml  
+
+metadata:
+  descriptor_id: "VNF-B"
+  vendor: "ETSI TST WG"
+  version: "2.0"
+
+node_types:
+  tst010.vnf.simple:
+    derived_from: tosca.nodes.nfv.VNF
+    properties:
+      descriptor_id:
+        type: string
+        default: VNF-B
+      descriptor_version:
+        type: string
+        default: '1.0'
+      provider:
+        type: string
+        default: ETSI TST WG
+      product_name:
+        type: string
+        default: VNF-B
+      software_version:
+        type: string
+        default: '1.0'
+      product_info_name:
+        type: string
+        default: VNF-B
+      product_info_description:
+        type: string
+        default: TST010 reference VNF-B
+      flavour_id:
+        type: string
+        default: VNF-B_flavor
+      flavour_description:
+        type: string
+        default: "VNF-B flavor"
+      vnfm_info:
+        type: list
+        entry_schema:
+          type: string
+        default: [ 'etsivnfm:v4.5.1' ]
+    interfaces:
+      Vnflcm:
+        type: "tosca.interfaces.nfv.Vnflcm"
+        scale:
+          description: Invoked upon receipt of a Scale VNF request
+        terminate:
+          description: Invoked upon receipt Terminate VNF request
+        operate:
+          description: Invoked upon receipt of an Operate VNF request
+    requirements:
+      - virtual_link_right:
+          capability: tosca.capabilities.nfv.VirtualLinkable
+          relationship: tosca.relationships.nfv.VirtualLinksTo
+          occurrences: [0, 1]
+      - virtual_link_left:
+          capability: tosca.capabilities.nfv.VirtualLinkable
+          relationship: tosca.relationships.nfv.VirtualLinksTo
+          occurrences: [0, 1]
+      - virtual_link_management:
+          capability: tosca.capabilities.nfv.VirtualLinkable
+          relationship: tosca.relationships.nfv.VirtualLinksTo
+          occurrences: [0, 1]
+      - virtual_link:
+          capability: tosca.capabilities.nfv.VirtualLinkable
+          relationship: tosca.relationships.nfv.VirtualLinksTo
+          occurrences: [0, 0]
+
+topology_template:
+  substitution_mappings:
+    node_type: "tst010.vnf.simple"
+    requirements:
+      virtual_link_right:
+        [right, virtual_link_right]
+      virtual_link_management:
+        [management, virtual_link_management]
+      virtual_link_left:
+        [left, virtual_link_left]
+  node_templates:
+    right:
+      type: "tosca.nodes.nfv.VduCp"
+      properties:
+        layer_protocols: [ ipv4 ]
+        order: 1
+      requirements:
+        - virtual_binding: VDU-B
+    management:
+      type: "tosca.nodes.nfv.VduCp"
+      properties:
+        layer_protocols: [ ipv4 ]
+        order: 0
+      requirements:
+        - virtual_binding: VDU-B
+    left:
+      type: "tosca.nodes.nfv.VduCp"
+      properties:
+        layer_protocols: [ ipv4 ]
+        order: 2
+      requirements:
+        - virtual_binding: VDU-B
+    vdu-b-1-vsd:
+      type: "tosca.nodes.nfv.Vdu.VirtualBlockStorage"
+      properties:
+        virtual_block_storage_data:
+          size_of_storage: 20 GB
+          rdma_enabled: false
+        sw_image_data:
+          name: "vdu-b-1 image"
+          version: "1.1"
+          checksum: 
+            algorithm: "sha-224"
+            hash: "somehashfortst010"
+          container_format: "bare"
+          disk_format: qcow2
+          min_disk: '1'
+          min_ram: '2'
+          size: '1'
+    VDU-B:
+      type: "tosca.nodes.nfv.Vdu.Compute"
+      properties:
+        name: "vdu-b-1-vcd"
+        description: "Description of VDU-B-1"
+        vdu_profile:
+          min_number_of_instances: 1
+          max_number_of_instances: 2
+      capabilities:
+        virtual_compute:
+          properties:
+            virtual_memory:
+              virtual_mem_size: 4096 MB
+              numa_enabled: false
+            virtual_cpu:
+              num_virtual_cpu: 2
+      requirements:
+        - virtual_storage: vdu-b-1-vsd
+        
+    vnf-b-1_VNF:
+      type: "tst010.vnf.simple"
+      properties:
+        descriptor_id: "VNF-B"
+        descriptor_version: "2.0"
+        provider: "ETSI TST WG"
+        product_name: "VDU_VNF-B"
+        software_version: "2.0"
+        product_info_name: "VDU_VNF-B"
+        product_info_description: "TST010 reference VNF-A"
+        flavour_id: "VNF-B_flavor"
+        flavour_description: "VNF-B flavor"
+        vnfm_info: 
+          - etsivnfm:v2.3.1 
+      interfaces:
+        Vnflcm:
+          type: "tosca.interfaces.nfv.Vnflcm"
+          scale:
+            implementation: scale-example.yaml
+          terminate:
+            implementation: terminate-example.yaml
+          operate:
+            implementation: operate-example.yaml
\ No newline at end of file
diff --git a/interconnectedTestCases/SOL003/descriptors/SOL006/VNFD/vnfd_SOL006.yaml b/interconnectedTestCases/SOL003/descriptors/SOL006/VNFD/vnfd_SOL006.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..0ea9820f0efc5df45c1882c49e010a94357ad403
--- /dev/null
+++ b/interconnectedTestCases/SOL003/descriptors/SOL006/VNFD/vnfd_SOL006.yaml
@@ -0,0 +1,137 @@
+nfv:
+  vnfd:
+    - id: VNF-B-2vdu
+      provider: ETSI TST WG
+      product_name: TST010 reference VNF-B with 2 VDUs
+      software_version: '2.2'
+      version: '2.2'
+      vnfm_info: ETSI VNFM
+      vdu:
+        - id: vdu-b-1
+          name: VNF-B VDU 1
+          int_cpd:
+           - id: left
+             layer_protocol: ethernet
+           - id: management
+             layer_protocol: ethernet
+           - id: internal
+             layer_protocol: ethernet
+             int_virtual_link_desc: internal-vl
+          virtual_compute_desc: vdu-b-1-vcd
+          virtual_storage_desc: vdu-b-1-vsd
+          sw_image_desc: vdu-b-1-image
+        - id: vdu-b-2
+          name: VNF-B VDU 2
+          int_cpd:
+           - id: right
+             layer_protocol: ethernet
+           - id: management
+             layer_protocol: ethernet
+           - id: internal
+             layer_protocol: ethernet
+             int_virtual_link_desc: internal-vl
+          virtual_compute_desc: vdu-b-2-vcd
+          virtual_storage_desc: vdu-b-2-vsd
+          sw_image_desc: vdu-b-2-image
+      virtual_compute_desc:
+        id: vdu-b-1-vcd
+        virtual_memory:
+          size: '4.0'
+        virtual_cpu:
+          num_virtual_cpu: '2'
+      virtual_storage_desc:
+        id: vdu-b-1-vsd
+        type_of_storage: root-storage
+        size_of_storage: '0'
+      sw_image_desc:
+        id: vdu-b-1-image
+        name: VNF-B image
+        version: '1.1'
+        checksum:
+          algorithm: sha-224
+          hash: somehashfortst010
+        container_format: bare
+        disk_format: qcow2
+        min_disk: '1'
+        min_ram: '2.0'
+        size: '1'
+        image: 'http://someurl.com/VNF-B.qcow2'
+      virtual_compute_desc:
+        id: vdu-b-2-vcd
+        virtual_memory:
+          size: '6.0'
+        virtual_cpu:
+          num_virtual_cpu: '2'
+      virtual_storage_desc:
+        id: vdu-b-2-vsd
+        type_of_storage: root-storage
+        size_of_storage: '0'
+      sw_image_desc:
+        id: vdu-b-2-image
+        name: VNF-B-2 image
+        version: '1.1'
+        checksum:
+          algorithm: sha-224
+          hash: somehashfortst010
+        container_format: bare
+        disk_format: qcow2
+        min_disk: '1'
+        min_ram: '2.0'
+        size: '1'
+        image: 'http://someurl.com/VNF-B-2.qcow2'
+      int_virtual_link_desc:
+        - id: internal-vl
+          flavour:
+            id: internal-vl-flavour
+            qos:
+              latency: '1'
+              packet_delay_variation: '1'
+              packet_loss_ratio: '0.05'
+          connectivity_type:
+            layer_protocol: ethernet     
+      ext_cpd:
+        - id: ext-b-left
+          int_cpd:
+            vdu_id: vdu-b-1
+            cpd: left
+          layer_protocol: ethernet
+        - id: management
+          int_cpd:
+            vdu_id: vdu-b-1
+            cpd: management
+          layer_protocol: ethernet
+        - id: ext-b-right
+          int_cpd:
+            vdu_id: vdu-b-2
+            cpd: right
+          layer_protocol: ethernet
+      df:
+        id: normal
+        vdu_profile:
+          - id: vdu-b-1
+            min_number_of_instances: '1'
+            max_number_of_instances: '2'
+          - id: vdu-b-2
+            min_number_of_instances: '1'
+            max_number_of_instances: '4'          
+        instantiation_level:
+          - id: double
+            vdu_level:
+              - vdu_id: vdu-b-1
+                number_of_instances: '2'
+              - vdu_id: vdu-b-2
+                number_of_instances: '2'
+          - id: single
+            vdu_level:
+              - vdu_id: vdu-b-1
+                number_of_instances: '1'
+              - vdu_id: vdu-b-2
+                number_of_instances: '1'
+        default_instantiation_level: single
+        lcm_operations_configuration:
+          scale_vnf_to_level_op_config:
+            arbitrary_target_levels_supported: 'true'
+          terminate_vnf_op_config:
+            min_graceful_termination: '1'
+          operate_vnf_op_config:
+            min_graceful_stop_timeout: '1'
\ No newline at end of file
diff --git a/interconnectedTestCases/SOL003/environment/variables.txt b/interconnectedTestCases/SOL003/environment/variables.txt
new file mode 100644
index 0000000000000000000000000000000000000000..2b71e62de0c829cbfd542d7b2a38d62f6291faf7
--- /dev/null
+++ b/interconnectedTestCases/SOL003/environment/variables.txt
@@ -0,0 +1,125 @@
+*** Variables ***
+${NFVO_HOST}=     localhost    # Hostname of the NFVO
+${NFVO_PORT}=     3002    # Listening port of the NFVO
+${NFVO_SCHEMA}=    http
+${NFVO}    ${NFVO_SCHEMA}://${NFVO_HOST}:${NFVO_PORT}
+
+${VNFM_HOST}      localhost    # Hostname of the VNFM
+${VNFM_PORT}      3001    # Listening port of the VNFM
+${VNFM_SCHEMA}    http
+${VNFM}    ${VNFM_SCHEMA}://${VNFM_HOST}:${VNFM_PORT}
+
+
+${ACCEPT}         application/json
+${ACCEPT_JSON}    application/json
+${CONTENT_TYPE}    application/json
+${AUTHORIZATION_HEADER}    Authorization
+${AUTHORIZATION_TOKEN}    Bearer 0b79bab50daca910b000d4f1a2b675d604257e42
+${AUTH_USAGE}     1
+${CONTENT_TYPE_PATCH}    application/merge-patch+json
+
+${NFVO_API_ROOT}    
+${NFVO_API_NAME}    vnfpkgm
+${NFVO_API_MAJOR_VERSION}    v1
+
+${VNFM_API_ROOT}
+${VNFM_API_NAME}    vnflcm
+${VNFM_API_MAJOR_VERSION}    v2
+
+${CancelMode}     GRACEFUL
+${VNFM_DUPLICATION}    0
+${invalid_etag}    invalid etag
+${SYNC_MODE}      0
+${nextPageUri}    /someuri
+${original_etag}    1234
+${invalid_etag}    4321
+${ACCEPT_OCTET}    application/octet-stream
+${CONTENT_TYPE_OCTET}    application/octet-stream
+${VNFM_RANGE_OK}    1    # If 1 means that Range is supported by the VNFM
+${range}          bytes=0-1023
+${erroneousRange}    bytes=10000000-1000000000    # Requesting a out of range number of bytes
+${full_length}    2000    #Full size of the content file to be transmitted using partial downloads
+${vnfPackageId}    id
+${instantiatedVnfInstanceId}    6fc3539c-e602-4afa-8e13-962fb5a7d81f
+${anotherInstantiatedVnfInstanceId}    6fc3539c-e602-4afa-8e13-962fb5a7d81f
+${notInstantiatedVnfInstanceId}    6fc3539c-e602-4afa-8e13-962fb5a7d81f
+${notExistingVnfInstanceId}    6fc3539c-e602-4afa-8e13-962fb5a7d81f
+${vnfInstanceId}    6fc3539c-e602-4afa-8e13-962fb5a7d81f
+${subscriptionId}    6fc3539c-e602-4afa-8e13-962fb5a7d81f
+${globalSubscriptionId}    6fc3539c-e602-4afa-8e13-962fb5a7d81f
+${vnfInstanceId_NoSnapshotTask}    no-snapshot-task-supported
+${vnfSnapshotInfoId}
+${vnfSnapshotInfoId_InUse}    snapshotId-of-a-resource-AlreadyInUse-bySomeOther-operation
+${vnfSnapshotInfoId_creationIncomplete}    snapshotId-of-a-resource-whose-creation-isn't-complete
+${invalidVnfSnapshotInfoId}
+${vnfSnapshotPkgId}
+${globalVnfLcmOpOccId}    6fc3539c-e602-4afa-8e13-962fb5a7d81d
+${vnfLcmOpOccId}    6fc3539c-e602-4afa-8e13-962fb5a7d81d
+${notExistingVnfLcmOpOccId}    6fc3539c-e602-4afa-8e13-962fb5a7d81d
+${vnfLcmOpOccIdNotStartingProcessingRollingback}    6fc3539c-e602-4afa-8e13-962fb5a7d81d
+${vnfLcmOpOccIdNotFailedTemp}    6fc3539c-e602-4afa-8e13-962fb5a7d81d
+${response}       {}
+${json}           {}
+${requestedFlavour}    test
+${POS_filter_subscription}    id=41fdd38a-3d4c-465c-83e0-f80e014425f8
+${NEG_filter_subscription}    nfvId=41fdd38a-3d4c-465c-83e0-f80e014425f8
+${fields_vnfLcmOpOcc}    operationParams,grantId
+${POS_FILTER_vnfLcmOpOcc}    id=41fdd38a-3d4c-465c-83e0-f80e014425f8    # Positive case, suing compiant fields name for filtering get request
+${NEG_FILTER_vnfLcmOpOcc}    nfvId=41fdd38a-3d4c-465c-83e0-f80e014425f8    # Negative case, using wrong name of field
+${fields_vnfInstance}    vnfInstanceDescription,vimConnectionInfo
+${POS_FILTER_snapshot}    id=41fdd38a-3d4c-465c-83e0-f80e014425f8    # Positive case, suing compiant fields name for filtering get request
+${NEG_FILTER_snapshot}    nfvId=41fdd38a-3d4c-465c-83e0-f80e014425f8    # Negative case, using wrong name of field
+${fields_snapshot}    vnfStateSnapshotInfo
+${PAGING_SUPPORTED}    1
+${changeVnfFlavourRequest}    {}
+${changeVnfOperateRequest}    {}
+${requestedState}    test
+${changeVnfExtConnectivityRequest}    {}
+${patchBodyRequest}    {}
+${callback_uri}    http://localhost
+${callback_port}    9091
+${callback_endpoint}    /endpoint
+${callback_endpoint_fwd}    /endpoint/check
+${sleep_interval}    20s
+${notification_request}    []
+${notification_response}    []
+${MOCK_SERVER_JAR}    ../../../bin/mockserver-netty-5.5.0-jar-with-dependencies.jar
+${vnfdId}         VNF-B
+${vnfdId_notInEnabledState}    vnfdId-which-is-not-in-ENABLED-state-or-DNE
+${scaletype}      SCALE_OUT
+${scaleOutType}      SCALE_OUT
+${scaleInType}      SCALE_IN
+${scaleAspectId}    myAspect
+${instantiationLevelId}    myNextLevel
+${newFlavourId}    myFlavour_new
+${healingCause}    a new cause
+${changeStateTo}    STOPPED
+${stopType}       FORCEFUL
+${terminationType}    GRACEFUL
+${HEADER_TEST_SUPPORTED}    0
+${scaleInfo}
+${element}
+${aspectId}
+${callbackResp}    localhost
+${descriptorType}    SOL001
+${check_descriptors}    1
+#############internal variables used for descriptor parsing################
+${tosca_type_VDU_compute}    tosca.nodes.nfv.Vdu.Compute
+${tosca_type_VNF}    tosca.nodes.nfv.VNF
+${tosca_type_virtual_link}    tosca.nodes.nfv.VnfVirtualLink
+${tosca_type_VDU_cp}    tosca.nodes.nfv.VduCp
+${tosca_type_storage}    tosca.nodes.nfv.Vdu.VirtualBlockStorage
+${tosca_type_derived_from_VNF}
+${VDU_IDs}
+${Storage_IDs}
+${internalCP_IDs}
+${externalCP_IDs}
+${InstantiationLevel_IDs}
+${CP_IDs}
+${VirtualLink_IDs}
+${Descriptor_IDD}    VNF-B
+${Providerr}      ETSI TST WG
+${Product_Namee}    VDU_VNF-B
+${Software_Versionn}    2.0
+${Descriptor_Versionn}    2.0
+${Flavour_ID}
diff --git a/interconnectedTestCases/SOL003/jsons/createVnfRequest.json b/interconnectedTestCases/SOL003/jsons/createVnfRequest.json
new file mode 100644
index 0000000000000000000000000000000000000000..710694f385eac25c3ea27b87540e47bbb8f9fad8
--- /dev/null
+++ b/interconnectedTestCases/SOL003/jsons/createVnfRequest.json
@@ -0,0 +1,5 @@
+{{
+  "vnfdId": "{vnfdId}",
+  "vnfInstanceName": "string",
+  "vnfInstanceDescription": "string"
+}}
\ No newline at end of file
diff --git a/interconnectedTestCases/SOL003/jsons/instantiateVnfRequest.json b/interconnectedTestCases/SOL003/jsons/instantiateVnfRequest.json
new file mode 100644
index 0000000000000000000000000000000000000000..15624dcb54f8a668e627e5126efb150d5cd8c611
--- /dev/null
+++ b/interconnectedTestCases/SOL003/jsons/instantiateVnfRequest.json
@@ -0,0 +1,79 @@
+{{
+    "flavourId": "myFlavour",
+    "instantiationLevelId": "string",
+    "extVirtualLinks": [
+      {
+        "id": "string",
+        "vimConnectionId": "string",
+        "resourceProviderId": "string",
+        "resourceId": "string",
+        "extCps": [
+          {
+            "cpdId": "string",
+            "cpConfig": [
+              {
+                "cpInstanceId": "string",
+                "linkPortId": "string",
+                "cpProtocolData": [
+                  {
+                    "layerProtocol": "IP_OVER_ETHERNET",
+                    "ipOverEthernet": {
+                      "macAddress": "string",
+                      "ipAddresses": [
+                        {
+                          "type": "IPV4",
+                          "fixedAddresses": [
+                            "string"
+                          ],
+                          "numDynamicAddresses": 0,
+                          "addressRange": {
+                            "minAddress": "string",
+                            "maxAddress": "string"
+                          },
+                          "subnetId": "string"
+                        }
+                      ]
+                    }
+                  }
+                ]
+              }
+            ]
+          }
+        ],
+        "extLinkPorts": [
+          {
+            "id": "string",
+            "resourceHandle": {
+              "vimConnectionId": "string",
+              "resourceProviderId": "string",
+              "resourceId": "string",
+              "vimLevelResourceType": "string"
+            }
+          }
+        ]
+      }
+    ],
+    "extManagedVirtualLinks": [
+      {
+        "id": "string",
+        "virtualLinkDescId": "string",
+        "vimConnectionId": "string",
+        "resourceProviderId": "string",
+        "resourceId": "string"
+      }
+    ],
+    "vimConnectionInfo": [
+      {
+        "id": "string",
+        "vimId": "string",
+        "vimType": "string",
+        "interfaceInfo": {},
+        "accessInfo": {},
+        "extra": {}
+      }
+    ],
+    "localizationLanguage": "English",
+    "extensions": {},
+    "additionalParams": {},
+    "vnfConfigurableProperties": {}
+  }}
\ No newline at end of file
diff --git a/interconnectedTestCases/SOL003/jsons/lccnSubscriptionRequest.json b/interconnectedTestCases/SOL003/jsons/lccnSubscriptionRequest.json
new file mode 100644
index 0000000000000000000000000000000000000000..9ba2f50477c152925e056e5008c266ddaff8fe3f
--- /dev/null
+++ b/interconnectedTestCases/SOL003/jsons/lccnSubscriptionRequest.json
@@ -0,0 +1,10 @@
+{{
+  "filter": {{
+    "vnfInstanceSubscriptionFilter": {{
+      "vnfdIds": [
+        "6fc3539c-e602-4afa-8e13-962fb5a7d81f"
+      ]
+    }}
+  }},
+  "callbackUri": "{callback_uri}{callback_endpoint}"
+}}
diff --git a/interconnectedTestCases/SOL003/jsons/patchBodyRequest.json b/interconnectedTestCases/SOL003/jsons/patchBodyRequest.json
new file mode 100644
index 0000000000000000000000000000000000000000..679cc4c7f673d5b02f730c67dd9679735cbb41f2
--- /dev/null
+++ b/interconnectedTestCases/SOL003/jsons/patchBodyRequest.json
@@ -0,0 +1,7 @@
+{{
+  "vnfInstanceName": "vnf string",
+  "vnfInstanceDescription": "string",
+  "vnfdId": "{vnfdId}",
+  "vnfdVersion":"{vnfdVersion}",
+  "metadata":{{}}
+}}
\ No newline at end of file
diff --git a/interconnectedTestCases/SOL003/jsons/terminateVnfRequest.json b/interconnectedTestCases/SOL003/jsons/terminateVnfRequest.json
new file mode 100644
index 0000000000000000000000000000000000000000..bc9553a2e3312701e95513b636bdc5e7e9def725
--- /dev/null
+++ b/interconnectedTestCases/SOL003/jsons/terminateVnfRequest.json
@@ -0,0 +1,4 @@
+{{
+  "terminationType": "{terminationType}",
+  "additionalParams": {{}}
+}}
\ No newline at end of file
diff --git a/interconnectedTestCases/SOL003/schemas/vnfInstance.schema.json b/interconnectedTestCases/SOL003/schemas/vnfInstance.schema.json
new file mode 100644
index 0000000000000000000000000000000000000000..0fb54dee1e6d98c326af9c405c688de05f7173e9
--- /dev/null
+++ b/interconnectedTestCases/SOL003/schemas/vnfInstance.schema.json
@@ -0,0 +1,992 @@
+{
+    "description": "This type represents a VNF instance.\n",
+    "type": "object",
+    "required": [
+      "id",
+      "vnfdId",
+      "vnfProvider",
+      "vnfProductName",
+      "vnfSoftwareVersion",
+      "vnfdVersion",
+      "instantiationState"
+    ],
+    "properties": {
+      "id": {
+        "description": "An identifier with the intention of being globally unique.\n",
+        "type": "string"
+      },
+      "vnfInstanceName": {
+        "description": "Name of the VNF instance. This attribute can be modified with the PATCH method.\n",
+        "type": "string"
+      },
+      "vnfInstanceDescription": {
+        "description": "Human-readable description of the VNF instance. This attribute can be modified with the PATCH method.\n",
+        "type": "string"
+      },
+      "vnfdId": {
+        "description": "An identifier with the intention of being globally unique.\n",
+        "type": "string"
+      },
+      "vnfProvider": {
+        "description": "Provider of the VNF and the VNFD. The value is copied from the VNFD.\n",
+        "type": "string"
+      },
+      "vnfProductName": {
+        "description": "Name to identify the VNF Product. The value is copied from the VNFD.\n",
+        "type": "string"
+      },
+      "vnfSoftwareVersion": {
+        "description": "A version.\n",
+        "type": "string"
+      },
+      "vnfdVersion": {
+        "description": "A version.\n",
+        "type": "string"
+      },
+      "vnfConfigurableProperties": {
+        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+        "type": "object"
+      },
+      "vimConnectionInfo": {
+        "description": "Information about VIM connections to be used for managing the resources for the VNF instance. This attribute shall only be supported and present if VNF-related resource management in direct mode is applicable. This attribute can be modified with the PATCH method.\n",
+        "type": "array",
+        "items": {
+          "description": "This type represents parameters to connect to a VIM for managing the resources of a VNF instance. This structure is used to convey VIM-related parameters over the Or-Vnfm interface. Additional parameters for a VIM may be configured into the VNFM by means outside the scope of the present document, and bound to the identifier of that VIM.\n",
+          "type": "object",
+          "required": [
+            "id",
+            "vimType"
+          ],
+          "properties": {
+            "id": {
+              "description": "An identifier with the intention of being globally unique.\n",
+              "type": "string"
+            },
+            "vimId": {
+              "description": "An identifier with the intention of being globally unique.\n",
+              "type": "string"
+            },
+            "vimType": {
+              "description": "Discriminator for the different types of the VIM information. The value of this attribute determines the structure of the \"interfaceInfo\" and \"accessInfo\" attributes, based on the type of the VIM. The set of permitted values is expected to change over time as new types or versions of VIMs become available. The ETSI NFV registry of VIM-related information provides access to information about VimConnectionInfo definitions for various VIM types. The structure of the registry is defined in Annex C of SOL003.\n",
+              "type": "string"
+            },
+            "interfaceInfo": {
+              "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+              "type": "object"
+            },
+            "accessInfo": {
+              "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+              "type": "object"
+            },
+            "extra": {
+              "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+              "type": "object"
+            }
+          }
+        }
+      },
+      "instantiationState": {
+        "description": "The instantiation state of the VNF.\n",
+        "type": "string",
+        "enum": [
+          "NOT_INSTANTIATED",
+          "INSTANTIATED"
+        ]
+      },
+      "instantiatedVnfInfo": {
+        "description": "Information specific to an instantiated VNF instance. This attribute shall be present if the instantiateState attribute value is INSTANTIATED.\n",
+        "type": "object",
+        "required": [
+          "flavourId",
+          "vnfState"
+        ],
+        "properties": {
+          "flavourId": {
+            "description": "An identifier that is unique within a VNF descriptor.\n",
+            "type": "string"
+          },
+          "vnfState": {
+            "description": "STARTED: The VNF instance is up and running. STOPPED: The VNF instance has been shut down.\n",
+            "type": "string",
+            "enum": [
+              "STARTED",
+              "STOPPED"
+            ]
+          },
+          "scaleStatus": {
+            "description": "Scale status of the VNF, one entry per aspect. Represents for every scaling aspect how \"big\" the VNF has been scaled w.r.t. that aspect. This attribute shall be present if the VNF supports scaling. See clause B.2 for an explanation of VNF scaling.\n",
+            "type": "array",
+            "items": {
+              "required": [
+                "aspectId",
+                "scaleLevel"
+              ],
+              "type": "object",
+              "properties": {
+                "aspectId": {
+                  "description": "An identifier that is unique within a VNF descriptor.\n",
+                  "type": "string"
+                },
+                "scaleLevel": {
+                  "description": "Indicates the scale level. The minimum value shall be 0 and the maximum value shall be <= maxScaleLevel as described in the VNFD.\n",
+                  "type": "integer"
+                }
+              }
+            }
+          },
+          "extCpInfo": {
+            "description": "Information about the external CPs exposed by the VNF instance.\n",
+            "type": "array",
+            "minItems": 1,
+            "items": {
+              "description": "This type represents information about an external CP of a VNF. It shall comply with the provisions defined in table 5.5.3.25 1.\n",
+              "type": "object",
+              "required": [
+                "id",
+                "cpdId",
+                "cpProtocolInfo"
+              ],
+              "properties": {
+                "id": {
+                  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                  "type": "string"
+                },
+                "cpdId": {
+                  "description": "An identifier that is unique within a VNF descriptor.\n",
+                  "type": "string"
+                },
+                "cpProtocolInfo": {
+                  "description": "Network protocol information for this CP.\n",
+                  "type": "array",
+                  "items": {
+                    "description": "This type describes the protocol layer(s) that a CP uses together with protocol-related information, like addresses.\n",
+                    "required": [
+                      "layerProtocol"
+                    ],
+                    "properties": {
+                      "layerProtocol": {
+                        "description": "The identifier of layer(s) and protocol(s) associated to the network address information. Permitted values: IP_OVER_ETHERNET This attribute allows to signal the addition of further types of layer and protocol in future versions of the present document in a backwards-compatible way. In the current version of the present document, only IP over Ethernet is supported.\n",
+                        "type": "string",
+                        "enum": [
+                          "IP_OVER_ETHERNET"
+                        ]
+                      },
+                      "ipOverEthernet": {
+                        "description": "This type represents information about a network address that has been assigned.\n",
+                        "type": "object",
+                        "properties": {
+                          "macAddress": {
+                            "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
+                            "type": "string",
+                            "format": "MAC"
+                          },
+                          "ipAddresses": {
+                            "description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or dynamic IP address assignment per subnet.\n",
+                            "type": "array",
+                            "items": {
+                              "type": "object",
+                              "required": [
+                                "type"
+                              ],
+                              "properties": {
+                                "type": {
+                                  "description": "The type of the IP addresses. Permitted values: IPV4, IPV6.\n",
+                                  "type": "string",
+                                  "enum": [
+                                    "IPV4",
+                                    "IPV6"
+                                  ]
+                                },
+                                "addresses": {
+                                  "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). Exactly one of \"addresses\" or \"addressRange\" shall be present.\n",
+                                  "type": "array",
+                                  "items": {
+                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                    "type": "string",
+                                    "format": "IP"
+                                  }
+                                },
+                                "isDynamic": {
+                                  "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
+                                  "type": "boolean"
+                                },
+                                "addressRange": {
+                                  "description": "An IP address range used, e.g., in case of egress connections. Exactly one of \"addresses\" or \"addressRange\" shall be present.\n",
+                                  "type": "object",
+                                  "required": [
+                                    "minAddress",
+                                    "maxAddress"
+                                  ],
+                                  "properties": {
+                                    "minAddress": {
+                                      "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                      "type": "string",
+                                      "format": "IP"
+                                    },
+                                    "maxAddress": {
+                                      "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                      "type": "string",
+                                      "format": "IP"
+                                    }
+                                  }
+                                },
+                                "subnetId": {
+                                  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                  "type": "string",
+                                  "format": "IP"
+                                }
+                              }
+                            }
+                          }
+                        }
+                      }
+                    }
+                  }
+                },
+                "extLinkPortId": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                },
+                "metadata": {
+                  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                  "type": "object"
+                },
+                "associatedVnfcCpId": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                },
+                "associatedVnfVirtualLinkId": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                }
+              }
+            }
+          },
+          "extVirtualLinkInfo": {
+            "description": "Information about the external VLs the VNF instance is connected to.\n",
+            "type": "array",
+            "items": {
+              "type": "object",
+              "required": [
+                "id",
+                "resourceHandle"
+              ],
+              "properties": {
+                "id": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                },
+                "resourceHandle": {
+                  "required": [
+                    "vimConnectionId",
+                    "resourceId"
+                  ],
+                  "type": "object",
+                  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n",
+                  "properties": {
+                    "vimConnectionId": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "resourceProviderId": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "resourceId": {
+                      "description": "An identifier maintained by the VIM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                      "type": "string"
+                    },
+                    "vimLevelResourceType": {
+                      "description": "The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or the resource provider and can be used as information that complements the ResourceHandle. This value set is different from the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2 in SOL003).\n",
+                      "type": "string"
+                    }
+                  }
+                },
+                "extLinkPorts": {
+                  "description": "Link ports of this VL.\n",
+                  "type": "array",
+                  "items": {
+                    "description": "This type represents information about a link port of an external VL, i.e. a port providing connectivity for the VNF to an NS VL.\n",
+                    "type": "object",
+                    "required": [
+                      "id",
+                      "resourceHandle"
+                    ],
+                    "properties": {
+                      "id": {
+                        "description": "An identifier with the intention of being globally unique.\n",
+                        "type": "string"
+                      },
+                      "resourceHandle": {
+                        "required": [
+                          "vimConnectionId",
+                          "resourceId"
+                        ],
+                        "type": "object",
+                        "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n",
+                        "properties": {
+                          "vimConnectionId": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                          },
+                          "resourceProviderId": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                          },
+                          "resourceId": {
+                            "description": "An identifier maintained by the VIM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                            "type": "string"
+                          },
+                          "vimLevelResourceType": {
+                            "description": "The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or the resource provider and can be used as information that complements the ResourceHandle. This value set is different from the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2 in SOL003).\n",
+                            "type": "string"
+                          }
+                        }
+                      },
+                      "cpInstanceId": {
+                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                        "type": "string"
+                      }
+                    }
+                  }
+                }
+              }
+            }
+          },
+          "extManagedVirtualLinkInfo": {
+            "description": "External virtual links the VNF instance is connected to.\n",
+            "type": "array",
+            "items": {
+              "type": "object",
+              "required": [
+                "id",
+                "vnfVirtualLinkDescId"
+              ],
+              "properties": {
+                "id": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                },
+                "vnfVirtualLinkDescId": {
+                  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                  "type": "string"
+                },
+                "networkResource": {
+                  "required": [
+                    "vimConnectionId",
+                    "resourceId"
+                  ],
+                  "type": "object",
+                  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n",
+                  "properties": {
+                    "vimConnectionId": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "resourceProviderId": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "resourceId": {
+                      "description": "An identifier maintained by the VIM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                      "type": "string"
+                    },
+                    "vimLevelResourceType": {
+                      "description": "The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or the resource provider and can be used as information that complements the ResourceHandle. This value set is different from the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2 in SOL003).\n",
+                      "type": "string"
+                    }
+                  }
+                },
+                "vnfLinkPorts": {
+                  "description": "Link ports of this VL.\n",
+                  "type": "array",
+                  "items": {
+                    "type": "object",
+                    "required": [
+                      "id",
+                      "resourceHandle"
+                    ],
+                    "properties": {
+                      "id": {
+                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                        "type": "string"
+                      },
+                      "resourceHandle": {
+                        "required": [
+                          "vimConnectionId",
+                          "resourceId"
+                        ],
+                        "type": "object",
+                        "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n",
+                        "properties": {
+                          "vimConnectionId": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                          },
+                          "resourceProviderId": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                          },
+                          "resourceId": {
+                            "description": "An identifier maintained by the VIM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                            "type": "string"
+                          },
+                          "vimLevelResourceType": {
+                            "description": "The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or the resource provider and can be used as information that complements the ResourceHandle. This value set is different from the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2 in SOL003).\n",
+                            "type": "string"
+                          }
+                        }
+                      },
+                      "cpInstanceId": {
+                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                        "type": "string"
+                      },
+                      "cpInstanceType": {
+                        "description": "Type of the CP instance that is identified by cpInstanceId. Shall be present if \"cpInstanceId\" is present, and shall be absent otherwise. Permitted values: VNFC_CP: The link port is connected to a VNFC CP EXT_CP: The link port is associated to an external CP.\n",
+                        "type": "string",
+                        "enum": [
+                          "VNFC_CP",
+                          "EXT_CP"
+                        ]
+                      }
+                    }
+                  }
+                }
+              }
+            }
+          },
+          "monitoringParameters": {
+            "description": "Active monitoring parameters.\n",
+            "type": "array",
+            "items": {
+              "type": "object",
+              "required": [
+                "id",
+                "performanceMetric"
+              ],
+              "properties": {
+                "id": {
+                  "description": "An identifier that is unique within a VNF descriptor.\n",
+                  "type": "string"
+                },
+                "name": {
+                  "description": "Human readable name of the monitoring parameter, as defined in the VNFD.\n",
+                  "type": "string"
+                },
+                "performanceMetric": {
+                  "description": "Performance metric that is monitored. This attribute shall contain the related \"Measurement Name\" value as defined in clause 7.2 of ETSI GS NFV-IFA 027.\n",
+                  "type": "string"
+                }
+              }
+            }
+          },
+          "localizationLanguage": {
+            "description": "Information about localization language of the VNF (includes e.g. strings in the VNFD). The localization languages supported by a VNF can be declared in the VNFD, and localization language selection can take place at instantiation time. The value shall comply with the format defined in IETF RFC 5646.\n",
+            "type": "string"
+          },
+          "vnfcResourceInfo": {
+            "description": "Information about the virtualised compute and storage resources used by the VNFCs of the VNF instance.\n",
+            "type": "array",
+            "items": {
+              "description": "This type represents the information on virtualised compute and storage resources used by a VNFC in a VNF instance.\n",
+              "type": "object",
+              "required": [
+                "id",
+                "vduId",
+                "computeResource"
+              ],
+              "properties": {
+                "id": {
+                  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                  "type": "string"
+                },
+                "vduId": {
+                  "description": "An identifier that is unique within a VNF descriptor.\n",
+                  "type": "string"
+                },
+                "computeResource": {
+                  "required": [
+                    "vimConnectionId",
+                    "resourceId"
+                  ],
+                  "type": "object",
+                  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n",
+                  "properties": {
+                    "vimConnectionId": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "resourceProviderId": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "resourceId": {
+                      "description": "An identifier maintained by the VIM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                      "type": "string"
+                    },
+                    "vimLevelResourceType": {
+                      "description": "The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or the resource provider and can be used as information that complements the ResourceHandle. This value set is different from the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2 in SOL003).\n",
+                      "type": "string"
+                    }
+                  }
+                },
+                "storageResourceIds": {
+                  "description": "References to the VirtualStorage resources. The value refers to a VirtualStorageResourceInfo item in the VnfInstance.\n",
+                  "type": "array",
+                  "items": {
+                    "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                    "type": "string"
+                  }
+                },
+                "reservationId": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                },
+                "vnfcCpInfo": {
+                  "description": "CPs of the VNFC instance. Shall be present when that particular CP of the VNFC instance is associated to an external CP of the VNF instance. May be present otherwise.\n",
+                  "type": "array",
+                  "items": {
+                    "type": "object",
+                    "required": [
+                      "id",
+                      "cpdId"
+                    ],
+                    "properties": {
+                      "id": {
+                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                        "type": "string"
+                      },
+                      "cpdId": {
+                        "description": "An identifier that is unique within a VNF descriptor.\n",
+                        "type": "string"
+                      },
+                      "vnfExtCpId": {
+                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                        "type": "string"
+                      },
+                      "cpProtocolInfo": {
+                        "description": "Network protocol information for this CP.\n",
+                        "type": "array",
+                        "items": {
+                          "description": "This type describes the protocol layer(s) that a CP uses together with protocol-related information, like addresses.\n",
+                          "required": [
+                            "layerProtocol"
+                          ],
+                          "properties": {
+                            "layerProtocol": {
+                              "description": "The identifier of layer(s) and protocol(s) associated to the network address information. Permitted values: IP_OVER_ETHERNET This attribute allows to signal the addition of further types of layer and protocol in future versions of the present document in a backwards-compatible way. In the current version of the present document, only IP over Ethernet is supported.\n",
+                              "type": "string",
+                              "enum": [
+                                "IP_OVER_ETHERNET"
+                              ]
+                            },
+                            "ipOverEthernet": {
+                              "description": "This type represents information about a network address that has been assigned.\n",
+                              "type": "object",
+                              "properties": {
+                                "macAddress": {
+                                  "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
+                                  "type": "string",
+                                  "format": "MAC"
+                                },
+                                "ipAddresses": {
+                                  "description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or dynamic IP address assignment per subnet.\n",
+                                  "type": "array",
+                                  "items": {
+                                    "type": "object",
+                                    "required": [
+                                      "type"
+                                    ],
+                                    "properties": {
+                                      "type": {
+                                        "description": "The type of the IP addresses. Permitted values: IPV4, IPV6.\n",
+                                        "type": "string",
+                                        "enum": [
+                                          "IPV4",
+                                          "IPV6"
+                                        ]
+                                      },
+                                      "addresses": {
+                                        "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). Exactly one of \"addresses\" or \"addressRange\" shall be present.\n",
+                                        "type": "array",
+                                        "items": {
+                                          "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                          "type": "string",
+                                          "format": "IP"
+                                        }
+                                      },
+                                      "isDynamic": {
+                                        "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
+                                        "type": "boolean"
+                                      },
+                                      "addressRange": {
+                                        "description": "An IP address range used, e.g., in case of egress connections. Exactly one of \"addresses\" or \"addressRange\" shall be present.\n",
+                                        "type": "object",
+                                        "required": [
+                                          "minAddress",
+                                          "maxAddress"
+                                        ],
+                                        "properties": {
+                                          "minAddress": {
+                                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                            "type": "string",
+                                            "format": "IP"
+                                          },
+                                          "maxAddress": {
+                                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                            "type": "string",
+                                            "format": "IP"
+                                          }
+                                        }
+                                      },
+                                      "subnetId": {
+                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                        "type": "string",
+                                        "format": "IP"
+                                      }
+                                    }
+                                  }
+                                }
+                              }
+                            }
+                          }
+                        }
+                      },
+                      "vnfLinkPortId": {
+                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                        "type": "string"
+                      },
+                      "metadata": {
+                        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                        "type": "object"
+                      }
+                    }
+                  }
+                },
+                "metadata": {
+                  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                  "type": "object"
+                }
+              }
+            }
+          },
+          "virtualLinkResourceInfo": {
+            "description": "Information about the virtualised network resources used by the VLs of the VNF instance.\n",
+            "type": "array",
+            "items": {
+              "description": "This type represents the information that allows addressing a virtualised resource that is used by an internal VL instance in a VNF instance.\n",
+              "type": "object",
+              "required": [
+                "id",
+                "vnfVirtualLinkDescId",
+                "networkResource"
+              ],
+              "properties": {
+                "id": {
+                  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                  "type": "string"
+                },
+                "vnfVirtualLinkDescId": {
+                  "description": "An identifier that is unique within a VNF descriptor.\n",
+                  "type": "string"
+                },
+                "networkResource": {
+                  "required": [
+                    "vimConnectionId",
+                    "resourceId"
+                  ],
+                  "type": "object",
+                  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n",
+                  "properties": {
+                    "vimConnectionId": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "resourceProviderId": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "resourceId": {
+                      "description": "An identifier maintained by the VIM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                      "type": "string"
+                    },
+                    "vimLevelResourceType": {
+                      "description": "The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or the resource provider and can be used as information that complements the ResourceHandle. This value set is different from the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2 in SOL003).\n",
+                      "type": "string"
+                    }
+                  }
+                },
+                "reservationId": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                },
+                "vnfLinkPorts": {
+                  "description": "Links ports of this VL. Shall be present when the linkPort is used for external connectivity by the VNF (refer to VnfLinkPortInfo). May be present otherwise.\n",
+                  "type": "array",
+                  "items": {
+                    "type": "object",
+                    "required": [
+                      "id",
+                      "resourceHandle"
+                    ],
+                    "properties": {
+                      "id": {
+                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                        "type": "string"
+                      },
+                      "resourceHandle": {
+                        "required": [
+                          "vimConnectionId",
+                          "resourceId"
+                        ],
+                        "type": "object",
+                        "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n",
+                        "properties": {
+                          "vimConnectionId": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                          },
+                          "resourceProviderId": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                          },
+                          "resourceId": {
+                            "description": "An identifier maintained by the VIM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                            "type": "string"
+                          },
+                          "vimLevelResourceType": {
+                            "description": "The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or the resource provider and can be used as information that complements the ResourceHandle. This value set is different from the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2 in SOL003).\n",
+                            "type": "string"
+                          }
+                        }
+                      },
+                      "cpInstanceId": {
+                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                        "type": "string"
+                      },
+                      "cpInstanceType": {
+                        "description": "Type of the CP instance that is identified by cpInstanceId. Shall be present if \"cpInstanceId\" is present, and shall be absent otherwise. Permitted values: VNFC_CP: The link port is connected to a VNFC CP EXT_CP: The link port is associated to an external CP.\n",
+                        "type": "string",
+                        "enum": [
+                          "VNFC_CP",
+                          "EXT_CP"
+                        ]
+                      }
+                    }
+                  }
+                },
+                "metadata": {
+                  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                  "type": "object"
+                }
+              }
+            }
+          },
+          "virtualStorageResourceInfo": {
+            "description": "Information on the virtualised storage resource(s) used as storage for the VNF instance.\n",
+            "type": "array",
+            "items": {
+              "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance.\n",
+              "type": "object",
+              "required": [
+                "id",
+                "virtualStorageDescId",
+                "storageResource"
+              ],
+              "properties": {
+                "id": {
+                  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                  "type": "string"
+                },
+                "virtualStorageDescId": {
+                  "description": "An identifier that is unique within a VNF descriptor.\n",
+                  "type": "string"
+                },
+                "storageResource": {
+                  "required": [
+                    "vimConnectionId",
+                    "resourceId"
+                  ],
+                  "type": "object",
+                  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n",
+                  "properties": {
+                    "vimConnectionId": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "resourceProviderId": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "resourceId": {
+                      "description": "An identifier maintained by the VIM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                      "type": "string"
+                    },
+                    "vimLevelResourceType": {
+                      "description": "The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or the resource provider and can be used as information that complements the ResourceHandle. This value set is different from the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2 in SOL003).\n",
+                      "type": "string"
+                    }
+                  }
+                },
+                "reservationId": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                },
+                "metadata": {
+                  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                  "type": "object"
+                }
+              }
+            }
+          }
+        }
+      },
+      "metadata": {
+        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+        "type": "object"
+      },
+      "extensions": {
+        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+        "type": "object"
+      },
+      "_links": {
+        "description": "Links to resources related to this resource.\n",
+        "type": "object",
+        "required": [
+          "self"
+        ],
+        "properties": {
+          "self": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
+            }
+          },
+          "indicators": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
+            }
+          },
+          "instantiate": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
+            }
+          },
+          "terminate": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
+            }
+          },
+          "scale": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
+            }
+          },
+          "scaleToLevel": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
+            }
+          },
+          "changeFlavour": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
+            }
+          },
+          "heal": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
+            }
+          },
+          "operate": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
+            }
+          },
+          "changeExtConn": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
+            }
+          }
+        }
+      }
+    }
+  }
\ No newline at end of file
diff --git a/interconnectedTestCases/SOL003/schemas/vnfInstances.schema.json b/interconnectedTestCases/SOL003/schemas/vnfInstances.schema.json
new file mode 100644
index 0000000000000000000000000000000000000000..ae54b054fa3f008c040726087d63ef3a262221f6
--- /dev/null
+++ b/interconnectedTestCases/SOL003/schemas/vnfInstances.schema.json
@@ -0,0 +1,995 @@
+{
+  "type": "array",
+  "items": {
+    "description": "This type represents a VNF instance.\n",
+    "type": "object",
+    "required": [
+      "id",
+      "vnfdId",
+      "vnfProvider",
+      "vnfProductName",
+      "vnfSoftwareVersion",
+      "vnfdVersion",
+      "instantiationState"
+    ],
+    "properties": {
+      "id": {
+        "description": "An identifier with the intention of being globally unique.\n",
+        "type": "string"
+      },
+      "vnfInstanceName": {
+        "description": "Name of the VNF instance. This attribute can be modified with the PATCH method.\n",
+        "type": "string"
+      },
+      "vnfInstanceDescription": {
+        "description": "Human-readable description of the VNF instance. This attribute can be modified with the PATCH method.\n",
+        "type": "string"
+      },
+      "vnfdId": {
+        "description": "An identifier with the intention of being globally unique.\n",
+        "type": "string"
+      },
+      "vnfProvider": {
+        "description": "Provider of the VNF and the VNFD. The value is copied from the VNFD.\n",
+        "type": "string"
+      },
+      "vnfProductName": {
+        "description": "Name to identify the VNF Product. The value is copied from the VNFD.\n",
+        "type": "string"
+      },
+      "vnfSoftwareVersion": {
+        "description": "A version.\n",
+        "type": "string"
+      },
+      "vnfdVersion": {
+        "description": "A version.\n",
+        "type": "string"
+      },
+      "vnfConfigurableProperties": {
+        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+        "type": "object"
+      },
+      "vimConnectionInfo": {
+        "description": "Information about VIM connections to be used for managing the resources for the VNF instance. This attribute shall only be supported and present if VNF-related resource management in direct mode is applicable. This attribute can be modified with the PATCH method.\n",
+        "type": "array",
+        "items": {
+          "description": "This type represents parameters to connect to a VIM for managing the resources of a VNF instance. This structure is used to convey VIM-related parameters over the Or-Vnfm interface. Additional parameters for a VIM may be configured into the VNFM by means outside the scope of the present document, and bound to the identifier of that VIM.\n",
+          "type": "object",
+          "required": [
+            "id",
+            "vimType"
+          ],
+          "properties": {
+            "id": {
+              "description": "An identifier with the intention of being globally unique.\n",
+              "type": "string"
+            },
+            "vimId": {
+              "description": "An identifier with the intention of being globally unique.\n",
+              "type": "string"
+            },
+            "vimType": {
+              "description": "Discriminator for the different types of the VIM information. The value of this attribute determines the structure of the \"interfaceInfo\" and \"accessInfo\" attributes, based on the type of the VIM. The set of permitted values is expected to change over time as new types or versions of VIMs become available. The ETSI NFV registry of VIM-related information provides access to information about VimConnectionInfo definitions for various VIM types. The structure of the registry is defined in Annex C of SOL003.\n",
+              "type": "string"
+            },
+            "interfaceInfo": {
+              "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+              "type": "object"
+            },
+            "accessInfo": {
+              "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+              "type": "object"
+            },
+            "extra": {
+              "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+              "type": "object"
+            }
+          }
+        }
+      },
+      "instantiationState": {
+        "description": "The instantiation state of the VNF.\n",
+        "type": "string",
+        "enum": [
+          "NOT_INSTANTIATED",
+          "INSTANTIATED"
+        ]
+      },
+      "instantiatedVnfInfo": {
+        "description": "Information specific to an instantiated VNF instance. This attribute shall be present if the instantiateState attribute value is INSTANTIATED.\n",
+        "type": "object",
+        "required": [
+          "flavourId",
+          "vnfState"
+        ],
+        "properties": {
+          "flavourId": {
+            "description": "An identifier that is unique within a VNF descriptor.\n",
+            "type": "string"
+          },
+          "vnfState": {
+            "description": "STARTED: The VNF instance is up and running. STOPPED: The VNF instance has been shut down.\n",
+            "type": "string",
+            "enum": [
+              "STARTED",
+              "STOPPED"
+            ]
+          },
+          "scaleStatus": {
+            "description": "Scale status of the VNF, one entry per aspect. Represents for every scaling aspect how \"big\" the VNF has been scaled w.r.t. that aspect. This attribute shall be present if the VNF supports scaling. See clause B.2 for an explanation of VNF scaling.\n",
+            "type": "array",
+            "items": {
+              "required": [
+                "aspectId",
+                "scaleLevel"
+              ],
+              "type": "object",
+              "properties": {
+                "aspectId": {
+                  "description": "An identifier that is unique within a VNF descriptor.\n",
+                  "type": "string"
+                },
+                "scaleLevel": {
+                  "description": "Indicates the scale level. The minimum value shall be 0 and the maximum value shall be <= maxScaleLevel as described in the VNFD.\n",
+                  "type": "integer"
+                }
+              }
+            }
+          },
+          "extCpInfo": {
+            "description": "Information about the external CPs exposed by the VNF instance.\n",
+            "type": "array",
+            "minItems": 1,
+            "items": {
+              "description": "This type represents information about an external CP of a VNF. It shall comply with the provisions defined in table 5.5.3.25 1.\n",
+              "type": "object",
+              "required": [
+                "id",
+                "cpdId",
+                "cpProtocolInfo"
+              ],
+              "properties": {
+                "id": {
+                  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                  "type": "string"
+                },
+                "cpdId": {
+                  "description": "An identifier that is unique within a VNF descriptor.\n",
+                  "type": "string"
+                },
+                "cpProtocolInfo": {
+                  "description": "Network protocol information for this CP.\n",
+                  "type": "array",
+                  "items": {
+                    "description": "This type describes the protocol layer(s) that a CP uses together with protocol-related information, like addresses.\n",
+                    "required": [
+                      "layerProtocol"
+                    ],
+                    "properties": {
+                      "layerProtocol": {
+                        "description": "The identifier of layer(s) and protocol(s) associated to the network address information. Permitted values: IP_OVER_ETHERNET This attribute allows to signal the addition of further types of layer and protocol in future versions of the present document in a backwards-compatible way. In the current version of the present document, only IP over Ethernet is supported.\n",
+                        "type": "string",
+                        "enum": [
+                          "IP_OVER_ETHERNET"
+                        ]
+                      },
+                      "ipOverEthernet": {
+                        "description": "This type represents information about a network address that has been assigned.\n",
+                        "type": "object",
+                        "properties": {
+                          "macAddress": {
+                            "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
+                            "type": "string",
+                            "format": "MAC"
+                          },
+                          "ipAddresses": {
+                            "description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or dynamic IP address assignment per subnet.\n",
+                            "type": "array",
+                            "items": {
+                              "type": "object",
+                              "required": [
+                                "type"
+                              ],
+                              "properties": {
+                                "type": {
+                                  "description": "The type of the IP addresses. Permitted values: IPV4, IPV6.\n",
+                                  "type": "string",
+                                  "enum": [
+                                    "IPV4",
+                                    "IPV6"
+                                  ]
+                                },
+                                "addresses": {
+                                  "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). Exactly one of \"addresses\" or \"addressRange\" shall be present.\n",
+                                  "type": "array",
+                                  "items": {
+                                    "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                    "type": "string",
+                                    "format": "IP"
+                                  }
+                                },
+                                "isDynamic": {
+                                  "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
+                                  "type": "boolean"
+                                },
+                                "addressRange": {
+                                  "description": "An IP address range used, e.g., in case of egress connections. Exactly one of \"addresses\" or \"addressRange\" shall be present.\n",
+                                  "type": "object",
+                                  "required": [
+                                    "minAddress",
+                                    "maxAddress"
+                                  ],
+                                  "properties": {
+                                    "minAddress": {
+                                      "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                      "type": "string",
+                                      "format": "IP"
+                                    },
+                                    "maxAddress": {
+                                      "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                      "type": "string",
+                                      "format": "IP"
+                                    }
+                                  }
+                                },
+                                "subnetId": {
+                                  "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                  "type": "string",
+                                  "format": "IP"
+                                }
+                              }
+                            }
+                          }
+                        }
+                      }
+                    }
+                  }
+                },
+                "extLinkPortId": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                },
+                "metadata": {
+                  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                  "type": "object"
+                },
+                "associatedVnfcCpId": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                },
+                "associatedVnfVirtualLinkId": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                }
+              }
+            }
+          },
+          "extVirtualLinkInfo": {
+            "description": "Information about the external VLs the VNF instance is connected to.\n",
+            "type": "array",
+            "items": {
+              "type": "object",
+              "required": [
+                "id",
+                "resourceHandle"
+              ],
+              "properties": {
+                "id": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                },
+                "resourceHandle": {
+                  "required": [
+                    "vimConnectionId",
+                    "resourceId"
+                  ],
+                  "type": "object",
+                  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n",
+                  "properties": {
+                    "vimConnectionId": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "resourceProviderId": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "resourceId": {
+                      "description": "An identifier maintained by the VIM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                      "type": "string"
+                    },
+                    "vimLevelResourceType": {
+                      "description": "The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or the resource provider and can be used as information that complements the ResourceHandle. This value set is different from the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2 in SOL003).\n",
+                      "type": "string"
+                    }
+                  }
+                },
+                "extLinkPorts": {
+                  "description": "Link ports of this VL.\n",
+                  "type": "array",
+                  "items": {
+                    "description": "This type represents information about a link port of an external VL, i.e. a port providing connectivity for the VNF to an NS VL.\n",
+                    "type": "object",
+                    "required": [
+                      "id",
+                      "resourceHandle"
+                    ],
+                    "properties": {
+                      "id": {
+                        "description": "An identifier with the intention of being globally unique.\n",
+                        "type": "string"
+                      },
+                      "resourceHandle": {
+                        "required": [
+                          "vimConnectionId",
+                          "resourceId"
+                        ],
+                        "type": "object",
+                        "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n",
+                        "properties": {
+                          "vimConnectionId": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                          },
+                          "resourceProviderId": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                          },
+                          "resourceId": {
+                            "description": "An identifier maintained by the VIM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                            "type": "string"
+                          },
+                          "vimLevelResourceType": {
+                            "description": "The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or the resource provider and can be used as information that complements the ResourceHandle. This value set is different from the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2 in SOL003).\n",
+                            "type": "string"
+                          }
+                        }
+                      },
+                      "cpInstanceId": {
+                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                        "type": "string"
+                      }
+                    }
+                  }
+                }
+              }
+            }
+          },
+          "extManagedVirtualLinkInfo": {
+            "description": "External virtual links the VNF instance is connected to.\n",
+            "type": "array",
+            "items": {
+              "type": "object",
+              "required": [
+                "id",
+                "vnfVirtualLinkDescId"
+              ],
+              "properties": {
+                "id": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                },
+                "vnfVirtualLinkDescId": {
+                  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                  "type": "string"
+                },
+                "networkResource": {
+                  "required": [
+                    "vimConnectionId",
+                    "resourceId"
+                  ],
+                  "type": "object",
+                  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n",
+                  "properties": {
+                    "vimConnectionId": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "resourceProviderId": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "resourceId": {
+                      "description": "An identifier maintained by the VIM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                      "type": "string"
+                    },
+                    "vimLevelResourceType": {
+                      "description": "The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or the resource provider and can be used as information that complements the ResourceHandle. This value set is different from the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2 in SOL003).\n",
+                      "type": "string"
+                    }
+                  }
+                },
+                "vnfLinkPorts": {
+                  "description": "Link ports of this VL.\n",
+                  "type": "array",
+                  "items": {
+                    "type": "object",
+                    "required": [
+                      "id",
+                      "resourceHandle"
+                    ],
+                    "properties": {
+                      "id": {
+                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                        "type": "string"
+                      },
+                      "resourceHandle": {
+                        "required": [
+                          "vimConnectionId",
+                          "resourceId"
+                        ],
+                        "type": "object",
+                        "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n",
+                        "properties": {
+                          "vimConnectionId": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                          },
+                          "resourceProviderId": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                          },
+                          "resourceId": {
+                            "description": "An identifier maintained by the VIM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                            "type": "string"
+                          },
+                          "vimLevelResourceType": {
+                            "description": "The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or the resource provider and can be used as information that complements the ResourceHandle. This value set is different from the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2 in SOL003).\n",
+                            "type": "string"
+                          }
+                        }
+                      },
+                      "cpInstanceId": {
+                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                        "type": "string"
+                      },
+                      "cpInstanceType": {
+                        "description": "Type of the CP instance that is identified by cpInstanceId. Shall be present if \"cpInstanceId\" is present, and shall be absent otherwise. Permitted values: VNFC_CP: The link port is connected to a VNFC CP EXT_CP: The link port is associated to an external CP.\n",
+                        "type": "string",
+                        "enum": [
+                          "VNFC_CP",
+                          "EXT_CP"
+                        ]
+                      }
+                    }
+                  }
+                }
+              }
+            }
+          },
+          "monitoringParameters": {
+            "description": "Active monitoring parameters.\n",
+            "type": "array",
+            "items": {
+              "type": "object",
+              "required": [
+                "id",
+                "performanceMetric"
+              ],
+              "properties": {
+                "id": {
+                  "description": "An identifier that is unique within a VNF descriptor.\n",
+                  "type": "string"
+                },
+                "name": {
+                  "description": "Human readable name of the monitoring parameter, as defined in the VNFD.\n",
+                  "type": "string"
+                },
+                "performanceMetric": {
+                  "description": "Performance metric that is monitored. This attribute shall contain the related \"Measurement Name\" value as defined in clause 7.2 of ETSI GS NFV-IFA 027.\n",
+                  "type": "string"
+                }
+              }
+            }
+          },
+          "localizationLanguage": {
+            "description": "Information about localization language of the VNF (includes e.g. strings in the VNFD). The localization languages supported by a VNF can be declared in the VNFD, and localization language selection can take place at instantiation time. The value shall comply with the format defined in IETF RFC 5646.\n",
+            "type": "string"
+          },
+          "vnfcResourceInfo": {
+            "description": "Information about the virtualised compute and storage resources used by the VNFCs of the VNF instance.\n",
+            "type": "array",
+            "items": {
+              "description": "This type represents the information on virtualised compute and storage resources used by a VNFC in a VNF instance.\n",
+              "type": "object",
+              "required": [
+                "id",
+                "vduId",
+                "computeResource"
+              ],
+              "properties": {
+                "id": {
+                  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                  "type": "string"
+                },
+                "vduId": {
+                  "description": "An identifier that is unique within a VNF descriptor.\n",
+                  "type": "string"
+                },
+                "computeResource": {
+                  "required": [
+                    "vimConnectionId",
+                    "resourceId"
+                  ],
+                  "type": "object",
+                  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n",
+                  "properties": {
+                    "vimConnectionId": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "resourceProviderId": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "resourceId": {
+                      "description": "An identifier maintained by the VIM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                      "type": "string"
+                    },
+                    "vimLevelResourceType": {
+                      "description": "The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or the resource provider and can be used as information that complements the ResourceHandle. This value set is different from the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2 in SOL003).\n",
+                      "type": "string"
+                    }
+                  }
+                },
+                "storageResourceIds": {
+                  "description": "References to the VirtualStorage resources. The value refers to a VirtualStorageResourceInfo item in the VnfInstance.\n",
+                  "type": "array",
+                  "items": {
+                    "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                    "type": "string"
+                  }
+                },
+                "reservationId": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                },
+                "vnfcCpInfo": {
+                  "description": "CPs of the VNFC instance. Shall be present when that particular CP of the VNFC instance is associated to an external CP of the VNF instance. May be present otherwise.\n",
+                  "type": "array",
+                  "items": {
+                    "type": "object",
+                    "required": [
+                      "id",
+                      "cpdId"
+                    ],
+                    "properties": {
+                      "id": {
+                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                        "type": "string"
+                      },
+                      "cpdId": {
+                        "description": "An identifier that is unique within a VNF descriptor.\n",
+                        "type": "string"
+                      },
+                      "vnfExtCpId": {
+                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                        "type": "string"
+                      },
+                      "cpProtocolInfo": {
+                        "description": "Network protocol information for this CP.\n",
+                        "type": "array",
+                        "items": {
+                          "description": "This type describes the protocol layer(s) that a CP uses together with protocol-related information, like addresses.\n",
+                          "required": [
+                            "layerProtocol"
+                          ],
+                          "properties": {
+                            "layerProtocol": {
+                              "description": "The identifier of layer(s) and protocol(s) associated to the network address information. Permitted values: IP_OVER_ETHERNET This attribute allows to signal the addition of further types of layer and protocol in future versions of the present document in a backwards-compatible way. In the current version of the present document, only IP over Ethernet is supported.\n",
+                              "type": "string",
+                              "enum": [
+                                "IP_OVER_ETHERNET"
+                              ]
+                            },
+                            "ipOverEthernet": {
+                              "description": "This type represents information about a network address that has been assigned.\n",
+                              "type": "object",
+                              "properties": {
+                                "macAddress": {
+                                  "description": "A MAC address. Representation: string that consists of groups of two hexadecimal digits, separated by hyphens or colons.\n",
+                                  "type": "string",
+                                  "format": "MAC"
+                                },
+                                "ipAddresses": {
+                                  "description": "Addresses assigned to the CP instance. Each entry represents IP addresses assigned by fixed or dynamic IP address assignment per subnet.\n",
+                                  "type": "array",
+                                  "items": {
+                                    "type": "object",
+                                    "required": [
+                                      "type"
+                                    ],
+                                    "properties": {
+                                      "type": {
+                                        "description": "The type of the IP addresses. Permitted values: IPV4, IPV6.\n",
+                                        "type": "string",
+                                        "enum": [
+                                          "IPV4",
+                                          "IPV6"
+                                        ]
+                                      },
+                                      "addresses": {
+                                        "description": "Fixed addresses assigned (from the subnet defined by \"subnetId\" if provided). Exactly one of \"addresses\" or \"addressRange\" shall be present.\n",
+                                        "type": "array",
+                                        "items": {
+                                          "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                          "type": "string",
+                                          "format": "IP"
+                                        }
+                                      },
+                                      "isDynamic": {
+                                        "description": "Indicates whether this set of addresses was assigned dynamically (true) or based on address information provided as input from the API consumer (false). Shall be present if \"addresses\" is present and shall be absent otherwise.\n",
+                                        "type": "boolean"
+                                      },
+                                      "addressRange": {
+                                        "description": "An IP address range used, e.g., in case of egress connections. Exactly one of \"addresses\" or \"addressRange\" shall be present.\n",
+                                        "type": "object",
+                                        "required": [
+                                          "minAddress",
+                                          "maxAddress"
+                                        ],
+                                        "properties": {
+                                          "minAddress": {
+                                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                            "type": "string",
+                                            "format": "IP"
+                                          },
+                                          "maxAddress": {
+                                            "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                            "type": "string",
+                                            "format": "IP"
+                                          }
+                                        }
+                                      },
+                                      "subnetId": {
+                                        "description": "An IPV4 or IPV6 address. Representation: In case of an IPV4 address, string that consists of four decimal integers separated by dots, each integer ranging from 0 to 255. In case of an IPV6 address, string that consists of groups of zero to four hexadecimal digits, separated by colons.\n",
+                                        "type": "string",
+                                        "format": "IP"
+                                      }
+                                    }
+                                  }
+                                }
+                              }
+                            }
+                          }
+                        }
+                      },
+                      "vnfLinkPortId": {
+                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                        "type": "string"
+                      },
+                      "metadata": {
+                        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                        "type": "object"
+                      }
+                    }
+                  }
+                },
+                "metadata": {
+                  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                  "type": "object"
+                }
+              }
+            }
+          },
+          "virtualLinkResourceInfo": {
+            "description": "Information about the virtualised network resources used by the VLs of the VNF instance.\n",
+            "type": "array",
+            "items": {
+              "description": "This type represents the information that allows addressing a virtualised resource that is used by an internal VL instance in a VNF instance.\n",
+              "type": "object",
+              "required": [
+                "id",
+                "vnfVirtualLinkDescId",
+                "networkResource"
+              ],
+              "properties": {
+                "id": {
+                  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                  "type": "string"
+                },
+                "vnfVirtualLinkDescId": {
+                  "description": "An identifier that is unique within a VNF descriptor.\n",
+                  "type": "string"
+                },
+                "networkResource": {
+                  "required": [
+                    "vimConnectionId",
+                    "resourceId"
+                  ],
+                  "type": "object",
+                  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n",
+                  "properties": {
+                    "vimConnectionId": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "resourceProviderId": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "resourceId": {
+                      "description": "An identifier maintained by the VIM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                      "type": "string"
+                    },
+                    "vimLevelResourceType": {
+                      "description": "The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or the resource provider and can be used as information that complements the ResourceHandle. This value set is different from the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2 in SOL003).\n",
+                      "type": "string"
+                    }
+                  }
+                },
+                "reservationId": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                },
+                "vnfLinkPorts": {
+                  "description": "Links ports of this VL. Shall be present when the linkPort is used for external connectivity by the VNF (refer to VnfLinkPortInfo). May be present otherwise.\n",
+                  "type": "array",
+                  "items": {
+                    "type": "object",
+                    "required": [
+                      "id",
+                      "resourceHandle"
+                    ],
+                    "properties": {
+                      "id": {
+                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                        "type": "string"
+                      },
+                      "resourceHandle": {
+                        "required": [
+                          "vimConnectionId",
+                          "resourceId"
+                        ],
+                        "type": "object",
+                        "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n",
+                        "properties": {
+                          "vimConnectionId": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                          },
+                          "resourceProviderId": {
+                            "description": "An identifier with the intention of being globally unique.\n",
+                            "type": "string"
+                          },
+                          "resourceId": {
+                            "description": "An identifier maintained by the VIM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                            "type": "string"
+                          },
+                          "vimLevelResourceType": {
+                            "description": "The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or the resource provider and can be used as information that complements the ResourceHandle. This value set is different from the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2 in SOL003).\n",
+                            "type": "string"
+                          }
+                        }
+                      },
+                      "cpInstanceId": {
+                        "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                        "type": "string"
+                      },
+                      "cpInstanceType": {
+                        "description": "Type of the CP instance that is identified by cpInstanceId. Shall be present if \"cpInstanceId\" is present, and shall be absent otherwise. Permitted values: VNFC_CP: The link port is connected to a VNFC CP EXT_CP: The link port is associated to an external CP.\n",
+                        "type": "string",
+                        "enum": [
+                          "VNFC_CP",
+                          "EXT_CP"
+                        ]
+                      }
+                    }
+                  }
+                },
+                "metadata": {
+                  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                  "type": "object"
+                }
+              }
+            }
+          },
+          "virtualStorageResourceInfo": {
+            "description": "Information on the virtualised storage resource(s) used as storage for the VNF instance.\n",
+            "type": "array",
+            "items": {
+              "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance.\n",
+              "type": "object",
+              "required": [
+                "id",
+                "virtualStorageDescId",
+                "storageResource"
+              ],
+              "properties": {
+                "id": {
+                  "description": "An identifier that is unique for the respective type within a VNF instance, but may not be globally unique.\n",
+                  "type": "string"
+                },
+                "virtualStorageDescId": {
+                  "description": "An identifier that is unique within a VNF descriptor.\n",
+                  "type": "string"
+                },
+                "storageResource": {
+                  "required": [
+                    "vimConnectionId",
+                    "resourceId"
+                  ],
+                  "type": "object",
+                  "description": "This type represents the information that allows addressing a virtualised resource that is used by a VNF instance. Information about the resource is available from the VIM.\n",
+                  "properties": {
+                    "vimConnectionId": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "resourceProviderId": {
+                      "description": "An identifier with the intention of being globally unique.\n",
+                      "type": "string"
+                    },
+                    "resourceId": {
+                      "description": "An identifier maintained by the VIM or other resource provider. It is expected to be unique within the VIM instance.\n",
+                      "type": "string"
+                    },
+                    "vimLevelResourceType": {
+                      "description": "The value set of the \"vimLevelResourceType\" attribute is within the scope of the VIM or the resource provider and can be used as information that complements the ResourceHandle. This value set is different from the value set of the \"type\" attribute in the ResourceDefinition (refer to clause 9.5.3.2 in SOL003).\n",
+                      "type": "string"
+                    }
+                  }
+                },
+                "reservationId": {
+                  "description": "An identifier with the intention of being globally unique.\n",
+                  "type": "string"
+                },
+                "metadata": {
+                  "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+                  "type": "object"
+                }
+              }
+            }
+          }
+        }
+      },
+      "metadata": {
+        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+        "type": "object"
+      },
+      "extensions": {
+        "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+        "type": "object"
+      },
+      "_links": {
+        "description": "Links to resources related to this resource.\n",
+        "type": "object",
+        "required": [
+          "self"
+        ],
+        "properties": {
+          "self": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
+            }
+          },
+          "indicators": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
+            }
+          },
+          "instantiate": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
+            }
+          },
+          "terminate": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
+            }
+          },
+          "scale": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
+            }
+          },
+          "scaleToLevel": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
+            }
+          },
+          "changeFlavour": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
+            }
+          },
+          "heal": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
+            }
+          },
+          "operate": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
+            }
+          },
+          "changeExtConn": {
+            "description": "This type represents a link to a resource using an absolute URI.\n",
+            "type": "object",
+            "required": [
+              "href"
+            ],
+            "properties": {
+              "href": {
+                "description": "String formatted according to IETF RFC 3986.\n",
+                "type": "string"
+              }
+            }
+          }
+        }
+      }
+    }
+  }
+}
\ No newline at end of file
diff --git a/interconnectedTestCases/SOL003/schemas/vnfPkgInfo.schema.json b/interconnectedTestCases/SOL003/schemas/vnfPkgInfo.schema.json
new file mode 100644
index 0000000000000000000000000000000000000000..d8327b4595f4e4c092e90707d9cfc8e9f3a7e1ee
--- /dev/null
+++ b/interconnectedTestCases/SOL003/schemas/vnfPkgInfo.schema.json
@@ -0,0 +1,293 @@
+{
+  "description": "This type represents the information of a VNF package.\nNOTE 1:\tIf the value of the onboardingState attribute is not equal to \"ONBOARDED\", the value of the operationalState \n        attribute shall be equal to \"DISABLED\".\nNOTE 2:\tIf the value of the onboardingState attribute is not equal to \"ONBOARDED\", the value of the usageState attribute \n        shall be equal to \"NOT_IN_USE\".\nNOTE 3:\tETSI GS NFV-SOL 001 specifies the structure and format of the VNFD based on TOSCA specifications.\n",
+  "type": "object",
+  "required": [
+    "id",
+    "onboardingState",
+    "operationalState",
+    "usageState",
+    "vnfmInfo",
+    "_links"
+  ],
+  "properties": {
+    "id": {
+      "description": "An identifier with the intention of being globally unique.\n",
+      "type": "string"
+    },
+    "vnfdId": {
+      "description": "An identifier with the intention of being globally unique.\n",
+      "type": "string"
+    },
+    "vnfdExtInvariantId": {
+      "description": "An identifier with the intention of being globally unique.\n",
+      "type": "string"
+    },
+    "vnfProvider": {
+      "description": "A string defined in IETF RFC 8259.\n",
+      "type": "string"
+    },
+    "vnfProductName": {
+      "description": "A string defined in IETF RFC 8259.\n",
+      "type": "string"
+    },
+    "vnfSoftwareVersion": {
+      "description": "A version.\n",
+      "type": "string"
+    },
+    "vnfdVersion": {
+      "description": "A version.\n",
+      "type": "string"
+    },
+    "compatibleSpecificationVersions": {
+      "description": "Indicates which versions of the ETSI GS NFV-SOL 004 specification the package complies to, as defined in the manifest of the package. Each entry shall be formatted as defined in clause 4.3.2 of ETSI GS NFV-SOL 004.\n",
+      "type": "array",
+      "items": {
+        "description": "A version.\n",
+        "type": "string"
+      }
+    },
+    "checksum": {
+      "description": "Cheksum description\n",
+      "type": "string"
+    },
+    "packageSecurityOption": {
+      "description": "Signals the security option used by the package as defined in clause 5.1 of ETSI GS NFV-SOL 004. It shall be present after the VNF package content has been on-boarded and absent otherwise. Valid values: OPTION_1, OPTION_2\n",
+      "type": "string",
+      "enum": ["OPTION_1", "OPTION_2"]
+    },
+    "signingCertificate": {
+      "description": "A string defined in IETF RFC 8259.\n",
+      "type": "string"
+    },
+    "softwareImages": {
+      "description": "Information about VNF package artifacts that are software images. This attribute shall not be present before the VNF package content is on-boarded. Otherwise, this attribute shall be present unless it has been requested to be excluded per attribute selector.\n",
+      "type": "array",
+      "items": {
+        "description": "This type represents an artifact contained in or external to a VNF package which represents a software image..\n* NOTE 1:\tThe list of permitted values was taken from \"Container formats\" in OpenStack® documentation: \"Disk and container formats for images\"\n          (Available at https://docs.openstack.org/glance/pike/user/formats.html).\n* NOTE 2:\tThe list of permitted values was adapted from \"Disk formats\" in OpenStack® documentation: \"Disk and container formats for images\"\n          (Available at https://docs.openstack.org/glance/pike/user/formats.html).\n* NOTE 3: The attribute shall be present for VM-based software images referenced from a Vdu, and shall be absent\n          otherwise.\n* NOTE 4: The attribute shall be present for software images referenced from a VirtualStorageDesc, and shall be absent\n          otherwise.\n",
+        "type": "object",
+        "required": [
+          "id",
+          "name",
+          "provider",
+          "version",
+          "checksum",
+          "isEncrypted",
+          "containerFormat",
+          "createdAt",
+          "size"
+        ],
+        "properties": {
+          "id": {
+            "description": "An identifier that is unique within a VNF descriptor.\n",
+            "type": "string"
+          },
+          "name": {
+            "description": "A string defined in IETF RFC 8259.\n",
+            "type": "string"
+          },
+          "provider": {
+            "description": "A string defined in IETF RFC 8259.\n",
+            "type": "string"
+          },
+          "version": {
+            "description": "A version.\n",
+            "type": "string"
+          },
+          "checksum": {
+            "description": "Cheksum description\n",
+            "type": "string"
+          },
+          "isEncrypted": {
+            "description": "The Boolean is a data type having two values (true and false).\n",
+            "type": "boolean"
+          },
+          "containerFormat": {
+            "description": "Container format indicates whether the software image is in a file format that also contains metadata about the actual software. Permitted values: - AKI: a kernel image format - AMI: a machine image format - ARI: a ramdisk image format - BARE: the image does not have a container or metadata envelope - DOCKER: docker container format - OVA: OVF package in a tarfile - OVF: OVF container format See note 1.\n",
+            "type": "string",
+            "enum": ["AKI", "AMI", "ARI", "BARE", "DOCKER", "OVA", "OVF"]
+          },
+          "diskFormat": {
+            "description": "Disk format of a software image is the format of the underlying disk image. Permitted values:\n  - AKI: a kernel image format\n  - AMI: a machine image format\n  - ARI: a ramdisk image format\n  - ISO: an archive format for the data contents of an optical disc,\n    such as CD-ROM\n  - QCOW2: a common disk image format, which can expand dynamically\n    and supports copy on write\n  - RAW: an unstructured disk image format\n  - VDI: a common disk image format\n  - VHD: a common disk image format\n  - VHDX: enhanced version of VHD format\n  - VMDK: a common disk image format\nSee notes 2 and 3.\n",
+            "type": "string",
+            "enum": [
+              "AKI",
+              "AMI",
+              "ISO",
+              "QCOW2",
+              "RAW",
+              "VDI",
+              "VHD",
+              "VHDX",
+              "VMDK"
+            ]
+          },
+          "createdAt": {
+            "description": "Date-time stamp. Representation: String formatted according to IETF RFC 3339.\n",
+            "type": "string",
+            "format": "date-time"
+          },
+          "minDisk": {
+            "description": "The minimal disk for this software image in bytes. See note 4.\n",
+            "type": "integer"
+          },
+          "minRam": {
+            "description": "The minimal RAM for this software image in bytes. See note 3.\n",
+            "type": "integer"
+          },
+          "size": {
+            "description": "Size of this software image in bytes.\n",
+            "type": "integer"
+          },
+          "userMetadata": {
+            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+            "type": "object"
+          },
+          "imagePath": {
+            "description": "Path which identifies the image artifact and also allows to access a copy of the image artifact. For a software image contained as a file in the VNF package, this attribute shall be present, and the value of this attribute shall start with the name of the first segment in the path in the package, i.e., it shall not be prefixed by path separator characters such as \".\" and \"/\". EXAMPLE: foo/bar/m%40ster.vhd For an external software image represented as a URI in the VNF descriptor, this attribute shall be present if the  image artifact has been downloaded by the NFVO and shall be absent otherwise. If present, it shall contain the artifactPath under which the image artifact can be obtained using the \"Individual artifact in a VNF package\" resource defined in clause 9.4.7. It is the responsibility of the NFVO to synthesize this path in a manner that avoids any collision of the synthesized artifact path with the paths and names of image artifacts included in the package.\n",
+            "type": "string"
+          },
+          "imageUri": {
+            "description": "String formatted according to IETF RFC 3986.\n",
+            "type": "string"
+          }
+        }
+      }
+    },
+    "additionalArtifacts": {
+      "description": "Information about VNF package artifacts contained in the VNF package that are not software images. Every local and external artifact declared in the manifest shall be included, except the software images and the files that make up the parts of the VNFD (see clause 10.4.4.3.2). Signature files and certificate files are not considered as artifacts, however, the content of the \"Licenses\" and \"Testing\" directories in the VNF package is. This attribute shall not be present before the VNF package content is on-boarded. Otherwise, this attribute shall be present if the VNF package contains additional artifacts.\n",
+      "type": "array",
+      "items": {
+        "description": "This type represents an artifact other than a software image which is contained in or external to a VNF package.\n",
+        "type": "object",
+        "required": ["artifactPath", "checksum", "isEncrypted"],
+        "properties": {
+          "artifactPath": {
+            "description": "A string defined in IETF RFC 8259.\n",
+            "type": "string"
+          },
+          "artifactURI": {
+            "description": "URI of the artifact as defined in the VNF package manifest. Shall be present if the artifact is external to the package and shall be absent otherwise.\nEXAMPLE: https://example.com/m%40ster.sh\n",
+            "type": "array",
+            "items": {
+              "description": "String formatted according to IETF RFC 3986.\n",
+              "type": "string"
+            }
+          },
+          "checksum": {
+            "description": "Cheksum description\n",
+            "type": "string"
+          },
+          "isEncrypted": {
+            "description": "The Boolean is a data type having two values (true and false).\n",
+            "type": "boolean"
+          },
+          "nonManoArtifactSetId": {
+            "description": "A string defined in IETF RFC 8259.\n",
+            "type": "string"
+          },
+          "artifactClassification": {
+            "description": "Marks specific types of artifacts as defined in the VNF package. If none of the specific classes listed below applies, the attribute shall not be present.\nValid values: -\tHISTORY: a history artifact as per clause 4.3.3 in ETSI GS NFV-SOL 004 -\tTESTING: a testing artifact as per clause 4.3.4 in ETSI GS NFV-SOL 004 -\tLICENSE: a license artifact as per clause 4.3.5 in ETSI GS NFV-SOL 004\n",
+            "type": "string",
+            "enum": ["HISTORY", "TESTING", "LICENSE"]
+          },
+          "metadata": {
+            "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+            "type": "object"
+          }
+        }
+      }
+    },
+    "onboardingState": {
+      "description": "CREATED: The \"Individual VNF package\" resource has been created. UPLOADING: The associated VNF package content is being uploaded. PROCESSING: The associated VNF package content is being processed, e.g.,\n            validation.\nONBOARDED: The associated VNF package content has been on-boarded successfully. ERROR: There was an error during upload of the VNF package content or external\n        artifacts, or during VNF package processing.\n",
+      "type": "string",
+      "enum": ["CREATED", "UPLOADING", "PROCESSING", "ONBOARDED", "ERROR"]
+    },
+    "operationalState": {
+      "description": "- ENABLED: The VNF package is enabled, i.e. it can be used for\n  the creation of new \"Individual VNF instance\" resources.\n- DISABLED: The VNF package is disabled, i.e. it shall not be used for\n  the creation of further \"Individual VNF instance\" resources\n  (unless and until the VNF package is re-enabled).\n",
+      "type": "string",
+      "enum": ["ENABLED", "DISABLED"]
+    },
+    "usageState": {
+      "description": "- IN_USE: \"Individual VNF instance\" resources created from this VNF package exist. - NOT_IN_USE: No \"Individual VNF instance\" resource created from this VNF package exists.\n",
+      "type": "string",
+      "enum": ["IN_USE", "NOT_IN_USE"]
+    },
+    "vnfmInfo": {
+      "description": "A string defined in IETF RFC 8259.\n",
+      "type": "string"
+    },
+    "userDefinedData": {
+      "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n",
+      "type": "object"
+    },
+    "onboardingFailureDetails": {
+      "description": "The definition of the general \"ProblemDetails\" data structure from IETF RFC 7807 is reproduced inthis structure. Compared to the general framework defined in IETF RFC 7807, the \"status\" and \"detail\" attributes are mandated to be included by the present document, to ensure that the response contains additional textual information about an error. IETF RFC 7807 foresees extensibility of the \"ProblemDetails\" type. It is possible that particular APIs in the present document, or particular implementations, define extensions to define additional attributes that provide more information about the error. The description column only provides some explanation of the meaning to Facilitate understanding of the design. For a full description, see IETF RFC 7807.\n",
+      "type": "object",
+      "required": ["status", "detail"],
+      "properties": {
+        "type": {
+          "description": "A URI reference according to IETF RFC 3986 that identifies the problem type. It is encouraged that the URI provides human-readable documentation for the problem (e.g. using HTML) when dereferenced. When this member is not present, its value is assumed to be \"about:blank\".\n",
+          "type": "string",
+          "format": "URI"
+        },
+        "title": {
+          "description": "A short, human-readable summary of the problem type. It should not change from occurrence to occurrence of the problem, except for purposes of localization. If type is given and other than \"about:blank\", this attribute shall also be provided. A short, human-readable summary of the problem type.  It SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localization (e.g., using proactive content negotiation; see [RFC7231], Section 3.4).\n",
+          "type": "string"
+        },
+        "status": {
+          "description": "The HTTP status code for this occurrence of the problem. The HTTP status code ([RFC7231], Section 6) generated by the origin server for this occurrence of the problem.\n",
+          "type": "integer"
+        },
+        "detail": {
+          "description": "A human-readable explanation specific to this occurrence of the problem.\n",
+          "type": "string"
+        },
+        "instance": {
+          "description": "A URI reference that identifies the specific occurrence of the problem. It may yield further information if dereferenced.\n",
+          "type": "string",
+          "format": "URI"
+        }
+      }
+    },
+    "_links": {
+      "description": "Links to resources related to this resource.\n",
+      "type": "object",
+      "required": ["self", "packageContent"],
+      "properties": {
+        "self": {
+          "description": "This type represents a link to a resource using an absolute URI.\n",
+          "type": "object",
+          "required": ["href"],
+          "properties": {
+            "href": {
+              "description": "String formatted according to IETF RFC 3986.\n",
+              "type": "string"
+            }
+          }
+        },
+        "vnfd": {
+          "description": "This type represents a link to a resource using an absolute URI.\n",
+          "type": "object",
+          "required": ["href"],
+          "properties": {
+            "href": {
+              "description": "String formatted according to IETF RFC 3986.\n",
+              "type": "string"
+            }
+          }
+        },
+        "packageContent": {
+          "description": "This type represents a link to a resource using an absolute URI.\n",
+          "type": "object",
+          "required": ["href"],
+          "properties": {
+            "href": {
+              "description": "String formatted according to IETF RFC 3986.\n",
+              "type": "string"
+            }
+          }
+        }
+      }
+    }
+  }
+}
diff --git a/requirements.txt b/requirements.txt
index a5adb34575a5a81a184fb415507b75b258201ca0..7df57b4fb4c908c9134096955e5c3921183d3b01 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -9,3 +9,4 @@ robotframework-jsonlibrary==0.3
 robotframework-jsonschemalibrary==1.0
 robotframework-mockserver==0.0.7
 robotframework-requests==0.7.1
+PyJWT==2.9.0