Blame - kubernetes/aaf/resources/config/aaf-cs-data/init.cql - onap/oom

blob: 81700f830c376cec6badabd655b933768936790b [file] [log] [blame]

Dusan Rozman	7704d2a	2017-09-26 16:04:12 -0400	[diff] [blame]	1	// For Developer Machine single instance
				2	//
				3	CREATE KEYSPACE authz
				4	WITH REPLICATION = {'class' : 'SimpleStrategy','replication_factor':1};
				5	//
				6	// From Ravi, 6-17-2014. User for DEVL->TEST
				7	//
				8	// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'HYWRCA02': '2', 'BRHMALDC': '2' };
				9	//
				10	// PROD
				11	//
				12	// CREATE KEYSPACE authz WITH replication = {'class': 'NetworkTopologyStrategy','ALPSGACT': '2','STLSMORC': '2','BRHMALDC': '2' };
				13	//
				14	// create user authz with password '<AUTHZ PASSWORD>' superuser;
				15	// grant all on keyspace authz to authz;
				16	//
				17	// For TEST (aaf_test)
				18	// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'BRHMALDC': '1' };
				19	//
				20	// DEVL
				21	// CREATE KEYSPACE authz WITH replication = {'class': 'NetworkTopologyStrategy','STLSMORC': '2' };
				22	//
				23	// TEST / PERF
				24	// CREATE KEYSPACE authz WITH replication = {'class': 'NetworkTopologyStrategy','STLSMORC': '3','KGMTNC20': '3' };
				25	//
				26	// IST
				27	// CREATE KEYSPACE authz WITH replication = {'class': 'NetworkTopologyStrategy','STLSMORC':'3',
				28	// 'DLLSTXCF':'3','KGMTNC20':'3','SFLDMIBB':'3','HYWRCA02':'3' };
				29	//
				30	// with 6 localized with ccm
				31	// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'dc1': '2', 'dc2': '2' };
				32	//
				33
				34	USE authz;
				35
				36	//
				37	// CORE Table function
				38	//
				39
				40	// Namespace - establish hierarchical authority to modify
				41	// Permissions and Roles
				42	// "scope" is flag to determine Policy. Typical important scope
				43	// is "company" (1)
				44	CREATE TABLE ns (
				45	name varchar,
				46	scope int, // deprecated 2.0.11
				47	description varchar,
				48	parent varchar,
				49	type int,
				50	PRIMARY KEY (name)
				51	);
				52	CREATE INDEX ns_parent on ns(parent);
				53
				54
				55	// Oct 2015, not performant. Made Owner and Attrib first class Roles,
				56	// April, 2015. Originally, the plan was to utilize Cassandra 2.1.2, however, other team's preferences were to remain at current levels.
				57	// Therefore, we are taking the separate table approach. (coder Jeremiah Rohwedder)
				58	// We had dropped this by making first class objects of Responsible (Owner) and Admin. We need this again to mark namespaces
				59	// as having certain tools, like SWM, etc.
				60	CREATE TABLE ns_attrib (
				61	ns varchar,
				62	key varchar,
				63	value varchar,
				64	PRIMARY KEY (ns,key)
				65	);
				66	create index ns_attrib_key on ns_attrib(key);
				67
				68	// Will be cached
				69	CREATE TABLE role (
				70	ns varchar,
				71	name varchar,
				72	perms set<varchar>, // Use "Key" of "name\|type\|action"
				73	description varchar,
				74	PRIMARY KEY (ns,name)
				75	);
				76	CREATE INDEX role_name ON role(name);
				77
				78	// Will be cached
				79	CREATE TABLE perm (
				80	ns varchar,
				81	type varchar,
				82	instance varchar,
				83	action varchar,
				84	roles set<varchar>, // Need to find Roles given Permissions
				85	description varchar,
				86	PRIMARY KEY (ns,type,instance,action)
				87	);
				88
				89	// This table is user for Authorization
				90	CREATE TABLE user_role (
				91	user varchar,
				92	role varchar, // deprecated: change to ns/rname after 2.0.11
				93	ns varchar,
				94	rname varchar,
				95	expires timestamp,
				96	PRIMARY KEY(user,role)
				97	);
				98	CREATE INDEX user_role_ns ON user_role(ns);
				99	CREATE INDEX user_role_role ON user_role(role);
				100
				101	// This table is only for the case where return User Credential (MechID) Authentication
				102	CREATE TABLE cred (
				103	id varchar,
				104	type int,
				105	expires timestamp,
				106	ns varchar,
				107	other int,
				108	notes varchar,
				109	cred blob,
				110	prev blob,
				111	PRIMARY KEY (id,type,expires)
				112	);
				113	CREATE INDEX cred_ns ON cred(ns);
				114
				115	// Certificate Cross Table
				116	// coordinated with CRED type 2
				117	CREATE TABLE cert (
				118	fingerprint blob,
				119	id varchar,
				120	x500 varchar,
				121	expires timestamp,
				122	PRIMARY KEY (fingerprint)
				123	);
				124	CREATE INDEX cert_id ON cert(id);
				125	CREATE INDEX cert_x500 ON cert(x500);
				126
				127	CREATE TABLE notify (
				128	user text,
				129	type int,
				130	last timestamp,
				131	checksum int,
				132	PRIMARY KEY (user,type)
				133	);
				134
				135	CREATE TABLE x509 (
				136	ca text,
				137	serial blob,
				138	id text,
				139	x500 text,
				140	x509 text,
				141	PRIMARY KEY (ca,serial)
				142	);
				143
				144
				145	CREATE INDEX x509_id ON x509 (id);
				146	CREATE INDEX x509_x500 ON x509 (x500);
				147
				148	//
				149	// Deployment Artifact (for Certman)
				150	//
				151	CREATE TABLE artifact (
				152	mechid text,
				153	machine text,
				154	type Set<text>,
				155	sponsor text,
				156	ca text,
				157	dir text,
				158	appName text,
				159	os_user text,
				160	notify text,
				161	expires timestamp,
				162	renewDays int,
				163	PRIMARY KEY (mechid,machine)
				164	);
				165	CREATE INDEX artifact_machine ON artifact(machine);
				166
				167	//
				168	// Non-Critical Table functions
				169	//
				170	// Table Info - for Caching
				171	CREATE TABLE cache (
				172	name varchar,
				173	seg int, // cache Segment
				174	touched timestamp,
				175	PRIMARY KEY(name,seg)
				176	);
				177
				178	CREATE TABLE history (
				179	id timeuuid,
				180	yr_mon int,
				181	user varchar,
				182	action varchar,
				183	target varchar, // user, user_role,
				184	subject varchar, // field for searching main portion of target key
				185	memo varchar, //description of the action
				186	reconstruct blob, //serialized form of the target
				187	// detail Map<varchar, varchar>, // additional information
				188	PRIMARY KEY (id)
				189	);
				190	CREATE INDEX history_yr_mon ON history(yr_mon);
				191	CREATE INDEX history_user ON history(user);
				192	CREATE INDEX history_subject ON history(subject);
				193
				194	//
				195	// A place to hold objects to be created at a future time.
				196	//
				197	CREATE TABLE future (
				198	id uuid, // uniquify
				199	target varchar, // Target Table
				200	memo varchar, // Description
				201	start timestamp, // When it should take effect
				202	expires timestamp, // When not longer valid
				203	construct blob, // How to construct this object (like History)
				204	PRIMARY KEY(id)
				205	);
				206	CREATE INDEX future_idx ON future(target);
				207	CREATE INDEX future_start_idx ON future(start);
				208
				209
				210	CREATE TABLE approval (
				211	id timeuuid, // unique Key
				212	ticket uuid, // Link to Future Record
				213	user varchar, // the user who needs to be approved
				214	approver varchar, // user approving
				215	type varchar, // approver types i.e. Supervisor, Owner
				216	status varchar, // approval status. pending, approved, denied
				217	memo varchar, // Text for Approval to know what's going on
				218	operation varchar, // List operation to perform
				219	PRIMARY KEY(id)
				220	);
				221	CREATE INDEX appr_approver_idx ON approval(approver);
				222	CREATE INDEX appr_user_idx ON approval(user);
				223	CREATE INDEX appr_ticket_idx ON approval(ticket);
				224	CREATE INDEX appr_status_idx ON approval(status);
				225
				226	CREATE TABLE delegate (
				227	user varchar,
				228	delegate varchar,
				229	expires timestamp,
				230	PRIMARY KEY (user)
				231	);
				232	CREATE INDEX delg_delg_idx ON delegate(delegate);
				233
				234	//
				235	// Used by authz-batch processes to ensure only 1 runs at a time
				236	//
				237	CREATE TABLE run_lock (
				238	class text,
				239	host text,
				240	start timestamp,
				241	PRIMARY KEY ((class))
				242	);