AWS Configurations
Below are the properties to be updated in the install-aws.sh/install-aws-postgresql file:
| PROPERTY | DEFAULT VALUE | TO BE UPDATED AS | DESCRIPTION |
|---|---|---|---|
| DynamoDB Configuration | |||
| DATABASE_KEY | dynamodb | name of the database key | |
| PostgresDB Configurations | |||
| DATABASE_KEY | postgresql | name of the database key | |
| POSTGRESQL_CONNECTIONURL | jdbc:postgresql://cddpostgresdb:5432/duediligencedb | URL to connect to the postgreSQLdb instance | |
| POSTGRESQL_USERNAME | root | Username | |
| POSTGRESQL_PASSWORD | password | Password | |
| Environment Configurations | |||
| AWS_SECRET_ACCESS_KEY | AWS Account Secret Key | ||
| AWS_REGION | Developer's credentials | AWS Account Region | |
| DEPLOYMENT_ENVIRONMENT | As required |
If multiple instances of MS need to be deployed in the same region, then this property needs to be set [should use only lower case letters in-order to comply with AWS resources naming convention] Ex: if the property is set as 'dev', the bucket name will be 'dev-ms-duediligence-package'. |
|
| S3_BUCKET_ID | ms-duediligence-package | As required |
S3 bucket is an object storage service. The application JAR file will be copied into the s3 bucket. |
| Entitlement Configuration | |||
| temn_entitlement_service_enabled | false | As required |
Enable/Disable the entitlement service. If the property is enabled, the roles and permissions needed for the authentication will be taken from the entitlement microservices. |
| PDP Configurations | |||
| temn_msf_security_authz_enabled | false | true or false |
Enable/Disable the XACML policy authorization. XACML policy authorization is used to configure security policies and access rights to information for APIs. |
| PDP_CONFIG | classpath:xacml/pdp-config.xml | As required |
Mapping the PDP-callback configuration file available in the classpath. XAML Config file path needs to be set in the property. |
| PDP_RESOURCE_TYPE | API | As required |
The value that is set in the XAML config file needs to be provided. Resource type is used to identify the policy set in the XAML config. |
| PDP_RESOURCE_MANAGER | DUEDILIGENCE | As required |
The value that is set in the XAML config file needs to be provided. Resource Manager is used to identify the policy set in the XAML config. |
| JWT Configurations | |||
| ms_security_tokencheck_enabled | Y | Y or N |
Enable/Disable the JWT validation. By default, JWT token check is enabled. JWT validation is used to validate the custom and mandatory claims from the provided token. |
| ID_TOKEN_SIGNED | true | true or false |
Enable/Disable JWT signature validation. By default, signature validation is enabled, Set it to 'false', if the validation is not required. JWT signature validates the public and private key from the given JWT token. |
| JWT_TOKEN_ISSUER | Fabric | Issue value present in XACML Policy file | Identifies the issuer of the authentication token. |
| JWT_TOKEN_PRINCIPAL_CLAIM | sub | Value should match with JWT token used | Indicates the claim in which the user principal is provided. |
| JWT_TOKEN_PUBLIC_KEY | Base 64 encoded public key | Indicates Base64 encoded public key content that can be directly loaded as a public key certificate. | |
|
Below mentioned InboxOutbox and Ingester Configurations are related to GDPR.
|
|||
| Common Configurations | |||
| temn_msf_name | ms-duediligence | ||
| temn_msf_stream_kinesis_region | As required | AWS Account Region | |
| temn_msf_stream_vendor | kinesis | ||
| temn_msf_ingest_generic_ingester | com.temenos.microservice.framework.core.ingester.GenericCommandSTBinaryIngester | ||
| temn_msf_exec_env | serverless | ||
| class_package_name | com.temenos.microservice.duediligence.function | ||
| class_inbox_dao | com.temenos.microservice.framework.core.inbox.InboxDaoImpl | ||
| class_outbox_dao | com.temenos.microservice.framework.core.outbox.OutboxDaoImpl | ||
| tmn_ignite_host | cache-service | ||
| tmn_ignite_port | 10800 | ||
| temn_msf_kinesis_flow | true | ||
| MAX_POOL_SIZE | 10 | Specifies maximum number of connections maintained in the pool. | |
| MIN_POOL_SIZE | 5 | Specifies minimum number of connections maintained in the pool. | |
| temn_queue_impl | kinesis | ||
| InboxOutbox Configurations | |||
| tem_msf_disableInbox | false | Enable or disable inbox outbox. | |
| temn_msf_ingest_outbox_cache_namespace | ms-duediligence-outbox | ||
| tmn_inbox_thread_pool_count | 10 | ||
| tmn_outbox_thread_pool_count | 10 | ||
| temn_msf_ingest_source_stream | ms-duediligence-outbox | ||
| tmn_inbox_source_namespace | duediligence-inbox | ||
| tmn_outbox_source_namespace | duediligence-outbox | ||
| temn_msf_ingest_is_cloud_event | true | ||
| Ingester Configurations | |||
| temn_msf_service_name | CommandIngester | ||
| temn_msf_ingest_source_stream | ms-duediligence-inbox-topic | ||
| temn_msf_ingest_sink_error_stream | ms-duediligence-inbox-error-topic | ||
| temn_msf_raise_received_event | true | ||
| temn_msf_raise_commandprocessed_event_enabled | true | ||
| temn_msf_ingest_is_avro_event_ingester | false | ||
| temn_msf_ingest_outbox_cache_namespace | ms-duediligence-outbox | ||
| temn_msf_ingest_inbox_cache_namespace | ms-duediligence-inbox | ||
In this topic