-
Notifications
You must be signed in to change notification settings - Fork 43
/
values-ias.yaml
36 lines (34 loc) · 1.74 KB
/
values-ias.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
# Backend Service Workload
# Add this to the existing "srv" module of your values-private.yaml file
srv:
bindings:
identity:
# Only enable if Cloud Identity Service instance is enabled in Umbrella Chart
serviceInstanceName: identity
# SAP IAS binding requires X.509 certificate based credentials
parameters:
credential-type: X509_GENERATED
credentialsRotationPolicy:
enabled: true
rotatedBindingTTL: 1h
rotationFrequency: 24h
# SAP Cloud Identity Service Instance
# Add this as a new module to the end of your values-private.yaml file
identity:
serviceOfferingName: identity
servicePlanName: application
parameters:
# Unique display dame as usually only one SAP IAS instance per customer
display-name: 'SusaaS ({{.Release.Name}}-{{.Release.Namespace}}-{{.Values.global.shootName}})'
oauth2-configuration:
# Redirect and logout URIs filled with dummy values as not required for authentication
redirect-uris:
- 'https://*.{{ include "cap.deploymentHostFull" ( merge ( dict "name" "router" "deployment" .Values.router ) . ) }}/login/callback?authType=ias'
- 'https://{{ include "cap.deploymentHostFull" ( merge ( dict "name" "router" "deployment" .Values.router ) . ) }}/login/callback?authType=ias'
post-logout-redirect-uris:
- 'https://*.{{ include "cap.deploymentHostFull" ( merge ( dict "name" "router" "deployment" .Values.router ) . ) }}/logout/**'
- 'https://{{ include "cap.deploymentHostFull" ( merge ( dict "name" "router" "deployment" .Values.router ) . ) }}/logout/**'
grant-types: ["authorization_code"]
credential-types: ["binding-secret", "x509"]
xsuaa-cross-consumption: false
multi-tenant: false