This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| applications: | |
| - name: uaa | |
| memory: 1024M | |
| instances: 1 | |
| random-route: true | |
| path: ./uaa/build/libs/cloudfoundry-identity-uaa-3.4.1.war | |
| host: my-auth-server | |
| services: | |
| - my-database | |
| env: | |
| SPRING_PROFILES_ACTIVE: mysql,default | |
| UAA_URL: http://my-auth-server.cfapps.io | |
| JBP_CONFIG_SPRING_AUTO_RECONFIGURATION: '[enabled: false]' | |
| LOGIN_URL: http://my-auth-server.cfapps.io | |
| UAA_CONFIG_YAML: | | |
| uaa: | |
| test: | |
| username: marissa | |
| password: dr0WssaPH@ck | |
| database: | |
| driverClassName: org.mariadb.jdbc.Driver | |
| url: jdbc:mysql://us-cdbr-iron-east-04.cleardb.net/<db_name>?user=<user>&password=<pass> | |
| username: <user> | |
| password: <pass> | |
| oauth: | |
| client: | |
| autoapprove: | |
| - resource-service | |
| - user-dashboard | |
| clients: | |
| resource-service: | |
| id: resource-service | |
| secret: resource-secret | |
| scope: uaa.resource | |
| authorities: uaa.resource | |
| user-dashboard: | |
| id: user-dashboard | |
| secret: user-dashboard-secret | |
| scope: openid,myApp.read-resource,myApp.create-resource | |
| authorized-grant-types: authorization_code,refresh_token,password | |
| authorities: openid | |
| user: | |
| authorities: | |
| - openid | |
| - scim.me | |
| - cloud_controller.read | |
| - cloud_controller.write | |
| - cloud_controller_service_permissions.read | |
| - password.write | |
| - scim.userids | |
| - uaa.user | |
| - approvals.me | |
| - oauth.approvals | |
| - profile | |
| - roles | |
| - user_attributes | |
| - myApp.read-reservations | |
| - myApp.create-reservations | |
| scim: | |
| groups: | |
| zones.read: Read identity zones | |
| zones.write: Create and update identity zones | |
| idps.read: Retrieve identity providers | |
| idps.write: Create and update identity providers | |
| clients.admin: Create, modify and delete OAuth clients | |
| clients.write: Create and modify OAuth clients | |
| clients.read: Read information about OAuth clients | |
| clients.secret: Change the password of an OAuth client | |
| scim.write: Create, modify and delete SCIM entities, i.e. users and groups | |
| scim.read: Read all SCIM entities, i.e. users and groups | |
| scim.create: Create users | |
| scim.userids: Read user IDs and retrieve users by ID | |
| scim.zones: Control a user's ability to manage a zone | |
| scim.invite: Send invitations to users | |
| password.write: Change your password | |
| oauth.approval: Manage approved scopes | |
| oauth.login: Authenticate users outside of the UAA | |
| openid: Access profile information, i.e. email, first and last name, and phone number | |
| groups.update: Update group information and memberships | |
| uaa.user: Act as a user in the UAA | |
| uaa.resource: Serve resources protected by the UAA | |
| uaa.admin: Act as an administrator throughout the UAA | |
| uaa.none: Forbid acting as a user | |
| myApp.read-reservations: Read Resources | |
| myApp.create-reservations: Create Resources | |
| group_membership: | |
| - acme|acme.dev,acme.qa | |
| - acme.dev|marissa | |
| - uaa.admin|marissa | |
| external_groups: | |
| - acme| cn=Engineering,ou=groups,dc=example,dc=com cn=HR,ou=groups,dc=example,dc=com cn=mgmt,ou=groups,dc=example,dc=com | |
| - acme.dev|cn=Engineering,ou=groups,dc=example,dc=com | |
| users: | |
| - marissa|koala|marissa@test.org|Marissa|Bloggs|uaa.user,uaa.admin,myApp.read-reservations,myApp.create-reservations | |
| userids_enabled: true |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment