1) 내부 role
monitoring_user
- indices : .mavel-es-*, .monitoring-*
- privilegs : read
logstash_system
- indices :
- privilegs :
kibana_user
- indices : .kibana*
- privileges : manager, read, index, delete
reporting_user
- indices : .reporting-*
- privileges : read, write
remote_monitoring_agent
- indices : .mavel-es-*, .monitoring-*
- privileges : all
kibana_system
- indices : .kibana*, .reporting-*
- privileges : all
transport_client
- indices :
- privileges :
superuser
- indices : *
- privileges : all
ingest_admin
- indices :
- privileges :
2) 신규 role 생성/할당
curl -XPOST -u elastic 'localhost:9200/_xpack/security/role/events_admin' -d '{
"indices" : [
{
"names" : [ "events*" ],
"privileges" : [ "all" ]
},
{
"names" : [ ".kibana*" ],
"privileges" : [ "manage", "read", "index" ]
}
]
}'
curl -XPOST -u elastic 'localhost:9200/_xpack/security/user/johndoe' -d '{
"password" : "userpassword",
"full_name" : "John Doe",
"email" : "john.doe@anony.mous",
"roles" : [ "events_admin" ]
}'
https://www.elastic.co/guide/en/x-pack/current/security-privileges.html
'NoSQL > Elasticsearch' 카테고리의 다른 글
| x-pack 사용자 정보 cache에서 clear (0) | 2017.03.22 |
|---|---|
| x-pack kibana, logstash에 대한 기본 모니터링 user 등록 (0) | 2017.03.22 |
| x-pack native built-in 계정 패스워드 변경 (0) | 2017.03.22 |
| x-pack security 인증 설정 (0) | 2017.03.22 |
| x-pack uninstall (0) | 2017.03.22 |