权限及用户
创建“read_only”role
这里的role具有list indices及get indices内容的权限,如果只给一个read,是不能list的
curl -XPOST -H 'Content-Type: application/json' -u elastic:xxx http://10.0.2.1:9200/_security/role/read_only -d '{
"cluster": [
"cluster:monitor/health",
"monitor"
],
"indices": [
{
"names": [
"*"
],
"privileges": [
"read",
"monitor",
"indices:admin/get",
"indices:monitor/settings/get",
"indices:monitor/stats",
"indices:admin/aliases/get"
]
}
]
}'
创建esread账号,绑定read_only role
curl -XPOST -H 'Content-Type: application/json' -u elastic:xxx http://10.0.2.1:9200/_security/user/esread -d '{
"password": "GfWVqGWo0gU3PdHz",
"roles": ["read_only"]
}'
转载请注明来源, 欢迎对文章中的引用来源进行考证, 欢迎指出任何有错误或不够清晰的表达, 可以邮件至 chinaops666@gmail.com