How to assign different Elasticsearch cluster access permissions to different INFINI Console accounts #

Introduction #

This article will introduce the use of INFINI Console to assign two different Elasticsearch cluster management permissions to two different accounts

Prepare #

Download and install the latest version of INFINI Console
Enable INFINI Console Security Features
Register at least two Elasticsearch clusters to the INFINI Console

Creating a Role #

Click System > Security Settings on the left menu of INFINI Console, and select the Role Tab page to enter the role management page.

New platform role `platform_role` #

Click the New button, select the platform role, and create a new platform role platform_role. The operation steps are as follows:

Input role name platform_role
Expand all functional permissions
Except for the security functions under the system settings, select the All permission for all other functions.
Security feature under System Settings is set to None permission.
Click the save button to submit
Selecting the All permission of a function represents the read and write operation permission of this function, Read means only have read permission, None means no permission for this function (the function is not available in the menu after the user logs in)

security settings

New data role `es-v7171` #

Click the New button, select the data role, and create a new data role es-v7171

security settings

New data role `es-v630` #

Click the New button, select the data role, create a new data role es-v630, the configuration is similar to the role es-v7171

Create Account #

Click the left menu of INFINI Console System > Security Settings, select the User Tab page to enter the Account Management page.

New account `zhangsan` #

Click the New button to create a new account zhangsan and assign the account role platform_role, es-v717

security settings

Click the save button to submit after the creation is successful, save the account password

security settings

New account `wangwu` #

Click the New button to create a new account wangwu, and assign the account roles platform_role, es-v630, the configuration is similar to the account zhangsan

After logging in with the administrator account, view the platform overview, and you can see all 13 registered clusters

security settings

Login with account `zhangsan` #

After logging in with the account zhangsan and viewing the platform overview, you can only see the cluster es-v7171

security settings

Login with account `wangwu` #

After logging in with the account zhangsan and viewing the platform overview, you can only see the cluster es-v630

security settings

Summary #

By creating different roles and granting different Elasticsearch cluster permissions, and then assigning roles to users, we can quickly implement Grant different Elasticsearch cluster permissions to different users.

How to assign different Elasticsearch cluster access permissions to different INFINI Console accounts #

Introduction #

Prepare #

Creating a Role #

New platform role platform_role #

New data role es-v7171 #

New data role es-v630 #

Create Account #

New account zhangsan #

New account wangwu #

Login with administrator account #

Login with account zhangsan #

Login with account wangwu #

Summary #

New platform role `platform_role` #

New data role `es-v7171` #

New data role `es-v630` #

New account `zhangsan` #

New account `wangwu` #

Login with account `zhangsan` #

Login with account `wangwu` #