You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ambari.apache.org by "Robert Levas (JIRA)" <ji...@apache.org> on 2018/08/29 17:28:00 UTC

[jira] [Created] (AMBARI-24562) Protect the ClusterConfig resource so that only authorized users may have read-only access the data

Robert Levas created AMBARI-24562:
-------------------------------------

             Summary: Protect the ClusterConfig resource so that only authorized users may have read-only access the data
                 Key: AMBARI-24562
                 URL: https://issues.apache.org/jira/browse/AMBARI-24562
             Project: Ambari
          Issue Type: Bug
          Components: ambari-server
    Affects Versions: 2.4.0
            Reporter: Robert Levas
            Assignee: Robert Levas
             Fix For: 2.7.2


Protect the ClientConfig resource so that only authorized users may have read-only access the data.

Users with the following permission should have read-only access:
* {{CLUSTER.VIEW_CONFIGS}}
* {{SERVICE.VIEW_CONFIGS}}
* {{HOST.VIEW_CONFIGS}}

These permissions should be allow for the following roles:
* {{AMBARI.ADMINISTRATOR}}
* {{CLUSTER.ADMINISTRATOR}}
* {{CLUSTER.OPERATOR}}
* {{SERVICE.ADMINISTRATOR}}
* {{SERVICE.OPERATOR}}
* {{CLUSTER.USER}}

Users with no role related to the cluster may not view the data.




--
This message was sent by Atlassian JIRA
(v7.6.3#76005)