You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ambari.apache.org by "Robert Levas (JIRA)" <ji...@apache.org> on 2018/08/29 17:28:00 UTC
[jira] [Created] (AMBARI-24562) Protect the ClusterConfig resource
so that only authorized users may have read-only access the data
Robert Levas created AMBARI-24562:
-------------------------------------
Summary: Protect the ClusterConfig resource so that only authorized users may have read-only access the data
Key: AMBARI-24562
URL: https://issues.apache.org/jira/browse/AMBARI-24562
Project: Ambari
Issue Type: Bug
Components: ambari-server
Affects Versions: 2.4.0
Reporter: Robert Levas
Assignee: Robert Levas
Fix For: 2.7.2
Protect the ClientConfig resource so that only authorized users may have read-only access the data.
Users with the following permission should have read-only access:
* {{CLUSTER.VIEW_CONFIGS}}
* {{SERVICE.VIEW_CONFIGS}}
* {{HOST.VIEW_CONFIGS}}
These permissions should be allow for the following roles:
* {{AMBARI.ADMINISTRATOR}}
* {{CLUSTER.ADMINISTRATOR}}
* {{CLUSTER.OPERATOR}}
* {{SERVICE.ADMINISTRATOR}}
* {{SERVICE.OPERATOR}}
* {{CLUSTER.USER}}
Users with no role related to the cluster may not view the data.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)