Elasticsearch搭建好以后,我需要设置一个普通账户test,对所有叫test开头的索引有操作权限。
查看所有权限:
curl -XGET -u elastic:elastic123 http://127.0.0.1:9200/_xpack/security/role/
新建ROLES
curl -XPOST -H 'Content-type: application/json' -u elastic:elastic123 'http://127.0.0.1:9200/_xpack/security/role/test?pretty' -d '{ "cluster":["all"], "indices":[ { "names":["test-*"], "privileges":["all"] } ] }'
查看新的ROLES
curl -XGET -H 'Content-type: application/json' -u elastic:elastic123 'http://127.0.0.1:9200/_xpack/security/role/test?pretty'
新建用户并绑定ROLES
curl -XPOST -H 'Content-type: application/json' -u elastic:elastic123 'http://127.0.0.1:9200/_xpack/security/user/test?pretty' -d '{ "password":"Test123", "full_name":"testuser", "roles":["test"] }'
查看用户详情
curl -XGET -u elastic:elastic123 http://127.0.0.1:9200/_xpack/security/user/
用新建的test账户去创建索引
curl -X PUT -u test:Test123 "http://127.0.0.1:9200/test-2025-02-06" -H 'Content-Type: application/json' -d' { "mappings": { "properties": { "name": { "type": "text" }, "age": { "type": "integer" }, "date_of_birth": { "type": "date" } } } }'
用当前用户查看索引
curl -X GET -u test:Test123 'http://127.0.0.1:9200/_cat/indices?pretty'
删除刚才创建的索引
curl -X DELETE -u test:Test123 "http://127.0.0.1:9200/test-2025-02-06"