今日天气:

Elasticsearch 普通账户及权限设置

Elasticsearch 老子黑牵翻 413浏览 0评论

Elasticsearch搭建好以后,我需要设置一个普通账户test,对所有叫test开头的索引有操作权限。
查看所有权限:

curl -XGET -u elastic:elastic123 http://127.0.0.1:9200/_xpack/security/role/

新建ROLES

curl -XPOST -H 'Content-type: application/json' -u elastic:elastic123 'http://127.0.0.1:9200/_xpack/security/role/test?pretty' -d '{
"cluster":["all"],
"indices":[
 {
  "names":["test-*"],
  "privileges":["all"]
 }
]
}'

查看新的ROLES

curl -XGET -H 'Content-type: application/json' -u elastic:elastic123 'http://127.0.0.1:9200/_xpack/security/role/test?pretty'

新建用户并绑定ROLES

curl -XPOST -H 'Content-type: application/json' -u elastic:elastic123 'http://127.0.0.1:9200/_xpack/security/user/test?pretty' -d '{
"password":"Test123",
"full_name":"testuser",
"roles":["test"]
}'

查看用户详情

curl -XGET -u elastic:elastic123 http://127.0.0.1:9200/_xpack/security/user/

用新建的test账户去创建索引

curl -X PUT -u test:Test123 "http://127.0.0.1:9200/test-2025-02-06" -H 'Content-Type: application/json' -d'
{
  "mappings": {
    "properties": {
      "name": {
        "type": "text"
      },
      "age": {
        "type": "integer"
      },
      "date_of_birth": {
        "type": "date"
      }
    }
  }
}'

用当前用户查看索引

curl -X GET -u test:Test123 'http://127.0.0.1:9200/_cat/indices?pretty'

删除刚才创建的索引

curl -X DELETE -u test:Test123 "http://127.0.0.1:9200/test-2025-02-06"

转载请注明:LINUX服务器运维架构技术分享 » Elasticsearch 普通账户及权限设置

发表我的评论
取消评论

表情

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址