[jira] [Created] (AMBARI-24562) Protect the ClusterConfig resource so that only authorized users may have read-only access the data

Robert Levas (JIRA) Wed, 29 Aug 2018 10:28:20 -0700

Robert Levas created AMBARI-24562:
-------------------------------------

             Summary: Protect the ClusterConfig resource so that only 
authorized users may have read-only access the data
                 Key: AMBARI-24562
                 URL: https://issues.apache.org/jira/browse/AMBARI-24562
             Project: Ambari
          Issue Type: Bug
          Components: ambari-server
    Affects Versions: 2.4.0
            Reporter: Robert Levas
            Assignee: Robert Levas
             Fix For: 2.7.2



Protect the ClientConfig resource so that only authorized users may have 
read-only access the data.

Users with the following permission should have read-only access:
* {{CLUSTER.VIEW_CONFIGS}}
* {{SERVICE.VIEW_CONFIGS}}
* {{HOST.VIEW_CONFIGS}}

These permissions should be allow for the following roles:
* {{AMBARI.ADMINISTRATOR}}
* {{CLUSTER.ADMINISTRATOR}}
* {{CLUSTER.OPERATOR}}
* {{SERVICE.ADMINISTRATOR}}
* {{SERVICE.OPERATOR}}
* {{CLUSTER.USER}}

Users with no role related to the cluster may not view the data.




--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Created] (AMBARI-24562) Protect the ClusterConfig resource so that only authorized users may have read-only access the data

Reply via email to