This is version 2.3 of the AWS Elemental Delta documentation. This is the latest version. For prior versions, see the Previous Versions section of AWS Elemental Delta Documentation.
Configuring User Authentication
User authentication with AWS Elemental Delta is intended to:
-
Allow managers to track activity on the cluster on a per-user basis.
-
To avoid accidental access to a node, create a unique username for each operator, and vary the usernames across the clusters. For example, varying usernames for each cluster ensures that a REST API operator with access to two clusters does not accidentally send a command to the wrong cluster.
Whether user authentication is enabled or not, we recommend that the cluster always be installed behind a customer firewall on a private network.
Scope of User Authentication
When user authentication is enabled, each user of AWS Elemental Delta must be set up with credentials in order to access the following.
-
The web interface: When the user goes to the web interface, a login page appears.
-
The REST API: Users of the REST API must include their individual API keys when entering REST commands. Use of the key is described in the introductory sections of the AWS Elemental Delta 2.3 API Guide.
User Roles
Assign a role to each user to indicate the level of permissions assigned. The following table describes what roles are needed for each action.
Action | Roles | |||
---|---|---|---|---|
Admin | Manager | Operator | Viewer | |
View | Yes | Yes | Yes | Yes |
Manage Input Filters | Yes | Yes v | Yes | No |
Manage Output Filters | Yes | No | Yes | No |
Manage Input Users | Yes | Yes | Yes | No |
Manage Content | Yes | Yes | Yes | No |
Manage Output Templates | Yes | Yes | Yes | No |
Manage Alerts | Yes | Yes | Yes | No |
Manage Messages | Yes | Yes | Yes | No |
Manage Logs | Yes | Yes | Yes | No |
Manage System Settings | Yes | Yes | Yes | No |
Manage User Profile | Yes | Yes | Yes | No |
Manage Nodes | Yes | Yes | Yes | No |
Manage Users | Yes | No | No | No |