Configuring User Authentication - AWS Elemental Delta

This is version 2.3 of the AWS Elemental Delta documentation. This is the latest version. For prior versions, see the Previous Versions section of AWS Elemental Delta Documentation.

Configuring User Authentication

User authentication with AWS Elemental Delta is intended to:

  • Allow managers to track activity on the cluster on a per-user basis.

  • To avoid accidental access to a node, create a unique username for each operator, and vary the usernames across the clusters. For example, varying usernames for each cluster ensures that a REST API operator with access to two clusters does not accidentally send a command to the wrong cluster.

Whether user authentication is enabled or not, we recommend that the cluster always be installed behind a customer firewall on a private network.

Scope of User Authentication

When user authentication is enabled, each user of AWS Elemental Delta must be set up with credentials in order to access the following.

  • The web interface: When the user goes to the web interface, a login page appears.

  • The REST API: Users of the REST API must include their individual API keys when entering REST commands. Use of the key is described in the introductory sections of the AWS Elemental Delta 2.3 API Guide.

User Roles

Assign a role to each user to indicate the level of permissions assigned. The following table describes what roles are needed for each action.

Action Roles
Admin Manager Operator Viewer
View Yes Yes Yes Yes
Manage Input Filters Yes Yes v Yes No
Manage Output Filters Yes No Yes No
Manage Input Users Yes Yes Yes No
Manage Content Yes Yes Yes No
Manage Output Templates Yes Yes Yes No
Manage Alerts Yes Yes Yes No
Manage Messages Yes Yes Yes No
Manage Logs Yes Yes Yes No
Manage System Settings Yes Yes Yes No
Manage User Profile Yes Yes Yes No
Manage Nodes Yes Yes Yes No
Manage Users Yes No No No