API Authentication Whitelist Configuration
Scenario
This section describes how to configure the whitelist for Elasticsearch in security mode. If an API is configured in the whitelist, the server authenticates the user based on the permission of the elasticsearch user group by default. This parameter is not involved in normal mode.
The interface authentication whitelist takes effect only in user- and role-based authentication mode.
Impact on the System
The instance configured with the whitelist needs to be restarted. During the restart, the instance cannot provide services.
Prerequisites
Elasticsearch has been installed in the cluster.
Parameter Configuration
Perform the following operations to configure parameters for user-defined authentication:
- Log in to Manager, choose Cluster > Name of the desired cluster > Services > Elasticsearch > Configurations > All Configurations > Elasticsearch > Self-Definition.
- Change the value of elasticsearch.customized.configs and add customized parameters.
For details about user-defined parameters and their values, see Table 1.
Table 1 Parameter description Parameter
Parameter Value Format
Description
customized.authorize.pattern2implementClassName.mapping
_api1,_api2
This configuration mode is a whitelist mode. That is, add the requests whose URIs start with _api1 and _api2 to the whitelist. If the user who sends the request is in the Elasticsearch user group or administrator user group, the authentication is successful.
If there are multiple APIs, separate them with commas (,).
Only users in the Elasticsearch group or a higher-level group can use APIs in the whitelist. The operation permission must be verified.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
