英文:
Disable write permission for etcd key?
问题
我使用 etcdctl put /my/branch/1 value123 来插入值到 /my/branch/1。我想要使用 etcdctl 移除对 /my/branch/1 键的写入访问权限,我应该如何做?
似乎 role grant-permission 或 revoke-permission 不起作用,所以我仍然可以向该键添加值。
英文:
I use etcdctl put /my/branch/1 value123 to insert value into /my/branch/1. I want to remove write access for that /my/branch/1 key using etcdctl, how can I do that?
Seems that role grant-permission or revoke-permission doesn't work, so I can still add values into that key.
答案1
得分: 1
查看我在你最新关于etcd和权限的问题上的回答。你必须有两种类型的客户端:a) 主TLS证书 b) 其他TLS证书
对于主TLS证书,你需要执行 grant-role root master,这样你就有了可以控制etcd的主客户端,而所有其他客户端将按照你的要求拥有受限访问权限。
英文:
See my answer on your latest question about etcd and permissions. You have to have two type of clients: a) master TLS cert b) other TLS certs
To master you grant-role root master and therefore you have master client that can control etcd, whereas all other clients would have restricted access as you wish
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论