etcd v3用户权限操作

liao__ran2024-01-20 15:52
增加root用户
复制代码 
/data/etcd/etcd/etcdctl --endpoints http://192.168.73.222:9002,http://192.168.73.222:9004,http://192.168.73.222:9006 user add root
创建用户:RootRead,RootWrite,RootReadWrite
复制代码 
/data/etcd/etcd/etcdctl --endpoints http://192.168.73.222:9002,http://192.168.73.222:9004,http://192.168.73.222:9006 user add RootRead
/data/etcd/etcd/etcdctl --endpoints http://192.168.73.222:9002,http://192.168.73.222:9004,http://192.168.73.222:9006 user add RootWrite
/data/etcd/etcd/etcdctl --endpoints http://192.168.73.222:9002,http://192.168.73.222:9004,http://192.168.73.222:9006 user add RootReadWrite
创建角色:KeyRead,KeyWrite,KeyReadWrite
复制代码 
/data/etcd/etcd/etcdctl --endpoints http://192.168.73.222:9002,http://192.168.73.222:9004,http://192.168.73.222:9006 role add KeyRead
/data/etcd/etcd/etcdctl --endpoints http://192.168.73.222:9002,http://192.168.73.222:9004,http://192.168.73.222:9006 role add KeyWrite
/data/etcd/etcd/etcdctl --endpoints http://192.168.73.222:9002,http://192.168.73.222:9004,http://192.168.73.222:9006 role add KeyReadWrite
给角色赋权
复制代码 
/data/etcd/etcd/etcdctl --endpoints http://192.168.73.222:9002,http://192.168.73.222:9004,http://192.168.73.222:9006 role grant-permission KeyRead read /var
/data/etcd/etcd/etcdctl --endpoints http://192.168.73.222:9002,http://192.168.73.222:9004,http://192.168.73.222:9006 role grant-permission KeyWrite write /var
/data/etcd/etcd/etcdctl --endpoints http://192.168.73.222:9002,http://192.168.73.222:9004,http://192.168.73.222:9006 role grant-permission KeyReadWrite readwrite /var
赋于用户权限
复制代码 
/data/etcd/etcd/etcdctl --endpoints http://192.168.73.222:9002,http://192.168.73.222:9004,http://192.168.73.222:9006 user grant-role RootRead KeyRead
/data/etcd/etcd/etcdctl --endpoints http://192.168.73.222:9002,http://192.168.73.222:9004,http://192.168.73.222:9006 user grant-role RootWrite KeyWrite
/data/etcd/etcd/etcdctl --endpoints http://192.168.73.222:9002,http://192.168.73.222:9004,http://192.168.73.222:9006 user grant-role RootReadWrite KeyReadWrite
开启身份验证:
复制代码 
/data/etcd/etcd/etcdctl --user='root' --password='123456' --endpoints http://192.168.73.222:9002,http://192.168.73.222:9004,http://192.168.73.222:9006 auth enable
查看KeyRead最新的权限信息
复制代码 
/data/etcd/etcd/etcdctl --user='root' --password='123456' --endpoints http://192.168.73.222:9002,http://192.168.73.222:9004,http://192.168.73.222:9006 role get KeyRead
撤销权限
复制代码 
/data/etcd/etcd/etcdctl  --user='root' --password='123456' --endpoints http://192.168.73.222:9002,http://192.168.73.222:9004,http://192.168.73.222:9006 user revoke-role RootRead KeyRead
查看用户
/data/etcd/etcd/etcdctl --user='root' --password='123456' --endpoints http://192.168.73.222:9002,http://192.168.73.222:9004,http://192.168.73.222:9006 user list
收回 KeyReadWrite 角色对 /* 目录的读写操作
复制代码 
/data/etcd/etcd/etcdctl --user='root' --password='123456' --endpoints http://192.168.73.222:9002,http://192.168.73.222:9004,http://192.168.73.222:9006 role revoke-permission  KeyReadWrite  /*
查看角色访问权限:
复制代码 
/data/etcd/etcd/etcdctl  --user='root' --password='123456'  --endpoints http://192.168.73.222:9002,http://192.168.73.222:9004,http://192.168.73.222:9006 role get KeyWrite
删除角色 :
复制代码 
/data/etcd/etcd/etcdctl --user='root' --password='123456' --endpoints http://192.168.73.222:9002,http://192.168.73.222:9004,http://192.168.73.222:9006 role delete  KeyRead
修改用户密码:
复制代码 
/data/etcd/etcd/etcdctl --user='root' --password='123456' --endpoints http://192.168.73.222:9002,http://192.168.73.222:9004,http://192.168.73.222:9006 user passwd RootWrite
查看角色
复制代码 
/data/etcd/etcd/etcdctl  --user='root' --password='123456' --endpoints http://192.168.73.222:9002,http://192.168.73.222:9004,http://192.168.73.222:9006 role list
带权限的操作
复制代码 
/data/etcd/etcd/etcdctl  --user='root' --password='123456' --endpoints --username user2:passwod http://192.168.73.222:9002,http://192.168.73.222:9004,http://192.168.73.222:9006  get foo bar
/data/etcd/etcd/etcdctl --user='root' --password='123456'  --endpoints http://192.168.73.222:9002,http://192.168.73.222:9004,http://192.168.73.222:9006 put /bar  bar
/data/etcd/etcd/etcdctl --user='root' --password='123456'  --endpoints http://192.168.73.222:9002,http://192.168.73.222:9004,http://192.168.73.222:9006 get  bar
相关推荐
行星00810 分钟前
PostgreSQL大表创建分区实战
数据库·postgresql
isNotNullX27 分钟前
什么是数据分析?常见方法全解析
大数据·数据库·数据仓库·人工智能·数据分析
唐可盐43 分钟前
第六章 SQL编程系列-Gbase8a从入门到进阶
数据库·sql·gbase8a
旷世奇才李先生1 小时前
SQLite 安装使用教程
数据库·sqlite
码小跳1 小时前
软件无法连接MySql数据库
数据库·mysql
晋阳十二夜7 小时前
【压力测试之_Jmeter链接Oracle数据库链接】
数据库·oracle·压力测试
EasyCVR9 小时前
SQLite不够用?视频汇聚系统EasyCVR切换MySQL数据库的关键参数怎么调?
数据库·mysql·sqlite
GDAL9 小时前
Node.js v22.5+ 官方 SQLite 模块全解析:从入门到实战
数据库·sqlite·node.js
DCTANT10 小时前
【原创】国产化适配-全量迁移MySQL数据到OpenGauss数据库
java·数据库·spring boot·mysql·opengauss
AI、少年郎12 小时前
Oracle 进阶语法实战:从多维分析到数据清洗的深度应用(第四课)
数据库·oracle
热门推荐
01手机电脑之间快速传输图片视频文件,不压缩画质、不限制大小的方法!02Coze实战第13讲:飞书多维表格读取+豆包生图模型,轻松批量生成短剧封面03Coze扣子平台完整体验和实践(附国内和国际版对比)04华为昇腾 910B 部署 DeepSeek-R1 蒸馏系列模型详细指南05免费可用!最强AI数字人对口型神器:让照片开口说话唱歌,支持多人对口型+全身动作,1分钟学会!(附保姆级教程)06扣子(coze)实战|我用扣子搭建了一个自动分析小红薯笔记内容的AI应用|详细步骤拆解07Coze平台 创建AI智能体的详细步骤指南08C#调用WechatOCR.exe实现本地OCR文字识别09DeepSeek各版本说明与优缺点分析102024年 最新 iPhone手机 历代机型、屏幕尺寸、纵横比、分辨率 整理