GemFire’s role-based authorization verifies that an authenticated user has the correct permissions for requested operations.

Resource Permissions

See the GemFire section on Implementing Authorization for definitions of permission levels within GemFire.

In addition to the existing permission levels, there is a finer-grained target of GPDB defined for CLUSTER operations.

This table specifies the permissions required to run these connector-specific gfsh commands.

gfsh Command Assigned ResourcePermission
cancel gpdb operations CLUSTER:MANAGE:GPDB
configure gpfdist-protocol CLUSTER:MANAGE:GPDB
create gpdb-mapping CLUSTER:MANAGE:GPDB
describe gpdb-mapping CLUSTER:READ:GPDB
describe gpfdist-protocol CLUSTER:READ:GPDB
destroy gpdb-mapping CLUSTER:MANAGE:GPDB
export gpdb DATA:READ:regionName
import gpdb DATA:WRITE:regionName
list gpdb operations CLUSTER:READ:GPDB
list gpdb-mapping CLUSTER:READ:GPDB

This table specifies permissions required to execute these methods.

method Assigned ResourcePermission
GpdbService.cancelOperation() CLUSTER:MANAGE:GPDB
GpdbService.exportRegion() DATA:READ:regionName
GpdbService.importRegion() DATA:WRITE:regionName
check-circle-line exclamation-circle-line close-line
Scroll to top icon