Today, I'll show you how to OpenResty Edge Configure and manage the access permissions of different management accounts to DNS applications in the Admin Web Console of.

Enter first OpenResty Edge Admin Web Console for. This is a sample deployment of our console. Each user has its own local deployment.

View DNS page permissions as superuser

First, let's go to the DNS page. We are currently logged in as a super user, so we can see the page with all permissions.

Search sample application, test-dns.com

Click to enter.

As a super user, I have write permission. So I can add DNS records.

Or edit or delete an existing record.

In addition to DNS records, I can also edit domain name servers

Or control the user group with this DNS application permission.

We will introduce the details of these functions in another tutorial.

Create a user group with only read permissions for this DNS application

Next, let's create an example user group with only the read permission of this DNS application. And put an ordinary user into this group. Note that by default, normal users cannot use the DNS function.

Enter the "Users and User Groups" page first.

Then enter the "User Groups" page.

This is a list of some user groups that are being used in our sample deployment. We have another tutorial on user group related functions.

Click here to create a new user group.

Let's name the new user group test dns access.

The user group has been created.

Here is a list of permission details, showing the permissions of each page or part.

We can see that the user group cannot use DNS and DNS record pages by default.

So we need edit permission and give read permission.

Check this box to enable read permission.

preservation.

Also grant read permissions to DNS records.

Check this box to enable the read permission of DNS records.

Save again.

User groups have been configured. Next, enter our sample DNS application and grant permissions to this user group.

Search for apps again.

Enter the application.

Click the User Groups tab.

Select the "test dns access" group and assign permissions to the user group.

preservation.

Create a test account

Next, we enter the user page, create a test account, and put it under the test dns access user group. This test account will be able to see our sample DNS application, but only have read permission.

Click this button to add a new user.

We name it "jeff tester".

Input password.

Enter the password again to confirm.

Then select "test dns access" as the user's group.

Save it.

Test user has been created.

Next, let's switch the login account.

Exit the current account.

Log in with the user name and password we just set.

Enter the user name.

Input password.

Sign in.

Well, we are now logged in as ordinary users. We can see the prompt that ordinary users do not have permission to view user and user group pages, which is in line with expectations.

View the permissions granted by the DNS application page

Let's go to the DNS page.

Here, we see that the test user can only see the DNS applications that can be seen by the user group to which he belongs. On this page, the buttons for adding, editing, and deleting DNS applications are hidden.

If we enter the DNS application.

We can see that the test user can only read relevant information. Test users cannot add, edit, or delete DNS records. There are no buttons available.

We enter the "authoritative server" tab,

You can see that all configurations are read-only.

About OpenResty Edge

OpenResty Edge It is a fully functional gateway software that we independently developed and is most suitable for microservices and distributed traffic. It provides various functions such as page rules, Web Application Firewall (WAF), load balancing, etc.

If you like this tutorial, please subscribe to this blog site and our YouTube Channel or Station B channel 。 thank you!

About the author

Zhang Yichun is open source OpenResty ^® Project founder and OpenResty Inc. CEO and founder of the company.

Zhang Yichun (Github ID: agentzh) was born in Jiangsu, China, and now lives in the U.S. Bay Area. He was an advocate and leader of China's early open source technology and culture, and once worked for many internationally renowned high-tech enterprises, such as Cloudflare Yahoo, Alibaba, the pioneer of "edge computing", "dynamic tracking" and "machine programming", has more than 22 years of programming and 16 years of open source experience. As the leader of open source projects with more than 40 million global domain name users, he OpenResty ^® High tech enterprises created by open source projects OpenResty Inc. It is located in the center of Silicon Valley in the United States. Its two main products OpenResty XRay (Utilize Dynamic tracking Technology) and OpenResty Edge (The all-purpose gateway software most suitable for microservices and distributed traffic), widely favored by many listed and large enterprises worldwide. Besides OpenResty, Zhang Yichun has contributed more than one million lines of code to many open source projects, including Linux kernel, Nginx LuaJIT 、 GDB 、 SystemTap 、 LLVM , Perl, etc., and has written more than 60 open source software libraries.

Follow us

If you like this article, please follow us OpenResty Inc. Corporate Blog Site 。 You are also welcome to scan our WeChat official account:

translate

We provide English version Original text and Chinese translation (this article). We also welcome readers to provide translations in other languages. As long as the full text translation is not omitted, we will consider using it. Thank you very much!