Just to add, nobody should be able to read and write into our Cassandra database through any API or any CQL client as well only our team should be able to do that.
On Fri, Apr 4, 2014 at 11:29 PM, Check Peck <firstname.lastname@example.org> wrote:In our case, we would like to secure database itself. Is this possible to do as well anyhow?Thanks Mark. But what about Cassandra database? I don't want anybody to read and write into our Cassandra database through any API only just our team should be able to do that.We are using CQL based tables so data doesn't get shown on the OPSCENTER.
On Fri, Apr 4, 2014 at 11:24 PM, Mark Reddy <email@example.com> wrote:
Hi,If you want to just secure OpsCenter itself take a look here: http://www.datastax.com/documentation/opscenter/4.1/opsc/configure/opscAssigningAccessRoles_t.htmlIf you want to enable internal authentication and still allow OpsCenter access, you can create an OpsCenter user and once you have auth turned within the cluster update the cluster config with the user name and password for the OpsCenter user.Depending on your installation type you will find the cluster config in one of the following locations:Packaged installs: /etc/opscenter/clusters/<cluster_specific>.confBinary installs: <install_location>/conf/clusters/<cluster_specific>.confWindows installs: Program Files (x86)\DataStax Community\opscenter\conf\clusters\<cluster_specific>.conf
Open the file and update the username and password values under the [cassandra] section:[cassandra]username =seed_hosts =api_port =password =After changing properties in this file, restart OpsCenter for the changes to take effect.MarkOn Sat, Apr 5, 2014 at 6:54 AM, Check Peck <firstname.lastname@example.org> wrote:Hi All,
We would like to secure our Cassandra database. We don’t want anybody to read/write on our Cassandra database leaving our team members only.
We are using Cassandra 1.2.9 in Production and we have 36 node Cassandra cluster. 12 in each colo as we have three datacenters.
But we would like to have OPSCENTER working as it is working currently.
Is this possible to do anyhow? Is there any settings in yaml file which we can enforce?