Page History

...

5. Operations and their corresponding GeodePermission

Below are the list of operations with their corresponding GeodePermission:

Client-Server Operations

destroy(key)WRITE:keyput, valueWRITEexecuteRegionFunction.getAllREADregion.getEntryREADregisterInterestREAD:keyregion.registerInterestRegexREADregion.registerInterestListREADremoveAllunRegisterInterestREADunRegisterInterestRegexREADunRegisterInterestListREAD

Client Operations	Required GeodePermission
get function attribute	CLUSTER:READ
create region	DATA:MANAGE
destroy region	DATA:MANAGE
get keysetregion.containsKeyOnServer(key)	DATA:READ:regionName
query	DATA:READ:regionName:key
region.	getAll	DATA:	READ:regionName
region.invalidate(keygetEntry	DATA:READ:regionName
getAll (list of keys)	DATA:WRITEREAD:regionName:key
region.	containsKeyOnServer(key	)	DATA:	READ:regionName:key
region.get(key)	DATA:READ:regionName:key
region.replace
region.putIfAbsent
createRegion	DATA:MANAGE
destroyRegion	DATA:MANAGE
executeFunction	DATA:WRITE
registerInterest	DATA:READ:regionName:key if key is specified, otherwise DATA:READ:regionName
unregister interest	DATA:READ:regionName:key if key is specified, otherwise DATA:READ:regionName
execute function		DATA:WRITE
clear region		DATA:	WRITE:regionName
putAll	DATA:	WRITE:regionName
region.clear	DATA:WRITE:regionName
region.	removeAll	DATA:	WRITE:regionName
destroy key	DATA:	WRITE:regionName	:key
invalidate key		DATA:	WRITE:regionName:key
region.	destroy(key)	DATA:WRITE:regionName:key
region.	invalidate(key)	DATA:	WRITE:regionName:key
region.	put(key, value)	DATA:	WRITE:regionName:key
region.	replace	DATA:	WRITE:regionName
query	DATA:READ:regionName

Pulse

Pulse access is divided into two main categories, namely access to the Data Browser page and everything else.

The Data Browser page requires the permissions CLUSTER:READ and DATA:READ. Access to all other pages requires only CLUSTER:READ permission.

GFSH and JMX

Following are lists for gfsh commands, (highlighted in green), and JMX operations with their corresponding permissions. Permissions appear as Resource:OperationCode tuples.

Entries with a green background are gfsh commands; the others are JMX operations.

:key

GFSH Commands

Permission

Commands	Required GeodePermission	Cluster MANAGEment Operations
alter runtime	CLUSTER:MANAGE
gc	CLUSTER:MANAGE
shutdown	CLUSTER:MANAGE
startManager	CLUSTER:MANAGE
stop locator --name=locator1	CLUSTER:MANAGE
stop server --name=server1	CLUSTER:MANAGE	DistributedSystemMXBean.shutdownAllMembers	CLUSTER:MANAGEManagerMXBean.start	CLUSTER:MANAGE
ManagerMXBean.stop	CLUSTER:MANAGE
MemberMXBean.createManager())	CLUSTER:MANAGE
MemberMXBean.shutDownMember	CLUSTER:MANAGE
Cluster READ Operations	Permission
countDurableCqEvents	CLUSTER:READ
describe client --clientID=172.16.196.144	CLUSTER:READ
describe config --member=Member1	CLUSTER:READ
describe disk-store --name=foo --member=baz	CLUSTER:READ
describe member --name=server1	CLUSTER:READ
describe offline-disk-store --name=foo --disk-dirs=bar	CLUSTER:READ
describe region --name=value	CLUSTER:READ
export cluster-configuration --zip-file-name=mySharedConfig.zip	CLUSTER:READ
export config --member=member1	CLUSTER:READ
export logs --dir=data/logs	CLUSTER:READ
export stack-traces --file=stack.txt	CLUSTER:READ
exportLogs	CLUSTER:READ
exportStackTrace	CLUSTER:READ
list async-event-queues	CLUSTER:READ
list clients	CLUSTER:READ
list deployed	CLUSTER:READ
list disk-stores	CLUSTER:READ
list durable-cqs --durable-client-id=client1	CLUSTER:READ
list functions	CLUSTER:READ
list gateways	CLUSTER:READ
list indexes	CLUSTER:READ
list members	CLUSTER:READ
list regions	CLUSTER:READ
netstat --member=server1	CLUSTER:READ
show dead-locks --file=deadlocks.txt	CLUSTER:READ
show log --member=locator1 --lines=5	CLUSTER:READ
show metrics	CLUSTER:READ
show missing-disk-stores	CLUSTER:READ
show subscription-queue-size --durable-client-id=client1	CLUSTER:READ
showLog	CLUSTER:READ
status cluster-config-service	CLUSTER:READ
status gateway-receiver	CLUSTER:READ
status gateway-sender	CLUSTER:READ
Mbeans get attributes	CLUSTER:READ
MemberMXBean.showLog	CLUSTER:READ
Cluster WRITE Operations	Permission
change loglevel --loglevel=severe --member=server1	CLUSTER:WRITE
DistributedSystemMXBean.changeAlertLevel	CLUSTER:WRITE
ManagerMXBean.setPulseURL	CLUSTER:WRITE
ManagerMXBean.setStatusMessage	CLUSTER:WRITE
Data MANAGE Operations	Permission
alter disk-store --name=foo --region=xyz --disk-dirs=bar	DATA:MANAGE
alter region --name=region1 --eviction-max=5000	DATA:MANAGE:REGIONNAME
clear defined indexes	DATA:MANAGE
close durable-client --durable-client-id=client1	DATA:MANAGE
close durable-cq --durable-client-id=client1 --durable-cq-name=cq1	DATA:MANAGE
compact disk-store --name=foo	DATA:MANAGE
compact offline-disk-store --name=foo --disk-dirs=bar	DATA:MANAGE
configure pdx --read-serialized=true	DATA:MANAGE
create async-event-queue --id=myAEQ --listener=myApp.myListener	DATA:MANAGE
create defined indexes	DATA:MANAGE
create disk-store --name=foo --dir=bar	DATA:MANAGE
create gateway-receiver	DATA:MANAGE
create gateway-sender --id=sender1 --remote-distributed-system-id=2	DATA:MANAGE
create index --name=myKeyIndex --expression=region1.Id --region=region1 --type=key	DATA:MANAGE:REGIONNAME
create region --name=region12	DATA:MANAGE
define index --name=myIndex1 --expression=exp1 --region=/exampleRegion	DATA:MANAGE:REGIONNAME
deploy --jar=group1_functions.jar --group=Group1	DATA:MANAGE
destroy disk-store --name=foo	DATA:MANAGE
destroy function --id=InterestCalculations	DATA:MANAGE
destroy index --member=server2	DATA:MANAGE:REGIONNAME
destroy region --name=value	DATA:MANAGE
import cluster-configuration --zip-file-name=value	DATA:MANAGE
load-balance gateway-sender --id=sender1	DATA:MANAGE
pause gateway-sender --id=sender1	DATA:MANAGE
pdx rename --old=com.gemstone --new=com.pivotal --disk-store=ds1 --disk-dirs=/diskDir1	DATA:MANAGE
rebalance --include-region=region1	DATA:MANAGE
remove --region=region1	DATA:MANAGE, if key is specified......
resume gateway-sender --id=sender1	DATA:MANAGE
revoke missing-disk-store --id=foo	DATA:MANAGE
start gateway-receiver	DATA:MANAGE
start gateway-sender --id=sender1	DATA:MANAGE
stop gateway-receiver	DATA:MANAGE
stop gateway-sender --id=sender1	DATA:MANAGE
undeploy --group=Group1	DATA:MANAGE
backup disk-store --dir=foo	DATA:READ
export data --region=region1 --file=foo.txt --member=value	DATA:READ:REGIONNAME
get --key=key1 --region=region1	DATA:READ:regionName:key
locateEntry	DATA:READ:regionName:key
query --query='SELECT * FROM /region1'	DATA:READ:REGIONNAME
execute function --id=InterestCalculations --group=Group1	DATA:WRITE
import data --region=region1 --file=foo.txt --member=value	DATA:WRITE:REGIONNAME
put --key=key1 --value=value1 --region=region1	DATA:WRITE:REGIONNAME:key

Pulse

Pulse access is divided into two main categories, namely access to the Data Browser page and everything else.

The Data Browser page requires the permissions CLUSTER:READ and DATA:READ. Access to all other pages requires only CLUSTER:READ permission.

JMX Operations

PermissionDATA:WRITE:REGIONNAME:key

Bean Operations	Permission
DistributedSystemMXBean.shutdownAllMembers	CLUSTER:MANAGE
ManagerMXBean.start	CLUSTER:MANAGE
ManagerMXBean.stop	CLUSTER:MANAGE
MemberMXBean.createManager())	CLUSTER:MANAGE
MemberMXBean.shutDownMember	CLUSTER:MANAGE
Mbeans get attributes	CLUSTER:READ
MemberMXBean.showLog	CLUSTER:READ
DistributedSystemMXBean.changeAlertLevel	CLUSTER:WRITE
ManagerMXBean.setPulseURL	CLUSTER:WRITE
ManagerMXBean.setStatusMessage	CLUSTER:WRITE
CacheServerMXBean.closeAllContinuousQuery	DATA:MANAGE
CacheServerMXBean.closeContinuousQuery	DATA:MANAGE
CacheServerMXBean.removeIndex("foo"))	DATA:MANAGE
CacheServerMXBean.stopContinuousQuery("bar"))	DATA:MANAGE
DiskStoreMXBean.flush())	DATA:MANAGE
DiskStoreMXBean.forceCompaction())	DATA:MANAGE
DiskStoreMXBean.forceRoll())	DATA:MANAGE
DiskStoreMXBean.setDiskUsageCriticalPercentage(0	DATA:MANAGE
DiskStoreMXBean.setDiskUsageWarningPercentage(0	DATA:MANAGE
DistributedSystemMXBean.revokeMissingDiskStores	DATA:MANAGE
DistributedSystemMXBean.setQueryCollectionsDepth	DATA:MANAGE
DistributedSystemMXBean.setQueryResultSetLimit	DATA:MANAGE
GatewayReceiverMXBean.pause())	DATA:MANAGE
GatewayReceiverMXBean.rebalance())	DATA:MANAGE
GatewayReceiverMXBean.resume())	DATA:MANAGE
GatewayReceiverMXBean.start	DATA:MANAGE
GatewayReceiverMXBean.stop	DATA:MANAGE
GatewaySenderMXBean.pause	DATA:MANAGE
GatewaySenderMXBean.rebalance	DATA:MANAGE
GatewaySenderMXBean.resume	DATA:MANAGE
GatewaySenderMXBean.start	DATA:MANAGE
GatewaySenderMXBean.stop	DATA:MANAGE
LockServiceMBean.becomeLockGrantor())	DATA:MANAGE
MemberMXBean.compactAllDiskStores	DATA:MANAGE	Data READ Operations
backup disk-store --dir=foo	DATA:READ
export data --region=region1 --file=foo.txt --member=value	DATA:READ:REGIONNAME
get --key=key1 --region=region1	DATA:READ:regionName:key
locateEntry	DATA:READ:regionName:key
query --query='SELECT * FROM /region1'	DATA:READ:REGIONNAME
CacheServerMXBean.executeContinuousQuery("bar"))	DATA:READ
DistributedSystemMXBean.backupAllMembers	DATA:READ
DistributedSystemMXBean.queryData	DATA:READ
DistributedSystemMXBean.queryDataForCompressedResult	DATA:READ
Data WRITE Operations	Permission
execute function --id=InterestCalculations --group=Group1	DATA:WRITE
import data --region=region1 --file=foo.txt --member=value	DATA:WRITE:REGIONNAME
put --key=key1 --value=value1 --region=region1

Content by Label

showLabels	false
max	5
spaces	GEODE
showSpace	false
sort	modified
reverse	true
type	page
cql	label in ("security","kb-how-to-article") and type = "page" and space = "GEODE"
labels	kb-how-to-article security

...

Space shortcuts

Page tree

Versions Compared

Old Version 16

New Version 17

Key