tyler.durden/icingaweb2
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2.git synced 2025-10-31 03:14:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
icingaweb2/modules/monitoring/doc/restrict-custom-variables.md
Eric Lippmann 01e169b756 doc: Remove curly brace expansion for custom var restriction 
refs #10965
2016-03-21 14:49:37 +01:00

78 lines
2.0 KiB
Markdown
Raw Blame History

# Restrict Access to Custom Variables (WIP)
* Restriction name: monitoring/blacklist/properties
* Restriction value: Comma separated list of GLOB like filters
Imagine the following host custom variable structure.
```
host.vars.
|-- cmdb_name
|-- cmdb_id
|-- cmdb_location
|-- wiki_id
|-- passwords.
| |-- mysql_password
| |-- ldap_password
| `-- mongodb_password
|-- legacy.
| |-- cmdb_name
| |-- mysql_password
| `-- wiki_id
`-- backup.
`-- passwords.
|-- mysql_password
`-- ldap_password
```
`host.vars.cmdb_name`
Blacklists cmdb_name in the first level of the custom variable structure only.
`host.vars.legacy.cmdb_name` is not blacklisted.
`host.vars.cmdb_*`
All custom variables in the first level of the structure which begin with `cmdb_` become blacklisted.
Deeper custom variables are ignored. `host.vars.legacy.cmdb_name` is not blacklisted.
`host.vars.*id`
All custom variables in the first level of the structure which end with `id` become blacklisted.
Deeper custom variables are ignored. `host.vars.legacy.wiki_id` is not blacklisted.
`host.vars.*.mysql_password`
Matches all custom variables on the second level which are equal to `mysql_password`.
`host.vars.*.*password`
Matches all custom variables on the second level which end with `password`.
`host.vars.*.mysql_password,host.vars.*.ldap_password`
Matches all custorm variables on the second level which equal `mysql_password` or `ldap_password`.
`host.vars.**.*password`
Matches all custom variables on all levels which end with `password`.
Please note the two asterisks, `**`, here for crossing level boundaries. This syntax is used for matching the complete
custom variable structure.
If you want to restrict all custom variables that end with password for both hosts and services, you have to define
the following restriction.
`host.vars.**.*password,service.vars.**.*password`
## Escape Meta Characters
Use backslash to escape the meta characters
* *
* ,
`host.vars.\*fall`
Matches all custom variables in the first level which equal `*fall`.
Reference in New Issue View Git Blame Copy Permalink