Bright Cluster Manager takes away the complexity of managing Linux clusters. One such example is how using Bright's intuitve CMGUI you can easily provide read-only access to the cluster. This article shows how to create an x509 certificate based on the read-only authorization profile in five fast and easy steps.

Let's get started.

First, Take a look at the "Authorization" resource in the resource tree. Bright comes with a number of authorization profiles including a "Read Only" profile. Each of the check boxes within a profile corresponds to one Bright API call. Note that the Read Only profile has very few of them checked. A user authenticating with a certificate based on this profile will be authorized to see everything, but they won't be able to change anything.

Next, select the "Authentication" resource. You're going to create a new security x509 certificate based on the Read Only authorization profile. Press the "Add" button to open the "Add Certificate" dialog box. Fill in the form as shown below. Note that you'll need to have already created the underlying user account (in this case "rstober"). Press the "Add" button on the dialog box to add the certificate.

Then, specify the path to the certificate file and provide the password. Bright will generate the certificate with the name and path you specify.

Press the "Save" button.

The x509 certificate has been created and saved.

The last step is to provide the newly-created certificate to the user. He/she can now create a connection profile using it.

We're done.