Database users
How to create and work with users.
User-based access control enables authorization management on a per-user basis.
Note: Creating users is supported for backwards compatibility.
Authentication and authorization are based on roles,
and role-based commands should be used.
Procedure
-
Create a user with a password.
IF NOT EXISTS
is included to ensure a previous user definition is not overwritten.cqlsh> CREATE USER IF NOT EXISTS sandy WITH PASSWORD 'Ride2Win@' NOSUPERUSER;
-
Create a user with
SUPERUSER
privileges.SUPERUSER
grants the ability to create users and roles unconditionally.cqlsh> CREATE USER chuck WITH PASSWORD 'Always1st$' SUPERUSER;
Note:WITH PASSWORD
implicitly specifiesLOGIN
. -
Alter a user to change options. A role with
SUPERUSER
status can alter theSUPERUSER
status of another user, but not the user currently held. To modify properties of a user, the user must have permission.cqlsh> ALTER USER sandy SUPERUSER;
-
List the users.
cqlsh> LIST USERS;
-
Drop user that is not a current user. User must be a
SUPERUSER
.DROP USER IF EXISTS chuck;