Create database permissions

Hyper-Converged Database (HCD) uses CQL to manage permissions for users and applications. You can create permissions for users and applications using the GRANT statement. The GRANT statement assigns permissions to a user or role on a resource. The REVOKE statement removes permissions from a user or role on a resource.

The security quickstart in the CQL documentation provides a good starting point for creating roles and setting permissions.

The following example demonstrates how to create a role and grant permissions to the role:

CREATE ROLE IF NOT EXISTS ROLE_NAME WITH PASSWORD = 'PASSWORD' AND LOGIN = true;
GRANT SELECT ON cycling.comments_vs TO ROLE_NAME;

Replace the following:

  • ROLE_NAME: The name of your role

  • PASSWORD: The password for the role

and to revoke permissions:

REVOKE SELECT ON cycling.comments_vs FROM ROLE_NAME;

Replace ROLE_NAME with the name of your role.

Was this helpful?

Give Feedback

How can we improve the documentation?

© 2024 DataStax | Privacy policy | Terms of use

Apache, Apache Cassandra, Cassandra, Apache Tomcat, Tomcat, Apache Lucene, Apache Solr, Apache Hadoop, Hadoop, Apache Pulsar, Pulsar, Apache Spark, Spark, Apache TinkerPop, TinkerPop, Apache Kafka and Kafka are either registered trademarks or trademarks of the Apache Software Foundation or its subsidiaries in Canada, the United States and/or other countries. Kubernetes is the registered trademark of the Linux Foundation.

General Inquiries: +1 (650) 389-6000, info@datastax.com