Create database permissions
Hyper-Converged Database (HCD) uses CQL to manage permissions for users and applications.
You can create permissions for users and applications using the GRANT
statement. The GRANT
statement assigns permissions to a user or role on a resource.
The REVOKE
statement removes permissions from a user or role on a resource.
The security quickstart in the CQL documentation provides a good starting point for creating roles and setting permissions.
The following example demonstrates how to create a role and grant permissions to the role:
CREATE ROLE IF NOT EXISTS ROLE_NAME WITH PASSWORD = 'PASSWORD' AND LOGIN = true;
GRANT SELECT ON cycling.comments_vs TO ROLE_NAME;
Replace the following:
-
ROLE_NAME
: The name of your role -
PASSWORD
: The password for the role
and to revoke permissions:
REVOKE SELECT ON cycling.comments_vs FROM ROLE_NAME;
Replace ROLE_NAME
with the name of your role.