Configuring row-level access control
Enable row-level access control (RLAC) in LCM for DSE clusters that have tables with row-level permissions required for user access.
Row-level access control (RLAC) enforces an organization's authorization policies to data within a table by matching a filter, such as a user or company name, applied to a text-based partition key. RLAC provides more granular security for tables so that only authorized users are able to view or modify subsets of the data. The RLAC feature is useful for multi-tenant applications.
Procedure
What's next
- Go to the Clusters workspace in Lifecycle Manager and select the config profile to apply at the cluster, datacenter, or node level. Nodes can inherit config profile settings from the cluster or datacenter levels, or have settings at the node level that take precedence.
- Run a configuration job to push the configuration to all of the applicable nodes.
- Restrict the applicable tables rows and grant permissions to the applicable role names using GRANT or REVOKE statements as required for your environment. For details, see Setting row-level permissions in the DSE Administrator documentation.
- Log in as each user role and run queries to confirm that results represent your defined access permissions. See an example.