RESTRICT a privilege on a resource to deny access to user with the role.
The user is denied access even if the role is a superuser, privilege has been granted directly to the role or was inherited.
UNRESTRICT to remove any restrictions the role has on the database resource.
An account with the
Log in to
cqlsh -u <username>
Logging in with the default role
cassandramay impact performance or may fail. All requests including login are executed with consistency
Create an account with login enabled, but as highlighted in the Tip above, intentionally do not give this
CREATE ROLE IF NOT EXISTS db_admin WITH superuser = false AND login = true AND password = 'anypasswordwilldo';
A password is required for internal accounts but not for LDAP or Kerberos. See