Granting Permissions to Roles in Cassandra
In this article, we are going to discuss how we can granting permission to roles in Cassandra. First, we will create a new role and show how it can access the database.
Creating a new role:
In this step, we are going to create a new role such that user_access is a new role and want to access the database. To create a new role using the following cqlsh query.
cassandra@cqlsh> create role user_access ... with password = 'user_access' ... and LOGIN = true;
Output:
Now, If we can see “user_access” role access by using the following cqlsh query.
cassandra@cqlsh> list all permissions of 'user_access'; role | resource | permissions ------+----------+------------- (0 rows) cassandra@cqlsh>
Right now, it can’t access the Existing keyspace ‘University’. let’s have a look.
cassandra@cqlsh> login user_access Password:user_access user_access@cqlsh>
Output:
To resolve this error “Unauthorized: Error from server: code=2100 [Unauthorized] message=”User user_access has no SELECT permission on
Consider if we want only access “student” table on university keyspace then we can use the following cqlsh query.
cassandra@cqlsh>
grant all permissions on university.student to user_access;
Only we can grant permission to access “university.student” table.
Output:
Now, used the following cqlsh query if we want to give the grant access to all tables on a university keyspace.
cassandra@cqlsh>
grant all permissions on keyspace university to user_access;
We can see all the permissions by using “list all permissions”.
Output:
If we want to give the grant access to the full database then used the following cqlsh query.
cassandra@cqlsh>
grant all permissions on all keyspaces to user_access;
Output:
Contact Us