Create user, grant permission in Cassandra

Cassandra

Cassandra is an open source distributed database administrator designed to handle large volumes of data spread across multiple nodes while ensuring high availability, or scalability.

Reduce the number of flexible nodes (Elastic Scalability) and accept some errors (Fault Tolerant). It was developed by Facebook and is still growing and used for the largest social network in the world. In 2008, Facebook passed it over to the open source community and continues to grow by Apache today. Cassandra is considered a combination of Amazon’s Dynamo and Google’s BigTable.

Log in to Cassandra

# / CassandraPath / bin / cqlsh <localhost or ip server> -u cassandra -p cassandra

cassandra : default user / pass

Create User

Syntax

CREATE USER 'user_name' WITH PASSWORD 'password' NOSUPERUSER / SUPERUSER;
Syntax explanation Meaning
CREATE USER Create user
username / password User name and password
NOSUPERUSER/SUPERUSER  Regular User or Super User

If there is an error message:

InvalidRequest: Error from server: code = 2200 [Invalid query] message = “remoteuser already exists”

That is, the user you want to create already exists, you can use the following command:

CREATE USER IF NOT EXISTS user_name WITH PASSWORD 'password';

IF NOT EXISTS: If user_name already exists , it will still execute without error.

For example

CREATE USER IF NOT EXISTS remoteuser WITH PASSWORD ' Admin @ 123 ';

Test the user after creating it

cassandra @ cqlsh > list users;

Authorize the user

Syntax

GRANT permission_name ON resource TO user_name

In it, permission_name includes:

 

Permission CQL Statement
ALL All statements
ALTER ALTER KEYSPACE, ALTER TABLE, CREATE INDEX, DROP INDEX
AUTHORIZE GRANT, REVOKE
CREATE CREATE KEYSPACE, CREATE TABLE
DROP DROP KEYSPACE, DROP TABLE
MODIFY INSERT, DELETE, UPDATE, TRUNCATE
SELECT SELECT

Resources include:

  • ALL KEYSPACES
  • KEYSPACE keyspace_name
  • TABLE  keyspace_name. table_name

For example

GRANT ALL ON ALL KEYSPACES TO remoteuser;

Check permissions for remoteuser:

Good luck.