Reputation: 1538
User can view specfic keyspace not others if not admin rights?
While exploring cassandra, Is it possible in cassandra that if I created an user "test" and I have multiple keypsaces so if I am logging cqlsh with "test" then I can see only selected keyspaces not others.admin can view or switch all keypsaces. please help if any idea or correct me.
Thanks in advance.
Upvotes: 0
Views: 724
Answers (2)
Reputation: 1578
Permissions (Data Control)
https://docs.scylladb.com/operating-scylla/security/authorization/#data-control
Permission Resource Operations
AUTHORIZE ALL KEYSPACES GRANT PERMISSION and REVOKE PERMISSION on any table
AUTHORIZE KEYSPACE GRANT PERMISSION and REVOKE PERMISSION on any table in specified keyspace
AUTHORIZE TABLE GRANT PERMISSION and REVOKE PERMISSION on specified table
GRANT permissions
https://docs.scylladb.com/operating-scylla/security/authorization/#grant-permission
AND / OR
RBAC (Role Based Access Control)
https://docs.scylladb.com/operating-scylla/security/authorization/#database-roles
Will be a good way of accomplishing what you are aiming for
Upvotes: 4
Reputation: 6218
GRANT command should work. Though test user will be able to see other keyspaces, operation will not be possible unless given permission. If test user has SELECT grant on particular keyspace it will be able to only issue select query on tables in that keyspace.
https://docs.datastax.com/en/cql/3.3/cql/cql_reference/cqlGrant.html
Upvotes: 1
Related Questions
- How do I add permissions in Amazon Keyspaces?
- Cassandra keyspace available in other computer
- Cassandra backup system keyspaces
- Unable to see all keyspaces in C* 2.1.7 after I downgraded from 3.0 to 2.1.7
- Is it possible to have authentication on keyspaces in Cassandra?
- Cassandra Keyspace table access issue
- Connecting to Cassandra KEYSPACE created in CQL 3
- Restrict Cassandra users seeing all keyspaces
- can't access keyspace in cql created in cli
- Unable to create keyspace in cassandra-cli