========================================================
启用用户认证和创建超级用户
需要针对每个节点进行配置修改和重启,但授权操作仅需要在任一节点进行即可。
// 修改配置文件 cassandra.yaml 并重启 authenticator: PasswordAuthenticator authorizer: CassandraAuthorizer // 使用默认账号登录 python27 ./cqlsh.py -u ‘cassandra‘ -p ‘cassandra‘ 192.168.1.101 // 创建带有超级权限的用户 CREATE ROLE cassandra_dba WITH SUPERUSER = true AND LOGIN = true AND PASSWORD = ‘cassandra_dba.com‘; // 使用新账号登录 python27 ./cqlsh.py -u ‘cassandra_dba‘ -p ‘cassandra_dba.com‘ 192.168.1.101 // 禁用默认账号 ALTER ROLE cassandra WITH SUPERUSER = false AND LOGIN = false;
========================================================
设置超级用户
// 创建超级用户 CREATE USER test WITH PASSWORD ‘123456‘ SUPERUSER; // 创建普通用户 CREATE USER test1 WITH PASSWORD ‘123456‘ NOSUPERUSER; // 修改用户 ALTER USER test WITH PASSWORD ‘654321‘ ( NOSUPERUSER |SUPERUSER ); // 删除用户 DROP USER test; // 列出所有用户 LIST USERS;
========================================================
用户创建和授权
permission_name: ALL/ALTER/AUTHORIZE/CREATE/DROP/MODIFY/SELECT resource: ALL KEYSPACES/KEYSPACE keyspace_name/TABLE keyspace_name.table_name // 对用户授权 GRANT permission_name ON resource TO user_name; // 对用户取消权限 REVOKE permission_name ON resource FROM user_name; // 列出用户权限 LIST permission_name ON resource OF user_name;
demo:
// 如创建exps_rw用户,并授予对数据库exps的读写权限 CREATE USER exps_rw WITH PASSWORD ‘123.com‘ NOSUPERUSER; GRANT SELECT ON KEYSPACE exps TO exps_rw; GRANT MODIFY ON KEYSPACE exps TO exps_rw; // 查看exps_rw用户在数据库exps上的权限 LIST ALL ON KEYSPACE exps OF exps_rw;
抄自:https://blog.csdn.net/a476585070/article/details/54962224
原文:https://www.cnblogs.com/gaogao67/p/10470846.html