Skip to main content

Role-based Operations

Users can access a database and execute their functions and responsibilities through the creation of users, roles and groups, and granting of correct permissions (privileges).

Here is a sample of standard roles.

Role

Description

Compliance Officer

Management for roles and schema authorizations.

Security Officer

Full authority to view, modify, and create users and groups. Manages user passwords.

Database Administrator

This role cannot execute backups, nor can it read any of the data within the database. Responsible for creating and removing databases. Ability to restore backups.

Cluster Administrator

Minimal set of privileges required to run a SingleStore cluster.

Backup Operator

Authorization to perform cluster backups.

Application Schema Owner

Dedicated, per-application role, authorized to execute create, alter, and delete DDL statements. Cannot view application data.

Application Service Account

Dedicated, per-application role, authorized to execute select, update, insert, delete DML.

Relation Between Users, Roles and Groups

A role can have multiple privileges.

A group can have multiple roles.

A group can have multiple users.

A user can have multiple roles.

A user can be assigned to multiple groups.

Users inherit the permissions, roles of the groups they are assigned to.