Role-based Operations
Users can access a database and execute their functions and responsibilities through the creation of users, roles and groups, and granting of correct permissions (privileges).
Here is a sample of standard roles.
Role | Description |
|---|---|
Compliance Officer | Management for roles and schema authorizations. |
Security Officer | Full authority to view, modify, and create users and groups. Manages user passwords. |
Database Administrator | This role cannot execute backups, nor can it read any of the data within the database. Responsible for creating and removing databases. Ability to restore backups. |
Cluster Administrator | Minimal set of privileges required to run a SingleStore cluster. |
Backup Operator | Authorization to perform cluster backups. |
Application Schema Owner | Dedicated, per-application role, authorized to execute create, alter, and delete DDL statements. Cannot view application data. |
Application Service Account | Dedicated, per-application role, authorized to execute select, update, insert, delete DML. |
Relation Between Users, Roles and Groups
A role can have multiple privileges.
A group can have multiple roles.
A group can have multiple users.
A user can have multiple roles.
A user can be assigned to multiple groups.
Users inherit the permissions, roles of the groups they are assigned to.