Security and Permissions

The Spark user must have access to the SingleStoreDB Cloud workspace.

Additionally, SingleStoreDB has a Permissions Matrix which describes the permissions required to run each command.

To perform any SQL operations through the SingleStore Spark Connector, you should have different permissions for different types of operations. The following matrix describes the minimum permissions required to perform some operations. The ALL PRIVILEGES permission allows you to perform any operation.

The SingleStore Spark Connector uses the SingleStore JDBC Driver under the hood and thus supports SSL configuration out of the box.

Once you have setup SSL on your server, use the following options to enable SSL:

spark.conf.set("spark.datasource.singlestore.useSSL", "true")
spark.conf.set("spark.datasource.singlestore.serverSslCert", "PATH/TO/CERT")

Note: The serverSslCert option may be server’s certificate in DER form, or the server’s CA certificate. It can be used in one of the following three forms:

Depending on your SSL configuration, set these additional options:

spark.conf.set("spark.datasource.singlestore.trustServerCertificate", "true")
spark.conf.set("spark.datasource.singlestore.disableSslHostnameVerification", "true")

See The SingleStore JDBC Driver for more information. If you are still using the MariaDB JDBC driver, see MariaDB JDBC Connector for more information.

To authenticate your connection to a SingleStoreDB Cloud workspace using the SingleStore Spark connector with a JWT, specify the following parameters:

CREATE USER 'email@example.com'@'%' IDENTIFIED WITH authentication_jwt REQUIRE SSL;

See Authenticate via JWT for more information.