Manage Organizations

There are two types of Cloud users:

  1. Organization: An organization user resides within the “control plane” of SingleStoreDB Cloud and can perform those actions that are available on the portal, such as manage organization users, manage workspaces, and run SQL queries against databases data via the portal SQL editor.

  2. Database: A database user resides within a workspace group. A database user’s lifetime is bound to that group such that, when a workspace group is deleted, all of the users, permissions and groups are permanently removed as well. Database users can connect to the database via SQL client and run SQL queries against their data. Unlike organization users, database users must be managed via SQL statements. Note that a database user does not necessarily need to be an organization user to access a database created in an organization.

These two types of uses work in concert to manage resources and data.

About Organizations and Users

SingleStoreDB organizations allow shared access to deployments and resources within a company or group. A default organization is automatically created when a user registers on the portal.

The organization’s configuration can be viewed by expanding the organization menu. This includes:

  • The list of running workspaces

  • A list of databases

  • Licenses for on-prem deployments

  • Organization Members

  • Billing & Usage

  • Settings

Each organization must have a billing account to create workspaces and databases. The billing account is used to pay for on-demand usage, or to pay for credits subscriptions and storage usage. Additional billing accounts can also be added, but only the default billing method will be charged for usage.

A user is an Individual who logs into the portal and can access portal services. Each user is associated with a default organization and automatically has access to all the resources within that organization. While most users will have one organization for their company, they can belong to, and be removed from, multiple organizations. An organization allows multiple users within a company to manage resources and databases affiliated with that organization. Users are common for all the databases within a workspace group. Privileges should be used to separate access.

A separate admin user is created while provisioning a database. A password is specifically set for the admin user.

Portal users can access the database only in the Cloud portal SQL editor. They cannot access the workspace via CLI or IDE tools. To access the database directly using the workspace endpoints use the admin user or create a separate database user.

The admin user can log in using CLI or IDE tools.

Each organization user is an administrator of that organization. A user that has admin permissions on an organization can:

  • Add users to, and remove users from, the organization

  • Manage billing and payment methods within the organization

  • Create resources (workspaces, databases) within the organization

  • Manage/terminate resources (workspaces, databases) within the organization

Portal users and the admin user are automatically granted the following access. These permissions need not be explicitly granted.

SHOW GRANTS

=====output is =====
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, PROCESS, INDEX, ALTER, SHOW METADATA, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, ALTER VIEW, DROP VIEW, BACKUP, CREATE DATABASE, DROP DATABASE, CREATE PIPELINE, DROP PIPELINE, START PIPELINE, ALTER PIPELINE, SHOW PIPELINE, CREATE LINK, DROP LINK, SHOW LINK, DROP POOL, CREATE POOL ON *.* TO 'admin'@'%' IDENTIFIED BY PASSWORD <secret> WITH GRANT OPTION

Any user can manage billing accounts as needed. To add a billing account, select the organization name in the left nav (ORG:) > Billing & Usage > Payment Methods, click the Add Payment Method button, and follow the provided instructions.

A user’s organization is shown in the left side navigation in the portal. If a user is a member of multiple organizations, they may select the desired organization using the double arrows (ms-switch-org.png) next to the organization (ORG:) menu.