SequoiaDB权限配置

在 SequoiaDB 中 Role-Based Access Control (RBAC) 是一种权限管理机制，基于角色的概念控制用户对数据库资源的访问权限。

本节介绍 MySQL 实例通过用户的方式连接 SequoiaDB 时，用户需要拥有的对 SequoiaDB 数据库资源的访问权限。

SequoiaDB基于角色的访问控制

SequoiaDB基于角色的访问控制

MySQL实例对接命令

此命令将会赋予 MySQL 实例连接 SequoiaDB 所需要的所有权限(包括实例组)

角色创建

> db.createRole({
     Role: "sequoiasql_developer",
     Privileges:[
         {
             Resource:{Cluster:true},
             Actions:["trans","snapshot","createCS","dropCS"]
         }
     ],
     Roles:[
         "_dbAdmin"
     ]
 })

MySQL实例访问所需权限

SELECT 所需权限

trans on { Cluster : true }
snapshot on { Cluster : true }
find on { cs: "", cl: "" }
testCS on { cs: "", cl: "" }
testCL on { cs: "", cl: "" }
getDetail on { cs: "", cl: "" }

INSERT 所需权限

testCS on { cs: "", cl: "" }
testCL on { cs: "", cl: "" }
trans on { Cluster : true }
insert on { cs: "", cl: "" }
find on { cs: "", cl: "" }
getDetail on { cs: "", cl: "" }
update on { cs: "", cl: "" }

CREATE 所需权限

createCS on { Cluster : true }
createCL on { cs: "", cl: "" }
trans on { Cluster : true }
find on { cs: "", cl: "" }
getDetail on { cs: "", cl: "" }
testCS on { cs: "", cl: "" }
testCL on { cs: "", cl: "" }
snapshot on { Cluster : true }
createIndex on { cs: "", cl: "" }
insert on { cs: "", cl: "" }

UPDATE 所需权限

testCS on { cs: "", cl: "" }
testCL on { cs: "", cl: "" }
update on { cs: "", cl: "" }
trans on { Cluster : true }
find on { cs: "", cl: "" }
getDetail on { cs: "", cl: "" }

DELETE 所需权限

testCS on { cs: "", cl: "" }
testCL on { cs: "", cl: "" }
find on { cs: "", cl: "" }
getDetail on { cs: "", cl: "" }
trans on { Cluster : true }
remove on { cs: "", cl: "" }

ALTER 所需权限

attachCL on { cs: "", cl: "" }
detachCL on { cs: "", cl: "" }
alterCL on { cs: "", cl: "" }
createCL on { cs: "", cl: "" }
createIndex on { cs: "", cl: "" }
remove on { cs: "", cl: "" }
dropCL on { cs: "", cl: "" }
dropIndex on { cs: "", cl: "" }
testCS on { cs: "", cl: "" }
testCL on { cs: "", cl: "" }
find on { cs: "", cl: "" }
getDetail on { cs: "", cl: "" }
snapshot on { Cluster : true }
insert on { cs: "", cl: "" }
find on { cs: "", cl: "" }
renameCL on { cs: "", cl: "" }
trans on { Cluster : true }
truncate on { cs: "", cl: "" }

实例组相关

find on { cs: "", cl: "" }
getDetail on { cs: "", cl: "" }
testCS on { cs: "", cl: "" }
testCL on { cs: "", cl: "" }
snapshot on { Cluster : true }
alterCL on { cs: "", cl: "" }
createIndex on { cs: "", cl: "" }
analyze on { cs: "", cl: "" }
attachCL on { cs: "", cl: "" }
createCS on { Cluster : true }
createCL on { cs: "", cl: "" }
detachCL on main cl
dropCS on on { Cluster : true }
dropCL on { cs: "", cl: "" }
list on { Cluster : true }
insert on { cs: "", cl: "" }
find on { cs: "", cl: "" }
remove on { cs: "", cl: "" }
update on { cs: "", cl: "" }
renameCL on { cs: "", cl: "" }
trans on { Cluster : true }
truncate on { cs: "", cl: "" }

收起

建议反馈

本页导航