All Products
Search
Document Center

ApsaraDB for HBase:Manage users

Last Updated:Jul 25, 2024

Lindorm allows you to manage users and their permissions. You can add users, delete users, grant users read or write permissions, and revoke permissions from users in the cluster management system of LindormTable.

Prerequisites

You are logged on to the cluster management system of your Lindorm instance. For more information, see Log on to the cluster management system.

Create or delete a user

Create a user

  1. In the left-side navigation pane of the cluster management system, choose Data Manager > User Manager.

  2. On the right side of the page, click + Add user

  3. In the Add user dialog box, enter the Username and Password.

  4. Click OK.

Note
  • After you create a user, the password of the user cannot be viewed in the system. If you forget the password, you must change the password.

  • No permission is granted to a user when it is created. You must manually grant permissions to the user. For more information, see Grant and revoke permissions.

Delete a user

  1. Find the user that you want to delete. Click Delete in the Operation column.

  2. Click OK.

Change the password of a user

  1. Click Change password in the Operation column corresponding to the user whose password you want to change.

  2. In the Change password dialog box, specify the New password.

  3. Click OK.

Permission management

You can grant permissions to or revoke permissions from a user in the cluster management system.

Permission levels

The following permission levels from high to low are defined to control access to Lindorm instances and the relevant resources: Global, Database (Namespace), and Table. A higher level provides all permissions that are provided by a lower level.

For example, if User 1 is granted the global read and write permissions, User 1 has the read and write permissions on wide tables in all databases in a Lindorm cluster. If User 2 is granted the read and write permissions on Database 1, User 2 has the read and write permissions on all tables in Database 1, including newly created tables in Database 1.

Permissions

The following table describes the supported permissions and the syntaxes that you can execute with the corresponding permissions.

Permission

Description

Syntax

WRITE

Operations related to writing data to tables in Lindorm.

PUT, BATCH, DELETE, INCREMENT, APPEND, and CHECKANDMUTATE

READ

Operations related to reading data from tables in Lindorm.

GET, SCAN, and EXIST

Operations related to reading the descriptor and namespace information of tables in ApsaraDB for Lindorm.

GETTABLEDESCRIPTOR, LISTTABLES, and LISTNAMESPACEDESCRIPTORS

ADMIN

Data Definition Language (DDL) operations other than those related to deleting tables or table data.

CREATETABLE, ENABLETABLE, and DISABLETABLE

DDL operations related to namespaces.

CREATENAMESPACE

TRASH

Operations that can prevent users from accidentally deleting tables or table data.

TRUNCATETABLE and DELETETABLE

SYSTEM

O&M operations. Data migration and synchronization operations performed by using LTS.

COMPACT and FLUSH

Grant and revoke permissions

  1. Click More in the Operation column corresponding to the user. image.png

  2. Select the operation that you want to perform from the drop-down list.

    • Grant permissions: You can grant the global, namespace, or table permission to the user.

    • Revoke permissions: You can revoke the global, namespace, or table permission from the user.

  3. In the dialog box that appears, select or deselect the permissions and related information.

  4. Click OK.