Users and roles
Different databases use concepts of users and roles to manage the permissions in your databases. Both of them are used for access control and define a set of permissions. Consult with the documentation of your database vendor what type of concept the database uses for access control. In some databases, a role can be a user that has the login right.
Consider the following list of databases and their support of users and roles:
Roles and users: Exasol, H2, Vertica.
Only roles: Apache Cassandra, IBM Db2 LUW, Apache Derby, Greenplum, Apache Hive, PostgreSQL, Greenplum, Snowflake.
Only users: MySQL, Amazon Redshift, MariaDB.
Create users and roles
In the Database tool window ( ), right-click a data source node and navigate to .
For some databases, you need to specify a database where you want to create a role or a user. In this case, you must expand the data source tree to the database node, right-click the database node and select
.Select the necessary database settings. In the Preview pane, you can change the generated SQL code.
Click OK.
To see your changes, press Ctrl+F5.
Description of fields
Exasol
Description of fields for Exasol:
Name: a name of the role or the user.
Comment: a comment for the role or the user.
Password: sets a password for the role or the user.
H2
Description of fields for H2:
Name: a name of the role or the user.
Comment: a comment for the role or the user.
Admin: grants the admin privileges.
Vertica
Description of fields for Vertica:
Name: a name of the user.
Locked: locks or unlocks user access to the database.
Memory Cap: specifies how much memory can be allocated to user requests.
Profile: assigns a profile that controls password requirements for this user.
Resource Pool: assigns a default resource pool to this user.
Runtime Cap: specifies how long a user can execute a query.
Search Path: specifies the default search path for a user.
Temp Space Cap: limits how much temporary file storage is available for user requests.
Apache Cassandra
Description of fields for Apache Cassandra:
Name: a name of the role.
Can Login: allows the role to log in.
Super Role: sets superuser privileges.
IBM Db2 LUW
Description of fields for IBM Db2 LUW:
Name: a name of the role.
Comment: a comment for the role.
Apache Derby
Description of fields for Apache Derby:
Name: a name of the role.
Comment: a comment for the role.
Password: sets a password for the role.
Greenplum
Description of fields for Greenplum:
Name: a name of the role.
Comment: a comment for the role.
Can Login: allows the role to log in.
Create Db: specifies if the role has a privilege to create databases.
Create Role: specifies if the role can create and manage other roles.
Inherit: specifies if a role inherits the privileges of roles it is a member of.
Super Role: sets superuser privileges.
Connection Limit: sets the number of concurrent connections for the role.
Valid Until: sets a date and time after which the role password expires.
Config: sets configuration parameters (for example,
search_path
).
Apache Hive
Description of fields for Greenplum:
Name: a name of the object.
Can Login: allows the role to log in.
PostgreSQL
Description of fields for PostgreSQL:
Name: a name of the object.
Comment: a comment for the object.
Bypass Rls: bypass the row security system when accessing a table.
Can Login: allows the role or user to log in.
Create Db: specifies if the role has a privilege to create databases.
Create Role: specifies if the role can create and manage other roles.
Inherit: specifies if a role inherits the privileges of roles it is a member of.
Replication: determines whether a role is allowed to initiate streaming replication or put the system in and out of backup mode.
Super Role: determines whether the new role can override all access restrictions within the database.
Connection Limit: sets the number of concurrent connections for the role.
Valid Until: sets a date and time after which the role password expires.
Config: sets configuration parameters (for example,
search_path
).
Snowflake
Description of fields for Snowflake:
Name: a name of the role.
Comment: a comment for the role.
MySQL
Description of fields for MySQL:
Name: a name of the user.
Host: a domain name or a server name.
Amazon Redshift
Description of fields for Amazon Redshift:
Name: a name of the user.
Connection Limit: sets the number of concurrent connections for the role.
Create Db: specifies if the role has a privilege to create databases.
Super User: sets superuser privileges.
Valid Until: sets a date and time after which the role password expires.
Config: sets configuration parameters (for example,
search_path
).
MariaDB
Description of fields for MariaDB:
Name: a name of the user.
Host: a domain name or a server name.