PyCharm 2020.3 Help

Users and roles

Different databases use concepts of users and roles to manage the permissions in your databases. Both of them are used for access control and define a set of permissions. Consult with the documentation of your database vendor what type of concept the database uses for access control. In some databases, a role can be a user that has the login right.

Consider the following list of databases and their support of users and roles:

  • Roles and users: Exasol, H2, Vertica.

  • Only roles: Apache Cassandra, IBM Db2 LUW, Apache Derby, Greenplum, Apache Hive, PostgreSQL, Greenplum, Snowflake.

  • Only users: MySQL, Amazon Redshift, MariaDB.

Create users and roles

  1. In the Database tool window (View | Tool Windows | Database ), right-click a data source node and navigate to New | User.

    For some databases, you need to specify a database where you want to create a role or a user. In this case, you must expand the data source tree to the database node, right-click the database node and select New | User.

  2. Select the necessary database settings. In the Preview pane, you can change the generated SQL code.

  3. Click OK.

    To see your changes, press Ctrl+F5.

Description of fields

Exasol

  • Description of fields for Exasol:

    • Name: a name of the role or the user.

    • Comment: a comment for the role or the user.

    • Password: sets a password for the role or the user.

H2

  • Description of fields for H2:

    • Name: a name of the role or the user.

    • Comment: a comment for the role or the user.

    • Admin: grants the admin privileges.

Vertica

  • Description of fields for Vertica:

    • Name: a name of the user.

    • Locked: locks or unlocks user access to the database.

    • Memory Cap: specifies how much memory can be allocated to user requests.

    • Profile: assigns a profile that controls password requirements for this user.

    • Resource Pool: assigns a default resource pool to this user.

    • Runtime Cap: specifies how long a user can execute a query.

    • Search Path: specifies the default search path for a user.

    • Temp Space Cap: limits how much temporary file storage is available for user requests.

Apache Cassandra

  • Description of fields for Apache Cassandra:

    • Name: a name of the role.

    • Can Login: allows the role to log in.

    • Super Role: sets superuser privileges.

IBM Db2 LUW

  • Description of fields for IBM Db2 LUW:

    • Name: a name of the role.

    • Comment: a comment for the role.

Apache Derby

  • Description of fields for Apache Derby:

    • Name: a name of the role.

    • Comment: a comment for the role.

    • Password: sets a password for the role.

Greenplum

  • Description of fields for Greenplum:

    • Name: a name of the role.

    • Comment: a comment for the role.

    • Can Login: allows the role to log in.

    • Create Db: specifies if the role has a privilege to create databases.

    • Create Role: specifies if the role can create and manage other roles.

    • Inherit: specifies if a role inherits the privileges of roles it is a member of.

    • Super Role: sets superuser privileges.

    • Connection Limit: sets the number of concurrent connections for the role.

    • Valid Until: sets a date and time after which the role password expires.

    • Config: sets configuration parameters (for example, search_path ).

Apache Hive

  • Description of fields for Greenplum:

    • Name: a name of the object.

    • Can Login: allows the role to log in.

PostgreSQL

  • Description of fields for PostgreSQL:

    • Name: a name of the object.

    • Comment: a comment for the object.

    • Bypass Rls: bypass the row security system when accessing a table.

    • Can Login: allows the role or user to log in.

    • Create Db: specifies if the role has a privilege to create databases.

    • Create Role: specifies if the role can create and manage other roles.

    • Inherit: specifies if a role inherits the privileges of roles it is a member of.

    • Replication: determines whether a role is allowed to initiate streaming replication or put the system in and out of backup mode.

    • Super Role: determines whether the new role can override all access restrictions within the database.

    • Connection Limit: sets the number of concurrent connections for the role.

    • Valid Until: sets a date and time after which the role password expires.

    • Config: sets configuration parameters (for example, search_path ).

Snowflake

  • Description of fields for Snowflake:

    • Name: a name of the role.

    • Comment: a comment for the role.

MySQL

  • Description of fields for MySQL:

    • Name: a name of the user.

    • Host: a domain name or a server name.

Amazon Redshift

  • Description of fields for Amazon Redshift:

    • Name: a name of the user.

    • Connection Limit: sets the number of concurrent connections for the role.

    • Create Db: specifies if the role has a privilege to create databases.

    • Super User: sets superuser privileges.

    • Valid Until: sets a date and time after which the role password expires.

    • Config: sets configuration parameters (for example, search_path ).

MariaDB

  • Description of fields for MariaDB:

    • Name: a name of the user.

    • Host: a domain name or a server name.

Last modified: 16 March 2021