Updated on 2024-09-05 GMT+08:00

Managing Roles

Creating a Role

  1. Log in to the GaussDB(DWS) console. In the navigation pane on the left, choose Clusters > Dedicated Clusters.
  2. In the cluster list, click the name of the target cluster. The Cluster Information page is displayed.
  3. In the navigation pane, choose User Management.
  4. Click the Roles tab and click Create Role. The role creation page is displayed.
  5. Configure role information. The parameters are described as follows:

    Table 1 Parameters for configuring role information

    Parameter

    Description

    Example Value

    Role Name

    The value must start with a letter and can contain a maximum of 63 characters, including letters, digits, and underscores (_).

    dws-demo

    Expires

    Expiration time of the role permissions.

    -

    System Administrator

    Indicates whether the role has the system administrator rights.

    -

    Create Database

    Specifies whether the role has the permission to create databases.

    -

    Create Role

    Specifies whether the role has the permission to create users and roles.

    -

    Inherit Permissions

    Indicates whether the role inherits the permissions from its role group. This function is enabled by default. You are advised to retain this setting.

    -

  6. If all the parameters are correctly set, click Next.
  7. Configure the permissions of the role.

    Click Add to add a permission configuration. Select the database object type and the corresponding objects. Then, select permissions. For details about permission definitions, see "DCL Syntax" > "GRANT" in GaussDB(DWS) SQL Overview.

  8. After the authorization is complete, click Create. The role is created.

Modifying a Role

  1. Log in to the GaussDB(DWS) console. In the navigation pane on the left, choose Clusters > Dedicated Clusters.
  2. In the cluster list, click the name of the target cluster. The Cluster Information page is displayed.
  3. In the navigation pane, choose User Management.
  4. In the role list, select a user and click Modify. The page for modifying role details is displayed.
  5. Modify the role information. For the parameter description, see Table 1.
  6. If all the parameters are correctly set, click Next.
  7. Configure permissions. Select a permission type as required, click Edit in the Operation column, and click Modify in the Permission column to add or remove permissions.
  8. Confirm the permissions. Click lick Save.

Deleting a Role

Prerequisites

To prevent any problems with deleting a role, check for dependencies such as database objects beforehand. If there are any dependencies, delete them first before proceeding with the role deletion.

Procedure

  1. Log in to the GaussDB(DWS) console. In the navigation pane on the left, choose Clusters > Dedicated Clusters.
  2. In the cluster list, click the name of the target cluster. The Cluster Information page is displayed.
  3. In the navigation pane, choose User Management.
  4. Select a role from the role list and click Delete. A confirmation dialog box is displayed.
  5. Click OK to delete the role.

Exporting Roles

  1. Log in to the GaussDB(DWS) console. In the navigation pane on the left, choose Clusters > Dedicated Clusters.
  2. In the cluster list, click the name of the target cluster. The Cluster Information page is displayed.
  3. In the navigation pane, choose User Management and click Roles to switch to the role list page.
  4. Click Export in the upper part of the role list and select the number of roles to be exported.

    Figure 1 Exporting roles

  5. Confirm the information and click Export.

Exporting Role Permissions

  1. Log in to the GaussDB(DWS) console. In the navigation pane on the left, choose Clusters > Dedicated Clusters.
  2. In the cluster list, click the name of the target cluster. The Cluster Information page is displayed.
  3. In the navigation pane, choose User Management and click Roles to switch to the role list page.
  4. Select a user from the role list, click Export Permissions, and select the number of records to be exported.

    Figure 2 Exporting role permissions