CLUSTER ADMIN Privilege
This page is part of MariaDB's Documentation.
The parent of this page is: Privileges for MariaDB Xpand
Topics on this page:
Overview
In 23.09, 6.1:
Grants ability to
ALTER SLICE
,ALTER REPLICA
,ALTER CLUSTER
.
In 6.1:
Grants ability to
ALTER SLICE
,ALTER REPLICA
,ALTER CLUSTER
.
In 6.0, 5.3:
Not present
See also: Privileges for MariaDB Xpand 23.09, in 6.1, in 6.0, and in 5.3
See also: Privileges for MariaDB Xpand 6.1
DETAILS
Scope: Global
Privilege name for
GRANT
:CLUSTER ADMIN
Privilege name for
REVOKE
:CLUSTER ADMIN
Privilege shown by
SHOW GRANTS
:CLUSTER ADMIN
The CLUSTER ADMIN
privilege is supported starting with Xpand 6.1. It grants permission for the following operations:
ALTER SLICE
ALTER REPLICA
The SUPER
privilege is a superset of the CLUSTER ADMIN
privilege.
EXAMPLES
GRANT
The following examples demonstrate grant of a single privilege. A single GRANT
statement can grant multiple privileges at the same scope by providing a comma-separated list of the privileges.
To grant the CLUSTER ADMIN
privilege at global scope, replace the user specification ('USERNAME'@'HOSTNAME'
) in the following query to align to your requirements:
GRANT CLUSTER ADMIN
ON *.*
TO 'USERNAME'@'HOSTNAME';
For general guidance on privileges, see "Privileges".
REVOKE
The following examples demonstrate revoke of a single previously-granted privilege. A single REVOKE
statement can revoke multiple privileges at the same scope by providing a comma-separated list of the privileges.
To revoke the CLUSTER ADMIN
privilege at global scope, replace the user specification ('USERNAME'@'HOSTNAME'
) in the following query to align to your requirements:
REVOKE CLUSTER ADMIN
ON *.*
FROM 'USERNAME'@'HOSTNAME';
For general guidance on privileges, see "Privileges".
SHOW Output
A user's privileges can be displayed using the SHOW GRANTS
statement.
If the CLUSTER ADMIN
privilege is present, it will be shown as CLUSTER ADMIN
in the output. For example:
SHOW GRANTS FOR 'app_user'@'192.0.2.%';
+------------------------------------------------------+
| Grants for app_user@192.0.2.% |
+------------------------------------------------------+
| GRANT CLUSTER ADMIN ON *.* TO 'app_user'@'192.0.2.%' |
+------------------------------------------------------+
Privilege Failure
An error message is raised if an operation fails due to insufficient privileges. For example:
ALTER CLUSTER REFORM;
ERROR 1045 (HY000): [11281] Permission denied: User "'USERNAME'@'HOSTNAME'" is missing CLUSTER ADMIN on *.*; transaction aborted
CHANGE HISTORY
Release Series | History |
---|---|
23.09 |
|
6.1 |
|
6.0 |
|
5.3 |
|
Release Series | History |
---|---|
6.1 |
|