CLUSTER ADMIN Privilege

Overview

In 23.09, 6.1:

Grants ability to ALTER SLICE, ALTER REPLICA, ALTER CLUSTER.

In 6.1:

Grants ability to ALTER SLICE, ALTER REPLICA, ALTER CLUSTER.

In 6.0, 5.3:

Not present

USAGE

DETAILS

  • Scope: Global

  • Privilege name for GRANT: CLUSTER ADMIN

  • Privilege name for REVOKE: CLUSTER ADMIN

  • Privilege shown by SHOW GRANTS: CLUSTER ADMIN

The CLUSTER ADMIN privilege is supported starting with Xpand 6.1. It grants permission for the following operations:

The SUPER privilege is a superset of the CLUSTER ADMIN privilege.

SYNONYMS

SCHEMA

PARAMETERS

SKYSQL

PRIVILEGES

EXAMPLES

GRANT

The following examples demonstrate grant of a single privilege. A single GRANT statement can grant multiple privileges at the same scope by providing a comma-separated list of the privileges.

To grant the CLUSTER ADMIN privilege at global scope, replace the user specification ('USERNAME'@'HOSTNAME') in the following query to align to your requirements:

GRANT CLUSTER ADMIN
  ON *.*
  TO 'USERNAME'@'HOSTNAME';

For general guidance on privileges, see "Privileges".

REVOKE

The following examples demonstrate revoke of a single previously-granted privilege. A single REVOKE statement can revoke multiple privileges at the same scope by providing a comma-separated list of the privileges.

To revoke the CLUSTER ADMIN privilege at global scope, replace the user specification ('USERNAME'@'HOSTNAME') in the following query to align to your requirements:

REVOKE CLUSTER ADMIN
  ON *.*
  FROM 'USERNAME'@'HOSTNAME';

For general guidance on privileges, see "Privileges".

SHOW Output

A user's privileges can be displayed using the SHOW GRANTS statement.

If the CLUSTER ADMIN privilege is present, it will be shown as CLUSTER ADMIN in the output. For example:

SHOW GRANTS FOR 'app_user'@'192.0.2.%';
+------------------------------------------------------+
| Grants for app_user@192.0.2.%                        |
+------------------------------------------------------+
| GRANT CLUSTER ADMIN ON *.* TO 'app_user'@'192.0.2.%' |
+------------------------------------------------------+

Privilege Failure

An error message is raised if an operation fails due to insufficient privileges. For example:

ALTER CLUSTER REFORM;
ERROR 1045 (HY000): [11281] Permission denied: User "'USERNAME'@'HOSTNAME'" is missing CLUSTER ADMIN on *.*; transaction aborted

ERROR HANDLING

FEATURE INTERACTION

RESPONSES

DIAGNOSIS

ISO 9075:2016

CHANGE HISTORY

Release Series

History

23.09

  • Present starting in MariaDB Xpand 23.09.1.

6.1

  • Added in MariaDB Xpand 6.1.0.

6.0

  • Not present.

5.3

  • Not present.

Release Series

History

6.0

  • Not present.

5.3

  • Not present.

Release Series

History

6.1

  • Added in MariaDB Xpand 6.1.0.

EXTERNAL REFERENCES