Manage roles on your Cassandra Cluster.
- login_user (optional, str, None)
- The Cassandra user to login with.
- login_password (optional, str, None)
- The Cassandra password to login with.
- login_host (optional, list, None)
- The Cassandra hostname.
- login_port (optional, int, 9042)
- The Cassandra poret.
- name (True, str, None)
- The name of the role to create or manage.
- state (True, str, None)
- The desired state of the role.
- super_user (optional, bool, False)
- If the user is a super user or not.
- login (optional, bool, True)
True allows the role to log in.
Use true to create login accounts for internal authentication, PasswordAuthenticator or DSE Unified Authenticator.
- password (optional, str, None)
- The password for the role.
- options (optional, dict, None)
- Reserved for use with authentication plug-ins. Refer to the authenticator documentation for details.
- data_centers (optional, dict, None)
Only relevant if a network_authorizer has been configured.
Specify data centres as keys of this dict.
Can specify a key as 'all' although this implicity assumed by Cassandra if not supplied.
- keyspace_permissions (optional, dict, None)
Grant privileges on keyspace objects.
Specify keyspaces as keys of this dict.
Permissions supplied as a list to the keyspace keys.
Valid permissions at keyspace level are as follows; ALL PERMISSIONS, CREATE, ALTER, AUTHORIZE, DROP, MODIFY, SELECT
A special key 'all_keyspaces' can be supplied to assign permissions to all keyspaces.
- roles (optional, list, None)
- One or more roles to grant to this user or role.
- debug (optional, bool, False)
- Additional debug output.
- name: Create a role community.cassandra.cassandra_role: name: app_user password: 'secretZHB78' state: present login: yes - name: Remove a role community.cassandra.cassandra_role: name: app_user state: absent - name: Create a super user community.cassandra.cassandra_role: name: admin password: 'BigSecretUser2019' state: present login: yes super_user: yes - name: Create a user with access only to certain data centres community.cassandra.cassandra_role: name: rhys password: 'secret' state: present login: yes data_centres: london: zurich: - name: Create a user with specific permissions for specific keyspaces community.cassandra.cassandra_role: name: rhys password: 'secret' state: present login: yes permissions: mykeyspace: - "ALL PERMISSIONS" # Same as GRANT ALL PERMISSIONS ON mykeyspace TO rhys; mydummy: - "SELECT" - "EXECUTE" # Same as GRANT SELECT, EXECUTE ON mydummy TO rhys; all_keyspaces: - "SELECT" # Same as GRANT SELECT ON ALL KEYSPACES TO rhys;