ApsaraDB for Lindorm provide an easy-to-use system that is used to manage role authentication and access control lists (ACLs). You only need to configure the username and password for user authentication. The passwords are stored in ciphertext on the server. The encrypted passwords are transferred for user authentication. Even if the ciphertext is intercepted, the encrypted data for authentication cannot be reused or forged.
On the Users page of ClusterManager, all the users of the current cluster are listed. After you purchase a cluster, the system creates an account that has all permissions on the cluster and you can manage the cluster by using this account. Both the username and password of this account are root. You can change the password of this account or delete it in ClusterManager.
Create a user
- On the Users page of ClusterManager, choose More-->create user.
- In the dialog box that appears, enter a user and password, and click OK.
- Passwords are stored in ciphertext on the Lindorm server. Therefore, after you create a user, you cannot view the password. You must remember your password. If you forget the password, you must change your password.
- A new user does not have any permissions. You must grant the required permissions to the user on the Permissions page. For more information, see Manage ACLs.
Change the password
- On the Users page of ClusterManager, click Change Password next to the required user.
- In the dialog box that appears, click OK.
Delete a user
Manage ACL permissions
- WRITE permissions
Users with WRITE permissions can perform write operations on Lindorm tables, such as Put, Batch, Delete, Increment, Append, and CheckAndMutate.
- READ permissions
Users with READ permissions can run statements, such as GET, SCAN, and EXIST to read tables, or run the statements, such as getTableDescriptor, listTables, and listNamespaceDescriptors to retrieve descriptors and namespaces of tables.
- ADMIN permissions
The ADMIN permissions allow users to manage tables or data by using the data definition language (DDL) statements such as createTable, enableTable, and disableTable. However, these permissions do not include the delete permissions on tables or data. The ADMIN permissions also allow users to manage namespaces by using the DDL statements such as createNamespace.
- TRASH permissions
To avoid accidental operations in which tables may be deleted or cleared, only the users with the TRASH permissions can use the DDL statements such as truncateTable and deleteTable.
- SYSTEM permissions
Only users with SYSTEM permissions can run the COMPACT and FLUSH statements. In addition, if you want to use Lindorm Tunnel Service (LTS) to migrate and synchronize data, you must use the account with SYSTEM permissions.
- Grant permissions to a user
You can grant permissions to a user on the Permissions page of ClusterManager. You can perform the following operations to grant read permissions on a table to a user:
- On the Permissions tab of ClusterManager, choose More-->grant privilege next to the required table.
- In the dialog box that appears, select a user, a namespace, a table, select the READ permission, and then click OK.
- Revoke permissions
On the Permissions page of ClusterManager, you can revoke permissions from a user. Each user may have permissions at one or more levels. You can perform the following steps to revoke permissions from a user:
- On the Permissions page of ClusterManager, find the user from whom you want revoke permissions and click Revoke next to the user.
- In the dialog box that appears, all the permissions on the current object (Global, Table, or Namespace) are listed. Select permissions to be revoked and click OK.
Enable or disable the ACL feature
If you do not need to control access by using usernames and the ACL feature, you can disable the ACL feature. After you disable the ACL feature, no usernames and passwords are required for subsequent access requests, including user access by using APIs, SQL, and non-Java methods. In this case, no limits are imposed when you perform operations. You can enable and disable the ACL feature without the need to restart your cluster. However, if you enable the ACL feature after you disable it, you must provide a username and a password to reconnect to the service. Otherwise, the client cannot be authenticated and an error message is returned. If the username and the password are provided, the client is authenticated as expected when the reconnection is established. However, if you attempt to perform unauthorized operations, the access is denied.