Authorization mechanisms
Authorization involves controlling access to schema objects and giving the minimum required permissions and privileges for users and roles. Authorization becomes critical when the data's size, number of nodes, number of clients, number of clusters, and use cases grow in size.
In the context of CockroachDB, a user and role can be used interchangeably as there is no technical distinction between them. Even when executing CockroachDB commands, role
and user
can be used interchangeably in some cases. An example of this is as follows:
- First, we must execute
SHOW ROLES
:$ SHOW ROLES; username | options | member_of -----------+---------+------------ admin | | {} root | | {admin} (2 rows) Time: 13ms total (execution 12ms / network 1ms)
- Next, we must execute...