Skip to main content


         This documentation site is for previous versions. Visit our new documentation site for current releases.      
 

This content has been archived and is no longer being updated.

Links may not function; however, this content may be relevant to outdated versions of the product.

Creating Cassandra user roles with limited database access

Updated on March 11, 2021

This content applies only to On-premises and Client-managed cloud environments

Define and control Pega Platform access to your external database by creating Cassandra user roles with access to a defined set of keyspaces.

Create keyspaces that are necessary to store decision management data and then create user roles with access to the keyspaces.
  1. Create the following keyspaces by running the create keyspace CQL command:
    • adm
    • adm_commitlog
    • aggregation
    • data
    • states
    • vbd
    For example: For a cluster with one data center, run the following command:
    create keyspace data with replication = {'class':'NetworkTopologyStrategy','datacenter1':3};
    create keyspace adm with replication = {'class':'NetworkTopologyStrategy','datacenter1':3};
    create keyspace adm_commitlog with replication = {'class':'NetworkTopologyStrategy','datacenter1':3};
    create keyspace aggregation with replication = {'class':'NetworkTopologyStrategy','datacenter1':3};
    create keyspace states with replication = {'class':'NetworkTopologyStrategy','datacenter1':3};
    create keyspace vbd with replication = {'class':'NetworkTopologyStrategy','datacenter1':3}; 
    
    For more information about the create keyspace CQL command, see the DataStax documentation.
  2. Create a Cassandra user role by running the create role CQL command:
    create role rolename with password = rolepassword and login = true
    For example:
    create role pegauser with password = passwordxmp and login = true
    For more information about the create role CQL command, see the DataStax documentation.
  3. For each keyspace that you created in 1, grant the following permissions to the user by running the grant CQL command:
    • create
    • alter
    • drop
    • select
    • modify
    For example: For the data keyspace, run the following CQL command:
    grant create on keyspace data to pegauser;
    grant alter on keyspace data to pegauser;
    grant drop on keyspace data to pegauser;
    grant select on keyspace data to pegauser;
    grant modify on keyspace data to pegauser; 
    
    For more information about the grant CQL command, see the DataStax documentation.
What to do next: Configure the connection between Pega Platform and your external Cassandra database. For more information, see Connecting to an external Cassandra database.
  • Previous topic Creating Cassandra user roles with full database access
  • Next topic Configuring a Cassandra cluster for internal encryption

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us