Skip to main content


         This documentation site is for previous versions. Visit our new documentation site for current releases.      
 

Creating Cassandra user roles with limited database access

Updated on July 5, 2022

This content applies only to On-premises and Client-managed cloud environments

Define and control Pega Platform access to your external database by creating Cassandra user roles with access to a defined set of keyspaces.

Create keyspaces that are necessary to store decision management data, and then create user roles with access to the keyspaces.
  1. Create the following keyspaces by running the create keyspace CQL command:
    • adm
    • adm_commitlog
    • aggregation
    • data
    • states
    • vbd
    • aggregates
    Adjust the create keyspace CQL command to your Cassandra cluster settings. For more information about the create keyspace CQL command, see the DataStax documentation.
  2. Create a Cassandra user role by running the create role CQL command:
    create role rolename with password = rolepassword and login = true
    For example:
    create role pegauser with password = passwordxmp and login = true
    For more information about the create role CQL command, see the DataStax documentation.
  3. For each keyspace that you create in step 1, grant the following permissions to the user by running the grant CQL command:
    • create
    • alter
    • drop
    • select
    • modify
    For example: For the data keyspace, run the following CQL command:
    grant create on keyspace data to pegauser;
    grant alter on keyspace data to pegauser;
    grant drop on keyspace data to pegauser;
    grant select on keyspace data to pegauser;
    grant modify on keyspace data to pegauser; 
    
    For more information about the grant CQL command, see the DataStax documentation.
What to do next: Configure the connection between Pega Platform and your external Cassandra database. For more information, see Connecting to an external Cassandra database through the Decision Data Store service.
  • Previous topic Creating Cassandra user roles with full database access
  • Next topic Configuring a Cassandra cluster for internal encryption (deprecated)

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us