Creating Cassandra user roles with limited database access
This content applies only to On-premises and Client-managed cloud environments
Define and control Pega Platform access to your external database by creating Cassandra user roles with access to a defined set of keyspaces.
Create keyspaces that are necessary to store decision
management data, and then create user roles with access to the keyspaces.
What to do next: Configure the connection between Pega Platform and your external Cassandra database. For more information,
see Connecting to an external Cassandra database through the Decision Data Store service.
- Create the following keyspaces by running the
create keyspace
CQL command:adm
adm_commitlog
aggregation
data
states
vbd
aggregates
Adjust thecreate keyspace
CQL command to your Cassandra cluster settings. For more information about thecreate keyspace
CQL command, see the DataStax documentation. - Create a Cassandra user role by running the
create role
CQL command:create role rolename with password = rolepassword and login = true
For example: create role pegauser with password = passwordxmp and login = true
For more information about thecreate role
CQL command, see the DataStax documentation. - For each keyspace that you create in step 1, grant the following permissions to the user by running the
grant
CQL command:create
alter
drop
select
modify
For example: For the data
keyspace, run the following CQL command:grant create on keyspace data to pegauser; grant alter on keyspace data to pegauser; grant drop on keyspace data to pegauser; grant select on keyspace data to pegauser; grant modify on keyspace data to pegauser;
For more information about thegrant
CQL command, see the DataStax documentation.
Previous topic Creating Cassandra user roles with full database access Next topic Configuring a Cassandra cluster for internal encryption (deprecated)