Help Center/ Data Warehouse Service / More Documents/ API Reference (Kuala Lumpur Region)/ API Description/ Database Permission Management/ Creating a Database User or Role
Updated on 2025-09-19 GMT+08:00
Online Debugging
CLI Examples
View PDF
Share

Creating a Database User or Role

Function

This API is used to create a database user or role.

Calling Method

For details, see Calling APIs.

URI

POST /v1/{project_id}/clusters/{cluster_id}/db-manager/users

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Definition

Project ID. To obtain the value, see Obtaining a Project ID.

Constraints

N/A

Range

N/A

Default Value

N/A

cluster_id

Yes

String

Definition

Cluster ID. For details about how to obtain the value, see Obtaining the Cluster ID.

Constraints

N/A

Range

N/A

Default Value

N/A

Request Parameters

Table 2 Request body parameters

Parameter

Mandatory

Type

Description

name

Yes

String

Definition

Username or role name.

Constraints

N/A

Range

N/A

Default Value

N/A

type

Yes

String

Definition

Type.

Constraints

N/A

Range

user: database user.

role: database role.

Default Value

N/A

login

No

Boolean

Definition

Type.

Constraints

N/A

Range

N/A

Default Value

false

password

No

String

Definition

Password.

Constraints

N/A

Range

N/A

Default Value

N/A

system_admin

No

Boolean

Definition

Whether the user is a system administrator.

Constraints

N/A

Range

N/A

Default Value

N/A

logical_cluster

No

String

Definition

Name of the associated logical cluster.

Constraints

N/A

Range

N/A

Default Value

N/A

password_disable

No

Boolean

Definition

Whether password login is allowed.

Constraints

N/A

Range

  • true: Password login is allowed.

  • false: Password login is not allowed.

Default Value

false

create_role

No

Boolean

Definition

Whether to allow role creation.

Constraints

N/A

Range

N/A

Default Value

false

create_db

No

Boolean

Definition

Whether to allow database creation.

Constraints

N/A

Range

N/A

Default Value

false

inherit

No

Boolean

Definition

Whether the permission can be inherited.

Constraints

N/A

Range

N/A

Default Value

false

conn_limit

No

Integer

Definition

Maximum number of connections.

Constraints

N/A

Range

N/A

Default Value

N/A

grant_members

No

Array of strings

Definition

Authorization object information.

Constraints

N/A

Range

N/A

Default Value

N/A

grant_list

No

Array of GrantAuthority objects

Definition

List of granted permissions.

Constraints

N/A

Range

N/A

Default Value

N/A

desc

No

String

Definition

Description.

Constraints

N/A

Range

N/A

Default Value

N/A
Table 3 GrantAuthority

Parameter

Mandatory

Type

Description

type

No

String

Definition

Permission type.

Range

N/A

database

No

String

Definition

Database name.

Range

N/A

schema

No

String

Definition

Schema name.

Range

N/A

obj_name

No

String

Definition

Object name.

Range

N/A

all_object

No

Boolean

Definition

Whether the permission applies for all objects.

Range

N/A

future

No

Boolean

Definition

Whether the permission applies for future objects.

Range

N/A

future_object_owners

No

String

Definition

Future object - owner.

Range

N/A

column_name

No

Array of strings

Definition

Column name.

Range

N/A

privileges

No

Array of Grant objects

Definition

Permission.

Range

N/A
Table 4 Grant

Parameter

Mandatory

Type

Description

permission

Yes

String

Definition

Permission name. The permission varies depending on the database object type.

Range

  • For database: CREATE | CONNECT | TEMPORARY | TEMP ALL PRIVILEGES

  • For schemas: CREATE, USAGE, ALTER, or DROP ALL PRIVILEGES

  • For tables: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER, ANALYZE, ANALYSE, VACUUM, ALTER, or DROP ALL PRIVILEGES

  • For views: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER, ANALYZE, ANALYSE, VACUUM, ALTER, or DROP ALL PRIVILEGES

  • For columns: SELECT, INSERT, UPDATE, or REFERENCES ALL PRIVILEGES

  • For functions: EXECUTE ALL PRIVILEGES

  • For sequences: SELECT, UPDATE, or USAGE ALL PRIVILEGES

  • For node groups: CREATE, USAGE, or COMPUTE ALL PRIVILEGES

  • For roles: If role_name is specified, all the permissions of this role are given to a user.

grant_with

Yes

Boolean

Definition

Whether a permission is included in the grant options.

Range

N/A

Response Parameters

Status code: 200

Request submitted.

None

Example Requests

Create a database user. The username is user1 and the password is subject to the actual situation.

POST https://{Endpoint}/v1/05f2cff45100d5112f4bc00b794ea08e/clusters/cc6588d6-8301-4c9a-b0c0-186bb824e8c0/db-manager/users

{
  "name" : "user1",
  "type" : "user",
  "login" : true,
  "password" : "*****",
  "system_admin" : false,
  "logical_cluster" : "v3_logical",
  "password_disable" : false,
  "create_role" : false,
  "create_db" : false,
  "inherit" : true,
  "conn_limit" : -1,
  "grant_members" : [ ],
  "grant_list" : [ ],
  "desc" : ""
}

Example Responses

Status code: 200

Request submitted.

{ }

Status Codes

Status Code

Description

200

Request submitted.

400

Request error.

401

Authentication failed.

403

You do not have required permissions.

417

Internal server error.

500

Internal server error.