It will provide the following features with respect to CQL 3.0.0 spec
- Manage Keyspace(s)
- Manage Role(s)
- Managing Grants
provider "cassandra" {
username = "cluster_username"
password = "cluster_password"
port = "9042"
hosts = [ "localhost" ]
}Cassandra client username.
Cassandra client password.
Cassandra client port. Default value is 9042
Array of hosts pointing to nodes in the cassandra cluster
Connection timeout to the cluster in milliseconds. Default value is 1000
Optional value, only used if you are connecting to cluster using certificates.
Optional value, it is false by default. Only turned on when connecting to cluster with ssl
Default value is TLS1.2. It is only applicable when use_ssl is true
The cql protocol binary version. Defaults to 4
locals {
stategy_options = {
replication_factor = 1
}
}
resource "cassandra_keyspace" "keyspace" {
name = "some_keyspace_name"
replication_strategy = "SimpleStrategy"
strategy_options = "${local.strategy_options}"
}Parameters
name of the keyspace, must be between 1 and 48 characters.
name of the replication strategy, only the built in replication strategies are supported. That is either SimpleStrategy or NetworkTopologyStrategy
A map containing any extra options that are required by the selected replication strategy.
For simple strategy, replication_factor must be passed. While for network topology strategy must contain keys which corresspond to the data center names and values which match their desired replication factor
Enables or disables durable writes. The default value is true. It is not reccomend to turn this off.
resource "cassandra_role" "role" {
name = "app_user"
password = "sup3rS3cr3tPa$$w0rd123343434345454545454"
}Parameters
Name of the role. Must contain between 1 and 256 characters.
Allow role to create and manage other roles. It is false by default
Enables role to be able to login. It defaults to true
Password for user when using cassandra internal authentication. It is required. It has the restriction of being between 40 and 512 characters.
resource "cassandra_grant" "all_access_to_keyspace" {
privilege = "all"
resource_type = "keyspace"
keyspace_name = "test"
grantee = "migration"
}Parameters
Type of access we are granting against a resource
One of either all, create, alter, drop, select, modify, authorize, describe and execute
See official cassandra docs for more information
The name of the cassandra role which we are granting privileges to
Enables one to qualify/restrict the grant to a particular resource(s)
This can take any of the following values
- all functions
- all functions in keyspace
- function
- all keyspaces
- keyspace
- table
- all roles
- role
- roles
- mbean
- mbeans
- all mbeans
For more info please see official docs
keyspace qualifier to the resource, only applicable when resource_type takes the following values
- all functions in keyspace
- function
- keyspace
- table
Represents name of the function we are granting access to. Its only applicable when resource_type is function
Represents name of the table we are granting access to. Its only applicable when resource_type is table
represents name of the role we are granting access to. Only applicable for resource_type is role
Represents name of the mbean we are granting access to. Only applicable for resource_type is mbean
Represents a pattern, which will grant access to all mbeans which satisfy this pattern. Only works when resource_type is mbeans