Access control basics #
The following pages in this section provide you with information about managing
aspects of Starburst Galaxy such as access control and privileges.
Other useful resources:
The access control system of Starburst Galaxy makes it easy to ensure that each
user has the appropriate access rights to perform actions on entities in the
system.
Roles and privileges #
A
role
has a name and an optional description. A role can be granted
privileges on all
Galaxy entities, including
clusters, catalogs, and tables, as well as account-level privileges like
MANAGE_SECURITY
. This provides fine-grained control that
protects your data, and allows you to define just the right mix of allowed
actions and access for each function in your organization.
Ownership #
Ownership of entities is controlled with roles. This is often called a
Discretionary Access Control (DAC) system, and the following aspects apply:
- Every entity is owned by exactly one role: the owner role.
Entities are not owned by users.
- Ownership grants full control over the entity, including:
- Updating (alter) the entity.
- Deleting (drop) the entity.
- Grant, deny, or revoke privileges on the entity for any other role.
- Full control operations are also available through indirect ownership via a
role in the user’s active role
set.
Effectively the rights of ownership are inherited from child roles, just like
other privileges.
- Ownership can be transferred from one role to another with the following
requirements:
- The active role set must contain the current owner role.
- The current user must have a grant to the new owner role. This ensures that
a user cannot transfer an entity and lose access. If this is necessary for
an entity, another user with both roles in the active role set must change
the ownership.
- The owner role is set from the current role when the object is created.
- By default, a role that owns a catalog owns all the schemas and tables in that
catalog. However, a user can change the ownership of a schema or table after
creation as described in privileges basics.
- Externally created schemas are assigned the owner of the catalog as owner
role.
- Externally created tables are assigned the owner of the catalog as owner role.
Privileges, roles, and users #
Privileges and ownership for entities are granted to roles, never to users.
A role can be granted to another role. That other role inherits all the
privileges and ownership rights of the granted role.
A role can be granted to a user. When the user assumes that role, the user gets
all the privileges and ownership rights of the role.
Session and current role #
When you are using Starburst Galaxy with your account directly in the user
interface or with a client application, the following aspects apply:
- You are identified as a specific user, and your usage is contained in a
session.
- A specific role is assigned and displayed under your user name in the user
interface. This current role is tested for any privilege, and is the owner
of any created entity. Only one role can be set as the current role.
- The active role
set
determines all currently available and applicable privileges.
- If no role is selected upon connection with a client tool or when logging into
the user interface, a default role is used. This default role can be identical
for all users, or configured specifically for each user.
As a further security control, Starburst Galaxy invalidates the cookie
associated with your login session after 24 hours. This forces each login
session to log out and re-authenticate at least once per day.
SQL management of roles #
You can use the following SQL commands to manage roles and grants:
CREATE ROLE
DENY
DROP ROLE
GRANT
GRANT ROLES
REVOKE
REVOKE ROLES
SET ROLE
SHOW GRANTS
SHOW ROLE GRANTS
SHOW ROLES
See
roles
for example commands.
The grants and ownership of entities are updated when a SQL command is executed,
or changes are made in the user interface.
Is the information on this page helpful?