Users in Management Console
Unlike database users, which you create on the Vertica database and then grant privileges and roles through SQL statements, you create MC users on the Management Console interface. MC users are external to the database. Their information is stored on an internal database on the MC application/web server. Their access to both MC and to databases managed by MC is controlled by groups of privileges (also referred to as access levels). MC users are not system (Linux) users; they are entries in the MC internal database.
Permission group types
There are two types of permission groups on MC, those that apply to MC configuration and those that apply to database access:
-
MC configuration privileges are made up of roles that control what users can configure on the Management Console, such as modify MC settings, create and import Vertica databases, restart MC, create a Vertica cluster through the MC interface, and create and manage MC users.
-
MC database privileges are made up of roles that control what users can see or do on a Vertica database monitored by MC, such as view the database cluster state, query and session activity, monitor database messages and read log files, replace cluster nodes, and stop databases.
If you are using MC, you might want to allow one or more users in your organization to configure and manage MC, and you might want other users to have database access only. You can meet these requirements by creating MC users and granting them a role from each privileges group. See Creating an MC user for details.
MC user types
The following table describes the five types of role-based users on MC:
User Type | Description |
---|---|
SUPER Role (MC) | The default superuser administrator (Linux account) who gets created when you install and configure MC and oversees all of MC. |
ADMIN Role (MC) | Users who can configure all aspects of MC and control all databases managed by MC. |
MANAGER Role (MC) | Users who can configure MC user settings and monitor all databases managed by MC. |
IT Role (MC) | Users who can configure some aspects of MC user settings and monitor all databases managed by MC. |
NONE Role (MC) | Users who cannot configure MC and have access to one or more databases managed by MC. |
For details about each role, see Configuration privileges.
You create users and grant them privileges (through roles) on the MC Settings page in the User management tab.
Creating users and choosing an authentication method
You create users and grant them privileges (through roles) on the MC Settings page. You can also choose how to authenticate their access to MC.
- To add users who are authenticated against the MC, click User Management
- To add users who are authenticated through your organization's LDAP repository, click Authentication
MC supports only one method for authentication, so if you choose MC, all MC users will be authenticated using their MC login credentials.
Default MC users
The MC super account is the only default user. The super or another MC administrator must create all other MC users.