Skip to content

Commit

Permalink
manage_users.yml: Add ALTER permission on ALL ROLES to customer_admin
Browse files Browse the repository at this point in the history 
Currently, the customer_admin user is not able to change the password for other users.
This patch fixes this by giving ALTER permission on ALL roles to this user.
This is not ideal, since now the customer_admin user will be able to change passwords
even for superusers, but it's the only option we have until the following issues are fixed:

- scylladb/scylladb#14277
- scylladb/scylladb#14279
  • Loading branch information
@igorribeiroduarte @vladzcloudius
igorribeiroduarte authored and vladzcloudius committed Jun 16, 2023
1 parent e1f26ae commit a3b2bf2
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions example-playbooks/manage_users/vars/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,3 +22,4 @@ users:
- ['SELECT', 'ALL KEYSPACES']
- ['MODIFY', 'ALL KEYSPACES']
- ['AUTHORIZE', 'ALL KEYSPACES']
- ['ALTER', 'ALL ROLES'] # This is a workaround and should be removed once {https://github.com/scylladb/scylladb/issues/14279} is fixed

0 comments on commit a3b2bf2

Please sign in to comment.