Users
User and permission management is a feature of TDengine TSDB-Enterprise. This section only discusses the basic user management part. To learn about and obtain comprehensive permission management features, please contact the TDengine sales team.
Create User
CREATE USER user_name PASS 'password' [SYSINFO {1|0}] [CREATEDB {1|0}];
The username can be up to 23 bytes long.
The password must be between 8 and 255 characters long and include at least three types of characters from the following: uppercase letters, lowercase letters, numbers, and special characters. Special characters include ! @ # $ % ^ & * ( ) - _ + = [ ] { } : ; > < ? | ~ , .
, and this requirement is able to be closed by adding enableStrongPassword 0 in taos.cfg, or by the following SQL:
alter all dnodes 'EnableStrongPassword' '0'
SYSINFO
indicates whether the user can view system information. 1
means they can view, 0
means they have no permission to view. System information includes service configuration, dnode, vnode, storage, etc. The default value is 1
.
CREATEDB
indicates whether the user can create databases. 1
means they can create databases, 0
means they have no permission to create databases. The default value is 0
. // Supported starting from TDengine Enterprise version 3.3.2.0
In the example below, we create a user with the password abc123!@#
who can view system information.
taos> create user test pass 'abc123!@#' sysinfo 1;
Query OK, 0 of 0 rows affected (0.001254s)
View Users
You can use the following command to view the users in the system.
SHOW USERS;
Here is an example:
taos> show users;
name | super | enable | sysinfo | createdb | create_time | allowed_host |
=========================================================================================================
test | 0 | 1 | 1 | 0 |2022-08-29 15:10:27.315 | 127.0.0.1 |
root | 1 | 1 | 1 | 1 |2022-08-29 15:03:34.710 | 127.0.0.1 |
Query OK, 2 rows in database (0.001657s)
Alternatively, you can query the built-in system table INFORMATION_SCHEMA.INS_USERS to get user information.
taos> select * from information_schema.ins_users;
name | super | enable | sysinfo | createdb | create_time | allowed_host |
=========================================================================================================
test | 0 | 1 | 1 | 0 |2022-08-29 15:10:27.315 | 127.0.0.1 |
root | 1 | 1 | 1 | 1 |2022-08-29 15:03:34.710 | 127.0.0.1 |
Query OK, 2 rows in database (0.001953s)
Delete User
DROP USER user_name;
Modify User Configuration
ALTER USER user_name alter_user_clause
alter_user_clause: {
PASS 'literal'
| ENABLE value
| SYSINFO value
| CREATEDB value
}
- PASS: Change the password, followed by the new password
- ENABLE: Enable or disable the user,
1
means enable,0
means disable - SYSINFO: Allow or prohibit viewing system information,
1
means allow,0
means prohibit - CREATEDB: Allow or prohibit creating databases,
1
means allow,0
means prohibit. // Supported starting from TDengine Enterprise version 3.3.2.0
The following example disables the user named test
:
taos> alter user test enable 0;
Query OK, 0 of 0 rows affected (0.001160s)
Authorization Management
Authorization management is only available in the TDengine TSDB-Enterprise, please contact the TDengine sales team.