Details
Description
1. Created a remote link.
[
|
{
|
"activeHostname": "172.23.105.206:8091", |
"bootstrapAlternateAddress": false, |
"bootstrapHostname": "172.23.105.204", |
"clusterCompatibility": 458758, |
"database": null, |
"encryption": "none", |
"name": "O3osDrPZSuHeCJIPMO6eT", |
"nodes": [ |
{
|
"hostname": "172.23.105.204", |
"services": { |
"kv": 11210, |
"kvSSL": 11207, |
"mgmt": 8091, |
"mgmtSSL": 18091 |
}
|
},
|
{
|
"hostname": "172.23.105.206", |
"services": { |
"kv": 11210, |
"kvSSL": 11207, |
"mgmt": 8091, |
"mgmtSSL": 18091 |
}
|
}
|
],
|
"password": "<redacted sensitive entry>", |
"preventRedirects": true, |
"trustedCAsURIVersion": -1, |
"type": "couchbase", |
"username": "Administrator", |
"uuid": "ae3dc103583c54fe8fb6f398d7bfa3ae" |
}
|
]
|
2. Created a new user and role
`TAF-user-ts6rr`,`TAF-role-p9cqg`.
3. Granted 'create' collection privilege to both the user and the role.
GRANT CREATE COLLECTION IN SCOPE Default.Default TO `TAF-user-ts6rr`,`TAF-role-p9cqg`;
|
{
|
"Privilege": { |
"PrivilegeId": "8d59eb60-fc97-4c29-af73-f7094e2d13b3", |
"Grantor": "Administrator", |
"Grantee": "TAF-user-ts6rr", |
"GranteeUuid": "8d9f7201-0be7-4db9-87a3-b3dbb396fa9d", |
"GranteeType": "USER", |
"Privilege": "CREATE", |
"ObjectType": "COLLECTION", |
"Timestamp": "Sun Apr 21 21:24:18 PDT 2024", |
"Object": { |
"DatabaseName": "Default", |
"ScopeName": "Default" |
}
|
}
|
}
|
4. Tried to create collection with user `TAF-user-ts6rr`
create dataset Default.Default.Uo84WPj2gGeMFNyb03I on `bucket-0`.`scope-0`.`collection-1` at Default.Default.O3osDrPZSuHeCJIPMO6eT; |
5. The statement returns the following error
[{u'msg': u'User must have permission (cluster.analytics!manage)', u'code': 20001}] |