Skip to main content
Version: User Guides (Cloud)

Manage Cluster Credentials (SDK)

In addition to managing cluster credentials on web UI, Zilliz Cloud extends its functionality by offering SDKs for credential management. This integration enhances flexibility and provides more customization options than the web UI alone.

In the backend, there are three built-in role options:

  • db_admin: Full control over the cluster and associated resources.

  • db_rw: Permission to read, write, and manage collections and indexes within the cluster.

  • db_ro: Viewing rights for most cluster resources, but no creation, modification, or deletion capabilities.

Explore Cluster Built-in Roles for details.

Before you start

  • You have created a cluster. For details, see Create Cluster.

  • You have installed a Milvus SDK applicable to your use case. For details, see Install SDKs.

Create a cluster user

To create a cluster user, use the following code snippet:

import json, os, time
from pymilvus import MilvusClient

# 0. Connect to cluster

CLUSTER_ENDPOINT="YOUR_CLUSTER_ENDPOINT" # Set your cluster endpoint
TOKEN="YOUR_CLUSTER_TOKEN" # Set your token

client= MilvusClient(
uri=CLUSTER_ENDPOINT,
token=TOKEN
)

# 1. Create user

if not 'user1' in utility.list_usernames():
client.create_user(user_name='user1', password='P@ssw0rd!')
📘Notes

The password will not be displayed again, so it's crucial to note it down and securely store it in an appropriate location.

Having created a cluster user, you can now connect to the cluster using its username and password. See Connect to Cluster to explore further details.

Update a user credential

To update a user's password, use the code below:

# 2. Update a user credential

client.update_password(
user_name='user1',
old_password='P@ssw0rd!',
new_password='P@ssw0rd!!'
)
📘Notes

The password will not be displayed again, so it's crucial to note it down and securely store it in an appropriate location.

List cluster users

To list all cluster users:

# 3. List users

users = client.list_users())

print(users)

# Output
#
# ["db_admin", "user1"]

userInfo = []

for user in users:
userInfo.append(client.describe_user(user_name=user))

print(userInfo)

# Output
#
# [
# {
# "user": "db_admin",
# "roles": [
# "db_admin"
# ]
# },
# {
# "user": "user1",
# "roles": []
# }
# ]

Assign a role to a cluster user

To assign the db_ro role to user1:

# 4. Assign role

# Valid roles: "db_admin", "db_rw", "db_ro"

client.grant_role(
user_name="user1",
role_name="db_ro"
)

# 5. Get users of a specific role

users = client.describe_role(role_name="db_ro")

print(users)

# Output
#
# ["user1"]

# 6. List roles

roles = client.list_roles()

print(roles)

roleInfo = []

for role in roles:
roleInfo.append(client.describe_role(role_name="db_ro"))

print(roleInfo)

# Output
#
# [
# {
# "role": "db_admin",
# "users": [
# "db_admin"
# ]
# },
# {
# "role": "db_ro",
# "users": [
# "user1"
# ]
# },
# {
# "role": "db_rw",
# "users": []
# }
# ]

Remove a role from a user

To remove a role from a user:

# 7. Remove role from user

client.revoke_role(
user_name="user1",
role_name="db_ro"
)

Drop a user

If a user is no longer needed, drop it as follows:

# 8. Drop a user

client.drop_user(user_name="user1")
📘Notes

The default user _dbadmin __cannot be dropped.