Skip to main content

grant_privilege_v2()

This operation grants the specified privilege or privilege group to the specified role.

Request Syntax

grant_privilege_v2(
    self,
    role_name: str,
    privilege: str,
    collection_name: str,
    db_name: Optional[str] = None,
    timeout: Optional[float] = None,
    **kwargs,
)

PARAMETERS:

  • role_name (str) -

    [REQUIRED]

    The name of the role to assign privileges to.

  • privilege (str) -

    [REQUIRED]

    The name of the privilege to assign.

    For details, refer to the Privilege name column in the table on page Users and Roles.

  • collection_name (str) -

    [REQUIRED]

    The name of a collection. To grant privileges regarding all collections in the current database, set this parameter to *.

  • db_name (str) -

    The name of a database.

    This parameter is optional. Setting this parameter restricts the privilege assignment within the specified database.

  • timeout (float | None)

    The timeout duration for this operation.

    Setting this to None indicates that this operation timeouts when any response arrives or any error occurs.

RETURN TYPE:

NoneType

RETURNS:

None

EXCEPTIONS:

  • MilvusException

    This exception will be raised when any error occurs during this operation.

  • BaseException

    This exception will be raised when this operation fails.

Example

from pymilvus import MilvusClient

# 1. Create a milvus client
client = MilvusClient(
    uri="YOUR_CLUSTER_ENDPOINT",
    token="YOUR_CLUSTER_TOKEN"
)

# 1. Prepare a privilege group
client.create_privilege_group(
    group_name="my_privilege_group"
)

client.add_privileges_to_group(
    group_name="my_privilege_group",
    privileges=["ListDatabases", "DescribeDatabase"]
) 

# 2. Create a role
client.create_role(role_name="read_only")

# 3. Grant privileges
client.grant_privilege_v2(
    role_name="db_read_only",
    privilege="my_privilege_group",
    collection_name="*"
)
from pymilvus import MilvusClient

# 1. Create a milvus client
client = MilvusClient(
    uri="https://inxx-xxxxxxxxxxxx.api.gcp-us-west1.zillizcloud.com:19530",
    token="user:password"
)

# 1. Prepare a privilege group
client.create_privilege_group(
    group_name="my_privilege_group"
)

client.add_privileges_to_group(
    group_name="my_privilege_group",
    privileges=["ListDatabases", "DescribeDatabase"]
) 

# 2. Create a role
client.create_role(role_name="read_only")

# 3. Grant privileges
client.grant_privilege_v2(
    role_name="db_read_only",
    privilege="my_privilege_group",
    collection_name="*"
)