About MC Privileges and Roles

As introduced in About MC Users, you control user access to MC through groups of privileges (also referred to as access levels) that fall into two types, those that apply to MC configuration, and those that apply to MC-managed Vertica databases.

MC Permission Groups

  • MC configuration privileges are made up of roles that control what users can configure on the Management Console, such as modify MC settings, create and import Vertica databases, restart MC, create a Vertica cluster through the MC interface, and create and manage MC users.
  • MC database privileges are made up of roles that control what users can see or do on a Vertica database monitored by MC, such as view the database cluster state, query and session activity, monitor database messages and read log files, replace cluster nodes, and stop databases.

When you grant an MC user a database role, that user inherits the privileges assigned to the database user account to which the MC user is mapped. For maximum access, use the dbadmin username and password.

MC database privileges cannot alter or override the Vertica database user's privileges and roles.

If TLS/SSL is configured in mutual mode on the Vertica database, each MC user must be configured with an individual client certificate and private key, to log into the database from MC. See Configuring TLS for MC Users, for Mutual Mode. If the individual certificate has not been configured, you see an error message. See your Management Console administrator.