ADMIN Role (mc)
This user account is the user who can perform all administrative operations on Management Console, including configure and restart the MC process and add, change, and remove all user accounts. By default, MC administrators inherit the database privileges of the main database user account used to set up the database on the MC interface. Therefore, MC administrators have access to all MC-managed databases. Grant the ADMIN role to users you want to be MC administrators.
The difference between this ADMIN user and the default Linux account, the MC SUPER role, is you cannot alter or delete the MC SUPER account, and you can't grant the SUPER role to any other MC users. You can, however, change the access level for other MC administrators, and you can delete this user's accounts from the MC interface.
The following list highlights privileges granted to the ADMIN role:
- Modify MC settings, such as storage locations and ports, restart the MC process, and reset MC to its original, unconfigured state
- Audit license activity and install/upgrade a Vertica license
- Upload a new SSL certificate
- Use LDAP for user authentication
- View the MC log, alerts and messages
- Add new users and map them to one or more Vertica databases by granting an MC database-level role
- Select a database and add multiple users at once
- Manage user roles and their access to MC
- Remove users from the MC
- Monitor user activity on the MC interface
- Stop and start any MC-managed database
- Create new databases/clusters and and import existing databases/clusters into MC
- Remove databases/clusters from the MC interface
- View all databases/clusters imported into MC
About the MC Database Administrator Role
There is also an MC database administrator (ADMIN) role that controls a user's access to MC-managed databases. The two ADMIN roles are similar, but they are not the same, and you do not need to grant users with the ADMIN (mc) role an ADMIN (db) role because MC ADMIN users automatically inherit all database privileges of the main database user account that was created on or imported into MC.
The following table summarizes the primary difference between the two ADMIN roles, but see ADMIN Role (db) for details specific to MC-managed database administrators.
MC configuration ADMIN role | MC database ADMIN role |
---|---|
Perform all administrative operations on the MC itself, including restarting the MC process. Privileges extend to monitoring all MC-created and imported databases but anything database-related beyond that scope depends on the user's privileges granted on the database through GRANT statements. |
Perform database-specific activities, such as stop and start the database, and monitor query and user activity and resources. Other database operations depend on that user's privileges on the specific database. This ADMIN role cannot configure MC. |