CREATE USER
Adds a name to the list of authorized database users.
New users lack default access to schema PUBLIC
. Be sure to assign new users USAGE privileges to the PUBLIC
schema (GRANT USAGE ON SCHEMA PUBLIC)
Syntax
CREATE USER user‑name [ account‑parameter value[,...] ]
Parameters
user‑name
|
Name of the new user. Names that contain special characters must be double-quoted. To enforce case-sensitivity, use double-quotes. For details on name requirements, see Creating a Database Name and Password. |
account‑parameter value
|
One or more user account parameter settings (see below). |
User Account Parameters
Specify one or more user account parameters as a comma-delimited list:
account‑parameter setting[,...]
Parameter | Settings |
---|---|
ACCOUNT
|
Locks or unlocks user access to the database, one of the following:
To automate account locking, set a maximum number of failed login attempts with |
GRACEPERIOD
|
Specifies how long a user query can block on any session socket, one of the following:
For details, see Handling Session Socket Blocking. |
IDENTIFIED BY
|
Sets the user's password as follows: IDENTIFIED BY { '[password]' | 'hashed-password' SALT 'hash-salt' }
If you omit this parameter, this user can access the database with no password. For details, see Password Guidelines and Creating a Database Name and Password. |
IDLESESSIONTIMEOUT
|
The length of time the system waits before disconnecting an idle session, one of the following:
For details, see Managing Client Connections. |
MAXCONNECTIONS
|
Sets the maximum number of connections the user can have to the server, one of the following:
For details, see Managing Client Connections. |
MEMORYCAP
|
Sets how much memory can be allocated to user requests, one of the following:
|
PASSWORD EXPIRE
|
Forces immediate expiration of the user's password. The user must change the password on the next login.
|
PROFILE
|
Assigns a profile that controls password requirements for this user, one of the following:
If you omit this parameter, the user is assigned the default profile. |
RESOURCE POOL
|
Assigns a default resource pool to this user. The user must also be granted privileges to this pool, unless privileges to the pool are set to |
RUNTIMECAP
|
Sets how long this user's queries can execute, one of the following:
A query's runtime limit can be set at three levels: the user's runtime limit, the user's resource pool, and the session setting. For more information, see Setting a Runtime Limit for Queries. |
SEARCH_PATH
|
Specifies the user's default search path, that tells Vertica which schemas to search for unqualified references to tables and UDFs, one of the following:
For details, see Setting Search Paths. |
TEMPSPACECAP
|
Sets how much temporary file storage is available for user requests, one of the following:
|
Privileges
Superuser
User Name Best Practices
Vertica database user names are logically separate from user names of the operating system in which the server runs. If all the users of a particular server also have accounts on the server's machine, it makes sense to assign database user names that match their operating system user names. However, a server that accepts remote connections might many database users with no local operating system account. In this case, there is no need to connect database and system user names.
Examples
=> CREATE USER Fred IDENTIFIED BY 'Mxyzptlk'; => GRANT USAGE ON SCHEMA PUBLIC to Fred;