Altinity Access to ClickHouse
5 June 2023 · Read time 3 min
Altinity Access settings allow Altinity.Cloud users to limit the level of access Altinity personnel have to customer ClickHouse data or administrative operations. Altinity.Cloud provides two types of limits:
- Data Access - Control the ability of Altinity personnel to view or change data in ClickHouse tables.
- Management Access - Control ability to change cluster configuration or perform administrative actions.
If you restrict access to data or management functions you may choose to lift them from time to time to allow Altinity support to diagnose problems or perform operations on your behalf. You can apply the restrictions again afterward.
Viewing and Changing Altinity Access Settings
Access the Cluster Dashboard view of any cluster. You will see the ALTINITY ACCESS button on the upper right-hand side of the dashboard view.
Figure 1 - The Altinity Access Button in Cluster Dashboard
The color indicates the Altinity access level to ClickHouse data.
- Clear (shown) - Altinity personnel have no access to ClickHouse data.
- Green - Altinity personnel have read-only access to system tables.
- Orange - Altinity personnel have read-only access to all tables.
- Red - Altinity personnel have read/write access to all tables.
Access Level Settings
Press the ALTINITY ACCESS button to manage access settings.
Figure 2 - Altinity Access Dialog
You may change settings and press CONFIRM to apply or CANCEL to quit. Changing settings requires an account with EnvUser role or higher.
You may choose any data access level that you please. The following table shows the level of access for each.
|No Access||Altinity personnel may not use the ACM Query Browser or Schema Browser. They cannot look at data or schema.|
|System (Default)||Altinity personnel use the ACM Query browser to query system tables and may look at table definitions in the Schema Browser. This setting provides a good balance between protecting data and providing access required for quick support from Altinity.|
|Read Only||In addition to the above, Altinity personnel may use the ACM Query Browser to run SELECT statements that read data from any table.|
|Full Access||In addition to the above, Altinity personnel use the ACM Query Browser to run SQL statements that alter data.|
Management Access Settings
You may similarly enable or disable management access. The following sections describe the affected access levels.
Enable Cluster Configuration Management
Checking this box allows Altinity personnel to perform any of the following operations related to configuration.
- Changing cluster configuration settings.
- Changing users or profiles.
- Setting connection configuration.
- Altering backup settings.
- Setting uptime schedules.
- Setting alerts.
The above actions can cause your server to restart, alter user passwords, or change the information that you receive from Altinity.Cloud about your clusters. If the box is unchecked only you can make these changes.
Enable Cluster Actions
Checking this box allows Altinity staff to perform any of the following operations related to cluster administration.
- Creating new clusters.
- Rescaling clusters.
- Upgrading clusters.
- Restarting clusters.
The above actions may cause your server to restart, behave differently for applications, or affect operating costs. If the box is unchecked only you can make these changes.