The Cloud Databases permissions matrix displays specific permissions for the following role-based access control (RBAC) roles:
Admin provides full access to create, read, update, and delete.
Creator provides access to create, read, and update.
Observer provides read-only access.
The matrix displays the Cloud Databases methods grouped by category, their corresponding RESTful API commands, and the RBAC roles that are supported.
Versions#
Method |
API action |
Role |
Description |
|---|---|---|---|
List versions |
|
Admin, Creator, Observer |
Lists information about all versions of the API. |
List version details |
|
Admin, Creator, Observer |
Returns detailed information about the specified version of the API. |
Database instances#
Method |
API action |
Role |
Description |
|---|---|---|---|
Create a database instance |
|
Admin, Creator |
Creates a new database instance. |
List all database instances |
|
Admin, Creator, Observer |
Lists the status and information for all database instances. |
Update a database instance |
|
Admin, Creator |
Associates a specified database instance with the configuration group. |
Change database instance name |
|
Admin, Creator |
Changes the name of the instance to the new specified name. |
List database instance status and details |
|
Admin, Creator, Observer |
Lists status and details for the specified database instance. |
Delete a database instance |
|
Admin |
Deletes the specified database instance. |
Get the default configuration |
|
Admin, Creator, Observer |
Lists the default MySQL configuration settings from the template that were applied to the specified instance. |
Enable the root user |
|
Admin |
Enables the root user for the specified database instance and returns the root password. |
List root-enabled status |
|
Admin, Creator, Observer |
Returns true if the root user is enabled for the specified database instance. Returns false otherwise. |
Database instance actions#
Method |
API action |
Role |
Description |
|---|---|---|---|
Restart an instance |
|
Admin |
Restarts the database service on the specified instance. |
Resize an instance |
|
Admin |
Resizes the memory of the specified instance. |
Resize the instance volume |
|
Admin |
Resizes the volume attached to the instance. |
Databases#
Method |
API action |
Role |
Description |
|---|---|---|---|
Create a database |
|
Admin, Creator |
Creates a new database within the specified instance. |
List databases for an instance |
|
Admin, Creator, Observer |
Lists databases for the specified instance. |
Delete a database |
|
Admin |
Deletes the specified database. |
Users#
Method |
API action |
Role |
Description |
|---|---|---|---|
Create a user |
|
Admin, Creator |
Creates a user for the specified database instance. |
List a user |
|
Admin, Creator, Observer |
Lists the users in the specified database instance. |
List users in a database instance |
|
Admin, Creator, Observer |
Lists the specified user’s name and a list of databases that the user can access. |
List user access |
|
Admin, Creator, Observer |
Lists all the databases to which the specified user has access. |
Grant user access |
|
Admin, Creator |
Grants access for the specified user to one or more databases for the specified instance. |
Revoke user access |
|
Admin |
Removes access to the specified database for the specified user. |
Delete a user |
|
Admin |
Deletes the specified user from the specified database instance. |
Change user passwords |
|
Admin |
Changes the user passwords for the specified database instance. |
Modify user attributes |
|
Admin |
Modifies one or more of the following values for the specified user: name, password, or the host from which the user is allowed to connect to the database. |
Flavors#
Method |
API action |
Role |
Description |
|---|---|---|---|
List flavors |
|
Admin, Creator, Observer |
Lists information for all available flavors. |
List flavors by ID |
|
Admin, Creator, Observer |
Lists information about the specified flavor. |
List flavors for the datastore version |
|
Admin, Creator, Observer |
Lists flavors for a datastore version. |
On-demand backups#
Note: Any user who calls the on-demand backup operations for Cloud Databases must have access to Cloud Files.
Method |
API action |
Role |
Description |
|---|---|---|---|
Create a backup |
|
Admin, Creator |
Creates a new backup for a database instance. |
Delete a backup |
|
Admin |
Deletes the specified backup. |
List backups |
|
Admin, Creator, Observer |
Lists all backups for all database instances. |
List backup by ID |
|
Admin, Creator, Observer |
Lists details about the specified backup. |
List backups for instance |
|
Admin, Creator, Observer |
Lists all backups for the specified instance. |
Restore a backup |
|
Admin, Creator |
Creates a new database instance from a backup. |
Scheduled Backups#
Note: Any user who calls on the scheduled backup operations for Cloud Databases must have access to Cloud Files.
Method |
API action |
Role |
Description |
|---|---|---|---|
Create a scheduled backup |
|
Admin, Creator |
Creates a schedule for running a backup periodically. |
List scheduled backups |
|
Admin, Creator, Observer |
Lists all scheduled backups for all database instances for an account. |
List the schedule for running a backup |
|
Admin, Creator, Observer |
Lists the specified schedule for running a backup. |
Delete the schedule for running a backup |
|
Admin |
Deletes the specified schedule for running a backup. |
Update schedule for backups by schedule ID |
|
Admin, Creator |
Updates the schedule for running backups for the specified schedule. |
Replication#
Method |
API action |
Role |
Description |
|---|---|---|---|
Create a replica Note: Because the process of creating a replica creates a backup, the user calling this operation must have access to Cloud Files. |
|
Admin, Creator |
Creates a replica of the source instance. |
List all replicas and replica source database instances |
|
Admin, Creator, Observer |
Lists the status and information for all replicas or replica sources. |
List a replica source |
|
Admin, Creator, Observer |
Lists status and details for the specified source instance. |
List replica details |
|
Admin, Creator, Observer |
Lists status and details for the specified replica. |
Detach a replica |
|
Admin, Creator |
Detaches the specified replica instance from its source instance. |
List replicas for a source instance |
|
Admin, Creator, Observer |
Lists replicas for the specified source instance. |
Convert replication setup to HA |
|
Admin |
Converts the replication set-up to HA. |
High availability#
Method |
API action |
Role |
Description |
|---|---|---|---|
Create an HA database instance |
|
Admin, Creator |
Creates a new HA instance. |
List all HA database instances |
|
Admin, Creator, Observer |
Lists all the HA database instances. |
List HA database instance details |
|
Admin, Creator, Observer |
Lists details for a specified HA instance. |
Delete an HA database instance |
|
Admin |
Deletes an HA database instance. |
Add ACLs to an HA instance |
|
Admin, Creator |
Adds access control lists (ACLs) to an HA instance. |
List ACLs for an HA instance |
|
Admin, Creator, Observer |
Lists ACLs for an HA instance. |
Delete ACLs from an HA instance |
|
Admin |
Deletes ACLs from an HA instance. |
Add a replica to an HA instance Note: Adding a new replica node would restart the mha manager service (which monitors the source/replica instances to trigger failover) and the haproxy service on the load balancer nodes. |
|
Admin, Creator |
Adds a replica node to the HA group specified by {ha_id}. |
Configurations#
Method |
API action |
Role |
Description |
|---|---|---|---|
List configurations |
|
Admin, Creator, Observer |
Lists all defined configuration groups for the tenant. |
Create a configuration |
|
Admin, Creator |
Creates a new configuration group. |
List configuration details |
|
Admin, Creator, Observer |
Lists details for the specified configuration group. |
Update some configuration parameters |
|
Admin, Creator |
Updates some of the configuration parameters associated with the specified configuration group. |
Replace all configuration parameters |
|
Admin, Creator |
Replaces all the configuration parameters associated with the specified configuration group. |
Delete configuration group |
|
Admin |
Deletes the specified configuration group. |
List instances for a configuration |
|
Admin, Creator, Observer |
Lists instances that are associated with the specified configuration group. |
Configuration parameters#
Method |
API action |
Role |
Description |
|---|---|---|---|
List configuration parameters |
|
Admin, Creator, Observer |
Lists configuration parameters that might be configured on the system. |
List configuration parameter details |
|
Admin, Creator, Observer |
Lists the details of a specified configuration parameter that might be configured on the system. |
List configuration parameters without datastore |
|
Admin, Creator, Observer |
Lists the configuration parameters that might be configured on the system without specifying a datastore. |
List configuration parameter details without datastore |
|
Admin, Creator, Observer |
Lists the details of a specified configuration parameter that might be configured on the system without specifying a datastore. |
List verbose default configuration parameters |
|
Admin, Creator, Observer |
Lists the default configuration parameters for a datastore version flavor without specifying a datastore. |
Datastore types and versions#
Method |
API action |
Role |
Description |
|---|---|---|---|
List all datastore types |
|
Admin, Creator, Observer |
Lists all datastore types. |
List datastore type |
|
Admin, Creator, Observer |
Lists all the datastore types for the specified datastore. |
List datastore versions for a datastore |
|
Admin, Creator, Observer |
Lists all versions for the specified datastore. |
List datastore version |
|
Admin, Creator, Observer |
Lists the specified datastore version for the specified datastore. |