Are you getting the most out of your AWS investment? Get your free AWS Well-Architected Assessment.

2021 Fillmore Street #1128

}

24/7 solutions

Remove the User Cassandra from DataStaxApache Cassandra Installations

Whenever you’re installing a new DataStaxApache Cassandra cluster, you need to remember to remove the user cassandra. We’ve seen this at a couple of customer installations now. If you do not change the user cassandra or at least alter the roles for the user cassandra. then you’re liable to see all sort of nasty repercussions. […]

Whenever you’re installing a new DataStaxApache Cassandra cluster, you need to remember to remove the user cassandra.
We’ve seen this at a couple of customer installations now. If you do not change the user cassandra or at least alter the roles for the user cassandra. then you’re liable to see all sort of nasty repercussions. The cassandra user uses  a consistency level of QUORUM when querying keyspaces like ‘system_auth’. Hence, you may see significant performance degradation because each query will need to have confirmation.
In your Cassandra system log files, you’ll most likely see
WARN 2018-12-07 17:20:12,047 ClientState.java:372 - User ‘cassandra’ logged in from /10.0.0.4:48220. It is strongly recommended to create and use another user and grant it superuser capabilities and remove the default one. See http://docs.datastax.com/en/dse/6.0/dse-admin/datastax_enterprise/security/Auth/secCreateRootAccount.html
For security and performance reasons, you will almost always want to remove or alter the cassandra user and create a new super user.
We usually prescribe the following steps to alter the super user and create a new super user.
1. Login with cqlsh.

cqlsh -u cassandra -p cassandra

2. Create a new superuser.

[email protected]> CREATE ROLE [new_superuser] WITH PASSWORD = '[secure_password]' AND SUPERUSER = true AND LOGIN = true;

3. Logout by typing exit at the command prompt.

exit

4. Log back in with your new credentials

cqlsh -u [new_superuser] -p [secure_password]

5. For security purposes, change the cassandra user password

alter user cassandra with password '[new_password]';

6. Remove the super privileges from the cassandra user.

[email protected]> ALTER ROLE cassandra WITH PASSWORD = 'cassandra' AND SUPERUSER = false AND LOGIN = false;
[email protected]> REVOKE ALL PERMISSIONS ON ALL KEYSPACES FROM cassandra;

7. Grant all permissions to your super account.

[email protected]> GRANT ALL PERMISSIONS ON ALL KEYSPACES TO [superuser];

DataStax AllCode


Joel Garcia

Joel Garcia

Joel Garcia has been building AllCode since 2015. He’s an innovative, hands-on executive with a proven record of designing, developing, and operating Software-as-a-Service (SaaS), mobile, and desktop solutions. Joel has expertise in HealthTech, VoIP, and cloud-based solutions. Joel has experience scaling multiple start-ups for successful exits to IMS Health and Golden Gate Capital, as well as working at mature, industry-leading software companies. He’s held executive engineering positions in San Francisco at TidalWave, LittleCast, Self Health Network, LiveVox acquired by Golden Gate Capital, and Med-Vantage acquired by IMS Health.

Related Articles

Traditional IT vs. AWS – How Small Businesses can Benefit

Traditional IT vs. AWS – How Small Businesses can Benefit

AWS solutions can accomplish a variety of problems and tasks including IT needs. Even smaller businesses that have a more limited scope that their businesses cover can look to find some way to upgrade their business operations through what Amazon has to offer. Though it may be intimidating and difficult to adapt to, there is more than enough reason to adopt AWS.

AWS Think Big with Small Business Program’s Competitive Edge

AWS Think Big with Small Business Program’s Competitive Edge

The Amazon Cloud can help alleviate most issues involving transitioning the cloud. Businesses of any scope can hope to build solutions that are scalable and adaptable to their industry of work. Smaller or minority-owned businesses may still struggle to stand out among bigger companies or make an AWS environment as efficient as possible with fewer funds to spend. To alleviate these burdens, Amazon has the Think Big With Small Business program available through their Public Sector partnership program.

AWS Think Big for Small Business, Data Analytics, and Business Intelligence

AWS Think Big for Small Business, Data Analytics, and Business Intelligence

The AWS Think Big for Small Business Program is an outreach program designed to provide small and/or minority-owned public sector organizations support in the form of business intelligence, technical expertise, and marketing strategies. With cloud-based solutions and experience, various public institutions globally have seen continued success in government, educational, and nonprofit sectors. While the funding provided can help significantly to meet business objectives, the expertise on navigating the cloud and how to extend outwards towards customers is just as critical.