Create a role

This topic describes how to create a role in OceanBase Cloud Platform (OCP).

Background

If you are a system administrator or role manager and the preset OCP roles cannot satisfy your needs, you can create custom roles and assign fine-grained permissions to them. You can use custom roles together with default ones to create diversified permission policies.

Prerequisite

You are logged on with an account that has the ADMIN or ROLE_MANAGER role.

Procedure

1. Log on to the OCP console.

2. In the left-side navigation pane, choose System Management > Security .

3. Click Create Role in the upper-right corner of the Role Management tab.

   The Create Role page appears.

4. On the Create Role page, configure the Basic Information and the permissions.

  The role name must start with a letter and end with a letter or a digit. It can contain letters, digits, and underscores (_). It must be 2 to 32 characters in length.

2. In the Cluster Permissions section, grant the Read-only , Update , Delete or All Permissions in one or more clusters to the role.

   You can click + Add OceanBase Cluster Permission to assign permissions to multiple clusters.

3. In the Tenant Permissions section, grant the Read-only , Update , Delete , or All Permissions in one or more tenants to the role.

  You can click **+ Add OceanBase Tenant Permission** to assign permissions to multiple tenants.

4. In the Backup and Recovery Permissions section, you can grant permissions to back up and recover one or more clusters to the role.

   Configure the permissions as prompted from the Permissions drop-down list.

   You can click + Add Backup and Recovery Permission to assign permissions to multiple clusters.

5. In the System Permissions section, you can choose whether to grant the Create Cluster permission to the role.

5. Click Submit in the lower-right corner.