Close popover

Table of Contents

Cassandra user does not have the required permissions


If Pega Platform tries to access an external Cassandra database through a Cassandra user that does not have the required permissions, the Decision Data Store (DDS) landing page displays an error.


The DDS landing page displays one of the following errors:

Caused by: com.datastax.driver.core.exceptions.UnauthorizedException: User cassuser has no CREATE permission on <keyspace data> or any of its parents at com.datastax.driver.core.Responses$Error.asException( ~[cassandra-driver-core-3.1.2.jar:?] at com.datastax.driver.core.DefaultResultSetFuture.onSet( ~[cassandra-driver-core-3.1.2.jar:?] at com.datastax.driver.core.RequestHandler.setFinalResult( ~[cassandra-driver-core-3.1.2.jar:?] at com.datastax.driver.core.RequestHandler.access$2500( ~[cassandra-driver-core-3.1.2.jar:?] at com.datastax.driver.core.RequestHandler$SpeculativeExecution.setFinalResult( ~[cassandra-driver-core-3.1.2.jar:?] at com.datastax.driver.core.RequestHandler$SpeculativeExecution.onSet( ~[cassandra-driver-core-3.1.2.jar:?] at com.datastax.driver.core.Connection$Dispatcher.channelRead0( ~[cassandra-driver-core-3.1.2.jar:?] Caused by: com.datastax.driver.core.exceptions.InvalidQueryException: unconfigured table customerdds_69d1abd1311e7423d7d62b15e28b2ae0 at com.datastax.driver.core.Responses$Error.asException( ~[cassandra-driver-core-3.1.2.jar:?] at com.datastax.driver.core.SessionManager$4.apply( ~[cassandra-driver-core-3.1.2.jar:?] at com.datastax.driver.core.SessionManager$4.apply( ~[cassandra-driver-core-3.1.2.jar:?] at$AsyncChainingFuture.doTransform( ~[closure-compiler-v20160911.jar:?] at$AsyncChainingFuture.doTransform( ~[closure-compiler-v20160911.jar:?] at$ ~[closure-compiler-v20160911.jar:?] at$2$ ~[closure-compiler-v20160911.jar:?] at java.util.concurrent.ThreadPoolExecutor.runWorker( ~[?:1.7.0_75] at java.util.concurrent.ThreadPoolExecutor$ ~[?:1.7.0_75]


  1. List the permissions of the Cassandra user by running the list permissions CQL command:

    cassandra@cqlsh> list all permissions of rolename where role_name is the name of the Cassandra user role that the DDS service uses to access your external Cassandra database.
    The list permissions command returns a list of the permissions of the Cassandra user, like in the following example: role | username | resource | permission --------+----------+-----------------------+------------ rolename | rolename | <keyspace preme_data> | DROP rolename | rolename | <keyspace preme_data> | AUTHORIZE rolename | rolename | <keyspace preme_data> | CREATE rolename | rolename | <keyspace preme_data> | DROP rolename | rolename | <keyspace preme_data> | MODIFY
  2. In the permission column, verify that for each keyspace the Cassandra user has the following permissions:

    • create
    • alter
    • drop
    • select
    • modify
    To connect to an external Cassandra database, the DDS service requires permissions for to the following keyspaces:
    • adm
    • adm_commitlog
    • aggregation
    • data
    • states
    • vbd
  3. If the Cassandra user does not have all required permissions, add the missing permissions by running the grant CQL command.

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.