Cassandra user does not have the required permissions

If Pega Platform tries to access an external Cassandra database through a Cassandra user that does not have the required permissions, the Decision Data Store (DDS) landing page displays an error.

Condition

The DDS landing page displays one of the following errors:

Remedy

1. List the permissions of the Cassandra user by running the list permissions CQL command:

   cassandra@cqlsh> list all permissions of rolename where role_name is the name of the Cassandra user role that the DDS service uses to access your external Cassandra database.
   The list permissions command returns a list of the permissions of the Cassandra user, like in the following example: role | username | resource | permission --------+----------+-----------------------+------------ rolename | rolename | <keyspace preme_data> | DROP rolename | rolename | <keyspace preme_data> | AUTHORIZE rolename | rolename | <keyspace preme_data> | CREATE rolename | rolename | <keyspace preme_data> | DROP rolename | rolename | <keyspace preme_data> | MODIFY

2. In the permission column, verify that for each keyspace the Cassandra user has the following permissions:

   • create
   • alter
   • drop
   • select
   • modify
   To connect to an external Cassandra database, the DDS service requires permissions for to the following keyspaces:

   • adm
   • adm_commitlog
   • aggregation
   • data
   • states
   • vbd

3. If the Cassandra user does not have all required permissions, add the missing permissions by running the grant CQL command.

   For more information, see Creating Cassandra user roles with limited database access.