Role-based Access Control in ScyllaDB

ScyllaDB's upcoming open-source release will incorporate role-based access control (RBAC) to manage authentication and authorization, enhancing security beyond the default unrestricted access. Traditionally, user-based access control could become cumbersome, especially in settings with numerous resources requiring similar permissions, potentially leading to non-repudiation issues if an "umbrella" user is created. RBAC introduces roles as a solution, allowing permissions to be assigned to roles, which can then be granted to users, streamlining permission management and maintaining traceability. The transition to this system involves the automatic migration of existing user-based metadata to a new schema during a cluster upgrade, ensuring continuity and improved security without manual intervention. This enhancement aligns ScyllaDB with Apache Cassandra's approach while maintaining compatibility with older user-based commands for ease of migration.