Create a key for a built-in roles
The procedures in this tutorial extend the examples created in Access control.
You can also create database access keys that run with one of the built-in Fauna roles:
-
admin
-
server
-
server-readonly
This tutorial creates a key for the server
role.
A key with server
role is equivalent to the admin
role, except that
user-defined roles, child databases, keys, tokens, and their
associated documents can’t be directly managed with the server
role.
Verify your setup
This procedure verifies the setup you did previously by showing you how to query keys from the Shell command line.
-
Choose Resources to display the Shell.
-
Select Admin from the run menu.
-
Query for all keys in your
CoffeeStore
database:The return should include the
coffee-admin
document. Except for the return byKey.create()
, the secret is never displayed in the document data. If you don’t have thecoffee-admin
key, create one as shown in the prerequisite example for this section.
Create a key with server role
Use the coffee-admin
key from the Shell to create another key. This time,
apply a server
role.
-
Choose Secret from the run menu.
-
Enter the
coffee-admin
secret in the field provided. -
Create a new key named
coffee-server
that has the built-inserver
role:{ id: "370149530561151010", coll: Key, ts: Time("2023-07-13T15:09:10.540Z"), data: { name: "coffee-admin" }, role: "server", secret: "fnAFIwkJcuAAIdafadfglWm-fNHMSPKWVvk6orZc3U" }
Note that the returned secret differs.
-
Store the secret in a password manager or other safe location.
-
Choose Secret from the Run as menu.
-
Enter the
coffee-server
secret in the Secret field at the bottom of the page. -
Run the following query with the
coffee-server
secret, which hasserver
-level privileges:{ data: [] }
The successful query returns an empty list because a key with a
server
role doesn’t have the privileges to manage a Key collection.
Is this article helpful?
Tell Fauna how the article can be improved:
Visit Fauna's forums
or email docs@fauna.com
Thank you for your feedback!