security-hardening
Installation
SKILL.md
Security Hardening
When to use this skill
Load when users ask about access control, security, auditing, or user management.
RBAC (Role-Based Access Control)
- Create roles:
CREATE ROLE analyst - Grant permissions:
GRANT SELECT ON db.* TO analyst - Assign to users:
GRANT analyst TO user1 - Hierarchical: roles can inherit from other roles
- Check grants:
SHOW GRANTS FOR user1
Row Policies
- Restrict row access per user:
CREATE ROW POLICY p ON db.table FOR SELECT USING tenant_id = currentUser() - Policies are AND-ed together
- Use for multi-tenant data isolation
- Check policies:
system.row_policies
Quotas
Related skills
More from duyet/clickhouse-monitoring
troubleshooting
Diagnose and resolve common ClickHouse issues: OOM, slow merges, replication lag, disk full, stuck mutations, and query failures.
2replication-guide
ReplicatedMergeTree operations, failover procedures, lag diagnosis, quorum writes, and Keeper management.
2query-optimization
Query optimization strategies: PREWHERE, JOIN patterns, materialized views, EXPLAIN analysis, index usage, and query profiling.
2storage-optimization
Compression codecs, TTL policies, tiered storage, part management, and disk space optimization.
2migration-patterns
Schema migrations, ALTER patterns, engine changes, data backfill, and zero-downtime migration strategies.
2cluster-operations
Distributed table management, resharding, node addition/removal, and cluster topology operations.
2