clickhouse-security-basics

Featured

Secure ClickHouse with user management, network restrictions, TLS, and audit logging. Use when hardening a ClickHouse deployment, creating restricted users, or configuring network-level access controls. Trigger: "clickhouse security", "clickhouse user management", "secure clickhouse", "clickhouse TLS", "clickhouse access control", "clickhouse firewall".

AI & Automation 2,266 stars 315 forks Updated today MIT

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# ClickHouse Security Basics ## Overview Secure a ClickHouse deployment with SQL-based user management, network restrictions, TLS encryption, and query audit logging. ## Prerequisites - ClickHouse admin access - `CLICKHOUSE_DEFAULT_ACCESS_MANAGEMENT=1` for SQL-based user management - For self-hosted: access to server config files ## Instructions ### Step 1: Create Restricted Users (SQL-Based RBAC) ```sql -- Create a read-only analyst user CREATE USER analyst IDENTIFIED WITH sha256_password BY 'strong-password-here' DEFAULT DATABASE analytics SETTINGS readonly = 1, -- Read-only mode max_memory_usage = 5000000000, -- 5GB per query max_execution_time = 60; -- 60s timeout GRANT SELECT ON analytics.* TO analyst; -- Create an application user with insert permissions CREATE USER app_writer IDENTIFIED WITH sha256_password BY 'another-strong-password' DEFAULT DATABASE analytics; GRANT SELECT, INSERT ON analytics.* TO app_writer; -- Explicitly deny destructive operations REVOKE DROP, ALTER, CREATE ON *.* FROM app_writer; -- Create an admin user CREATE USER ch_admin IDENTIFIED WITH sha256_password BY 'admin-password' SETTINGS PROFILE 'default'; GRANT ALL ON *.* TO ch_admin WITH GRANT OPTION; ``` ### Step 2: Use Roles for Permission Groups ```sql -- Create reusable roles CREATE ROLE data_reader; GRANT SELECT ON analytics.* TO data_reader; CREATE ROLE data_writer; GRANT SELECT, INSERT ON analytics.* TO ...

Details

Author
jeremylongshore
Repository
jeremylongshore/claude-code-plugins-plus-skills
Created
7 months ago
Last Updated
today
Language
Python
License
MIT

Integrates with

Anthropic · AI

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

clickhouse-enterprise-rbac

Configure ClickHouse enterprise RBAC — SQL-based users, roles, row policies, column-level grants, and quota management. Use when setting up multi-user access control, implementing tenant isolation, or configuring enterprise security for ClickHouse. Trigger: "clickhouse RBAC", "clickhouse roles", "clickhouse permissions", "clickhouse row policy", "clickhouse enterprise access", "clickhouse GRANT".

2,266 Updated today
jeremylongshore
AI & Automation Featured

clickhouse-rate-limits

Configure ClickHouse query concurrency, memory quotas, and connection limits. Use when hitting "too many simultaneous queries", managing concurrent users, or tuning server-side resource limits. Trigger: "clickhouse rate limit", "clickhouse concurrency", "clickhouse quota", "too many simultaneous queries", "clickhouse connection limit".

2,266 Updated today
jeremylongshore
AI & Automation Featured

clickhouse-data-handling

Handle data lifecycle in ClickHouse — TTL expiration, data deletion (GDPR), column-level encryption, and audit logging with real ClickHouse SQL. Use when implementing data retention, GDPR deletion requests, or managing sensitive data in ClickHouse. Trigger: "clickhouse data retention", "clickhouse TTL", "clickhouse GDPR", "delete data clickhouse", "clickhouse data lifecycle", "clickhouse PII".

2,266 Updated today
jeremylongshore
AI & Automation Featured

clickhouse-install-auth

Install @clickhouse/client and configure authentication to ClickHouse Cloud or self-hosted. Use when setting up a new ClickHouse project, configuring connection strings, or initializing the official Node.js client. Trigger: "install clickhouse", "setup clickhouse client", "clickhouse auth", "connect to clickhouse", "clickhouse credentials".

2,266 Updated today
jeremylongshore
Data & Documents Listed

clickhouse-io

ClickHouse database patterns, query optimization, analytics, and data engineering best practices for high-performance analytical workloads.

0 Updated today
Izangi2714