For AI agents: The documentation index is at https://docs.digitalocean.com/llms.txt. Markdown versions of pages use the same URL with index.html.md in place of the HTML page (for example, append index.html.md to the directory path instead of opening the HTML document).

Usage

client.databases.update_user(
    database_cluster_uuid="9cc10173-e9ea-4176-9dbc-a4cee4c4ff30",
    username="app-01",
    body={
        "settings": {...},
    },
)

Description

To update an existing database user, send a PUT request to /v2/databases/{database_cluster_uuid}/users/{username} with the desired settings.

Note: only settings can be updated via this type of request. If you wish to change the name of a user, you must recreate a new user.

The response will be a JSON object with a key called user. The value of this will be an object that contains the name of the update database user, along with the settings object that has been updated.

Parameters

database_cluster_uuid string required

A unique identifier for a database cluster.

username string required

The name of the database user.

settings object required

Show child properties

pg_allow_replication boolean optional

Example: True

For Postgres clusters, set to true for a user with replication rights.
This option is not currently supported for other database engines.

opensearch_acl array of objects optional

ACLs (Access Control Lists) specifying permissions on index within a OpenSearch cluster.

Show child properties

index string optional

Example: index-abc.*

A regex for matching the indexes that this ACL should apply to.

permission string optional

Permission set applied to the ACL. 'read' allows user to read from the index. 'write' allows for user to write to the index. 'readwrite' allows for both 'read' and 'write' permission. 'deny'(default) restricts user from performing any operation over an index. 'admin' allows for 'readwrite' as well as any operations to administer the index.

One of: deny, admin, read, readwrite, write

acl array of objects optional

ACLs (Access Control Lists) specifying permissions on topics within a Kafka cluster.

Show child properties

id string optional

Example: aaa

An identifier for the ACL. Will be computed after the ACL is created/updated.

topic string required

Example: topic-abc.*

A regex for matching the topic(s) that this ACL should apply to.

permission string required

Permission set applied to the ACL. 'consume' allows for messages to be consumed from the topic. 'produce' allows for messages to be published to the topic. 'produceconsume' allows for both 'consume' and 'produce' permission. 'admin' allows for 'produceconsume' as well as any operations to administer the topic (delete, update).

One of: admin, consume, produce, produceconsume

mongo_user_settings object optional

MongoDB-specific settings for the user. This option is not currently supported for other database engines.

Show child properties

databases array of strings optional

Example: ['my-db', 'my-db-2']

A list of databases to which the user should have access. When the database is set to admin, the user will have access to all databases based on the user's role i.e. a user with the role readOnly assigned to the admin database will have read access to all databases.

role string optional

The role to assign to the user with each role mapping to a MongoDB built-in role. readOnly maps to a read role. readWrite maps to a readWrite role. dbAdmin maps to a dbAdmin role.

One of: readOnly, readWrite, dbAdmin

Request Sample

import os
from pydo import Client

client = Client(token=os.environ.get("DIGITALOCEAN_TOKEN"))

req = {
  "settings": {
    "acl": [
      {
        "id": "acl128aaaa99239",
        "permission": "produceconsume",
        "topic": "customer-events"
      },
      {
        "id": "acl293098flskdf",
        "permission": "produce",
        "topic": "customer-events.*"
      },
      {
        "id": "acl128ajei20123",
        "permission": "consume",
        "topic": "customer-events"
      }
    ]
  }
}

resp = client.databases.update_user(database_cluster_uuid="9cc10173-e9ea-4176-9dbc-a4cee4c4ff30", username="app-01", body=req)

Response Example

{
  "user": {
    "name": "app-01",
    "role": "normal",
    "password": "jge5lfxtzhx42iff"
  }
}

More Information

See /v2/databases/{database_cluster_uuid}/users/{username} in the API reference for additional detail on responses, headers, parameters, and more.