How to manage user permissions for Serverless SQL Databases

Reviewed on March 13, 2025

Permissions define the actions a user or an application can perform on a database. They are managed using Scaleway's Identity and Access Management interface.

Before you start

To complete the actions presented below, you must have:

• A Scaleway account logged into the console
• Owner status or IAM permissions allowing you to perform actions in the intended Organization
• Created a Serverless SQL Database

1. Click IAM & API keys on the top-right drop-down menu of the Scaleway console. The Users tab of the Identity and Access Management dashboard displays.

2. Click the Policies tab. A list of the Organization's existing policies displays.

3. Click Create a policy. The policy creation wizard displays.

4. Complete the steps on the first page of the creation wizard:

   • Enter a name for the policy.

   • Enter a description (optional).

   • Select a principal, who will be the target of your policy. The principal should be the user, application, or group you want to grant access to your database.

   Important

   • You can choose to create a policy without a principal for now and attach one later.
   • The policy will have no effect until a principal is attached.
   • A policy can only be attached to one principal at a time.

5. Click Add rules. The second screen of the policy creation wizard.

6. Select Access to resources, then, select the Project in which you want the permissions to apply.

7. Click Validate to continue.

8. Select Databases in the left-hand Products list, then, tick the permissions set you want to add to the policy:

   • ServerlessSQLDatabaseFullAccess allows the user to create and delete databases, edit their configuration, and use the following commands:

     • SELECT
     • UPDATE
     • INSERT
     • DELETE
     • CREATE/ALTER/DROP TABLE
     • CREATE/DROP INDEX

   • ServerlessSQLDatabaseReadWrite allows the user to use the following commands:

     • SELECT
     • UPDATE
     • INSERT
     • DELETE
     • CREATE/ALTER/DROP TABLE
     • CREATE/DROP INDEX

   • ServerlessSQLDatabaseReadOnly allows the user to use the following commands:

     • SELECT

   • ServerlessSQLDatabaseDataReadWrite allows the user to use the following commands:

     • SELECT
     • UPDATE
     • INSERT
     • DELETE

9. Click Validate. The scope and the permission sets of your policy display.

10. Click Create policy to finish.

The user or application now has the selected permissions, and can perform the corresponding actions on the Serverless SQL Database.