In this final appendix, we explored Cassandra's ability to restrict access to itself using internal authentication and authorization. We saw that Cassandra offers simple configuration of user accounts and permissions using a collection of CQL commands provided for that purpose, and also that this information is stored transparently in tables in the system_auth keyspace.

We noted that internal authorization can be useful for traditional security concerns, but also simply as a hedge against mistakes. By limiting access to that which is strictly needed, we can reduce our vulnerability to user errors that can unintentionally cause major data loss.

We also noted that internal authentication and authorization are not the full security picture ...