Looking at the Cassandra documentation, it appears that the smallest write-only permission on a table you can grant is MODIFY, which includes UPDATE, DELETE and TRUNCATE.
Is there a proper way to restrict this further to ONLY grant INSERT and no other permission, ideally for the user/role itself, without requiring further logic application side?
I would like for ONLY the DBA to have the ability to alter data in a table, the application user should have INSERT-only rights.
If it's not possible using the permission model only, could triggers be the answer and are there known drawbacks for this approach?
External links referenced by this document: