MySQL sync user management
Users are created to access the databases in the MySQL sync cluster.
Only the cluster itself is available for users to work with — there is no access to the cluster nodes, as they are located on the Servercore side. By default, all users in the cluster have the same permissions.
You can give multiple users access to a single MySQL sync database.
Create user
- In the Control panel, on the top menu, click Products and select Cloud Databases.
- Open the Active tab.
- Open the Database Cluster page → Users tab.
- Click Create User.
- Enter a name and password. Save the password — it will not be stored in the control panel.
- Click Save.
Change user password
After the cluster is created, the user password can be changed. Remember to change the password in your application.
- In the Control panel, on the top menu, click Products and select Cloud Databases.
- Open the Active tab.
- Open the cluster page → Users tab.
- From the user's menu, select Change Password.
- Enter or generate a new password and save the changes.
Configure database access
Grant access to a user
You can give multiple users access to a single MySQL sync database.
- In the Control panel, on the top menu, click Products and select Cloud Databases.
- Open the Active tab.
- Open the Database Cluster page → Databases tab → Database page.
- In the Have access block, click Add and select the user.
The user can only connect to the database (CONNECT
) and cannot perform operations on objects. To give the user access to objects, grant the user the necessary privileges.
Remove access for a user
- In the Control panel, on the top menu, click Products and select Cloud Databases.
- Open the Active tab.
- Open the Database Cluster page → Databases tab → Database page.
- In the Have access block, delete the user.
Customize user privileges
Grant privileges
You can grant users privileges on databases and tables by using the GRANT command. Privileges can be the following: SELECT
, INSERT
, DELETE
, USAGE
, and others.
Example of granting read access (SELECT
) to table table
in database database
to user user
:
GRANT SELECT ON table TO user;
Example of granting read access (SELECT
) to database database
to user user
:
GRANT SELECT ON database.* TO user;
Create a user with read-only privileges
-
Grant the user access to the database.
-
Create another user who will have read-only privileges.
-
Connect to the database with the first user.
-
Grant read-only permissions to the database to the second user:
REVOKE ALL PRIVILEGES ON <database_name>.* FROM '<username>'@'%';
GRANT SELECT ON <database_name>.* TO '<username>'@'%';Specify:
<database_name>
— database name;<username>
— the username of the user who will be granted read-only privileges.
Revoke privileges
You can revoke privileges from a user by using the REVOKE command.
An example of revoking the privilege of the user user
on the table table
and database database
:
REVOKE SELECT ON table FROM user;
REVOKE SELECT ON database.* FROM user;