Skip to main content

Managing MySQL semi-sync users

Users are created to access databases in a MySQL semi-sync cluster.

Only the cluster itself is available to users—cluster nodes cannot be accessed as they are located on the Servercore side. By default, all users in a cluster have the same permissions.

Access to a single MySQL semi-sync database can be granted to multiple users.

Create a user

  1. In the Dashboard, on the top menu click Products and select Managed Databases.
  2. Open the Active tab.
  3. Open the database cluster page → Users tab.
  4. Click Create User.
  5. Enter a username and password. Save the password—it will not be stored in the Dashboard.
  6. Click Save.

Change a user password

After a cluster is created, the user password can be changed. Do not forget to update the password in your application.

  1. In the Dashboard, on the top menu click Products and select Managed Databases.
  2. Open the Active tab.
  3. Open the cluster page → Users tab.
  4. In the user menu, select Change password.
  5. Enter or generate a new password and save the changes.

Configure database access

Grant access to a user

Access to a single MySQL semi-sync database can be granted to multiple users.

  1. In the Dashboard, on the top menu click Products and select Managed Databases.
  2. Open the Active tab.
  3. Open the database cluster page → Databases tab → database page.
  4. In the Has Access block, click Add and select a user.

A user can only connect to the database (CONNECT) and cannot perform operations on objects. To grant a user access to objects, grant them the necessary privileges.

Revoke user access

  1. In the Dashboard, on the top menu click Products and select Managed Databases.
  2. Open the Active tab.
  3. Open the database cluster page → Databases tab → database page.
  4. In the Has Access block, remove the user.

Configure user privileges

Grant privileges

You can grant users privileges for databases and tables using the GRANT command. Privileges can be: SELECT, INSERT, DELETE, USAGE, and others.

Example of granting read access (SELECT) to the table table in the database database to the user:

GRANT SELECT ON table TO user;

Example of granting read access (SELECT) to the database database to the user:

GRANT SELECT ON database.* TO user;

Create a user with read-only permissions

  1. Create a user.

  2. Grant the user access to the database.

  3. Create another user who will have only read-only (read-only) privileges.

  4. Connect to the database using the first user.

  5. Grant read-only privileges to the database to the second user:

    REVOKE ALL PRIVILEGES ON <database_name>.* FROM '<username>'@'%';
    GRANT SELECT ON <database_name>.* TO '<username>'@'%';

    Specify:

    • <database_name> — database name;
    • <username> — name of the user who will be granted read-only privileges.

Revoke privileges

You can revoke user privileges using the REVOKE command.

Example of revoking privileges from user user for table table and database database:

REVOKE SELECT ON table FROM user;
REVOKE SELECT ON database.* FROM user;