Updated on 2023-03-07 GMT+08:00

Database Account Security

To ensure that RDS MySQL databases run properly and prevent account information from being deleted by mistake, DAS hides the following accounts of MySQL database users.

Table 1 Accounts to be hidden

Account

Description

mysql.session@localhost

Internal database account configured in MySQL 5.7 or later.

mysql.sys@localhost

Internal database account configured in MySQL 5.7 or later.

mysql.infoschema@localhost

Database account.

root@%

Account configured when you create an RDS MySQL instance.

rdsAdmin@localhost

Management account, which has the highest superuser permission and is used to query and modify DB instance information, rectify faults, as well as migrate and restore data.

rdsBackup@localhost

Backup account, which is used to back up background data.

rdsMetric

Metering account, which is used by watchdog to collect database status data.

rdsRepl

Replication account, which is used to synchronize data from primary DB instances to standby ones or read replicas.

rdsProxy

Proxy account, which is used for authentication when the database is connected using the read/write splitting address. This account is automatically created when read/write splitting is enabled.

drsFull

Account added to the destination database when you start a full migration task.

drsIncremental

Account added to the destination database when you start an incremental migration task.