- What's New
- Product Bulletin
- Service Overview
- Billing
- Getting Started
-
User Guide
- Function Overview
- Kernel Version Notes
- Permissions Management
-
Instance Management
- Instance Statuses
- Buying a DDM instance
- Splitting Read-only and Read-Write Services
- Changing Node Class
- Scaling Out a DDM Instance
- Scaling In a DDM Instance
- Restarting a DDM Instance or an Instance Node
- Deleting Pay-per-Use Instances
- Reloading Table Data
- Changing a Parameter Template
- Modifying Parameters of a DDM Instance
- Rolling Back the Version of a DDM Instance
- Upgrading the Version of a DDM Instance
- Upgrading the DDM Engine and OS
- Connection Management
- Schema Management
- Shard Configuration
- Data Nodes
-
Parameter Template Management
- Instance Parameters
- Creating a Parameter Template
- Modifying a Custom Parameter Template
- Comparing Two Parameter Templates
- Viewing Parameter Change History
- Replicating a Parameter Template
- Applying a Parameter Template
- Viewing Application Records of a Parameter Template
- Modifying the Description of a Parameter Template
- Deleting a Parameter Template
- Account Management
- Backups and Restorations
-
Data Migration
- Overview
- Migration Evaluation
- Scenario 1: Migrating Data from an On-Premises MySQL Instance to DDM
- Scenario 2: Migrating Data from a Third-Party Cloud MySQL Instance to DDM
- Scenario 3: Migrating Data from an ECS-hosted MySQL Instance on Huawei Cloud to DDM
- Scenario 4: Exporting Data from a DDM Instance
- Scenario 5: Migrating Data from Heterogeneous Databases to DDM
- Scenario 6: Migrating Data from Huawei Cloud RDS for MySQL to DDM
- Session Management
- Slow Queries
- Monitoring and Alarm Reporting
- Task Center
- Tags
- Auditing
-
SQL Syntax
- Introduction
- DDL
- DML
- Online DDL
- Functions
- Unsupported Objects and Use Constraints
- Supported SQL Statements
- Global Sequence
- Database Management Syntax
- Advanced SQL Functions
- Quotas
-
API Reference
- Before You Start
- API Overview
- Calling APIs
-
APIs (Recommended)
-
DDM Instances
- Buying a DDM instance
- Querying DDM Instances
- Querying Details of a DDM Instance
- Modifying the Name of a DDM Instance
- Changing the Security Group of a DDM Instance
- Deleting a DDM Instance
- Restarting a DDM Instance
- Reloading Table Data
- Scaling Out a DDM Instance
- Scaling in a DDM instance
- Modifying the Read Policy of the Associated DB Instance
- Synchronizing Data Node Information
- Querying Nodes of a DDM Instance
- Querying Details of a DDM Instance Node
- Querying Parameters of a Specified DDM Instance
- Modifying Parameters of a DDM Instance
- Querying DDM Engine Information
- Querying DDM Node Classes Available in an AZ
- Changing the Node Class of a DDM Instance
- Obtaining the Instance Group Information
- Creating an Instance Group
- Schemas
- Accounts
- Monitoring
- Session Management
- Application Examples
-
DDM Instances
- Permissions Policies and Supported Actions
- Appendix
- SDK Reference
-
Best Practices
- Overview
- Formulating Sharding Rules
- Determining the Number of Shards in a Schema
- Using Broadcast and Unsharded Tables
- Transaction Models
- SQL Standards
- Migrating an Entire RDS Database to DDM
- Migrating an Entire MyCat Database to DDM
- Accessing DDM Using a JDBC Connection Pool
- Logging In to a DDM Instance Using Navicat
- Migrating Data from RDS for MySQL to DDM Using DRS
- Sharding Database and Table Data of an RDS for MySQL Instance
- Performance White Paper
-
FAQs
- General Questions
-
DDM Usage
- How Does DDM Perform Sharding?
- What Do I Do If I Fail to Connect to a DDM Instance Using the JDBC Driver?
- Why It Takes So Long Time to Export Data from MySQL Using mysqldump?
- What Do I Do If a Duplicate Primary Key Error Occurs When Data Is Imported into DDM?
- What Should I Do If an Error Message Is Returned When I Specify an Auto-Increment Primary Key During Migration?
- What Do I Do If an Error Is Reported When Parameter Configuration Does Not Time Out?
- Which Should I Delete First, a Schema or its Associated RDS Instances?
- Can I Manually Delete Databases and Accounts Remained in Data Nodes After a Schema Is Deleted?
- SQL Syntax
-
RDS-related Questions
- Is the Name of a Database Table Case-Sensitive?
- What Risky Operations on RDS for MySQL Will Affect DDM?
- How Do I Handle Data with Duplicate Primary Keys in a Table?
- How Can I Query RDS for MySQL Information by Running Command show full innodb status?
- What Should I Pay Attention to When Selecting RDS for MySQL Instance Specifications?
- Connection Management
- Resource Freezing, Release, Deletion, and Unsubscription
- Videos
-
More Documents
-
User Guide (ME-Abu Dhabi Region)
- Service Overview
- Getting Started
- Function Overview
- Instance Management
-
Parameter Template Management
- Creating a Parameter Template
- Editing a Parameter Template
- Comparing Two Parameter Templates
- Viewing Parameter Change History
- Replicating a Parameter Template
- Applying a Parameter Template
- Viewing Application Records of a Parameter Template
- Modifying the Description of a Parameter Template
- Deleting a Parameter Template
- Task Center
- Schema Management
- Account Management
- Backup Management
- Monitoring Management
- Auditing
-
SQL Syntax
- Introduction
- DDL
- DML
- Functions
- Unsupported Items
- Supported SQL Statements
- Global Sequence
- Database Management Syntax
- Advanced SQL Functions
-
FAQs
- General Questions
-
DDM Usage
- How Can I Rectify a Fault in Accessing DDM by Using the JDBC Driver?
- What Version and Parameters Should I Select?
- Why It Takes So Long Time to Export Data from MySQL Using mysqldump?
- How Should I Handle the Duplicate Primary Key Error Occurring After Data Is Imported into DDM?
- What Should I Do If an Error Message Is Returned After I Specify an Auto-Increment Primary Key?
- How Do I Handle the Error Reported When Parameter Configuration Does Not Time Out?
- Which Should I Delete First, Schema or Associated RDS DB Instances?
- Should I Manually Delete Databases and Accounts Remained in the Associated RDS DB Instances After a Schema Is Deleted?
- SQL Syntax
- RDS-related Questions
- Connection Management
-
User Guide (Kuala Lumpur Region)
- Service Overview
- Getting Started
- Function Overview
- Instance Management
-
Parameter Template Management
- Creating a Parameter Template
- Editing a Parameter Template
- Comparing Two Parameter Templates
- Viewing Parameter Change History
- Replicating a Parameter Template
- Applying a Parameter Template
- Viewing Application Records of a Parameter Template
- Modifying the Description of a Parameter Template
- Deleting a Parameter Template
- Task Center
- Schema Management
- Account Management
- Backup Management
- Monitoring Management
- Auditing
-
SQL Syntax
- Introduction
- DDL
- DML
- Functions
- Unsupported Items
- Supported SQL Statements
- Global Sequence
- Database Management Syntax
- Advanced SQL Functions
-
FAQs
- General Questions
-
DDM Usage
- How Can I Rectify a Fault in Accessing DDM by Using the JDBC Driver?
- What Version and Parameters Should I Select?
- Why It Takes So Long Time to Export Data from MySQL Using mysqldump?
- How Should I Handle the Duplicate Primary Key Error Occurring After Data Is Imported into DDM?
- What Should I Do If an Error Message Is Returned After I Specify an Auto-Increment Primary Key?
- How Do I Handle the Error Reported When Parameter Configuration Does Not Time Out?
- Which Should I Delete First, Schema or Associated RDS DB Instances?
- Should I Manually Delete Databases and Accounts Remained in the Associated RDS DB Instances After a Schema Is Deleted?
- SQL Syntax
- RDS-related Questions
- Connection Management
-
API Reference (Kuala Lumpur Region)
- Before You Start
- API Overview
- Calling APIs
-
DDM Instance Management
- Querying DDM Engine
- Querying the Quota of Classes Available in Each AZ
- Creating a DDM Instance
- Querying DDM Instances
- Viewing Details of a DDM Instance
- Modifying the Name of a DDM Instance
- Modifying the Security Group of a DDM Instance
- Deleting a DDM Instance
- Restarting a DDM Instance
- Reloading Table Data
- Scaling Out a DDM instance
- Scaling In a DDM instance
- Modifying the Read Policy of the Associated DB Instance
- Synchronizing DB Instance Data
- Querying Nodes of a DDM Instance
- Querying Details of a DDM Instance Node
- Querying Parameters of a Specified DDM Instance
- Modifying Parameters of a DDM Instance
- Schema Management
- Account Management
- Monitoring Management
- Permissions Policies and Supported Actions
- Appendix
- Change History
-
User Guide (ME-Abu Dhabi Region)
- General Reference
Copied.
Managing Permissions
Permission Levels
- User level (supported)
- Database level (supported)
- Table level (supported)
- Column level (not supported)
- Subprogram level (not supported)
- Global level (not supported)
Permission Types
DDM supports different permission types by using the GRANT statement.
Permission Type |
Description |
---|---|
ALL |
All permissions |
DROP |
Deleting a table |
INDEX |
Creating/Deleting an index |
ALTER |
Executing ALTER statements |
CREATE |
Creating a table |
SELECT |
Reading table data |
INSERT |
Inserting data to a table |
UPDATE |
Updating data in a table |
GRANT |
Granting permissions to users |
REVOKE |
Deleting a user permission |
SET |
Setting user's passwords |
FILE |
Uploading database permissions from a file |
CREATE USER |
Creating a user |
Precautions
- Basic permissions of a DDM account can only be modified on the DDM console.
- If a DDM account has table or database permissions on a schema, the schema will be displayed in the row where the account is located.
- Users created by the CREATE USER statement support only user-level permissions.
- If a DDM account has been associated with a schema, deleting this schema or tables in it does not affect the permissions assigned to the account.
- You can execute the GRANT statement to assign permissions to a DDM account. The following is an example statement:
grant grant option on {user-level, database-level, and table-level} to DDM account
- Permissions cannot be assigned to a DDM account unless the account is associated with a schema.
Permission Operations
SHOW GRANTS is supported in versions in 3.0.2 or later. Other functions are available in versions 2.4.1.4 or later.
CREATE USER
Syntax:
CREATE USER username IDENTIFIED BY 'auth#string'
Example: Creating an account (username: Jenny; password: xxxxxx)
CREATE USER Jenny IDENTIFIED BY 'xxxxxx';
Each username and password must meet the corresponding requirements.
DROP USER
Syntax:
DROP USER username
Example: Removing user Jenny
DROP USER Jenny;
SET PASSWORD
Syntax:
SET PASSWORD FOR 'username'@'%' = 'auth_string'
To be compatible with the MySQL syntax, the username must be in the format of 'username'@' %'.
Example: Changing the password of Jenny to xxxxxx
SET PASSWORD FOR 'Jenny'@'%' = 'xxxxxx'
GRANT
GRANT priv_type[, priv_type] ... ON priv_level TO user [auth_option] priv_level: { | *.* | db_name.* | db_name.tbl_name | tbl_name} auth_option: { IDENTIFIED BY 'auth#string' }
If a GRANT statement provides no accounts and does not specify IDENTIFIED BY, a message No account found will be returned. If IDENTIFIED BY is specified, an account will be created accordingly and permissions will be granted to it.
GRANT ALL [PRIVILEGES] can be used to assign table-, user-, and database-level permissions.
Example 1: Create a user-level account with all permissions. The username is Mike.
Method 1: Create an account and then grant permissions to it.
CREATE USER Mike IDENTIFIED BY 'password'; GRANT SELECT, INSERT ON *.* to Mike;
Method 2: Execute one SQL statement to create an account and grant it permissions.
GRANT SELECT, INSERT ON *.* to Mike IDENTIFIED BY 'password';
Example 2: Create a database-level account with all permissions. Create account david in database testdb and grant the SELECT permissions of database testdb to the account.
Method 1: Create an account and then grant permissions to it.
CREATE USER david IDENTIFIED BY 'password'; GRANT SELECT ON testdb.* to david;
Method 2: Execute one SQL statement to create an account and grant it permissions.
GRANT SELECT ON testdb.* to david IDENTIFIED BY 'password';
Example 3: Create a table-level account with all permissions. Create account hanson in database testdb and grant all permissions of table testdb.employees to the account.
GRANT ALL PRIVILEGES ON testdb.employees to hanson IDENTIFIED BY 'password';
REVOKE
Syntax:
REVOKE priv_type [, priv_type] ... ON priv_level FROM user;
Example: Deleting CREATE, DROP, and INDEX permissions of user hanson on table testdb.emp.
REVOKE CREATE,DROP,INDEX ON testdb.emp FROM hanson;
REVOKE can delete actions at each permission level of an account. The permission level is specified by priv_level.
SHOW GRANTS
Syntax:
SHOW GRANTS FOR user;
Example 1: Querying user permissions with any of the following statements:
SHOW GRANTS; SHOW GRANTS FOR CURRENT_USER; SHOW GRANTS FOR CURRENT_USER();
Example 2: Querying other permissions. This operation can be performed only when the current user can grant user-level permissions.
mysql> show grants for david; +-----------------------------+ |Grants for david | +-----------------------------+ |GRANT USAGE ON *.* TO david | +-----------------------------+ 1 row in set (0.00 sec)
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot