Updated on 2024-11-07 GMT+08:00

Preparations

User Permissions

You need to obtain permissions to create an evaluation project. For details, see Permission Management.

Network Configurations

  1. Check whether a source database and UGO are connected. Currently, they can be connected only over a public network.
  2. Enable the source database firewall to allow UGO to access a local database.
  3. Check whether the access whitelist of the source database allows UGO. The method of adding a whitelist entry varies depending on the database type. For details, see official documents.
  4. Set the maximum number of connections for the source database. The parameters and modification methods vary depending on the database type. For details, see official documents.
  5. Check whether the database connection information is correct, including IP address, database service name, username, and password.

Source Database Permissions

Before using UGO to evaluate a database, you need to create a database account for data collection and obtain access permissions.
  • Grant DBA permissions when Oracle is used as the source database.
    1. Create a user. USER indicates a database username.
      CREATE USER user IDENTIFIED BY password;
    2. Grant the login permission to the user.
      GRANT CONNECT TO user;
    3. Grant DBA permissions to the user.
      GRANT DBA TO user;
  • Grant non-DBA permissions when Oracle is used as the source database.
    1. Create a user. USER indicates a database username.
      CREATE USER user IDENTIFIED BY password;
    2. Grant the login permission to the user.
      GRANT CONNECT TO user;
    3. Grant the SELECT_CATALOG_ROLE permission to the user, so that the user can obtain DDL statements of objects from a data dictionary. If the user does not have this permission, the permission check fails and the user is unable to proceed to next steps.
      GRANT SELECT_CATALOG_ROLE TO user;
      GRANT SELECT ANY DICTIONARY TO user;
    When the source database type is Oracle, the user must obtain the DBMS_METADATA, dynamic view, and schema object counting permissions. To ensure that DDLs returned by DBMS_METADATA.GET_DDL are consistent, UGO needs to format the captured SQL statements. So a non-read-only account is required. When UGO is being connected, you need to set export parameters. The settings are valid only for the collected DDLs. Only sessions will be affected, and the source database will not. The following parameters need to be set:
    • Make table constraints and indexes a part of the CREATE TABLE statements.
      DBMS_METADATA.SET_TRANSFORM_PARAM(dbms_metadata.SESSION_TRANSFORM, 'CONSTRAINTS_AS_ALTER', false)
    • Ensure that there are no collation clauses in the exported DDLs.
      DBMS_METADATA.SET_TRANSFORM_PARAM(dbms_metadata.SESSION_TRANSFORM, 'COLLATION_CLAUSE', 'NEVER')
    • Add a semicolon (;) to each collected SQL statement.
      DBMS_METADATA.SET_TRANSFORM_PARAM(dbms_metadata.SESSION_TRANSFORM, 'SQLTERMINATOR', true)
  • Grant query and PROCESS permissions on the MySQL system database and all permissions on a database to be migrated when MySQL is used as the source database. In MySQL 8.0 and later versions, if there are stored procedures and functions, grant the SHOW_ROUTINE permission as well.
    1. Create a user. db-user indicates a database username.
      CREATE USER db-user IDENTIFIED BY passwd;
    2. Grants user permissions. By default, when UGO connects to the MySQL database, the user needs to obtain permissions to access the MySQL database.
      GRANT SELECT ON mysql.* TO db-user;
    3. Grant the PROCESS permission to view all tables in information_schema.
      GRANT PROCESS ON *.* TO db-user;
    4. Grant the following permissions to objects to be collected:
      GRANT SELECT ON schema-name.* TO db-user;
      GRANT SHOW VIEW ON schema-name.* TO db-user;
      GRANT TRIGGER ON schema-name.* TO db-user;

      To collect all schemas, replace <schema-name>.* with *.* to grant the permission of collecting all objects.

    5. In MySQL 8.0.20 and later versions, if there are stored procedures and functions, grant the following permission as well:
      GRANT SHOW_ROUTINE ON *.* TO db-user;
  • Grant query and PROCESS permissions on the GoldenDB system database and all permissions on a database to be migrated when GoldenDB is used as the source database. If there are stored procedures and functions, grant the SHOW_ROUTINE permission as well.
    1. Create a user. db-user indicates a database username.
      CREATE USER db-user IDENTIFIED BY passwd;
    2. Grant permissions to collect user and role information in GoldenDB system table mysql.user.
      GRANT SELECT ON mysql.user TO db-user;
    3. Grant the PROCESS permission to view all tables in information_schema.
      GRANT PROCESS ON *.* TO db-user;
    4. Grant the following permissions to objects to be collected:
      GRANT SELECT ON schema-name.* TO db-user;
      GRANT SHOW VIEW ON schema-name.* TO db-user;
      GRANT TRIGGER ON schema-name.* TO db-user;

      To collect all schemas, replace <schema-name>.* with *.* to grant the permission of collecting all objects.

    5. In MySQL 8.0.20 and later versions, if there are stored procedures and functions, grant the following permission as well:
      GRANT SHOW_ROUTINE ON *.* TO db-user

    MySQL or GoldenDB as the source database: If a user is granted to the global SELECT permission and the SHOW_ROUTINE permission. No other permissions are required.

  • Grant the VIEW DEFINITION permission when Microsoft SQL Server is used as the source database.
    1. Create login user login-user.
      CREATE LOGIN login-user WITH PASSWORD=password,DEFAULT_DATABASE =database;
    2. Create database user db-user.
      CREATE USER db-user FOR LOGIN login-user;
    3. Grant the user permissions to query metadata and table structures.
      GRANT VIEW DEFINITION ON DATABASE :: database TO db-user;
    4. Grant the permission to query dependencies to the user.
      GRANT SELECT ON OBJECT :: sys.sql_expression_dependencies TO db-user;