By

Contents
  1. 1. Create a read-only account with azure mysql 8.0
    1. 1.1. Notes

Create a read-only account with azure mysql 8.0

Notes

  1. When creating role and granting privileges, please use ‘%’ instead of ‘localhost’. For PaaS, ‘localhost’ means physical host machine that cannot be accessed in cloud considering security.
  2. After creating role and granting role privileges to the target user, please run [SET DEFAULT ROLE ALL TO ‘{username}’]
1
2
3
4
5
6
7
8
9
10
11
12
13
14
create user 'foobarreader'@'%' identified by 'StrongPassword!';
create role 'foobar_read_only';

grant select on foobardb.* to 'foobar_read_only';

mysql> grant 'foobar_read_only' to 'foobarreader'@'%';

mysql> set default role all to 'foobarreader';

mysql> show grants for 'foobarreader'@'%';

mysql> show grants for 'foobarreader'@'%' using 'foobar_read_only';

## check by login via new created user and test show databases

Mysql 8 role permission control system

Contents
  1. 1. Create a read-only account with azure mysql 8.0
    1. 1.1. Notes