简体中文(ZH-CN) English(EN) 繁体中文(ZH-TW) 日本語(JA) 한국어(KO) Melayu(MS) Français(FR) Deutsch(DE)
Home > Database > Mysql Tutorial > body text

Create a User With Access to Only One Schema in CloudSQL

WBOY
Release: 2024-07-18 08:07:13
Original
373 people have browsed it

Create a User With Access to Only One Schema in CloudSQL

TL;DR: After you create a user in Google Cloud Console, don't forget to REVOKE 'cloudsqlsuperuser'@'%' FROM 'your-user'@'%'; if you only want this user to access specific schemas.

Creating a MySQL user via the Google Cloud Console automatically adds the cloudsqlsuperuser role that allows the user access to everything on that MySQL instance:

SHOW GRANTS FOR 'user-from-gcp-console'@'%';

+------------------------------------------------------------+
|Grants for user-from-gcp-console@%                          |
+------------------------------------------------------------+
|GRANT USAGE ON *.* TO `user-from-gcp-console`@`%`           |
|GRANT `cloudsqlsuperuser`@`%` TO `user-from-gcp-console`@`%`|
+------------------------------------------------------------+
Copy after login

Google mentions this in the About MySQL users article of their Knowledge Base.

To create a user with access to only one schema, you either need to create the user without the console by running something along the lines of:

CREATE USER 'your-user'@'%' IDENTIFIED
    WITH 'mysql_native_password'
    BY '<some-strong-password>';

GRANT ALL ON your-schema.* TO 'your-user'@'%';
Copy after login

Or by creating the user via the console but then not forgetting to remove the cloudsqlsuperuser role:

// Create a user via the Google Cloud Console

REVOKE 'cloudsqlsuperuser'@'%' FROM 'your-user'@'%';
GRANT ALL ON your-schema.* TO 'your-user'@'%';
Copy after login

Closing notes

  • The user is uniquely identified by the user name and the host. % stands for any host, the commands might differ when you’re limiting the user access only to some hosts (e.g. your-user%localhost).
  • You might make use of the Cloud SQL Proxy in combination with IAM instead. Read more in the IAM Authentication article.
  • There is now also the Cloud SQL Studio [in preview] that might come in handy.
  • More info about user management in MySQL db here.

The above is the detailed content of Create a User With Access to Only One Schema in CloudSQL. For more information, please follow other related articles on the PHP Chinese website!

source:dev.to
Previous article:How to Parse Key-value Pairs from a Baseencoded String#eg11 Next article:How to inject simple dummy data at a large scale in MySQL
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Latest Articles by Author
Latest Issues
function_exists() cannot determine the custom function Function test () {return true;} if (function_exists ('test')) {echo "test is function...
From 2024-04-29 11:01:01
0
2
1788
How to display the mobile version of Google Chrome Hello teacher, how can I change Google Chrome into a mobile version?
From 2024-04-23 00:22:19
0
10
1929
The child window operates the parent window, but the output does not respond. The first two sentences are executable, but the last sentence cannot be implemented.
From 2024-04-19 15:37:47
0
1
1647
There is no output in the parent window document.onclick = function(){ window.opener.document.write('I am the output of the child ...
From 2024-04-18 23:52:34
0
1
1549
Where is the courseware about CSS mind mapping? Courseware
From 2024-04-16 10:10:18
0
0
1582
Related Topics
More>
Popular Recommendations
Popular Tutorials
More>
Related Tutorials
Popular Recommendations
Latest courses
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template
About us Disclaimer Sitemap
php.cn:Public welfare online PHP training,Help PHP learners grow quickly!