TL;DR: After you create a user in Google Cloud Console, don't forget to REVOKE 'cloudsqlsuperuser'@'%' FROM 'your-user'@'%'; if you only want this user to access specific schemas.
Creating a MySQL user via the Google Cloud Console automatically adds the cloudsqlsuperuser role that allows the user access to everything on that MySQL instance:
SHOW GRANTS FOR 'user-from-gcp-console'@'%'; +------------------------------------------------------------+ |Grants for user-from-gcp-console@% | +------------------------------------------------------------+ |GRANT USAGE ON *.* TO `user-from-gcp-console`@`%` | |GRANT `cloudsqlsuperuser`@`%` TO `user-from-gcp-console`@`%`| +------------------------------------------------------------+
Google mentions this in the About MySQL users article of their Knowledge Base.
To create a user with access to only one schema, you either need to create the user without the console by running something along the lines of:
CREATE USER 'your-user'@'%' IDENTIFIED
WITH 'mysql_native_password'
BY '<some-strong-password>';
GRANT ALL ON your-schema.* TO 'your-user'@'%';
Or by creating the user via the console but then not forgetting to remove the cloudsqlsuperuser role:
// Create a user via the Google Cloud Console REVOKE 'cloudsqlsuperuser'@'%' FROM 'your-user'@'%'; GRANT ALL ON your-schema.* TO 'your-user'@'%';
The above is the detailed content of Create a User With Access to Only One Schema in CloudSQL. For more information, please follow other related articles on the PHP Chinese website!
403forbidden solution
What is the encoding used inside a computer to process data and instructions?
What does STO mean in blockchain?
Folder exe virus solution
How to solve the problem that scanf return value is ignored
Usage of fixed in c language
How to modify the hosts file
How to delete array elements in JavaScript
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
