AnalyticDB for MySQL supports two types of database accounts: privileged and standard. Different account types have different operation permissions.

Account types

Account type Description
Privileged account
  • You can create and manage privileged accounts in the AnalyticDB for MySQL console only.
  • You can create only one privileged account for each cluster. The privileged account is used to manage all standard accounts and databases of the cluster.
  • You can use a privileged account to close all database connections that are established under a standard account.
  • The privileged account allows you to implement fine-grained permission control to suit your business needs. For example, you can grant each standard account the permissions to query specific tables.
  • The privileged account of an AnalyticDB for MySQL database has similar permissions as the root account of a MySQL database.
Standard account
  • You can create and manage standard accounts only by executing SQL statements. For more information about how to create a standard account, see CREATE USER.
  • A maximum of 256 standard accounts can be created for a cluster.
  • You must manually grant a standard account the permissions to access specific databases. For more information about how to grant permissions, see GRANT. For more information about permissions, see Permission model.
  • You cannot use a standard account to close the database connections that are established under other standard accounts.

Create a privileged account

  1. Log on to the AnalyticDB for MySQL console.
  2. In the upper-left corner of the page, select the region where the target cluster resides.
  3. In the left-side navigation pane, click Clusters.
  4. On the V3.0 Clusters tab, click the target Cluster ID.
  5. In the left-side navigation pane, click Accounts. On the Accounts page, click Create Account.
  6. In the Create Account dialog box, configure the parameters as prompted.
    Parameter Description
    Account Enter the name of the privileged account.

    The account name must be 2 to 16 characters in length and can contain lowercase letters, digits, and underscores (_). It must start with a lowercase letter and end with a lowercase letter or a digit.

    Account Type Set the account type to Privileged Account. You cannot modify this parameter after the account is created.
    Password Set the password of the privileged account.
    • The password must be 8 to 32 characters in length.
    • The password must contain at least three of the following character types: uppercase letters, lowercase letters, digits, and special characters.
    • Supported special characters are ! @ # $ % ^ & * ( ) _ + - =
    Confirm Password Enter the password of the privileged account again.
    Description Optional. Enter the description of the privileged account.
  7. Click OK to create the privileged account.

Create a standard account

For information about how to create a standard account and grant permissions to the standard account, see CREATE USER and GRANT.

What to do next

Create a database