All Products
Search
Document Center

Database permissions

Last Updated: Mar 24, 2020

DBS offers features such as full backup, incremental backup, and data restore. The topic describes the database permissions and privileges that are required to perform database backup and restore.

MySQL privileges

Feature Required privilege
Backup
  • Logical backup: SELECT, REPLICATION SLAVE, and REPLICATION CLIENT
  • Physical backup: LOCK_TABLES, REPLICATION_CLIENT, PROCESS, SUPER, CREATE, and RELOAD
Restore SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, EVENT, and TRIGGER
  1. During incremental backups, DBS needs to run the show binary logs statement. For MySQL 5.5.24 and earlier versions, this requires the SUPER privilege. For MySQL 5.5.25 and later versions, this only requires the REPLICATION CLIENT privilege.

  2. For RDS databases, the read-only privilege is enough to perform backups, whereas the read and write privileges are required to perform backup and restore.

  3. If a whitelist is set up for a database, you need to add the IP address of the DBS server to the whitelist in the database system. To obtain the IP address of the DBS server, follow these steps: Log on to the DBS console. In the left-side navigation pane, click Backup Schedules. On the Backup Schedules page that appears, click Configure Backup Schedule in the Actions column of the specified backup schedule. In the Configure Backup Schedule wizard, click Set Whitelist next to Address in the Backup Source Information section.

SQL Server privileges

Feature Required privilege
Backup SELECT and VIEW DEFINITION
Restore SELECT, INSERT, ALTER Database, REFERENCES, and VIEW DEFINITION

Oracle privileges

Feature Required privilege
Backup DBA
Restore DBA

PostgreSQL privileges

Feature Required privilege
Backup SELECT or SUPER role
Restore CREATE, INSERT, USAGE, REFERENCES, and TRIGGER

MongoDB privileges

Feature Required privilege
Backup Read
Restore ReadWrite