When you create an account under a MySQL tenant, you can associate the account with multiple databases. When you create an account under an Oracle tenant, the account has only the privileges on the corresponding schema.
Log on to the ApsaraDB for OceanBase console.
In the left-side navigation pane, click Instances.
On the Instances page, click the name of the target cluster instance to go to the Cluster Instance Workspace page.
In the left-side navigation pane, click Tenant Management. In the Tenants list, click the name of the target tenant.
On the Tenant Workspace page, click Create Account in the upper-right corner, and set parameters in the following table.
Parameter
Description
Account Name
The account name. It must be 2 to 32 characters in length and started with a letter. It can contain the following characters: uppercase letters, lowercase letters, hyphen, underscore, and digits. It cannot be set to the reserved keywords (including the corresponding lowercase) such as SYS, OCEANBASE, ROOT, OPERATOR, LBACSYS, ORAAUDITOR, OBMIGRATE, OMC, IDB_DDL, ODC_RND, ODC_DDL, and DWEXP.
Account Type
The account type. You can select Normal Account or Super Administrator. A normal account has privileges to execute DML, DQL, and DDL statements in the database. A super account has all privileges.
A normal account has the following privileges by default:
MySQL mode: SELECT on information_schema.*
Oracle mode: The following privileges on user schemas: CREATE TABLE, CREATE VIEW, CREATE PROCEDURE, CREATE SYNONYM, CREATE SEQUENCE, CREATE TRIGGER, CREATE TYPE, CREATE SESSION, EXECUTE ANY PROCEDURE, CREATE ANY OUTLINE, ALTER ANY OUTLINE, DROP ANY OUTLINE, CREATE ANY PROCEDURE, ALTER ANY PROCEDURE, DROP ANY PROCEDURE, CREATE ANY SEQUENCE, ALTER ANY SEQUENCE, DROP ANY SEQUENCE, CREATE ANY TYPE, ALTER ANY TYPE, DROP ANY TYPE, SYSKM, CREATE ANY TRIGGER, ALTER ANY TRIGGER, DROP ANY TRIGGER, CREATE PROFILE, ALTER PROFILE, DROP PROFILE
Accessible Database
This parameter is optional. Grant privileges to the account, including read/write, DDL-only, DML-only, and read-only privileges.
In MySQL mode, you can grant the following database privileges to the account: Read/write: ALL PRIVILEGES Read-only privilege: CREATE SESSION, SELECT, SHOW VIEW DDL privileges: CREATE, DROP, ALTER, SHOW VIEW, and CREATE VIEW DML privileges: SELECT, INSERT, UPDATE, DELETE, SHOW VIEW, and PROCESS
Password
The password of the account. The password must be 10 to 32 characters in length and contain three types of the following characters: uppercase letters, lowercase letters, digits, and special characters. The supported special characters are
! @ # $ % ^ & * ( ) _ + - =
Confirm Password
Enter the password again to confirm it.
Remarks (Optional)
The length of remarks cannot exceed 30 characters.
Click OK.