account permissions of DBS - Database Backup - Alibaba Cloud Documentation Center

The topic describes the permissions that are required to back up or restore databases.

Required permissions for different types of database accounts

Feature	Required permissions
Backup	Physical backup: LOCK_TABLES, REPLICATION_CLIENT, PROCESS, SUPER, CREATE, and RELOAD If your database runs MySQL 8.0, the database account must also have the BACKUP_ADMIN permission and the SELECT permission on the performance_schema.log_status and keyring_component_status tables. Logical backup: SELECT, SHOW VIEW, REPLICATION SLAVE, and REPLICATION CLIENT permissions on the destination and information_schema databases
Restoration	SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, EVENT, and TRIGGER

Note

To perform incremental backup in MySQL databases, Database Backup (DBS) must execute the show binary logs statement. For MySQL 5.5.24 and earlier versions, the SUPER permission is required to execute the statement. For MySQL 5.5.25 and later versions, only the REPLICATION CLIENT permission is required to execute the statement.
The permissions required to back up or restore RDS databases are determined based on your business requirements. Read-only permissions are required for backup, and read and write permissions are required for backup and restoration.

Feature	Required permissions
Backup	SELECT and VIEW DEFINITION
Restoration	SELECT, INSERT, ALTER Database, REFERENCES, and VIEW DEFINITION

Feature	Required permissions
Backup	SELECT or SUPER role
Restoration	CREATE, INSERT, USAGE, REFERENCES, and TRIGGER

Feature	Required permissions
Backup	Permissions of database administrator (DBA)
Restoration	Permissions of DBA

Feature	Required permissions
Backup	Read permissions on the admin database, local database, config database, and databases to be backed up
Restoration	Read and write permissions on the databases to be restored