This topic provides an overview of the permissions that ApsaraDB RDS for MySQL provides for both privileged and standard accounts.
Accounts and permissions
The following table lists the account permissions that are supported by ApsaraDB RDS. You cannot obtain the permissions that are not listed in the following table.
Account type | Permission | Operation | ||||
Privileged account |
| ALTER, ALTER ROUTINE, CREATE, CREATE VIEW, CREATE ROUTINE, CREATE USER,CREATE TEMPORARY TABLES, DELETE, DROP, EVENT, EXECUTE, INDEX, INSERT, LOCK TABLES, PROCESS, RELOAD, REFERENCES, REPLICATION SLAVE, REPLICATION CLIENT, SELECT, SHOW VIEW, TRIGGER, UPDATE | ||||
Standard account | Read-only | REPLICATION SLAVE, REPLICATION CLIENT, SELECT, SHOW VIEW | ||||
Read/write | ALTER, ALTER ROUTINE, CREATE, CREATE TEMPORARY TABLES, CREATE VIEW, CREATE ROUTINE, DELETE, DROP, EVENT, EXECUTE, INSERT, INDEX, LOCK TABLES, PROCESS, REFERENCES, REPLICATION SLAVE, REPLICATION CLIENT, SELECT, SHOW VIEW, TRIGGER, UPDATE | |||||
DDL-only | ALTER, ALTER ROUTINE, CREATE, CREATE VIEW, CREATE TEMPORARY TABLES, CREATE ROUTINE, DROP, INDEX, LOCK TABLES, PROCESS, REPLICATION SLAVE, REPLICATION CLIENT, SHOW VIEW | |||||
DML-only | CREATE TEMPORARY TABLES, DELETE, EVENT, EXECUTE, INSERT, LOCK TABLES, PROCESS, REPLICATION SLAVE, REPLICATION CLIENT, SELECT, SHOW VIEW, TRIGGER, UPDATE | |||||
FAQ
Can I change a privileged account of an ApsaraDB RDS for MySQL instance to a standard account?
No, you cannot change a privileged account of an ApsaraDB RDS for MySQL instance to a standard account. A privileged account has fixed permissions, and you cannot modify the permissions. If an issue such as the unexpected execution of REVOKE occurs on the privileged account, you can reset the permissions of the privileged account to resolve the issue. If you do not need to use the current privileged account, you can delete the privileged account and then create a standard account or privileged account to meet your business requirements.