All Products
Search
Document Center

Database Autonomy Service:Permissions

Last Updated:Jun 25, 2023

This topic describes the minimum permissions granted to accounts of different self-managed database engines from Database Autonomy Service (DAS). If an account does not have the minimum permissions, a message that indicates insufficient permissions is returned during the DAS connectivity test.

Note

In this topic, the das_test account is used.

Self-managed MySQL databases

Run the following commands to create the das_test account and grant the required permissions to the account:

CREATE USER 'das_test'@'%' IDENTIFIED BY 'password';
GRANT SHOW DATABASES, PROCESS, REPLICATION SLAVE, REPLICATION CLIENT ON *.* TO 'das_test'@'%';
GRANT SELECT ON *.*  TO 'das_test'@'%';

Self-managed PostgreSQL databases

Run the following commands to create the das_test account and grant the required permissions to the account:

CREATE USER das_test PASSWORD 'password';
GRANT SELECT ON ALL TABLES IN SCHEMA PUBLIC TO das_test;
/* Optional. Collect slow query logs and SQL statements. */ 
ALTER USER das_test WITH SUPERUSER;

Self-managed MongoDB databases

Run the following commands to create the das_test account and grant the required permissions to the account:

use admin;
db.createUser({user:'das_test',pwd:'password',roles:[{role:'readAnyDatabase', db:'admin'}, {role:'clusterMonitor', db:'admin'}, {role: 'hostManager', db: 'admin'}]})

If the error message (Unauthorized) not authorized on admin to execute command is returned, run the following command to grant the required permissions to the das_test account:

db.grantRolesToUser("das_test", [{db: "local", role: "dbAdmin"},{db: "config", role: "dbAdmin"},{db: "admin", role: "dbAdminAnyDatabase"}])