MySQL semi-sync user management

Last update: March 04 2024

MySQL semi-sync user management

Users are created to access databases in a MySQL semi-sync cluster.

Only the cluster itself is available for users to work with — there is no access to the cluster nodes, as they are on the Selectel side. By default, all users in the cluster have the same permissions.

You can give multiple users access to one MySQL semi-sync database.

Create user⁠

1. In Control Panel, go to Cloud Platform → Databases.
2. Open the Database Cluster page → Users tab.
3. Click Create User.
4. Enter your name and password. Save the password — it will not be stored in the control panel.
5. Click Save.

Change user password⁠

After the cluster is created, the user password can be changed. Don't forget to change the password in your app.

1. In Control Panel, go to Cloud Platform → Databases.
2. Open the cluster page → Users tab.
3. From the menu () of the user, select Change Password.
4. Enter or generate a new password and save the changes.

Configure access to the database⁠

Grant access to the user⁠

You can give multiple users access to one MySQL semi-sync database.

1. In Control Panel, go to Cloud Platform → Databases.
2. Open the Database Cluster page → Databases tab → Database page.
3. In the Accessed box, click Add and select the user.

The user can only connect to the database (CONNECT) and cannot perform operations on objects. To give the user access to objects, grant the user the necessary privileges.

Remove access for user⁠

1. In Control Panel, go to Cloud Platform → Databases.
2. Open the Database Cluster page → Databases tab → Database page.
3. In the Have access block, delete the user.

Configure user privileges⁠

Grant privileges⁠

You can grant database and table privileges to users by using the GRANT command. Privileges can be as follows: SELECT, INSERT, DELETE, USAGE and others.

Example of granting read access (SELECT) to table table in database database to user user:

GRANT SELECT ON table TO user;

Example of granting read access (SELECT) to database database to user user:

GRANT SELECT ON database.* TO user;

Create a user with read-only privileges⁠

1. Create user.

2. Grant user access to the database.

3. Create another user who will have read-only privileges.

4. Connect to database with the first user.

5. Grant read-only permissions to the database to the second user:

   REVOKE ALL PRIVILEGES ON <database_name>.* FROM '<username>'@'%';
   GRANT SELECT ON <database_name>.* TO '<username>'@'%';

   Specify:

   • <database_name> is the name of the database;
   • <username> is the name of the user who will be granted read-only privileges.

Revoke privileges⁠

You can revoke privileges from a user by using the REVOKE command.

Example of revoking privilege from user user on table table and database database:

REVOKE SELECT ON table FROM user;
REVOKE SELECT ON database.* FROM user;