diff --git a/docs/imports/import-tool-user-requirements.md b/docs/imports/import-tool-user-requirements.md index 4eb7b44c..93006ed2 100644 --- a/docs/imports/import-tool-user-requirements.md +++ b/docs/imports/import-tool-user-requirements.md @@ -8,21 +8,21 @@ When importing a database using our [Import tool](/docs/imports/database-imports Below is the minimum set of permissions needed and what each allows the user to do: -| Scope | Databases | Grant | Description | -| ------ | -------------------------------- | -------------------- | ---------------------------------------------------------------------------- | -| Global | n/a | `PROCESS` | Enable the user to see all processes with SHOW PROCESSLIST. | -| Global | n/a | `REPLICATION SLAVE` | Enable replicas to read binary log events from the source. | -| Global | n/a | `REPLICATION CLIENT` | Enable the user to ask where source or replica servers are. | -| Global | n/a | `RELOAD` | Enable use of FLUSH operations. | -| Table | ``, `ps_import_*` | `SELECT` | Enable use of SELECT. | -| Table | ``, `ps_import_*` | `INSERT` | Enable use of INSERT. | -| Table | `` | `LOCK TABLES` | Enable use of LOCK TABLES on tables for which you have the SELECT privilege. | -| Table | `` | `SHOW VIEW` | Enable use of SHOW VIEW. | -| Table | ``, `ps_import_*` | `UPDATE` | Enable use of UPDATE. | -| Table | ``, `ps_import_*` | `DELETE` | Enable use of DELETE. | -| Table | `ps_import_*` | `CREATE` | Enable database and table creation. | -| Table | `ps_import_*` | `DROP` | Enable databases, tables, and views to be dropped. | -| Table | `ps_import_*` | `ALTER` | Enable use of ALTER TABLE. | +| Scope | Databases | Grant | Description | +| ------ | ------------------------------------------------------- | -------------------- | ---------------------------------------------------------------------------- | +| Global | n/a | `PROCESS` | Enable the user to see all processes with SHOW PROCESSLIST. | +| Global | n/a | `REPLICATION SLAVE` | Enable replicas to read binary log events from the source. | +| Global | n/a | `REPLICATION CLIENT` | Enable the user to ask where source or replica servers are. | +| Global | n/a | `RELOAD` | Enable use of FLUSH operations. | +| Table | ``, `ps_import_*`, `_vt`, `mysql`.`func` | `SELECT` | Enable use of SELECT. | +| Table | ``, `ps_import_*`, `_vt` | `INSERT` | Enable use of INSERT. | +| Table | `` | `LOCK TABLES` | Enable use of LOCK TABLES on tables for which you have the SELECT privilege. | +| Table | `` | `SHOW VIEW` | Enable use of SHOW VIEW. | +| Table | ``, `ps_import_*`, `_vt` | `UPDATE` | Enable use of UPDATE. | +| Table | ``, `ps_import_*`, `_vt` | `DELETE` | Enable use of DELETE. | +| Table | `ps_import_*`, `_vt` | `CREATE` | Enable database and table creation. | +| Table | `ps_import_*`, `_vt` | `DROP` | Enable databases, tables, and views to be dropped. | +| Table | `ps_import_*`, `_vt` | `ALTER` | Enable use of ALTER TABLE. | {% callout %} The descriptions in the table above were taken from the MySQL docs. For a full list of all possible grants and their @@ -42,5 +42,7 @@ CREATE USER 'migration_user'@'%' IDENTIFIED BY ''; GRANT PROCESS, REPLICATION SLAVE, REPLICATION CLIENT, RELOAD ON *.* TO 'migration_user'@'%'; GRANT SELECT, INSERT, UPDATE, DELETE, SHOW VIEW, LOCK TABLES ON ``.* TO 'migration_user'@'%'; GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, ALTER ON `ps\_import\_%`.* TO 'migration_user'@'%'; +GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, ALTER ON `_vt`.* TO 'migration_user'@'%'; +GRANT SELECT ON `mysql`.`func` TO 'migration_user'@'%'; GRANT EXECUTE ON PROCEDURE mysql.rds_show_configuration TO 'migration_user'@'%'; ```