Manage users in a MySQL tenant

The user management feature allows you to view users under the current MySQL tenant, create a user, delete a user, and grant and revoke user permissions.

Prerequisites

• To view the MySQL user list, make sure that you have the following permissions:

  • Resource Permissions: Cluster Read-only or Tenant Read-only permission
  • Menu Permissions: Permission on the User Management menu of Tenants

• To create, lock, or delete a user, change the password of a user, or modify the permissions of a user, make sure that you have the following permissions:

  • Resource Permissions: Cluster Maintenance or Tenant Maintenance permission
  • Menu Permissions: Permission on the User Management menu of Tenants

• Only a primary tenant has the user management permissions.

• You cannot lock or delete a built-in user, or modify the permissions of the built-in user.

Procedure

1. Log in to the OceanBase Cloud Platform (OCP) console.

2. In the left-side navigation pane, select Tenants. The Tenants page automatically appears.

3. On the Tenants page, find the target tenant and click its name to go to the Overview page of the tenant.

4. In the left-side navigation pane, click User Management to go to the User Management page.

5. In the user list, view user information in the following columns: Username, Accessible Database, Login Connection String, Lock, and Actions.

   1. You can lock a user to prevent the user from logging in to the database.

   2. You can perform various operations on users. For example, you can lock a user, change the password of a user, modify the permissions of a user, and delete a user.

   3. You can view and copy the login connection string.

6. Click Create User in the upper-right corner.

   1. Configure the Username, Host Name, Password, Confirm Password, Global Permissions, and Database Permissions parameters.

      Parameter	Description
      Username	The username must be 2 to 30 characters in length, and can contain digits (0 to 9), uppercase letters (A to Z), lowercase letters (a to z), underscores (_), and hyphens (-).
      Host Name	Many host name formats are supported, including: % localhost IP addresses such as 192.168.1.1, or subnet masks such as 192.168.1.% Domain names
      Password	It must be 8 to 32 characters in length, and contain characters of at least three of the following types: digits (0 to 9), uppercase letters (A to Z), lowercase letters (a to z), and special characters. Supported special characters are ~ ! @ # % ^ & * _ - + = \	( ) { } [ ] : ; , . ? /.
      Confirm Password	Enter the password you specified for the Password parameter.
      Global Permissions	Optional. Global permissions apply to all databases. For more information, see System privileges in a MySQL tenant.
      Database Permissions	Optional. Database permissions apply to all objects in the specified database.

      

   2. Grant permissions to the new user. Select the databases that the user can access, click the > icon to move the databases to the right-side pane, and then select the permissions as needed.

   3. Click Submit.

7. Change the password of a user: Click Change Password in the Actions column. In the dialog box that appears, change the password.

8. Modify the permissions of a user: Click Modify Permission in the Actions column to modify the global permissions and database permissions of the user.

9. Delete a user: Click Delete in the Actions column to delete the corresponding user. Deleting a user may affect the business that involves this user. Proceed with caution.