OceanBase logo

OceanBase

A unified distributed database ready for your transactional, analytical, and AI workloads.

DEPLOY YOUR WAY

OceanBase Cloud

The best way to deploy and scale OceanBase

OceanBase Enterprise

Run and manage OceanBase on your infra

TRY OPEN SOURCE

OceanBase Community Edition

The free, open-source distributed database

OceanBase seekdb

Open source AI native search database

Customer Stories

Real-world success stories from enterprises across diverse industries.

View All
BY USE CASES

Mission-Critical Transactions

Global & Multicloud Application

Elastic Scaling for Peak Traffic

Real-time Analytics

Active Geo-redundancy

Database Consolidation

Resources

Comprehensive knowledge hub for OceanBase.

Blog

Live Demos

Training & Certification

Documentation

Official technical guides, tutorials, API references, and manuals for all OceanBase products.

View All
PRODUCTS

OceanBase Cloud

OceanBase Database

Tools

Connectors and Middleware

QUICK START

OceanBase Cloud

OceanBase Database

BEST PRACTICES

Practical guides for utilizing OceanBase more effectively and conveniently

Company

Learn more about OceanBase – our company, partnerships, and trust and security initiatives.

About OceanBase

Partner

Trust Center

Contact Us

International - English
中国站 - 简体中文
日本 - 日本語
Sign In
Start on Cloud

A unified distributed database ready for your transactional, analytical, and AI workloads.

DEPLOY YOUR WAY

OceanBase Cloud

The best way to deploy and scale OceanBase

OceanBase Enterprise

Run and manage OceanBase on your infra

TRY OPEN SOURCE

OceanBase Community Edition

The free, open-source distributed database

OceanBase seekdb

Open source AI native search database

Customer Stories

Real-world success stories from enterprises across diverse industries.

View All
BY USE CASES

Mission-Critical Transactions

Global & Multicloud Application

Elastic Scaling for Peak Traffic

Real-time Analytics

Active Geo-redundancy

Database Consolidation

Comprehensive knowledge hub for OceanBase.

Blog

Live Demos

Training & Certification

Documentation

Official technical guides, tutorials, API references, and manuals for all OceanBase products.

View All
PRODUCTS
OceanBase CloudOceanBase Database
ToolsConnectors and Middleware
QUICK START
OceanBase CloudOceanBase Database
BEST PRACTICES

Practical guides for utilizing OceanBase more effectively and conveniently

Learn more about OceanBase – our company, partnerships, and trust and security initiatives.

About OceanBase

Partner

Trust Center

Contact Us

Start on Cloud
编组
All Products
    • Databases
    • iconOceanBase Database
    • iconOceanBase Cloud
    • iconOceanBase Tugraph
    • iconInteractive Tutorials
    • iconOceanBase Best Practices
    • Tools
    • iconOceanBase Cloud Platform
    • iconOceanBase Migration Service
    • iconOceanBase Developer Center
    • iconOceanBase Migration Assessment
    • iconOceanBase Admin Tool
    • iconOceanBase Loader and Dumper
    • iconOceanBase Deployer
    • iconKubernetes operator for OceanBase
    • iconOceanBase Diagnostic Tool
    • iconOceanBase Binlog Service
    • Connectors and Middleware
    • iconOceanBase Database Proxy
    • iconEmbedded SQL in C for OceanBase
    • iconOceanBase Call Interface
    • iconOceanBase Connector/C
    • iconOceanBase Connector/J
    • iconOceanBase Connector/ODBC
    • iconOceanBase Connector/NET
icon

OceanBase Migration Service

V4.2.0Community Edition

  • OMS Documentation
  • What's New
  • OMS Community Edition Introduction
    • What is OMS Community Edition?
    • Terms
    • OMS Community Edition HA
    • Architecture
      • Overview
      • Hierarchical functional system
      • Basic components
    • Limits
  • Quick Start
    • Data migration process
    • Data synchronization process
  • Deploy OMS Community Edition
    • Deployment modes
    • System and network requirements
    • Memory and disk requirements
    • Prepare the environment
    • Deploy OMS Community Edition on a single node
    • Deploy OMS Community Edition on multiple nodes in a single region
    • Deploy OMS on multiple nodes in multiple regions
    • Scale out OMS Community Edition
    • Check the deployment
    • Deploy a time-series database (Optional)
  • OMS Community Edition console
    • Log on to the OMS Community Edition console
    • Overview
    • User center
      • Configure user information
      • Change your logon password
      • Log off
  • Data migration
    • Overview
    • Migrate data from a MySQL database to OceanBase Database Community Edition
    • Migrate data from OceanBase Database Community Edition to a MySQL database
    • Migrate data from HBase to OBKV
    • Migrate data within OceanBase Database Community Edition
    • Active-active disaster recovery within OceanBase Database Community Edition
    • Migrate data from a TiDB database to OceanBase Database Community Edition
    • Migrate data from a PostgreSQL database to OceanBase Database Community Edition
    • Manage data migration projects
      • View details of a data migration project
      • Change the name of a data migration project
      • View and modify migration objects
      • Manage computing platforms
      • Use tags to manage data migration projects
      • Perform batch operations on data migration projects
      • Download and import settings of migration objects
      • Start and pause a data migration project
      • Release and delete a data migration project
    • Features
      • DML filtering
      • DDL synchronization
      • Configure matching rules for migration objects
      • Wildcard rules
      • Rename a database table
      • Use SQL conditions to filter data
      • Create and update a heartbeat table
      • Schema migration mechanisms
      • Schema migration operations
      • Set an incremental synchronization timestamp
    • Supported DDL operations in incremental migration and limits
      • DDL synchronization from MySQL database to OceanBase Community Edition
        • Overview of DDL synchronization from a MySQL database to a MySQL tenant of OceanBase Database
        • CREATE TABLE
          • Create a table
          • Create a column
          • Create an index or a constraint
          • Create partitions
        • Data type conversion
        • ALTER TABLE
          • Modify a table
          • Operations on columns
          • Operations on constraints and indexes
          • Operations on partitions
        • TRUNCATE TABLE
        • RENAME TABLE
        • DROP TABLE
        • CREATE INDEX
        • DROP INDEX
        • DDL incompatibilities between MySQL database and OceanBase Community Edition
          • Overview
          • Incompatibilities of the CREATE TABLE statement
            • Incompatibilities of CREATE TABLE
            • Column types that are supported to create indexes or constraints
          • Incompatibilities of the ALTER TABLE statement
            • Incompatibilities of ALTER TABLE
            • Change the type of a constrained column
            • Change the type of an unconstrained column
            • Change the length of a constrained column
            • Change the length of an unconstrained column
            • Delete a constrained column
          • Incompatibilities of DROP INDEX operations
      • Supported DDL operations in incremental migration from OceanBase Community Edition to a MySQL database and limits
      • Supported DDL operations in incremental migration between MySQL tenants of OceanBase Database
  • Data synchronization
    • Data synchronization overview
    • Create a project to synchronize data from OceanBase Database Community Edition to a Kafka instance
    • Create a project to synchronize data from OceanBase Database Community Edition to a RocketMQ instance
    • Manage data synchronization projects
      • View details of a data synchronization project
      • Change the name of a data synchronization project
      • View and modify synchronization objects
      • Use tags to manage data synchronization projects
      • Perform batch operations on data synchronization projects
      • Download and import the settings of synchronization objects
      • Start and pause a data synchronization project
      • Release and delete a data synchronization project
    • Features
      • DML filtering
      • DDL synchronization
      • Rename a topic
      • Use SQL conditions to filter data
      • Column filtering
      • Data formats
  • Create and manage data sources
    • Create data sources
      • Create an OceanBase-CE data source
      • Create a MySQL data source
      • Create a TiDB data source
      • Create a Kafka data source
      • Create a RocketMQ data source
      • Create a PostgreSQL data source
      • Create an HBase data source
    • Manage data sources
      • View data source information
      • Copy a data source
      • Edit a data source
      • Delete a data source
    • Create a database user
    • User privileges
    • Enable binlogs for the MySQL database
  • OPS & Monitoring
    • O&M overview
    • Go to the overview page
    • Server
      • View server information
      • Update the quota
      • View server logs
    • Components
      • Store
        • Create a store
        • View details of a store
        • Update the configurations of a store
        • Start and pause a store
        • Delete a store
      • Incr-Sync
        • View details of an Incr-Sync component
        • Start and pause an Incr-Sync component
        • Migrate an Incr-Sync component
        • Update the configurations of an Incr-Sync component
        • Batch O&M
        • Delete an Incr-Sync component
      • Full-Import
        • View details of a Full-Import component
        • Pause a Full-Import component
        • Rerun and resume a Full-Import component
        • Update the configurations of a Full-Import component
        • Delete a Full-Import component
      • Full-Verification
        • View details of a Full-Verification component
        • Pause a Full-Verification component
        • Rerun and resume a Full-Verification component
        • Update the configurations of a Full-Verification component
        • Delete a Full-Verification component
    • O&M Task
      • View O&M tasks
      • Skip a task or subtask
      • Retry a task or subtask
  • System management
    • Permission Management
      • Overview
      • Manage users
      • Manage departments
    • Alert center
      • View project alerts
      • View system alerts
      • Manage alert settings
    • Associate with OCP
    • System parameters
      • Modify system parameters
      • Modify HA configurations
  • OMS Community Edition O&M
    • Manage OMS services
    • OMS logs
    • Component O&M
      • O&M operations for the Supervisor component
      • CLI-based O&M for the Connector component
      • O&M operations for the Store component
    • Component tuning
      • Incr-Sync or Full-Import tuning
    • Component parameters
      • Coordinator
      • Condition
      • Source Plugin
        • Overview
        • StoreSource
        • DataFlowSource
        • LogProxySource
        • KafkaSource (TiDB)
        • HBaseSource
      • Sink Plugin
        • Overview
        • JDBC-Sink
        • KafkaSink
        • DatahubSink
        • RocketMQSink
        • HBaseSink
      • Store parameters
        • Parameters of a MySQL store
        • Parameters of an OceanBase store
      • Parameters of the CM component
      • Parameters of the Supervisor component
    • Set throttling
  • Reference Guide
    • API Reference
      • Overview
      • CreateProject
      • StartProject
      • StopProject
      • ResumeProject
      • ReleaseProject
      • DeleteProject
      • ListProjects
      • DescribeProject
      • DescribeProjectSteps
      • DescribeProjectStepMetric
      • DescribeProjectProgress
      • DescribeProjectComponents
      • ListProjectFullVerifyResult
      • StartProjectsByLabel
      • StopProjectsByLabel
      • CreateMysqlDataSource
      • CreateOceanBaseDataSource
      • ListDataSource
      • CreateLabel
      • ListAllLabels
      • ListFullVerifyInconsistenciesResult
      • ListFullVerifyCorrectionsResult
      • UpdateStore
      • UpdateFullImport
      • UpdateIncrSync
      • UpdateFullVerification
    • OMS error codes
    • Alert Reference
      • oms_host_down
      • oms_host_down_migrate_resource
      • oms_host_threshold
      • oms_migration_failed
      • oms_migration_delay
      • oms_sync_failed
      • oms_sync_status_inconsistent
      • oms_sync_delay
  • Upgrade Guide
    • Overview
    • Upgrade OMS in single-node deployment mode
    • Upgrade OMS in multi-node deployment mode
    • FAQ
  • FAQ
    • General O&M
      • How do I modify the resource quotas of an OMS container?
      • How do I troubleshoot the OMS server down issue?
      • Deploy InfluxDB for OMS
      • Increase the disk space of the OMS host
    • Project diagnostics
      • What do I do when a store does not have data of the timestamp requested by the downstream?
      • What do I do when OceanBase Store failed to access an OceanBase cluster through RPC?
    • OPS & monitoring
      • What are the alert rules?
    • Data synchronization
      • FAQ about synchronization to a message queue
        • What are the strategies for ensuring the message order in incremental data synchronization to Kafka
    • Data migration
      • Full migration
        • How do I query the ID of a checker?
        • How do I query log files of the Checker component of OMS?
        • How do I query the verification result files of the Checker component of OMS?
        • What do I do if the destination table does not exist?
        • What can I do when the full migration failed due to LOB fields?
        • What do I do if garbled characters cannot be written into OceanBase Database V3.1.2?
      • Incremental synchronization
        • How do I skip DDL statements?
        • How do I update whitelists and blacklists?
        • What are the application scope and limits of ETL?
    • Installation and deployment
      • How do I upgrade Store?
      • How do I upgrade CDC?
      • What do I do when the "Failed to fetch" error is reported?

Download PDF

OMS Documentation What's New What is OMS Community Edition? Terms OMS Community Edition HA Overview Hierarchical functional system Basic components Limits Data migration process Data synchronization process Deployment modes System and network requirements Memory and disk requirements Prepare the environment Deploy OMS Community Edition on a single node Deploy OMS Community Edition on multiple nodes in a single region Deploy OMS on multiple nodes in multiple regions Scale out OMS Community Edition Check the deployment Deploy a time-series database (Optional) Log on to the OMS Community Edition console Overview Configure user information Change your logon password Log off Overview Migrate data from a MySQL database to OceanBase Database Community Edition Migrate data from OceanBase Database Community Edition to a MySQL database Migrate data from HBase to OBKV Migrate data within OceanBase Database Community Edition Active-active disaster recovery within OceanBase Database Community Edition Migrate data from a TiDB database to OceanBase Database Community Edition Migrate data from a PostgreSQL database to OceanBase Database Community Edition View details of a data migration project Change the name of a data migration project View and modify migration objects Manage computing platforms Use tags to manage data migration projects Perform batch operations on data migration projects Download and import settings of migration objects Start and pause a data migration project Release and delete a data migration project DML filtering DDL synchronization Configure matching rules for migration objects Wildcard rules Rename a database table Use SQL conditions to filter data Create and update a heartbeat table Schema migration mechanisms Schema migration operations Set an incremental synchronization timestamp Supported DDL operations in incremental migration from OceanBase Community Edition to a MySQL database and limits Supported DDL operations in incremental migration between MySQL tenants of OceanBase Database Data synchronization overview Create a project to synchronize data from OceanBase Database Community Edition to a Kafka instance Create a project to synchronize data from OceanBase Database Community Edition to a RocketMQ instance View details of a data synchronization project Change the name of a data synchronization project View and modify synchronization objects Use tags to manage data synchronization projects Perform batch operations on data synchronization projects Download and import the settings of synchronization objects Start and pause a data synchronization project Release and delete a data synchronization project DML filtering DDL synchronization Rename a topic Use SQL conditions to filter data Column filtering Data formats Create an OceanBase-CE data source Create a MySQL data source Create a TiDB data source Create a Kafka data source Create a RocketMQ data source Create a PostgreSQL data source Create an HBase data source View data source information Copy a data source Edit a data source Delete a data source Create a database user User privileges Enable binlogs for the MySQL database O&M overview Go to the overview page View server information Update the quota View server logs View O&M tasks Skip a task or subtask Retry a task or subtask Overview Manage users Manage departments View project alerts View system alerts Manage alert settings
OceanBase logo

The Unified Distributed Database for the AI Era.

Follow Us
Products
OceanBase CloudOceanBase EnterpriseOceanBase Community EditionOceanBase seekdb
Resources
DocsBlogLive DemosTraining & Certification
Company
About OceanBaseTrust CenterLegalPartnerContact Us
Follow Us

© OceanBase 2026. All rights reserved

Cloud Service AgreementPrivacy PolicySecurity
Contact Us
Document Feedback
  1. Documentation Center
  3. OceanBase Migration Service
  5. V4.2.0
iconOceanBase Migration Service
V 4.2.0Community Edition
Enterprise Edition
  • V 4.3.2
  • V 4.3.1
  • V 4.3.0
  • V 4.2.5
  • V 4.2.4
  • V 4.2.3
  • V 4.0.2
  • V 3.4.0
Community Edition
  • V 4.2.13
  • V 4.2.12
  • V 4.2.11
  • V 4.2.10
  • V 4.2.9
  • V 4.2.8
  • V 4.2.7
  • V 4.2.6
  • V 4.2.5
  • V 4.2.4
  • V 4.2.3
  • V 4.2.1
  • V 4.2.0
  • V 4.0.0
  • V 3.3.1

User privileges

Last Updated:2026-04-14 07:41:23  Updated
share
What is on this page
User privileges required when a MySQL database serves as the source database
User privileges required when a MySQL database serves as the destination database
User privileges required when OceanBase Community Edition serves as the source database
User privileges required when OceanBase Community Edition serves as the destination database
User privileges required when a PostgreSQL database serves as the source database
User privileges required when a Kafka database serves as the destination
User privileges required when a RocketMQ database serves as the destination

folded

share

Before you migrate data between databases by using OceanBase Migration Service (OMS) Community Edition, make sure that you have created a database user for each data source as the migration or synchronization user. These users must have the required privileges on the source and destination data sources.

User privileges required when a MySQL database serves as the source database

  • The database user must have the read privilege on the database from which data is migrated.

    GRANT SELECT ON <database_name>.* TO '<user_name>';

  • The database user must have the REPLICATION CLIENT and REPLICATION SLAVE privileges to perform incremental synchronization on a MySQL database.

    GRANT REPLICATION CLIENT, REPLICATION SLAVE ON *.* TO <user_name> WITH GRANT OPTION;

    If you select Allow OMS to automatically write heartbeat data into this instance during incremental synchronization to resolve the problem of high latency when no business data is written into the source database when you add a MySQL data source, OMS will create and update the drc.heartbeat table in the corresponding MySQL database. In that case, the MySQL database user must have the privileges to create and write the table. For more information about how to create a data source, see Create a MySQL data source.

    • Grant a database user the privilege to create the drc.heartbeat table:

      GRANT CREATE ON drc.heartbeat TO '<user_name>';

    • Grant a database user the privilege to write the drc.heartbeat table:

      GRANT INSERT, UPDATE, DELETE ON drc.heartbeat TO '<user_name>';

  • The database user must have the SELECT *.* privilege to synchronously pull incremental logs.

    GRANT SELECT ON *.* TO '<user_name>';

User privileges required when a MySQL database serves as the destination database

Run the following command to grant privileges to the user in the MySQL database:

GRANT <privilege_type> ON <database_name>.<table_name> TO '<user_name>'@'<host_name>' [WITH GRANT OPTION];
Parameter Description
privilege_type Grant SELECT, INSERT, UPDATE, and other operation privileges to the account. To grant all privileges to the account, set this parameter to ALL.
database_name The name of the database. To grant operation privileges on all databases to the account, set this parameter to an asterisk (*).
table_name The name of the table. To grant operation privileges on all tables to the account, set this parameter to an asterisk (*).
user_name The account to which privileges are granted.
host_name The host from which the account is allowed to log on to the database. To allow the account to log on to the database from any host, set this parameter to a percent sign (%).
WITH GRANT OPTION Grant the account the privilege to use the GRANT command. This parameter is optional.

User privileges required when OceanBase Community Edition serves as the source database

To synchronize data from OceanBase Community Edition to a Kafka or RocketMQ database, the user must have the following privileges on the source:

  • SELECT privilege on the source business database.

  • SELECT privilege on the OceanBase and MySQL databases of the source tenant.

  • To synchronize incremental data, you need to create a user under the sys tenant of OceanBase Community Edition and grant the SELECT ON *.* privilege to the user.

    The username and password must be the same as those in the config.yaml file.

User privileges required when OceanBase Community Edition serves as the destination database

To migrate data from a MySQL database to OceanBase Community Edition, the user must have the following privileges on the destination:

  • SELECT, INSERT, UPDATE, and DELETE privileges on the business database.

  • The SELECT privilege on the OceanBase databases and MySQL databases.

User privileges required when a PostgreSQL database serves as the source database

During schema migration from a PostgreSQL database to a MySQL tenant of OceanBase Database, you must grant the SELECT privilege on tables and views to the migration user.

During incremental synchronization from a PostgreSQL database to a MySQL tenant of OceanBase Database, the privileges required for the migration user are as follows:

  • If the specified whitelist of tables to migrate contains wildcard characters, the migration user must be granted the superuser privilege. Otherwise, publication creation will fail and an error indicating no privilege will be returned. If no wildcard character is contained, the superuser privilege is not required.

  • The migration user must be granted the REPLICATION and LOGIN roles and the CREATE PUBLICATION privilege.

    • CREATE USER <user_name> REPLICATION LOGIN ENCRYPTED PASSWORD '<password>';

    • GRANT CREATE ON DATABASE <database_name> TO <user_name>;

  • The migration user must be the owner of the tables to migrate.

    // Create a role named replication_group.
CREATE ROLE <replication_group>;  
// Add the original owner of the tables to migrate to the replication_group role.
GRANT <replication_group> TO <original_owner>;
// Add the migration account to replication_group.
GRANT <replication_group> TO <replication_user>;
// Change the owner of the tables to migrate to the replication_group role.
ALTER TABLE <table_name> OWNER TO <replication_group>;

If you select Allow OMS to automatically write heartbeat data into this instance during incremental synchronization. This resolves the problem of high latency when no business data is written in the source database when you add a PostgreSQL data source, OMS Community Edition will create and update the oms_postgres_heartbeat table in the corresponding PostgreSQL database. In that case, the PostgreSQL database user must have the privileges to create and write the table. For more information about how to create a data source, see Create a PostgreSQL data source.

  • Grant a database user the privilege to create the drc.heartbeat table:

    GRANT CREATE ON SCHEMA public TO '<user_name>';

  • Grant a database user the privilege to write the drc.heartbeat table:

    GRANT INSERT, UPDATE, DELETE ON oms_postgres_heartbeat TO '<user_name>';

User privileges required when a Kafka database serves as the destination

If the Kafka database requires authentication, see Create a Kafka data source.

To synchronize data to a Kafka database, the user must have privileges to perform the following operations:

  • Create and view topics.

  • View topic partition information.

  • Write records.

  • Read records.

User privileges required when a RocketMQ database serves as the destination

To synchronize data to a RocketMQ database, the user must have privileges to perform the following operations:

  • Create and view topics.

  • View the information of the topic message queue.

  • Write records.

  • Read records.

Previous topic

Create a database user
Last

Next topic

Enable binlogs for the MySQL database
Next
What is on this page
User privileges required when a MySQL database serves as the source database
User privileges required when a MySQL database serves as the destination database
User privileges required when OceanBase Community Edition serves as the source database
User privileges required when OceanBase Community Edition serves as the destination database
User privileges required when a PostgreSQL database serves as the source database
User privileges required when a Kafka database serves as the destination
User privileges required when a RocketMQ database serves as the destination