CHANGE REPLICATION SOURCE TOができないのでレプリカになれないしグループレプリケーションも自分で構築することはできない(そりゃそうだ)- 暗号化やAudit, Firewallを回避するようなのはダメ(そりゃそうだ)
BINLOG_ADMINはないけどREPLICATION_APPLIERはあるので、mysqlbinlogで吸い上げたバイナリログを適用することはできる (人力レプリケーションの機運か)mysqlスキーマに書き込めないのでINSTALL PLUGIN,INSTALL COMPONENTはできない(そりゃそうだ)SET GLOBALもSET PERSISTもできない(そりゃそうだ)
HeatWave側の管理者にないもの。
RELOADSHUTDOWNFILESUPERCREATE TABLESPACEALLOW_NONEXISTENT_DEFINERAUDIT_ABORT_EXEMPTAUTHENTICATION_POLICY_ADMINBINLOG_ADMINBINLOG_ENCRYPTION_ADMINCLONE_ADMINCREATE_SPATIAL_REFERENCE_SYSTEMENCRYPTION_KEY_ADMINFIREWALL_EXEMPTGROUP_REPLICATION_ADMINGROUP_REPLICATION_STREAMINNODB_REDO_LOG_ARCHIVEINNODB_REDO_LOG_ENABLEOPTIMIZE_LOCAL_TABLEPASSWORDLESS_USER_ADMINPERSIST_RO_VARIABLES_ADMINREPLICATION_SLAVE_ADMINRESOURCE_GROUP_ADMINRESOURCE_GROUP_USERSENSITIVE_VARIABLES_OBSERVERSERVICE_CONNECTION_ADMINSESSION_VARIABLES_ADMINSYSTEM_USERSYSTEM_VARIABLES_ADMINTABLE_ENCRYPTION_ADMINTELEMETRY_LOG_ADMINmysql.*への書き込み系 ( SELECTとSHOW CREATE VIEWくらいしかできなさそう)mysql_audit.*への書き込み系 ( SELECTとSHOW CREATE VIEWくらいしかできなさそう)mysql_option.*への書き込み系 ( SELECTとSHOW CREATE VIEWくらいしかできなさそう)sys.*への書き込み系 ( SELECTとSHOW CREATE VIEWくらいしかできなさそう)
HeatWave側にしかないもの
OPTION_TRACKER_OBSERVER( Enterprise Edition用 )
mysql92 9> SELECT @@version;
+-----------+
| @@version |
+-----------+
| 9.2.0 |
+-----------+
1 row in set (0.00 sec)
mysql92 9> SHOW GRANTS\G
*************************** 1. row ***************************
Grants for root@localhost: GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, CREATE ROLE, DROP ROLE ON *.* TO `root`@`localhost` WITH GRANT OPTION
*************************** 2. row ***************************
Grants for root@localhost: GRANT ALLOW_NONEXISTENT_DEFINER,APPLICATION_PASSWORD_ADMIN,AUDIT_ABORT_EXEMPT,AUDIT_ADMIN,AUTHENTICATION_POLICY_ADMIN,BACKUP_ADMIN,BINLOG_ADMIN,BINLOG_ENCRYPTION_ADMIN,CLONE_ADMIN,CONNECTION_ADMIN,CREATE_SPATIAL_REFERENCE_SYSTEM,ENCRYPTION_KEY_ADMIN,FIREWALL_EXEMPT,FLUSH_OPTIMIZER_COSTS,FLUSH_PRIVILEGES,FLUSH_STATUS,FLUSH_TABLES,FLUSH_USER_RESOURCES,GROUP_REPLICATION_ADMIN,GROUP_REPLICATION_STREAM,INNODB_REDO_LOG_ARCHIVE,INNODB_REDO_LOG_ENABLE,OPTIMIZE_LOCAL_TABLE,PASSWORDLESS_USER_ADMIN,PERSIST_RO_VARIABLES_ADMIN,REPLICATION_APPLIER,REPLICATION_SLAVE_ADMIN,RESOURCE_GROUP_ADMIN,RESOURCE_GROUP_USER,ROLE_ADMIN,SENSITIVE_VARIABLES_OBSERVER,SERVICE_CONNECTION_ADMIN,SESSION_VARIABLES_ADMIN,SET_ANY_DEFINER,SHOW_ROUTINE,SYSTEM_USER,SYSTEM_VARIABLES_ADMIN,TABLE_ENCRYPTION_ADMIN,TELEMETRY_LOG_ADMIN,TRANSACTION_GTID_TAG,XA_RECOVER_ADMIN ON *.* TO `root`@`localhost` WITH GRANT OPTION
*************************** 3. row ***************************
Grants for root@localhost: GRANT PROXY ON ``@`` TO `root`@`localhost` WITH GRANT OPTION
mysql> SELECT @@version;
+-------------+
| @@version |
+-------------+
| 9.2.2-cloud |
+-------------+
1 row in set (0.00 sec)
mysql> SHOW GRANTS\G
*************************** 1. row ***************************
Grants for admin@%: GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, PROCESS, REFERENCES, INDEX, ALTER, SHOW DATABASES, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE ROLE, DROP ROLE ON *.* TO `admin`@`%` WITH GRANT OPTION
*************************** 2. row ***************************
Grants for admin@%: GRANT APPLICATION_PASSWORD_ADMIN,AUDIT_ADMIN,BACKUP_ADMIN,CONNECTION_ADMIN,EXPORT_QUERY_RESULTS,FLUSH_OPTIMIZER_COSTS,FLUSH_PRIVILEGES,FLUSH_STATUS,FLUSH_TABLES,FLUSH_USER_RESOURCES,OPTION_TRACKER_OBSERVER,REPLICATION_APPLIER,ROLE_ADMIN,SET_ANY_DEFINER,SHOW_ROUTINE,TRANSACTION_GTID_TAG,XA_RECOVER_ADMIN ON *.* TO `admin`@`%` WITH GRANT OPTION
*************************** 3. row ***************************
Grants for admin@%: REVOKE INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, CREATE VIEW, CREATE ROUTINE, ALTER ROUTINE, EVENT, TRIGGER ON `mysql`.* FROM `admin`@`%`
*************************** 4. row ***************************
Grants for admin@%: REVOKE CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES, CREATE VIEW, CREATE ROUTINE, ALTER ROUTINE, EVENT, TRIGGER ON `mysql_audit`.* FROM `admin`@`%`
*************************** 5. row ***************************
Grants for admin@%: REVOKE INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, CREATE VIEW, CREATE ROUTINE, ALTER ROUTINE, EVENT, TRIGGER ON `mysql_option`.* FROM `admin`@`%`
*************************** 6. row ***************************
Grants for admin@%: REVOKE CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES, CREATE VIEW, CREATE ROUTINE, ALTER ROUTINE, EVENT, TRIGGER ON `sys`.* FROM `admin`@`%`
*************************** 7. row ***************************
Grants for admin@%: GRANT PROXY ON ``@`` TO `admin`@`%` WITH GRANT OPTION
*************************** 8. row ***************************
Grants for admin@%: GRANT `administrator`@`%` TO `admin`@`%` WITH ADMIN OPTION
0 件のコメント :
コメントを投稿