AWS RDS 只读机——如何添加新用户
[英]AWS RDS read-only machine -- how to add new user
问题描述
I have two RDS mysql servers running, one is the main (master) rds server and the other is the read-only slave, which was created through the RDS console.
我有两台 RDS mysql 服务器在运行,一台是主(主)rds 服务器,另一台是只读从服务器,它是通过 RDS 控制台创建的。
How would I create a new user account for the read-only machine, that would not have access to the main master machine?我将如何为只读机器创建一个新用户帐户,该帐户无法访问主主机? For example, when I run the following command:例如,当我运行以下命令时:
CREATE USER 'foo'@'localhost' IDENTIFIED BY 'password';
I get:我得到:
The MySQL server is running with the --read-only option so it cannot execute this statement
I would like the user to have access to the following:我希望用户能够访问以下内容:
- YES (read-only): site-read.cyrnzp...是(只读):site-read.cyrnzp ...
- NO (master): site-provisioned.cyrnzp...否(主):site-provisioned.cyrnzp ...
How would this be done then?那要怎么做呢?
1 个解决方案
解决方案1
0 已采纳 2018-09-18 01:32:42
Edit: Won't work on AWS RDS as sql_log_bin is privileged编辑:无法在 AWS RDS 上工作,因为sql_log_bin具有特权
Easiest way would be to create it on the master CREATE USER foo@localhost .最简单的方法是在主CREATE USER foo@localhost上创建它。 This will replicate to the slave creating a user there as well.这将复制到在那里创建用户的从站。
Then to remove access on the master, SET SESSION sql_log_bin=0; DROP USER foo@localhost然后删除master上的访问, SET SESSION sql_log_bin=0; DROP USER foo@localhost SET SESSION sql_log_bin=0; DROP USER foo@localhost . SET SESSION sql_log_bin=0; DROP USER foo@localhost 。 The sql_log_bin=0 means that all statements in the same session aren't written to the binary log. sql_log_bin=0意味着同一会话中的所有语句都不会写入二进制日志。 All other server activity on different sessions is still replicated.仍会复制不同会话上的所有其他服务器活动。
The result of this is the slave server won't see the DROP USER statement, which means the foo user is still there on the slave, but not on the master server.这样做的结果是从服务器不会看到DROP USER语句,这意味着foo用户仍然在从服务器上,但不在主服务器上。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.