This topic describes the privileges of a normal account in MySQL and Oracle modes of ApsaraDB for OceanBase.
Account privileges in MySQL mode
The default privilege of a normal account in MySQL mode is SELECT on information_schema.*
Privilege type | Privilege | Description |
Read/Write privileges | ALL PRIVILEGES | All privileges except |
DDL-only | CREATE | The privilege to create tables. |
DROP | The privilege to drop tables and views. | |
ALTER | The privilege to rename tables and modify schemas. | |
SHOW VIEW | The privilege to query views and learn how views operate. | |
CREATE VIEW | The privilege to create views. | |
DML-only | SELECT | The privilege to query data in tables. |
INSERT | The privilege to insert rows into tables. | |
UPDATE | The privilege to modify existing data. | |
DELETE | The privilege to delete existing data. | |
SHOW VIEW | The privilege to query views and learn how views operate. | |
PROCESS | The privilege to view the processes of other users by using the | |
Read-only privileges | CREATE SESSION | The privilege to connect to a database. |
SELECT | The privilege to query data in tables. | |
SHOW VIEW | The privilege to query views and learn how views operate. | |
Custom | ALTER, CREATE, DELETE, DROP, INSERT, SELECT, UPDATE, INDEX, CREATE VIEW, SHOW VIEW, PROCEDURE FUNCTION | You can select all DDL and DML commands, as well as INDEX and PROCEDURE FUNCTION. INDEX: The privilege to create or delete table indexes. PROCEDURE FUNCTION
Note The PROCEDURE FUNCTION privilege only supports database versions V4.2.2 and above, and V4.3.0 and above. |
Account privileges in Oracle mode
By default, a normal account in Oracle mode has the following privileges on user schemas.
Privilege | Description |
CREATE TABLE | The privilege to create tables. |
CREATE VIEW | The privilege to create views. |
CREATE PROCEDURE | The privilege to create any stored procedures for users. |
CREATE SYNONYM | The privilege to create a synonym for a specified user. |
CREATE SEQUENCE | The privilege to create a sequence for a specified user. |
CREATE TRIGGER | The privilege to create a trigger for a specified user. |
CREATE TYPE | The privilege to create types. |
CREATE SESSION | The privilege to create sessions. |
EXECUTE ANY PROCEDURE | The privilege to execute any stored procedures. |
CREATE ANY OUTLINE | The privilege to create any execution plans. |
ALTER ANY OUTLINE | The privilege to modify any execution plans. |
DROP ANY OUTLINE | The privilege to drop any execution plans. |
CREATE ANY PROCEDURE | The privilege to create any stored procedures for users. |
ALTER ANY PROCEDURE | The privilege to modify any stored procedures. |
DROP ANY PROCEDURE | The privilege to drop any stored procedure. |
CREATE ANY SEQUENCE | The privilege to create any sequences. |
ALTER ANY SEQUENCE | The privilege to modify any sequences. |
DROP ANY SEQUENCE | The privilege to drop any sequences. |
CREATE ANY TYPE | The privilege to create any type. |
ALTER ANY TYPE | The privilege to modify any type. |
DROP ANY TYPE | The privilege to drop any type. |
SYSKM | The privilege to perform operations related to transparent data encryption (TDE). |
CREATE ANY TRIGGER | The privilege to create any triggers for users. |
ALTER ANY TRIGGER | The privilege to modify any triggers. |
DROP ANY TRIGGER | The privilege to drop any triggers. |
CREATE PROFILE | The privilege to create profiles. |
ALTER PROFILE | The privilege to modify profiles. |
DROP PROFILE | The privilege to drop profiles. |