When you configure a data migration task, you must specify the accounts of the source and destination databases. The database accounts are used for data migration. Different databases and migration types require different permissions. You must create and authorize database accounts before you configure a data migration task.
Permissions required for the source database account
Database | Required permission | References |
ApsaraDB RDS for MySQL instance | Read permissions on the objects to migrate | Create accounts and databases and Modify the permissions of an account |
Self-managed MySQL database |
| Create an account for a self-managed MySQL database and configure binary logging |
PolarDB for MySQL cluster | Read permissions on the objects to migrate | |
PolarDB for Oracle cluster | Permissions of a privileged account | |
ApsaraDB RDS for MariaDB instance | Read permissions on the objects to migrate | For more information, see Create a database and an account. |
ApsaraDB RDS for SQL Server instance |
| For more information, see Create a privileged account or a standard account. |
Self-managed SQL Server database |
| For more information, see CREATE USER. |
ApsaraDB RDS for PostgreSQL instance |
| |
Self-managed PostgreSQL database |
| For more information, see CREATE USER and GRANT. |
Self-managed Oracle database |
| For more information, see CREATE USER and GRANT. Important If you want to migrate incremental data from an Oracle database but permissions of the DBA cannot be granted to the database account, you can grant fine-grained permissions to the account. For more information, see Migrate data from a self-managed Oracle database to an AnalyticDB for PostgreSQL instance. |
ApsaraDB for MongoDB instance |
| For more information, see Manage user permissions on MongoDB databases. |
Self-managed MongoDB database |
| For more information, see db.createUser(). |
Tair (Redis OSS-Compatible) instance | Read permissions on the objects to migrate | |
Self-managed Redis database | The | None |
Self-managed TiDB database | The SELECT permission on the objects to migrate and the SHOW VIEW permission | For more information, see Privilege Management |
Self-managed Db2 database |
| For more information, see Creating group and user IDs for a Db2 database installation and Authorities overview. |
Permissions required for the destination database account
Database | Required permission | Authorization method |
ApsaraDB RDS for MySQL instance | Read and write permissions on the destination database | For more information, see Create an account and Modify the permissions of an account. |
PolarDB for MySQL cluster | Read and write permissions on the destination database | For more information, see Create and manage a database account. |
Self-managed MySQL database | The ALL permission on the destination database | For more information, see Create an account for a self-managed MySQL database and configure binary logging. |
AnalyticDB for MySQL cluster |
| Version 3.0: Create a database account. |
PolarDB-X 1.0 instance | Read and write permissions on the destination database | For more information, see Manage accounts. |
ApsaraDB RDS for MariaDB instance | Read and write permissions on the destination database | For more information, see Create an account on an ApsaraDB RDS for MariaDB instance. |
ApsaraDB RDS for SQL Server instance | Read and write permissions on the destination database | For more information, see Create a database and an account. |
Self-managed SQL Server database | The ALL permission on the destination database | For more information, see CREATE USER. |
ApsaraDB RDS for PostgreSQL instance |
| For more information, see Create an account. |
Self-managed PostgreSQL database | The ALL permission on the destination database | For more information, see CREATE USER and GRANT. |
PolarDB for Oracle cluster | Permissions of the schema owner | For more information, see Create a database account |
Self-managed Oracle database | Permissions of the schema owner | For more information, see CREATE USER and GRANT. |
ApsaraDB for MongoDB instance | The dbAdminAnyDatabase permission, the read and write permissions on the destination database, and the read permissions on the local database | For more information, see Manage user permissions on MongoDB databases. |
Self-managed MongoDB database | Read and write permissions on the destination database and the read permissions on the local database | For more information, see db.createUser(). |
Tair (Redis OSS-Compatible) instance | If you use the instance password, no authorization is required. | None |
If you use a custom account, the read and write permissions are required. | For more information, see Create and manage database accounts. | |
Self-managed Redis database | The database password must be valid. | None |