Prepare the database accounts for data migration - Data Transmission Service

When you configure a data migration task, you must specify the accounts of the source and destination databases. The database accounts are used for data migration. Different databases and migration types require different permissions. You must create and authorize database accounts before you configure a data migration task.

Permissions required for the source database account

Database	Required permission	References
ApsaraDB RDS for MySQL instance	Read permissions on the objects to migrate	Create accounts and databases and Modify the permissions of an account
Self-managed MySQL database	Schema migration: the SELECT permission on the objects to migrate Full data migration: the SELECT permission on the objects to migrate Incremental data migration: the SELECT permission on the objects to migrate, the REPLICATION CLIENT, REPLICATION SLAVE, and SHOW VIEW permissions, and the permissions to create databases and tables. The permissions allow DTS to create a database named dts to record heartbeat data during migration.	Create an account for a self-managed MySQL database and configure binary logging
PolarDB for MySQL cluster	Read permissions on the objects to migrate	Create and manage a database account
PolarDB for Oracle cluster	Permissions of a privileged account	Create a database account
ApsaraDB RDS for MariaDB instance	Read permissions on the objects to migrate	For more information, see Create a database and an account.
ApsaraDB RDS for SQL Server instance	Schema migration: the SELECT permission on the objects to migrate Full data migration: the SELECT permission on the objects to migrate Incremental data migration: the owner permission on the object to migrate Note A privileged account has the required permissions.	For more information, see Create a privileged account or a standard account.
Self-managed SQL Server database	Schema migration: the SELECT permission on the objects to migrate Full data migration: the SELECT permission on the objects to migrate Incremental data migration: the permissions of the sysadmin role	For more information, see CREATE USER.
ApsaraDB RDS for PostgreSQL instance	Schema migration: the USAGE permission on pg_catalog Full data migration: the SELECT permission on the objects to migrate Incremental data migration: the permissions of a privileged account. The account must be the owner of the database. Note If the source database runs on an ApsaraDB RDS for PostgreSQL 9.4 instance and you migrate only DML operations, the database account must have the REPLICATION permission.	Create an account and Create a database
Self-managed PostgreSQL database	Schema migration: the USAGE permission on pg_catalog Full data migration: the SELECT permission on the objects to migrate Incremental data migration: permissions of the superuser role	For more information, see CREATE USER and GRANT.
Self-managed Oracle database	Schema migration: permissions of the schema owner Full data migration: permissions of the schema owner Incremental data migration: permissions of the database administrator (DBA)	For more information, see CREATE USER and GRANT. Important If you want to migrate incremental data from an Oracle database but permissions of the DBA cannot be granted to the database account, you can grant fine-grained permissions to the account. For more information, see Migrate data from a self-managed Oracle database to an AnalyticDB for PostgreSQL instance.
ApsaraDB for MongoDB instance	Full data migration: read permissions on the source database Incremental data migration: read permissions on the source, admin, and local databases	For more information, see Manage user permissions on MongoDB databases.
Self-managed MongoDB database	Full data migration: read permissions on the source database Incremental data migration: read permissions on the source, admin, and local databases	For more information, see db.createUser().
ApsaraDB for Redis instance	Read permissions on the objects to migrate	Create and manage database accounts
Self-managed Redis database	The `PSYNC` or `SYNC` statement can be executed on the source Redis database.	None
Self-managed TiDB database	The SELECT permission on the objects to migrate and the SHOW VIEW permission	For more information, see Privilege Management
Self-managed Db2 database	Schema migration: the SELECT permission on the objects to migrate and the CONNECT permission Full data migration: the SELECT permission on the objects to migrate and the CONNECT permission Incremental data migration: the DBADM authority	For more information, see Creating group and user IDs for a Db2 database installation and Authorities overview.

Permissions required for the destination database account

Database	Required permission	Authorization method
ApsaraDB RDS for MySQL instance	Read and write permissions on the destination database	For more information, see Create an account and Modify the permissions of an account.
PolarDB for MySQL cluster	Read and write permissions on the destination database	For more information, see Create and manage a database account.
Self-managed MySQL database	The ALL permission on the destination database	For more information, see Create an account for a self-managed MySQL database and configure binary logging.
AnalyticDB for MySQL cluster	Version 2.0: DTS automatically creates a database account and grants permissions to the account. You do not need to specify the database account. Version 3.0: The read and write permissions are required.	Version 3.0: Create a database account.
PolarDB-X 1.0 instance	Read and write permissions on the destination database	For more information, see Manage accounts.
ApsaraDB RDS for MariaDB instance	Read and write permissions on the destination database	For more information, see Create an account on an ApsaraDB RDS for MariaDB instance.
ApsaraDB RDS for SQL Server instance	Read and write permissions on the destination database	For more information, see Create a database and an account.
Self-managed SQL Server database	The ALL permission on the destination database	For more information, see CREATE USER.
ApsaraDB RDS for PostgreSQL instance	Schema migration: the CREATE and USAGE permissions on the migrated objects Full data migration: permissions of the schema owner Incremental data migration: the permissions of the schema owner	For more information, see Create an account.
Self-managed PostgreSQL database	The ALL permission on the destination database	For more information, see CREATE USER and GRANT.
PolarDB for Oracle cluster	Permissions of the schema owner	For more information, see Create a database account
Self-managed Oracle database	Permissions of the schema owner	For more information, see CREATE USER and GRANT.
ApsaraDB for MongoDB instance	The dbAdminAnyDatabase permission, the read and write permissions on the destination database, and the read permissions on the local database	For more information, see Manage user permissions on MongoDB databases.
Self-managed MongoDB database	Read and write permissions on the destination database and the read permissions on the local database	For more information, see db.createUser().
ApsaraDB for Redis instance	If you use the instance password, no authorization is required.	None
ApsaraDB for Redis instance	If you use a custom account, the read and write permissions are required.	For more information, see Create and manage database accounts.
Self-managed Redis database	The database password must be valid.	None