Privileges for MariaDB Xpand 6.1

This page is part of MariaDB's MariaDB Documentation.

The parent of this page is: Reference for MariaDB Xpand 6.1

Topics on this page:

Overview

Overview

Privileges can be granted to users to control who can perform what actions in MariaDB Xpand.

Privilege	Description
ALL	Grants all available privileges at the given privilege scope. Alias for `ALL PRIVILEGES`.
ALL PRIVILEGES	Grants all available privileges at the given privilege level. Granting all privileges on a table does not grant any privileges on a database, for example.
ALTER	Grants ability to `ALTER TABLE`
ALTER ROUTINE	Grants ability to `ALTER FUNCTION`, `ALTER PROCEDURE`, `DROP FUNCTION`, `DROP PROCEDURE`
BINLOG ADMIN	Grants ability to `CREATE BINLOG`, `ALTER BINLOG`, `DROP BINLOG`, `ROTATE BINLOG`, `TRIM BINLOG`, `SHOW BINLOGS`, `SHOW BINLOG POSITION`, `SHOW BINLOG SEGMENTS`
CLUSTER ADMIN	Grants ability to `ALTER SLICE`, `ALTER REPLICA`, `ALTER CLUSTER`
CONNECTION ADMIN	Grants ability to `KILL`
CREATE	Grants ability to `CREATE DATABASE`, `CREATE TABLE`
CREATE ROUTINE	Grants ability to `CREATE FUNCTION`, `CREATE PROCEDURE`
CREATE TABLESPACE	Unused, but is checked in granting privileges to other users (such as `GRANT ALL`)
CREATE TEMPORARY TABLES	Grants ability to `CREATE TEMPORARY TABLE`
CREATE USER	Grants ability to `CREATE USER`, or to create user with `GRANT`
CREATE VIEW	Grants ability to `CREATE VIEW`
DELETE	Grants ability to `DELETE`
DROP	Grants ability to `DROP DATABASE`, `DROP TABLE`, `DROP VIEW`, `TRUNCATE`
EVENT	Unused, but is checked in granting privileges to other users (such as `GRANT ALL`)
EXECUTE	Grants ability to execute stored routines
FILE	Grants ability to Read and write files on the server
GRANT OPTION	Grants ability to `GRANT` (granting privileges only)
INDEX	Grants ability to `CREATE INDEX`, `DROP INDEX`, or create an index with `ALTER TABLE`
INSERT	Grants ability to `INSERT`
LOCK TABLES	Grants ability to `LOCK TABLES` (requires `SELECT` privilege)
OSAUTH	Grants the ability for the user to be authenticated by the OS. This allows a SQL user to log in without a password as long as they have been authenticated as the corresponding OS user.
PROCESS	Grants ability to `SHOW PROCESSLIST`
PROXY	Unused
REFERENCES	Creating a foreign key constraint requires the `REFERENCES` privilege for the parent table
RELOAD	Grants ability to `FLUSH`
REPAIR ADMIN	Grants ability to `REPAIR TABLE`
REPLICATION ADMIN	Grants ability to `STOP REPLICA`, `STOP SLAVE`, `REPLICA STOP`, `SLAVE STOP`, `START REPLICA`, `START SLAVE`, `CHANGE MASTER TO`, `CHANGE REPLICA`, `CHANGE SLAVE`, `DROP REPLICA`, `DROP SLAVE`
REPLICATION CLIENT	Grants ability to `SHOW MASTER STATUS`, `SHOW SLAVE STATUS`, `SHOW BINARY LOGS`
REPLICATION REPLICA	Grants ability to read binary log events from the master (needed by replicas). Alias for `REPLICATION SLAVE`.
REPLICATION SLAVE	Grants ability to read binary log events from the master (needed by replicas)
SELECT	Grants ability to `SELECT`
SET USER	Grants ability to `CREATE DEFINER=[<user_name>] TRIGGER` and `CREATE DEFINER=[<user_name>] PROCEDURE`
SHOW DATABASES	Grants ability to `SHOW DATABASES`
SHOW GRANTS
SHOW VIEW	Grants ability to `SHOW CREATE VIEW`
SHUTDOWN	Grants ability to shut down the server
SUPER	Grants ability to perform certain administrative and superuser operations
SYSTEM VARIABLES ADMIN	Grants ability to `SET GLOBAL <var_name>` and `SELECT ... INTO .@@global.<var_name>`.
TRIGGER	Grants ability to `CREATE TRIGGER`, `DROP TRIGGER`, execute triggers on tables you update
TRUNCATE
UPDATE	Grants ability to UPDATE (requires `SELECT` privilege for `WHERE` clause)
USAGE	Grants ability to connect to the database server
XPAND