Privileges for MariaDB Community Server 10.4

Overview

Privileges can be granted to users to control who can perform what actions in MariaDB Community Server.

Privilege

Description

ADMIN OPTION

Grants ability to GRANT other users the roles you hold

ALL PRIVILEGES

Grants all available privileges at the given privilege level. Granting all privileges on a table does not grant any privileges on a database, for example.

ALTER

Grants ability to ALTER TABLE

ALTER ROUTINE

Grants ability to ALTER FUNCTION, ALTER PROCEDURE

CREATE

Grants ability to CREATE DATABASE, CREATE TABLE

CREATE ROUTINE

Grants ability to CREATE FUNCTION, CREATE PROCEDURE

CREATE TABLESPACE

Unused, but is checked in granting privileges to other users (such as GRANT ALL)

CREATE TEMPORARY TABLES

Grants ability to CREATE TEMPORARY TABLE

CREATE USER

Grants ability to CREATE USER, or to create user with GRANT

CREATE VIEW

Grants ability to CREATE VIEW

DELETE

Grants ability to DELETE

DELETE HISTORY

Grants ability to DELETE HISTORY (from a system-versioned table)

DROP

Grants ability to DROP DATABASE, DROP TABLE, DROP VIEW, TRUNCATE

EVENT

Grants ability to ALTER EVENT, CREATE EVENT, DROP EVENT, and execute events

EXECUTE

Grants ability to execute stored routines

FILE

Grants ability to Read and write files on the server

GRANT OPTION

Grants ability to GRANT (granting privileges only)

INDEX

Grants ability to CREATE INDEX, DROP INDEX, or create an index with ALTER TABLE

INSERT

Grants ability to INSERT

LOCK TABLES

Grants ability to LOCK TABLES (requires SELECT privilege)

PROCESS

Grants ability to SHOW PROCESSLIST

PROXY

Grants ability to Proxy from one account to another

REFERENCES

Unused, but is checked in granting privileges to other users (such as GRANT ALL)

RELOAD

Grants ability to FLUSH

REPLICATION CLIENT

Grants ability to SHOW MASTER STATUS, SHOW SLAVE STATUS, SHOW BINARY LOGS. In ES10.5, is an alias for BINLOG MONITOR and the capabilities have changed. BINLOG MONITOR grants ability to SHOW MASTER STATUS, SHOW BINARY LOGS, SHOW BINLOG EVENTS, and SHOW BINLOG STATUS.

REPLICATION SLAVE

Grants ability to read binary log events from the master (needed by replicas). Capabilities changed in ES10.5, see details. REPLICATION REPLICA was added as an alias in 10.5.

SELECT

Grants ability to SELECT

SHOW DATABASES

Grants ability to SHOW DATABASES

SHOW SCHEMAS

Grants ability to SHOW SCHEMAS. SHOW SCHEMAS is a synonym for SHOW DATABASES.

SHOW VIEW

Grants ability to SHOW CREATE VIEW

SHUTDOWN

Grants ability to shut down the server

SUPER

Grants ability to perform superuser operations such as KILL thread, SET GLOBAL, CHANGE MASTER, etc.

TRIGGER

Grants ability to CREATE TRIGGER, DROP TRIGGER, execute triggers on tables you update

UPDATE

Grants ability to UPDATE (requires SELECT privilege for WHERE clause)

USAGE

Grants ability to connect to the database server