Cool, can this affect replication with HA instances?
On Sep 10, 2021, 6:29 PM +0200, Pavel Ivanov <paivanof@gmail.com>, wrote:
You should execute
REVOKE cloudsqlsuperuser FROM 'database_production'@'%';
cloudsqlsuperuser is the role that is granted to all users created
from web UI and that grants read/write permissions on all databases.
See https://cloud.google.com/sql/docs/mysql/users#cloudsqlsuperuser.
Pavel
On Fri, Sep 10, 2021 at 6:13 AM Goran Tepšić <purpleritza@gmail.com> wrote:
I just migrated a database to CloudSQL and trying to create users but with default settings for creating users from web UI, all my users are able to access all databases which is scary.
I tried using GRANTS like:
GRANT ALL ON user_production.* TO 'database_production'@'%';
It doesn't work though, regardless of the grants above, when I login via CLI MySQL client as any user, I can freely browse all databases with the same user.
Did I miss something? How do one limit CloudSQL's MySQL user to one particular database?
--
You received this message because you are subscribed to the Google Groups "Google Cloud SQL discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-cloud-sql-discuss+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-cloud-sql-discuss/d378c165-9bc9-4e34-ac50-1f2ebcbe62ccn%40googlegroups.com.
No comments:
Post a Comment