-
Notifications
You must be signed in to change notification settings - Fork 5.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
TiDB supports high-privilege accounts #18378
Comments
@gejibin Would you mind to participate in the development of this feature if we provide the design RFC? |
@zhangjinpeng1987 if you can provide the detail-level design, we can Participate in development. But we are not very sure about the timing. If you can finish the detailed design next month, we may be able to complete this function before October. |
Can it be accomplished by the current privilege system? I'm a little confused about the desired privilege, could you give some links about the described privilege management in Aurora and PolarDB? |
@zz-jason you can try to use the aurora or polarDB in Amazon Cloud or Alibaba Cloud. |
I believe this is a duplicate of #14148 There are a few ways to implement this, my preference would be via an admin-only port. |
Feature Request
在公有云上,给TiDB用户创建一个高权限的账号,权限与root账号一样,但是该高权限账号有如下限制:
2.不能删除内置账号,哪些是内置账号可以通过配置文件指定。
这样,用户可以通过高权限的账号做自己的任何操作,同时不影响服务提供方(公有云)运维tidb数据库。
目前,aurora和polarDB均支持这种高权限的账号。
On the public cloud, create a high-privilege account for TiDB users. The permissions are the same as the root account, but the high-privilege account has the following restrictions:
In this way, users can do any of their operations through a high-privilege account without affecting the service provider (public cloud) operation and maintenance of the tidb database.
Currently, both aurora and polarDB support such high-privilege accounts.
The text was updated successfully, but these errors were encountered: