In MongoDB 2.4, i want a user can access to mongod instance from only allowed hosts as MySQL can handle.
In MySQL, as you know when giving rights to a user, you can specify this user from this host etc... like below;
GRANT ALL PRIVILEGES ON *.* TO 'monty'#'localhost' WITH GRANT OPTION;
But i couldn't find equivalent of this in MongoDB even i searched a lot at google.
Any ideas?
Thanks in advance.
Related
I switch to MySQL 8 recently; earlier I was using MySQL 5.7 in GCP. I know questions like this have already been asked, but I didn't have any luck. My question is, I want to create a new user just say 'user1' and grant all privileges to a user account on all databases.
The query I am using for user creation:
CREATE USER 'user-1'#'%' IDENTIFIED BY 'user_password';
For privileges:
GRANT ALL PRIVILEGES ON *.* TO 'user-1'#'%';
This privileges query used to work on MySQL 5.7, but when I try to run this query in MySQL 8, I get this error (I logged in as root user and MySQL is in GCP):
SQL Error (1045): Access denied for user 'root'#'%' (using password: YES)
I also tried to run this query one after another like this:
CREATE USER 'user-1'#'%' IDENTIFIED BY 'user_password';
GRANT ALL PRIVILEGES ON *.* TO 'user-1'#'%';
But still I get the same error. I came to know that in MySQL 8 localhost root user have all the privileges, but my server is in Google Cloud, so how can I grant all the privileges to the user I created?
When I run this query in the mysql-8 (I am using HeidiSQL to connect the DB and run query)
SELECT * FROM mysql.user;
I got this output:
In this there are two root users:
For one host is localhost/127.0.0.1 (With all the privilege).
For other host is % (Not have any privilege).
I think I logged in as a user with host-% because my server is in GCP, that's why I cannot give any privilege to the user that I have created. So is there any way to give full permission to the
root#%
so that I can give full permission to the other users, Because I don't think there is any way to log in as a root#localhost
The problem here is that you are trying to create a super user, which is not something supported in cloud SQL, as you can see in this documentation:
Cloud SQL does not support SUPER privileges, which means that GRANT ALL PRIVILEGES statements will not work. As an alternative, you can use GRANT ALL ON %.*.
This alternative mentioned could be enough to grant the permissions you expected.
I had no problems making a test MySQL server and applying permissions a week ago with their MySQL 5.7, but trying out the new 8.0 version, I can't seem to alter permissions as easily, if at all. I'm logged in as root remotely, but a local cloud shell instance does the same.
I'm trying to create a new user that only has access to one database, but I can't seem to get past the part where I revoke all default permissions first.
My method:
CREATE USER 'test_user'#'%' IDENTIFIED BY '{password}';
Gives no error. (I've also tried creating a user through GCP's admin panel)
SHOW GRANTS FOR 'test_user'#'%'; returns GRANT USAGE ON *.* TO `test_user`#`%` (I assume this means the new user has full permissions?)
Then, trying to remove all privileges to start fresh with the user,
REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'test_user'#'%';
shows:
Error: UNKNOWN_CODE_PLEASE_REPORT: Access denied for AuthId `root`#`%` to database 'mysql'.
I'm pretty new to Mysql, so I'm unsure if this is my fault or just a bug. Thank you!
First, I would like to point out that GRANT USAGE ON *.* TO test_user#% means the inverse, it means that the user has no privileges ! ( more info: Mysql Reference )
Secondly, I think that's what causing the error is the ALL PRIVILEGES keyword, it may have been removed in v8.0, so just go straight after user creation and grant him the privileges that you want on a table/database.
i need to grant all privileges for user master to the database 'mysql'(i mean the database not the server) on amazon RDS
i am trying to use
GRANT ALL PRIVILEGES ON mysql.* To 'master'#'aurora-wqeqwe-rdscluster-1jjch50tq2n3s.qrwerw-2.rds.amazon
aws.com' IDENTIFIED BY 'm3vyrtywrsY026y';
You can't grant SUPER privilege on RDS, so you can't use the ALL PRIVILEGES shortcut.
Sorry, you must name the privileges you want to grant explicitly, even if it means listing every privilege except SUPER.
You also can't grant privileges you don't have. I'm not sure your user has privileges to the mysql database. You can find out what privileges you have with SHOW GRANTS.
In your example is "master" any user or is it the name of your RDS Master User account? For the latter take a look at https://aws.amazon.com/premiumsupport/knowledge-center/duplicate-master-user-mysql/
I was also stuck with the same problem a while ago ad came across with this solution GRANT ALL PRIVILEGES ON '%'.* To 'master'#'aurora-wqeqwe-rdscluster-1jjch50tq2n3s.qrwerw-2.rds.amazon
aws.com' IDENTIFIED BY 'm3vyrtywrsY026y';
This worked for me.
for more information you can check the following link
http://www.fidian.com/problems-only-tyler-has/using-grant-all-with-amazons-mysql-rds
Need to access one mysql database for a user remotely. I know it will work if grant all privileges on all databases to that user, like:
grant all on \*.* to 'someone'#'%'
But I just want grant access permission to that user on the database specified, not every database, like:
grant all on mydb.* to 'someone'#'%'.
Unfortunately, remote access will be failed in this case.
Any idea to solve this? Thanks a lot.
Try this,
GRANT SELECT,UPDATE,INSERT,DELETE ON yourdb.* To your_user#'192.162.1.1' identified by 'password';
So, a couple of days ago, our master instance of MySQL started blocking me from accessing all but a couple of databases but only when connecting from a specific IP address. I can connect and see all the databases when connecting from any other IP address and I can connect and see all databases when connecting to a slave instance. Credentials are the same regardless. I've never seen anything like this.
To gain access to all databases you need to run these commands as a privileged user (eg on the machine itself):
grant all privileges on *.* to YOUR_USER_ID#REMOTE_IP_ADDRESS_YOU_WANT_TO_BE_ALLOWED;
flush privileges;
To get the YOUR_USER_ID#REMOTE_IP_ADDRESS_YOU_WANT_TO_BE_ALLOWED run the select user(); command. This will let you know how you are accessing the database, you can grant privileges accordingly
I think what you'll want to do to start exploring this problem is:
http://dev.mysql.com/doc/refman/5.0/en/show-grants.html
show grants for 'user'#'host';
Try run this script
GRANT ALL ON . to user#'%' IDENTIFIED BY 'password';
It would allow you to access from any IP Address and any machines and access all databases.
Good Luck :)