When you create an AWS RDS MySQL instance, RDS creates a root user rdsadmin
. I am curious to know what permissions this user has. But when I try SHOW GRANTS for 'rdsadmin'@'%';
, I get the message:
ERROR 1141 (42000): There is no such grant defined for user 'rdsadmin' on host '%'
Is there an alternative command that I can use to see all of rdsadmin
's permissions/privileges?
CodePudding user response:
In MySQL, user identity is really defined by the user & host pairing. So 'rdsadmin'@'%' is one specific user, and 'rdsadmin'@'localhost' is a different user. The existence of one does not imply the existence of both, and each can have distinct privileges.
So 'rdsadmin'@'%' appears not to exist on RDS. Whereas 'rdsadmin'@'localhost' is the user created by RDS. Given that host, it means no client can connect as that user from a remote host. They can only connect from clients on the RDS host, which you can't access anyway.
But that user can still be the definer of stored routines and views, so you still care about its privileges.
SHOW GRANTS FOR 'rdsadmin'@'localhost';