You need to enable JavaScript to run this app.
RDS for MySQL

RDS for MySQL

  • Documentation
    • RDS for MySQLAPI referenceV2(2022-01-01)Managing databasesGrantDatabasePrivilege
Copy page
Download PDF
Managing databases
GrantDatabasePrivilege
Copy page
Download PDF
GrantDatabasePrivilege

Call the GrantDatabasePrivilege API to add authorized database accounts for the specified database.

Request type

Synchronous request.

Request parameters

Name
Type
Required
Example
Description
InstanceId
String
Yes
mysql-r3xq0zdl****
Instance ID.
DBName
String
Yes
testuser1
Database name.
DatabasePrivileges
Object[]
Yes
[ { "AccountName":"testuser", "Host": "192.***.***.2", "AccountPrivilege":"ReadWrite" } ]
List of database account permissions.
AccountName
String
Yes
testdb1
The name of the account that requires authorization.
Host
String
No
%

The specified database account can access the IP address of the database. The default value is %.

  • If the Host is specified as %, the account is allowed to access the database from any IP address.
  • If the Host is specified as 192.10.10.%, it means that the account can access the database from IP addresses between 192.10.10.0 and 192.10.10.255.
  • The specified Host needs to be added to the whitelist bound to the instance.
AccountPrivilege
String
Yes
ReadWrite

The type of account permission granted, with the following values:

  • ReadWrite: Read and write permission.
  • ReadOnly: Read-only permission.
  • DDLOnly: DDL-only permission.
  • DMLOnly: DML-only permission.
  • Custom: Custom permission.

tip

The permission type is single-choice. An error will be reported if multiple permissions are passed.

AccountPrivilegeDetail
String
No
SELECT,INSERT,UPDATE

Database privilege string.

When used as a request parameter, it is required when the value of AccountPrivilege is Custom. The possible values are:

  • SELECT
  • INSERT
  • UPDATE
  • DELETE
  • CREATE
  • DROP
  • REFERENCES
  • INDEX
  • ALTER
  • CREATE TEMPORARY TABLES
  • LOCK TABLES
  • EXECUTE
  • CREATE VIEW
  • SHOW VIEW
  • CREATE ROUTINE
  • ALTER ROUTINE
  • EVENT
  • TRIGGER

When used as a return result, regardless of whether the value of AccountPrivilege is Custom, the detailed privileges of AccountPrivilege will be shown.

tip

Multiple strings are separated by English commas (,).

Response parameters

null

Sample request 

POST /?Action=GrantDatabasePrivilege&Version=2022-01-01 HTTP/1.1
Accept: application/json
Content-Type: application/json
Host: rds-mysql.cn-beijing.volcengineapi.com
X-Date: 20211202T101010Z
Authorization: HMAC-SHA256 Credential=AKLTN2I0MmFiNzMxNWE5NDgzMzk4MmVjMTVkODlkZTZ****/20211202/cn-beijing/rds_mysql/request,SignedHeaders=x-date, Signature=71d31fc7bcf990142851c9833c5656391486cda0ae2e0b8ada733b7c6458****
{
    "InstanceId": "mysql-7582b02b****",
    "DBName": "testdb1",
    "DatabasePrivileges": [
        {
            "AccountName": "testuser1",
            "Host": "192.***.***.2",
            "AccountPrivilege": "ReadWrite"
        }
    ]
}

Sample response 

{
    "ResponseMetadata": {
        "RequestId": "202301161533354BFF2A1927E50A101666",
        "Action": "GrantDatabasePrivilege",
        "Version": "2022-01-01",
        "Service": "rds_mysql",
        "Region": "cn-beijing"
    },
    "Result": null
}

Error codes

For more details, refer to Error codes.

Last updated: 2025.07.07 15:52:02