The following commands create a database user "customer" for read access and execute access. These commands should be executed on the master database, or one of them in the case of replication.

From Release 3.33 onwards

From Release 3.33, the JTELCustomer database is used for all customer routines. Customers are only granted read access to the JTELWeb, JTELStats, JTELStats2 and JTELLog databases, and full access to JTELCustomer:

# Create the user
CREATE USER 'customer'@'%' IDENTIFIED WITH mysql_native_password BY '<secret>';

# Grant the user access to read everything and execute all stored procedures on all DBs
GRANT SELECT ON *.* TO 'customer'@'%';
GRANT EXECUTE ON *.* TO 'customer'@'%';
GRANT CREATE TEMPORARY TABLES ON *.* TO 'customer'@'%';
GRANT SHOW VIEW ON *.* TO 'customer'@'%';

# Grant the user full access to customer db
GRANT ALL ON JTELCustomer.* TO 'customer'@'%';

# Make changes active
FLUSH PRIVILEGES;

Before Release 3.33

Before release 3.33, the JTELCustomer database was not present, necessitating CREATE / ALTER ROUTINE access to the JTEL databases:

CREATE USER 'customer'@'%' IDENTIFIED WITH mysql_native_password BY 'secret';
GRANT SELECT, CREATE TEMPORARY TABLES, CREATE ROUTINE, ALTER ROUTINE, EXECUTE ON JTELWeb.* TO 'customer'@'%';
GRANT SELECT, CREATE TEMPORARY TABLES, CREATE ROUTINE, ALTER ROUTINE, EXECUTE ON JTELStats.* TO 'customer'@'%';
GRANT SELECT, CREATE TEMPORARY TABLES, CREATE ROUTINE, ALTER ROUTINE, EXECUTE ON JTELStats2.* TO 'customer'@'%';
GRANT SELECT, CREATE TEMPORARY TABLES, CREATE ROUTINE, ALTER ROUTINE, EXECUTE ON JTELLog.* TO 'customer'@'%';
FLUSH PRIVILEGES;

We recommend that the customer access the slave database for most purposes.

Page tree

Role DATA - Create MySQL User for Customer Access (CentOS8/Win2019)

From Release 3.33 onwards

Before Release 3.33