CREATE USER
Description
The CREATE USER statement is used to create a new seekdb user. After a new user is created, you can use the new user to connect to seekdb.
Privilege requirements
To execute the CREATE USER statement, the current user must have the global CREATE USER privilege. For more information about seekdb privileges, see seekdb privilege classification.
Syntax
CREATE USER [IF NOT EXISTS] {user [, user...]}
[REQUIRE {NONE | SSL | X509 | tls_option}]
[WITH resource_option [resource_option...]];
user:
user_name
| user_name IDENTIFIED [WITH auth_plugin] BY password
| user_name IDENTIFIED [WITH auth_plugin] BY PASSWORD password
| user_name IDENTIFIED [WITH auth_plugin] AS PASSWORD 'auth_string'
tls_option:
CIPHER cipher_name
| ISSUER issuer_name
| SUBJECT subject_name
resource_option:
MAX_CONNECTIONS_PER_HOUR integer
| MAX_USER_CONNECTIONS integer
Parameter description
| Parameter | Description |
|---|---|
| IF NOT EXISTS | Indicates whether to create a user if the username already exists. If you do not specify IF NOT EXISTS and the username already exists, an error will be returned. |
| user_name | The username. After a new user is created, a new row will be added to the mysql.user table. To create multiple users at a time, separate the usernames with commas (,). |
| auth_plugin | The authentication method for the user. Only the mysql_native_password authentication plugin is supported. |
| IDENTIFIED BY password | The plaintext password for the user. After the password is stored in the mysql.user table, it will be encrypted. If the password contains special characters ~!@#%^&*_-+=`|()[]:;',.?/, enclose it in double quotation marks (") or single quotation marks ('). |
| IDENTIFIED BY PASSWORD password | The encrypted password for the user. The password will be directly stored in the mysql.user table. |
| IDENTIFIED AS PASSWORD | Sets the account authentication plugin to auth_plugin and stores the auth_string value in the mysql.user table. If the plugin requires a hashed string, it is assumed that the string is already in the required hashed format. |
| REQUIRE | Specifies the password verification requirements for the user. Valid values are as follows:
|
| tls_option | Specifies the specific TLS requirements. Valid values are as follows:
|
| resource_option | Specifies the resource options for the user. If multiple resource options are specified, separate them with spaces. Valid values are as follows:
|
Examples
-
Create users test1 and test2, and specify plaintext passwords and the maximum number of connections allowed for each user.
CREATE USER IF NOT EXISTS test1 IDENTIFIED BY '********', test2 IDENTIFIED BY '********' WITH MAX_USER_CONNECTIONS 10; -
Create user test3, specify an encrypted password, and require the use of an SSL connection for authentication.
CREATE USER IF NOT EXISTS test3 IDENTIFIED BY PASSWORD '********' REQUIRE SSL; -
Create user test4, and specify the use of the mysql_native_password authentication plugin.
CREATE USER IF NOT EXISTS test4 IDENTIFIED WITH mysql_native_password BY PASSWORD '********';
References
-
For information about granting privileges to a user, see Grant privileges.
-
You can view the information about the created users in the
mysql.usertable. For more information about themysql.usertable, see mysql.user. -
For information about connecting to seekdb using the created user, see Connect to seekdb.