# Permission Desc
Different functions and stages require different permissions. The permission requirements that may be involved in each function are listed below. If there are any omissions, please suggest and add.
The suggested permissions are:
GRANT ALL PRIVILEGES ON *.* TO ...
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, PROCESS, REFERENCES, INDEX, ALTER, SUPER, REPLICATION SLAVE, REPLICATION CLIENT, TRIGGER ON *.* TO ...
# Audit function
information_schema dbMetadata query permissions, table structure, index information, constraints, etc.
mysql dbuse permission, no query, the library is connected by default, and it can be modified by calling the option
DMLDuring the audit, the explain operation will be performed on the DML statement, and this operation requires the actual corresponding DML authority.
REFERENCESOnly required for foreign keys
- Actual SQL execution permissions
# Use pt-osc
PROCESSpermission, view processlist information
TRIGGERcreate and delete triggers
REPLICATION CLIENTWhen there is a master-slave, check the master-slave delay
# Use gh-ost
SUPER|REPLICATION CLIENT, REPLICATION SLAVESimulate slave pull binlog events
# Remote database
SUPERWhen the binlog format is not row, execute
set session binlog_format='row'
SUPER|REPLICATION CLIENT, REPLICATION SLAVEbinlog解析
# Database used for backup
It is recommended to grant all permissions to the backup library instance