Ready to level-up your engineering skills? Join a Pulumi Workshop. Register Now

Grant

The mysql.Grant resource creates and manages privileges given to a user on a MySQL server.

Examples

Granting Privileges to a User

import * as pulumi from "@pulumi/pulumi";
import * as mysql from "@pulumi/mysql";

const jdoeUser = new mysql.User("jdoe", {
    host: "example.com",
    plaintextPassword: "password",
    user: "jdoe",
});
const jdoeGrant = new mysql.Grant("jdoe", {
    database: "app",
    host: jdoeUser.host,
    privileges: [
        "SELECT",
        "UPDATE",
    ],
    user: jdoeUser.user,
});
import pulumi
import pulumi_mysql as mysql

jdoe_user = mysql.User("jdoeUser",
    host="example.com",
    plaintext_password="password",
    user="jdoe")
jdoe_grant = mysql.Grant("jdoeGrant",
    database="app",
    host=jdoe_user.host,
    privileges=[
        "SELECT",
        "UPDATE",
    ],
    user=jdoe_user.user)
using Pulumi;
using MySql = Pulumi.MySql;

class MyStack : Stack
{
    public MyStack()
    {
        var jdoeUser = new MySql.User("jdoeUser", new MySql.UserArgs
        {
            Host = "example.com",
            PlaintextPassword = "password",
            User = "jdoe",
        });
        var jdoeGrant = new MySql.Grant("jdoeGrant", new MySql.GrantArgs
        {
            Database = "app",
            Host = jdoeUser.Host,
            Privileges = 
            {
                "SELECT",
                "UPDATE",
            },
            User = jdoeUser.UserName,
        });
    }

}
package main

import (
	"github.com/pulumi/pulumi-mysql/sdk/v2/go/mysql"
	"github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		jdoeUser, err := mysql.NewUser(ctx, "jdoeUser", &mysql.UserArgs{
			Host:              pulumi.String("example.com"),
			PlaintextPassword: pulumi.String("password"),
			User:              pulumi.String("jdoe"),
		})
		if err != nil {
			return err
		}
		_, err = mysql.NewGrant(ctx, "jdoeGrant", &mysql.GrantArgs{
			Database: pulumi.String("app"),
			Host:     jdoeUser.Host,
			Privileges: pulumi.StringArray{
				pulumi.String("SELECT"),
				pulumi.String("UPDATE"),
			},
			User: jdoeUser.User,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

Granting Privileges to a Role

import * as pulumi from "@pulumi/pulumi";
import * as mysql from "@pulumi/mysql";

const developerRole = new mysql.Role("developer", {});
const developerGrant = new mysql.Grant("developer", {
    database: "app",
    privileges: [
        "SELECT",
        "UPDATE",
    ],
    role: developerRole.name,
});
import pulumi
import pulumi_mysql as mysql

developer_role = mysql.Role("developerRole")
developer_grant = mysql.Grant("developerGrant",
    database="app",
    privileges=[
        "SELECT",
        "UPDATE",
    ],
    role=developer_role.name)
using Pulumi;
using MySql = Pulumi.MySql;

class MyStack : Stack
{
    public MyStack()
    {
        var developerRole = new MySql.Role("developerRole", new MySql.RoleArgs
        {
        });
        var developerGrant = new MySql.Grant("developerGrant", new MySql.GrantArgs
        {
            Database = "app",
            Privileges = 
            {
                "SELECT",
                "UPDATE",
            },
            Role = developerRole.Name,
        });
    }

}
package main

import (
	"github.com/pulumi/pulumi-mysql/sdk/v2/go/mysql"
	"github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		developerRole, err := mysql.NewRole(ctx, "developerRole", nil)
		if err != nil {
			return err
		}
		_, err = mysql.NewGrant(ctx, "developerGrant", &mysql.GrantArgs{
			Database: pulumi.String("app"),
			Privileges: pulumi.StringArray{
				pulumi.String("SELECT"),
				pulumi.String("UPDATE"),
			},
			Role: developerRole.Name,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

Adding a Role to a User

import * as pulumi from "@pulumi/pulumi";
import * as mysql from "@pulumi/mysql";

const jdoe = new mysql.User("jdoe", {
    host: "example.com",
    plaintextPassword: "password",
    user: "jdoe",
});
const developerRole = new mysql.Role("developer", {});
const developerGrant = new mysql.Grant("developer", {
    database: "app",
    host: jdoe.host,
    roles: [developerRole.name],
    user: jdoe.user,
});
import pulumi
import pulumi_mysql as mysql

jdoe = mysql.User("jdoe",
    host="example.com",
    plaintext_password="password",
    user="jdoe")
developer_role = mysql.Role("developerRole")
developer_grant = mysql.Grant("developerGrant",
    database="app",
    host=jdoe.host,
    roles=[developer_role.name],
    user=jdoe.user)
using Pulumi;
using MySql = Pulumi.MySql;

class MyStack : Stack
{
    public MyStack()
    {
        var jdoe = new MySql.User("jdoe", new MySql.UserArgs
        {
            Host = "example.com",
            PlaintextPassword = "password",
            User = "jdoe",
        });
        var developerRole = new MySql.Role("developerRole", new MySql.RoleArgs
        {
        });
        var developerGrant = new MySql.Grant("developerGrant", new MySql.GrantArgs
        {
            Database = "app",
            Host = jdoe.Host,
            Roles = 
            {
                developerRole.Name,
            },
            User = jdoe.UserName,
        });
    }

}
package main

import (
	"github.com/pulumi/pulumi-mysql/sdk/v2/go/mysql"
	"github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		jdoe, err := mysql.NewUser(ctx, "jdoe", &mysql.UserArgs{
			Host:              pulumi.String("example.com"),
			PlaintextPassword: pulumi.String("password"),
			User:              pulumi.String("jdoe"),
		})
		if err != nil {
			return err
		}
		developerRole, err := mysql.NewRole(ctx, "developerRole", nil)
		if err != nil {
			return err
		}
		_, err = mysql.NewGrant(ctx, "developerGrant", &mysql.GrantArgs{
			Database: pulumi.String("app"),
			Host:     jdoe.Host,
			Roles: pulumi.StringArray{
				developerRole.Name,
			},
			User: jdoe.User,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

Create a Grant Resource

new Grant(name: string, args: GrantArgs, opts?: CustomResourceOptions);
def Grant(resource_name: str, opts: Optional[ResourceOptions] = None, database: Optional[str] = None, grant: Optional[bool] = None, host: Optional[str] = None, privileges: Optional[Sequence[str]] = None, role: Optional[str] = None, roles: Optional[Sequence[str]] = None, table: Optional[str] = None, tls_option: Optional[str] = None, user: Optional[str] = None)
func NewGrant(ctx *Context, name string, args GrantArgs, opts ...ResourceOption) (*Grant, error)
public Grant(string name, GrantArgs args, CustomResourceOptions? opts = null)
name string
The unique name of the resource.
args GrantArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
opts ResourceOptions
A bag of options that control this resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args GrantArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args GrantArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.

Grant Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The Grant resource accepts the following input properties:

Database string

The database to grant privileges on.

GrantName bool

Whether to also give the user privileges to grant the same privileges to other users.

Host string

The source host of the user. Defaults to “localhost”. Conflicts with role.

Privileges List<string>

A list of privileges to grant to the user. Refer to a list of privileges (such as here) for applicable privileges. Conflicts with roles.

Role string

The role to grant privileges to. Conflicts with user and host.

Roles List<string>

A list of rols to grant to the user. Conflicts with privileges.

Table string

Which table to grant privileges on. Defaults to *, which is all tables.

TlsOption string

An TLS-Option for the GRANT statement. The value is suffixed to REQUIRE. A value of ‘SSL’ will generate a GRANT ... REQUIRE SSL statement. See the MYSQL GRANT documentation for more. Ignored if MySQL version is under 5.7.0.

User string

The name of the user. Conflicts with role.

Database string

The database to grant privileges on.

Grant bool

Whether to also give the user privileges to grant the same privileges to other users.

Host string

The source host of the user. Defaults to “localhost”. Conflicts with role.

Privileges []string

A list of privileges to grant to the user. Refer to a list of privileges (such as here) for applicable privileges. Conflicts with roles.

Role string

The role to grant privileges to. Conflicts with user and host.

Roles []string

A list of rols to grant to the user. Conflicts with privileges.

Table string

Which table to grant privileges on. Defaults to *, which is all tables.

TlsOption string

An TLS-Option for the GRANT statement. The value is suffixed to REQUIRE. A value of ‘SSL’ will generate a GRANT ... REQUIRE SSL statement. See the MYSQL GRANT documentation for more. Ignored if MySQL version is under 5.7.0.

User string

The name of the user. Conflicts with role.

database string

The database to grant privileges on.

grant boolean

Whether to also give the user privileges to grant the same privileges to other users.

host string

The source host of the user. Defaults to “localhost”. Conflicts with role.

privileges string[]

A list of privileges to grant to the user. Refer to a list of privileges (such as here) for applicable privileges. Conflicts with roles.

role string

The role to grant privileges to. Conflicts with user and host.

roles string[]

A list of rols to grant to the user. Conflicts with privileges.

table string

Which table to grant privileges on. Defaults to *, which is all tables.

tlsOption string

An TLS-Option for the GRANT statement. The value is suffixed to REQUIRE. A value of ‘SSL’ will generate a GRANT ... REQUIRE SSL statement. See the MYSQL GRANT documentation for more. Ignored if MySQL version is under 5.7.0.

user string

The name of the user. Conflicts with role.

database str

The database to grant privileges on.

grant bool

Whether to also give the user privileges to grant the same privileges to other users.

host str

The source host of the user. Defaults to “localhost”. Conflicts with role.

privileges Sequence[str]

A list of privileges to grant to the user. Refer to a list of privileges (such as here) for applicable privileges. Conflicts with roles.

role str

The role to grant privileges to. Conflicts with user and host.

roles Sequence[str]

A list of rols to grant to the user. Conflicts with privileges.

table str

Which table to grant privileges on. Defaults to *, which is all tables.

tls_option str

An TLS-Option for the GRANT statement. The value is suffixed to REQUIRE. A value of ‘SSL’ will generate a GRANT ... REQUIRE SSL statement. See the MYSQL GRANT documentation for more. Ignored if MySQL version is under 5.7.0.

user str

The name of the user. Conflicts with role.

Outputs

All input properties are implicitly available as output properties. Additionally, the Grant resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
Id string
The provider-assigned unique ID for this managed resource.
id string
The provider-assigned unique ID for this managed resource.
id str
The provider-assigned unique ID for this managed resource.

Look up an Existing Grant Resource

Get an existing Grant resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: GrantState, opts?: CustomResourceOptions): Grant
@staticmethod
def get(resource_name: str, id: str, opts: Optional[ResourceOptions] = None, database: Optional[str] = None, grant: Optional[bool] = None, host: Optional[str] = None, privileges: Optional[Sequence[str]] = None, role: Optional[str] = None, roles: Optional[Sequence[str]] = None, table: Optional[str] = None, tls_option: Optional[str] = None, user: Optional[str] = None) -> Grant
func GetGrant(ctx *Context, name string, id IDInput, state *GrantState, opts ...ResourceOption) (*Grant, error)
public static Grant Get(string name, Input<string> id, GrantState? state, CustomResourceOptions? opts = null)
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

The following state arguments are supported:

Database string

The database to grant privileges on.

GrantName bool

Whether to also give the user privileges to grant the same privileges to other users.

Host string

The source host of the user. Defaults to “localhost”. Conflicts with role.

Privileges List<string>

A list of privileges to grant to the user. Refer to a list of privileges (such as here) for applicable privileges. Conflicts with roles.

Role string

The role to grant privileges to. Conflicts with user and host.

Roles List<string>

A list of rols to grant to the user. Conflicts with privileges.

Table string

Which table to grant privileges on. Defaults to *, which is all tables.

TlsOption string

An TLS-Option for the GRANT statement. The value is suffixed to REQUIRE. A value of ‘SSL’ will generate a GRANT ... REQUIRE SSL statement. See the MYSQL GRANT documentation for more. Ignored if MySQL version is under 5.7.0.

User string

The name of the user. Conflicts with role.

Database string

The database to grant privileges on.

Grant bool

Whether to also give the user privileges to grant the same privileges to other users.

Host string

The source host of the user. Defaults to “localhost”. Conflicts with role.

Privileges []string

A list of privileges to grant to the user. Refer to a list of privileges (such as here) for applicable privileges. Conflicts with roles.

Role string

The role to grant privileges to. Conflicts with user and host.

Roles []string

A list of rols to grant to the user. Conflicts with privileges.

Table string

Which table to grant privileges on. Defaults to *, which is all tables.

TlsOption string

An TLS-Option for the GRANT statement. The value is suffixed to REQUIRE. A value of ‘SSL’ will generate a GRANT ... REQUIRE SSL statement. See the MYSQL GRANT documentation for more. Ignored if MySQL version is under 5.7.0.

User string

The name of the user. Conflicts with role.

database string

The database to grant privileges on.

grant boolean

Whether to also give the user privileges to grant the same privileges to other users.

host string

The source host of the user. Defaults to “localhost”. Conflicts with role.

privileges string[]

A list of privileges to grant to the user. Refer to a list of privileges (such as here) for applicable privileges. Conflicts with roles.

role string

The role to grant privileges to. Conflicts with user and host.

roles string[]

A list of rols to grant to the user. Conflicts with privileges.

table string

Which table to grant privileges on. Defaults to *, which is all tables.

tlsOption string

An TLS-Option for the GRANT statement. The value is suffixed to REQUIRE. A value of ‘SSL’ will generate a GRANT ... REQUIRE SSL statement. See the MYSQL GRANT documentation for more. Ignored if MySQL version is under 5.7.0.

user string

The name of the user. Conflicts with role.

database str

The database to grant privileges on.

grant bool

Whether to also give the user privileges to grant the same privileges to other users.

host str

The source host of the user. Defaults to “localhost”. Conflicts with role.

privileges Sequence[str]

A list of privileges to grant to the user. Refer to a list of privileges (such as here) for applicable privileges. Conflicts with roles.

role str

The role to grant privileges to. Conflicts with user and host.

roles Sequence[str]

A list of rols to grant to the user. Conflicts with privileges.

table str

Which table to grant privileges on. Defaults to *, which is all tables.

tls_option str

An TLS-Option for the GRANT statement. The value is suffixed to REQUIRE. A value of ‘SSL’ will generate a GRANT ... REQUIRE SSL statement. See the MYSQL GRANT documentation for more. Ignored if MySQL version is under 5.7.0.

user str

The name of the user. Conflicts with role.

Package Details

Repository
https://github.com/pulumi/pulumi-mysql
License
Apache-2.0
Notes
This Pulumi package is based on the mysql Terraform Provider.