|
| 1 | += Manage Users and Databases |
| 2 | + |
| 3 | +== Creating User and Databases |
| 4 | + |
| 5 | +It's possible to create additional databases and users right in the specification for the MariaDB instance. |
| 6 | + |
| 7 | +If only a username is provided, a database with the same name will be |
| 8 | +provisioned automatically. |
| 9 | +If a user needs access to another user's database, it can be specified by the `database` field. |
| 10 | + |
| 11 | +.Example MariaDB instance with users |
| 12 | +[source,yaml] |
| 13 | +---- |
| 14 | +apiVersion: vshn.appcat.vshn.io/v1 |
| 15 | +kind: VSHNMariaDB |
| 16 | +metadata: |
| 17 | + name: pgsql-app1-prod |
| 18 | + namespace: prod-app |
| 19 | +spec: |
| 20 | + parameters: |
| 21 | + service: |
| 22 | + access: |
| 23 | + - user: app1 # <1> |
| 24 | + - user: app2 |
| 25 | + database: app1 # <2> |
| 26 | + - user: app3 |
| 27 | + database: app1 |
| 28 | + privileges: |
| 29 | + - SELECT # <3> |
| 30 | + - user: app4 |
| 31 | + writeConnectionSecretToRef: <4> |
| 32 | + name: my-secret |
| 33 | + namespace: app4 |
| 34 | + writeConnectionSecretToRef: |
| 35 | + name: postgres-creds |
| 36 | +---- |
| 37 | +<1> Create a user and a database called app1, the user gets all privileges for the database |
| 38 | +<2> Create a user app2 and giving it all privileges to database app1 |
| 39 | +<3> Create a user app3 and giving it select privileges on database app1 |
| 40 | +<4> Write the connection secret to another namespace. If you want to connect from another namespace, please make sure that you configure the xref:vshn-managed/mariadb/security.adoc[allowed namespaces] accordingly. |
| 41 | + |
| 42 | +Please see the official https://mariadb.com/kb/en/grant/[MariaDB docs] for all available privileges. Only Grants applicable to databases are supported. |
| 43 | + |
| 44 | +== Deleting User and Databases |
| 45 | +To remove a user and its database, you need to remove it from the `access` array in the instance. |
| 46 | + |
| 47 | +A user or database will be removed from the instance, if there are no more references in the `access` array. |
| 48 | + |
| 49 | +.Example Deleting users and databases |
| 50 | +[source,yaml] |
| 51 | +---- |
| 52 | +apiVersion: vshn.appcat.vshn.io/v1 |
| 53 | +kind: VSHNMariaDB |
| 54 | +metadata: |
| 55 | + name: pgsql-app1-prod |
| 56 | + namespace: prod-app |
| 57 | +spec: |
| 58 | + parameters: |
| 59 | + service: |
| 60 | + access: |
| 61 | + - user: app1 # <1> |
| 62 | + - user: app2 |
| 63 | + database: app1 # <2> |
| 64 | + - user: app3 #<3> |
| 65 | + writeConnectionSecretToRef: |
| 66 | + name: postgres-creds |
| 67 | +---- |
| 68 | +<1> Removing this entry would remove the `app1` user and the grant giving it access to the app1 database. It will not remove the database, as it's still referenced by user app2. |
| 69 | +<2> Removing this entry would remove the user `app2` and the grants giving access to database app1. It will not remove the database app1, as it's still referenced by user `app1` |
| 70 | +<3> Removing this entry will remove the user `app3` and its database. |
| 71 | + |
| 72 | +[IMPORTANT] |
| 73 | +.Non-reversible operation |
| 74 | +==== |
| 75 | +If you remove a user completely from the array, the user and the database will be removed from the instance! |
| 76 | +==== |
0 commit comments