| title | summary | aliases | ||
|---|---|---|---|---|
CREATE USER | TiDB SQL Statement Reference |
An overview of the usage of CREATE USER for the TiDB database. |
|
This statement creates a new user, specified with a password. In the MySQL privilege system, a user is the combination of a username and the host from which they are connecting from. Thus, it is possible to create a user 'newuser2'@'192.168.1.1' who is only able to connect from the IP address 192.168.1.1. It is also possible to have two users have the same user-portion, and different permissions as they login from different hosts.
CreateUserStmt:
IfNotExists:
UserSpecList:
UserSpec:
AuthOption:
StringName:
Create a user with the newuserpassword password.
mysql> CREATE USER 'newuser' IDENTIFIED BY 'newuserpassword';
Query OK, 1 row affected (0.04 sec)Create a user who can only log in to 192.168.1.1.
mysql> CREATE USER 'newuser2'@'192.168.1.1' IDENTIFIED BY 'newuserpassword';
Query OK, 1 row affected (0.02 sec)Create a user who is enforced to log in using TLS connection.
CREATE USER 'newuser3'@'%' REQUIRE SSL IDENTIFIED BY 'newuserpassword';
Query OK, 1 row affected (0.02 sec)Create a user who is required to use X.509 certificate at login.
CREATE USER 'newuser4'@'%' REQUIRE ISSUER '/C=US/ST=California/L=San Francisco/O=PingCAP' IDENTIFIED BY 'newuserpassword';
Query OK, 1 row affected (0.02 sec)The following CREATE USER options are not yet supported by TiDB, and will be parsed but ignored:
- TiDB does not support
WITH MAX_QUERIES_PER_HOUR,WITH MAX_UPDATES_PER_HOUR, andWITH MAX_USER_CONNECTIONSoptions. - TiDB does not support the
DEFAULT ROLEoption. - TiDB does not support
PASSWORD EXPIRE,PASSWORD HISTORYor other options related to password. - TiDB does not support the
ACCOUNT LOCKandACCOUNT UNLOCKoptions.