CREATE USER
On this page
Create a new user account.
Note
Refer to Manage Organizations, Manage Organization Users, and Manage Database Users for more information about managing users and groups.
Syntax
CREATE USER [IF NOT EXISTS] user[@host][IDENTIFIED BY 'password'][WITH {DEFAULT RESOURCE POOL = poolname} |{FAILED_LOGIN_ATTEMPTS = integer PASSWORD_LOCK_TIME = integer} |{DEFAULT RESOURCE POOL = poolname FAILED_LOGIN_ATTEMPTS = integer PASSWORD_LOCK_TIME = integer}][REQUIRE {SSL | NONE}][ATTRIBUTE <valid json>][COMMENT <comment string>]
Arguments
user: The name of the user.
host: The host that the user can connect from.localhost
means the user account can be used only when connecting from the local host.%
wildcard will be used, which allows the user to connect from any host.
password: An optional database connection password.
poolname: The default resource pool for the user.
FAILED_PASSWORD_
, specifies the failed login attempt lockout behavior.FAILED_
is the number of failed attempts allowed after which the account is locked out.PASSWORD_
must also be specified.
PASSWORD_FAILED_
, specifies the failed login attempt lockout behavior.PASSWORD_
is the number of seconds a locked out account must wait before reattempting to log in.
REQUIRE: SSL
option ensures that the user connects via SSL.NONE
specifies that SSL will not be required for the connection.
Note
You must set both FAILED_
and PASSWORD_
to enable the lockout feature.
To modify the FAILED_
and PASSWORD_
settings for a user, or to unlock a locked user, use ALTER USER.
ATTRIBUTE and COMMENT: Optional arguments used to provide additional information about a user.ATTRIBUTE
must come first.
Remarks
-
The
CREATE USER
command must be run by a user with administrative privileges on the database.Also, the new user does not have any privileges granted by default. Use GRANT to specify privileges for the new user. -
Other
CREATE USER
command options aren’t applied in case the user exists andIF NOT EXISTS
is specified, one has to use theGRANT
command to assign privileges or theALTER USER
command to change user properties. -
The
WITH
keyword must be used with the following options and should be specified only once:-
[
DEFAULT RESOURCE POOL = <poolname>
] -
[
FAILED_
]LOGIN_ ATTEMPTS = integer PASSWORD_ LOCK_ TIME = <integer>
WITH DEFAULT RESOURCE POOL = pool1 FAILED_LOGIN_ATTEMPTS = 10 PASSWORD_LOCK_TIME = 20
or
WITH FAILED_LOGIN_ATTEMPTS = 10 PASSWORD_LOCK_TIME = 20
or
WITH DEFAULT RESOURCE POOL = pool1
-
-
This command causes implicit commits.
Refer to COMMIT for more information. -
In SingleStore Helios, you do not have privileges to create your own resource pool.
You need to raise a ticket with Support to create it. Once it is created you can assign it to users. -
The
CREATE USER
command only applies to the current node unless thesync_
engine variable is set topermissions ON
. -
The
CREATE USER
command holds a global lock on the cluster until the processing of the command is completed.See Workspace Level Locks for more info. -
Refer to the Permission Matrix for the required permission.
Examples
The following example demonstrates how to add a new user and grant it the SELECT
privilege on all tables in the mydb
database:
CREATE USER joe;GRANT SELECT ON mydb.* TO 'joe'@'%';
The following example demonstrates how to create a resource pool and assign it to a new user along with controlling the login attempts"
CREATE RESOURCE POOL test_pool WITH QUERY_TIMEOUT = 20;CREATE USER user1 IDENTIFIED BY 'User123' WITH DEFAULT RESOURCE POOL = test_pool FAILED_LOGIN_ATTEMPTS = 3 PASSWORD_LOCK_TIME = 14400;
The following example demonstrates the use of the default_
variable and the REQUIRE
option:
CREATE USER `alice`@`%`; -- uses default_require_ssl var (off by default)CREATE USER `alice`@`%` REQUIRE NONE; -- does not require SSLCREATE USER `alice`@`%` REQUIRE SSL; -- requires SSL
The following examples demonstrate the use of ATTRIBUTE and COMMENT:
CREATE USER 'user1'@'localhost' ATTRIBUTE '{"phone": "1234567890"}';CREATE USER 'user1'@'localhost' COMMENT 'Some information about user1';
Retrieving ATTRIBUTE and COMMENT values from the INFORMATION_
CREATE USER singlestore@localhost ATTRIBUTE '{"a": 1, "b": 2}' COMMENT 'some information about user singlestore';
Query OK, 0 rows affected (0.026 sec)
SELECT USER, ATTRIBUTE, COMMENT from INFORMATION_SCHEMA.USERS WHERE user='singlestore';
+-------------+---------------+-----------------------------------------+
| USER | ATTRIBUTE | COMMENT |
+-------------+---------------+-----------------------------------------+
| singlestore | {"a":1,"b":2} | some information about user singlestore |
+-------------+---------------+-----------------------------------------+
1 row in set (0.127 sec)
SELECT USER, ATTRIBUTE, COMMENT, ATTRIBUTE::a + ATTRIBUTE::b AS c FROM INFORMATION_SCHEMA.USERS WHERE user='singlestore';
+-------------+---------------+-----------------------------------------+------+
| USER | ATTRIBUTE | COMMENT | c |
+-------------+---------------+-----------------------------------------+------+
| singlestore | {"a":1,"b":2} | some information about user singlestore | 3 |
+-------------+---------------+-----------------------------------------+------+
1 row in set (0.114 sec)
Last modified: July 18, 2024