Create a new user account.
CREATE USER user[@host] [IDENTIFIED BY 'password'] WITH [DEFAULT RESOURCE POOL = poolname] [FAILED_LOGIN_ATTEMPTS = integer] [PASSWORD_LOCK_TIME = integer]
user: The name of the user. Maximum length of 32 characters.
host: The host that the user can connect from. For example, specifying
localhost means the user account can be used only when connecting from the local host. If no host is explicitly specified, the
% wildcard will be used, which allows the user to connect from any host.
password: An optional database connection password.
poolname: The default resource pool for the user.
FAILED_LOGIN_ATTEMPTS: Together with
PASSWORD_LOCK_TIME, specifies the failed login attempt lockout behavior.
FAILED_LOGIN_ATTEMPTS is the number of failed attempts allowed before the account is locked out. Default is
0 which means there is no restriction. When set to a value >=1,
PASSWORD_LOCK_TIME must also be specified.
PASSWORD_LOCK_TIME: Together with
FAILED_LOGIN_ATTEMPTS, specifies the failed login attempt lockout behavior.
PASSWORD_LOCK_TIME is the number of seconds a locked out account must wait before reattempting to log in.
You must set both
PASSWORD_LOCK_TIME to enable the lockout feature.
To modify the
PASSWORD_LOCK_TIME settings for a user, or to unlock a locked user, use ALTER USER.
For more information about failed login attempt lockout behavior, see Securing SingleStore DB.
CREATE USER command must be run by a user with administrative privileges on the database. Also, the new user does not have any privileges granted by default. Use GRANT to specify privileges for the new user.
The following example demonstrates how to add a new user and grant it the
SELECT privilege on all tables in the
CREATE USER joe; GRANT SELECT ON mydb.* TO 'joe'@'%';
For an example of creating a user with a default resource pool, see setting resource limits.