UserService

Calls UserService
Get
List
Create
Update
Delete
GrantPermission
RevokePermission

A set of methods for managing MySQL users.

Call	Description
Get	Returns the specified MySQL user.
List	Retrieves a list of MySQL users in the specified cluster.
Create	Creates a MySQL user in the specified cluster.
Update	Modifies the specified MySQL user.
Delete	Deletes the specified MySQL user.
GrantPermission	Grants a permission to the specified MySQL user.
RevokePermission	Revokes a permission from the specified MySQL user.

Calls UserService

Get

Returns the specified MySQL user.
To get the list of available MySQL users, make a List request.

rpc Get (GetUserRequest) returns (User)

GetUserRequest

Field	Description
cluster_id	string Required. ID of the MySQL cluster. The maximum string length in characters is 50.
user_name	string Required. Required. The maximum string length in characters is 63. Value must match the regular expression `[a-zA-Z0-9_]*`.

User

Field	Description
name	string Name of the MySQL user.
cluster_id	string ID of the MySQL cluster the user belongs to.
permissions[]	Permission Set of permissions granted to the user.
global_permissions[]	enum GlobalPermission Set of global permissions to grant to the user. `REPLICATION_CLIENT`: Enables use of the SHOW MASTER STATUS, SHOW SLAVE STATUS, and SHOW BINARY LOGS statements. `REPLICATION_SLAVE`: Enables the account to request updates that have been made to databases on the master server, using the SHOW SLAVE HOSTS, SHOW RELAYLOG EVENTS, and SHOW BINLOG EVENTS statements. `PROCESS`: Enables display of information about the threads executing within the server (that is, information about the statements being executed by sessions). The privilege enables use of SHOW PROCESSLIST or mysqladmin processlist to see threads belonging to other accounts; you can always see your own threads. The PROCESS privilege also enables use of SHOW ENGINE.
connection_limits	ConnectionLimits Set of user connection limits.
authentication_plugin	enum AuthPlugin User authentication plugin. `MYSQL_NATIVE_PASSWORD`: Use Native Pluggable Authentication. `CACHING_SHA2_PASSWORD`: Use Caching SHA-2 Pluggable Authentication. `SHA256_PASSWORD`: Use SHA-256 Pluggable Authentication.

Permission

Field Description

database_name string
Name of the database that the permission grants access to.

roles[]

Field	Description
database_name	string Name of the database that the permission grants access to.
roles[]	enum Privilege Roles granted to the user within the database. The minimum number of elements is 1. `ALL_PRIVILEGES`: All privileges that can be made available to the user. `ALTER`: Altering tables. `ALTER_ROUTINE`: Altering stored routines (stored procedures and functions). `CREATE`: Creating tables or indexes. `CREATE_ROUTINE`: Creating stored routines. `CREATE_TEMPORARY_TABLES`: Creating temporary tables. `CREATE_VIEW`: Creating views. `DELETE`: Deleting tables. `DROP`: Removing tables or views. `EVENT`: Creating, altering, dropping, or displaying events for the Event Scheduler. `EXECUTE`: Executing stored routines. `INDEX`: Creating and removing indexes. `INSERT`: Inserting rows into the database. `LOCK_TABLES`: Using LOCK TABLES statement for tables available with SELECT privilege. `SELECT`: Selecting rows from tables. Some SELECT statements can be allowed without the SELECT privilege. All statements that read column values require the SELECT privilege. See details in MySQL documentation. `SHOW_VIEW`: Using the SHOW CREATE VIEW statement. Also needed for views used with EXPLAIN. `TRIGGER`: Creating, removing, executing, or displaying triggers for a table. `UPDATE`: Updating rows in the database. `REFERENCES`: Creation of a foreign key constraint for the parent table.

enum Privilege
Roles granted to the user within the database. The minimum number of elements is 1.

ALL_PRIVILEGES: All privileges that can be made available to the user.
ALTER: Altering tables.
ALTER_ROUTINE: Altering stored routines (stored procedures and functions).
CREATE: Creating tables or indexes.
CREATE_ROUTINE: Creating stored routines.
CREATE_TEMPORARY_TABLES: Creating temporary tables.
CREATE_VIEW: Creating views.
DELETE: Deleting tables.
DROP: Removing tables or views.
EVENT: Creating, altering, dropping, or displaying events for the Event Scheduler.
EXECUTE: Executing stored routines.
INDEX: Creating and removing indexes.
INSERT: Inserting rows into the database.
LOCK_TABLES: Using LOCK TABLES statement for tables available with SELECT privilege.
SELECT: Selecting rows from tables.
Some SELECT statements can be allowed without the SELECT privilege. All statements that read column values require the SELECT privilege. See details in MySQL documentation.
SHOW_VIEW: Using the SHOW CREATE VIEW statement. Also needed for views used with EXPLAIN.
TRIGGER: Creating, removing, executing, or displaying triggers for a table.
UPDATE: Updating rows in the database.
REFERENCES: Creation of a foreign key constraint for the parent table.

ConnectionLimits

Field	Description
max_questions_per_hour	google.protobuf.Int64Value The maximum permitted number of user questions per hour. The minimum value is 0.
max_updates_per_hour	google.protobuf.Int64Value The maximum permitted number of user updates per hour. The minimum value is 0.
max_connections_per_hour	google.protobuf.Int64Value The maximum permitted number of simultaneous client connections per hour. The minimum value is 0.
max_user_connections	google.protobuf.Int64Value The maximum number of simultaneous connections permitted to any given MySQL user account. The minimum value is 0.

List

Retrieves a list of MySQL users in the specified cluster.

rpc List (ListUsersRequest) returns (ListUsersResponse)

ListUsersRequest

Field	Description
cluster_id	string Required. ID of the cluster to list MySQL users in. To get the cluster ID, use a ClusterService.List request. The maximum string length in characters is 50.
page_size	int64 The maximum number of results per page to return. If the number of available results is larger than `page_size`, the service returns a ListUsersResponse.next_page_token that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 1000, inclusive.
page_token	string Page token. To get the next page of results, set `page_token` to the ListUsersResponse.next_page_token returned by a previous list request. The maximum string length in characters is 100.

ListUsersResponse

Field	Description
users[]	User Requested list of MySQL users.
next_page_token	string This token allows you to get the next page of results for list requests. If the number of results is larger than ListUsersRequest.page_size, use the `next_page_token` as the value for the ListUsersRequest.page_token parameter in the next list request. Each subsequent list request will have its own `next_page_token` to continue paging through the results.

User

Field	Description
name	string Name of the MySQL user.
cluster_id	string ID of the MySQL cluster the user belongs to.
permissions[]	Permission Set of permissions granted to the user.
global_permissions[]	enum GlobalPermission Set of global permissions to grant to the user. `REPLICATION_CLIENT`: Enables use of the SHOW MASTER STATUS, SHOW SLAVE STATUS, and SHOW BINARY LOGS statements. `REPLICATION_SLAVE`: Enables the account to request updates that have been made to databases on the master server, using the SHOW SLAVE HOSTS, SHOW RELAYLOG EVENTS, and SHOW BINLOG EVENTS statements. `PROCESS`: Enables display of information about the threads executing within the server (that is, information about the statements being executed by sessions). The privilege enables use of SHOW PROCESSLIST or mysqladmin processlist to see threads belonging to other accounts; you can always see your own threads. The PROCESS privilege also enables use of SHOW ENGINE.
connection_limits	ConnectionLimits Set of user connection limits.
authentication_plugin	enum AuthPlugin User authentication plugin. `MYSQL_NATIVE_PASSWORD`: Use Native Pluggable Authentication. `CACHING_SHA2_PASSWORD`: Use Caching SHA-2 Pluggable Authentication. `SHA256_PASSWORD`: Use SHA-256 Pluggable Authentication.

Permission

Field Description

database_name string
Name of the database that the permission grants access to.

roles[]

Field	Description
database_name	string Name of the database that the permission grants access to.
roles[]	enum Privilege Roles granted to the user within the database. The minimum number of elements is 1. `ALL_PRIVILEGES`: All privileges that can be made available to the user. `ALTER`: Altering tables. `ALTER_ROUTINE`: Altering stored routines (stored procedures and functions). `CREATE`: Creating tables or indexes. `CREATE_ROUTINE`: Creating stored routines. `CREATE_TEMPORARY_TABLES`: Creating temporary tables. `CREATE_VIEW`: Creating views. `DELETE`: Deleting tables. `DROP`: Removing tables or views. `EVENT`: Creating, altering, dropping, or displaying events for the Event Scheduler. `EXECUTE`: Executing stored routines. `INDEX`: Creating and removing indexes. `INSERT`: Inserting rows into the database. `LOCK_TABLES`: Using LOCK TABLES statement for tables available with SELECT privilege. `SELECT`: Selecting rows from tables. Some SELECT statements can be allowed without the SELECT privilege. All statements that read column values require the SELECT privilege. See details in MySQL documentation. `SHOW_VIEW`: Using the SHOW CREATE VIEW statement. Also needed for views used with EXPLAIN. `TRIGGER`: Creating, removing, executing, or displaying triggers for a table. `UPDATE`: Updating rows in the database. `REFERENCES`: Creation of a foreign key constraint for the parent table.

enum Privilege
Roles granted to the user within the database. The minimum number of elements is 1.

ALL_PRIVILEGES: All privileges that can be made available to the user.
ALTER: Altering tables.
ALTER_ROUTINE: Altering stored routines (stored procedures and functions).
CREATE: Creating tables or indexes.
CREATE_ROUTINE: Creating stored routines.
CREATE_TEMPORARY_TABLES: Creating temporary tables.
CREATE_VIEW: Creating views.
DELETE: Deleting tables.
DROP: Removing tables or views.
EVENT: Creating, altering, dropping, or displaying events for the Event Scheduler.
EXECUTE: Executing stored routines.
INDEX: Creating and removing indexes.
INSERT: Inserting rows into the database.
LOCK_TABLES: Using LOCK TABLES statement for tables available with SELECT privilege.
SELECT: Selecting rows from tables.
Some SELECT statements can be allowed without the SELECT privilege. All statements that read column values require the SELECT privilege. See details in MySQL documentation.
SHOW_VIEW: Using the SHOW CREATE VIEW statement. Also needed for views used with EXPLAIN.
TRIGGER: Creating, removing, executing, or displaying triggers for a table.
UPDATE: Updating rows in the database.
REFERENCES: Creation of a foreign key constraint for the parent table.

ConnectionLimits

Field	Description
max_questions_per_hour	google.protobuf.Int64Value The maximum permitted number of user questions per hour. The minimum value is 0.
max_updates_per_hour	google.protobuf.Int64Value The maximum permitted number of user updates per hour. The minimum value is 0.
max_connections_per_hour	google.protobuf.Int64Value The maximum permitted number of simultaneous client connections per hour. The minimum value is 0.
max_user_connections	google.protobuf.Int64Value The maximum number of simultaneous connections permitted to any given MySQL user account. The minimum value is 0.

Create

Creates a MySQL user in the specified cluster.

rpc Create (CreateUserRequest) returns (operation.Operation)

Metadata and response of Operation:

Operation.metadata:CreateUserMetadata

Operation.response:User

CreateUserRequest

Field	Description
cluster_id	string Required. ID of the MySQL cluster to create a user for. To get the cluster ID, use a ClusterService.List request. The maximum string length in characters is 50.
user_spec	UserSpec Required. Properties of the user to be created.

UserSpec

Field	Description
name	string Required. Name of the MySQL user. The maximum string length in characters is 32. Value must match the regular expression `[a-zA-Z0-9_]*`.
password	string Required. Password of the MySQL user. The string length in characters must be 8-128.
permissions[]	Permission Set of permissions to grant to the user.
global_permissions[]	enum GlobalPermission Set of global permissions to grant to the user. `REPLICATION_CLIENT`: Enables use of the SHOW MASTER STATUS, SHOW SLAVE STATUS, and SHOW BINARY LOGS statements. `REPLICATION_SLAVE`: Enables the account to request updates that have been made to databases on the master server, using the SHOW SLAVE HOSTS, SHOW RELAYLOG EVENTS, and SHOW BINLOG EVENTS statements. `PROCESS`: Enables display of information about the threads executing within the server (that is, information about the statements being executed by sessions). The privilege enables use of SHOW PROCESSLIST or mysqladmin processlist to see threads belonging to other accounts; you can always see your own threads. The PROCESS privilege also enables use of SHOW ENGINE.
connection_limits	ConnectionLimits Set of user connection limits.
authentication_plugin	enum AuthPlugin User authentication plugin. `MYSQL_NATIVE_PASSWORD`: Use Native Pluggable Authentication. `CACHING_SHA2_PASSWORD`: Use Caching SHA-2 Pluggable Authentication. `SHA256_PASSWORD`: Use SHA-256 Pluggable Authentication.

Permission

Field Description

database_name string
Name of the database that the permission grants access to.

roles[]

Field	Description
database_name	string Name of the database that the permission grants access to.
roles[]	enum Privilege Roles granted to the user within the database. The minimum number of elements is 1. `ALL_PRIVILEGES`: All privileges that can be made available to the user. `ALTER`: Altering tables. `ALTER_ROUTINE`: Altering stored routines (stored procedures and functions). `CREATE`: Creating tables or indexes. `CREATE_ROUTINE`: Creating stored routines. `CREATE_TEMPORARY_TABLES`: Creating temporary tables. `CREATE_VIEW`: Creating views. `DELETE`: Deleting tables. `DROP`: Removing tables or views. `EVENT`: Creating, altering, dropping, or displaying events for the Event Scheduler. `EXECUTE`: Executing stored routines. `INDEX`: Creating and removing indexes. `INSERT`: Inserting rows into the database. `LOCK_TABLES`: Using LOCK TABLES statement for tables available with SELECT privilege. `SELECT`: Selecting rows from tables. Some SELECT statements can be allowed without the SELECT privilege. All statements that read column values require the SELECT privilege. See details in MySQL documentation. `SHOW_VIEW`: Using the SHOW CREATE VIEW statement. Also needed for views used with EXPLAIN. `TRIGGER`: Creating, removing, executing, or displaying triggers for a table. `UPDATE`: Updating rows in the database. `REFERENCES`: Creation of a foreign key constraint for the parent table.

enum Privilege
Roles granted to the user within the database. The minimum number of elements is 1.

ALL_PRIVILEGES: All privileges that can be made available to the user.
ALTER: Altering tables.
ALTER_ROUTINE: Altering stored routines (stored procedures and functions).
CREATE: Creating tables or indexes.
CREATE_ROUTINE: Creating stored routines.
CREATE_TEMPORARY_TABLES: Creating temporary tables.
CREATE_VIEW: Creating views.
DELETE: Deleting tables.
DROP: Removing tables or views.
EVENT: Creating, altering, dropping, or displaying events for the Event Scheduler.
EXECUTE: Executing stored routines.
INDEX: Creating and removing indexes.
INSERT: Inserting rows into the database.
LOCK_TABLES: Using LOCK TABLES statement for tables available with SELECT privilege.
SELECT: Selecting rows from tables.
Some SELECT statements can be allowed without the SELECT privilege. All statements that read column values require the SELECT privilege. See details in MySQL documentation.
SHOW_VIEW: Using the SHOW CREATE VIEW statement. Also needed for views used with EXPLAIN.
TRIGGER: Creating, removing, executing, or displaying triggers for a table.
UPDATE: Updating rows in the database.
REFERENCES: Creation of a foreign key constraint for the parent table.

ConnectionLimits

Field	Description
max_questions_per_hour	google.protobuf.Int64Value The maximum permitted number of user questions per hour. The minimum value is 0.
max_updates_per_hour	google.protobuf.Int64Value The maximum permitted number of user updates per hour. The minimum value is 0.
max_connections_per_hour	google.protobuf.Int64Value The maximum permitted number of simultaneous client connections per hour. The minimum value is 0.
max_user_connections	google.protobuf.Int64Value The maximum number of simultaneous connections permitted to any given MySQL user account. The minimum value is 0.

Operation

Field	Description
id	string ID of the operation.
description	string Description of the operation. 0-256 characters long.
created_at	google.protobuf.Timestamp Creation timestamp.
created_by	string ID of the user or service account who initiated the operation.
modified_at	google.protobuf.Timestamp The time when the Operation resource was last modified.
done	bool If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
metadata	google.protobuf.Any<CreateUserMetadata> Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
result	oneof: `error` or `response` The operation result. If `done == false` and there was no failure detected, neither `error` nor `response` is set. If `done == false` and there was a failure detected, `error` is set. If `done == true`, exactly one of `error` or `response` is set.
error	google.rpc.Status The error result of the operation in case of failure or cancellation.
response	google.protobuf.Any<User> if operation finished successfully.

CreateUserMetadata

Field	Description
cluster_id	string ID of the MySQL cluster the user is being created for.
user_name	string Name of the user that is being created.

User

Field	Description
name	string Name of the MySQL user.
cluster_id	string ID of the MySQL cluster the user belongs to.
permissions[]	Permission Set of permissions granted to the user.
global_permissions[]	enum GlobalPermission Set of global permissions to grant to the user. `REPLICATION_CLIENT`: Enables use of the SHOW MASTER STATUS, SHOW SLAVE STATUS, and SHOW BINARY LOGS statements. `REPLICATION_SLAVE`: Enables the account to request updates that have been made to databases on the master server, using the SHOW SLAVE HOSTS, SHOW RELAYLOG EVENTS, and SHOW BINLOG EVENTS statements. `PROCESS`: Enables display of information about the threads executing within the server (that is, information about the statements being executed by sessions). The privilege enables use of SHOW PROCESSLIST or mysqladmin processlist to see threads belonging to other accounts; you can always see your own threads. The PROCESS privilege also enables use of SHOW ENGINE.
connection_limits	ConnectionLimits Set of user connection limits.
authentication_plugin	enum AuthPlugin User authentication plugin. `MYSQL_NATIVE_PASSWORD`: Use Native Pluggable Authentication. `CACHING_SHA2_PASSWORD`: Use Caching SHA-2 Pluggable Authentication. `SHA256_PASSWORD`: Use SHA-256 Pluggable Authentication.

Permission

Field Description

database_name string
Name of the database that the permission grants access to.

roles[]

Field	Description
database_name	string Name of the database that the permission grants access to.
roles[]	enum Privilege Roles granted to the user within the database. The minimum number of elements is 1. `ALL_PRIVILEGES`: All privileges that can be made available to the user. `ALTER`: Altering tables. `ALTER_ROUTINE`: Altering stored routines (stored procedures and functions). `CREATE`: Creating tables or indexes. `CREATE_ROUTINE`: Creating stored routines. `CREATE_TEMPORARY_TABLES`: Creating temporary tables. `CREATE_VIEW`: Creating views. `DELETE`: Deleting tables. `DROP`: Removing tables or views. `EVENT`: Creating, altering, dropping, or displaying events for the Event Scheduler. `EXECUTE`: Executing stored routines. `INDEX`: Creating and removing indexes. `INSERT`: Inserting rows into the database. `LOCK_TABLES`: Using LOCK TABLES statement for tables available with SELECT privilege. `SELECT`: Selecting rows from tables. Some SELECT statements can be allowed without the SELECT privilege. All statements that read column values require the SELECT privilege. See details in MySQL documentation. `SHOW_VIEW`: Using the SHOW CREATE VIEW statement. Also needed for views used with EXPLAIN. `TRIGGER`: Creating, removing, executing, or displaying triggers for a table. `UPDATE`: Updating rows in the database. `REFERENCES`: Creation of a foreign key constraint for the parent table.

enum Privilege
Roles granted to the user within the database. The minimum number of elements is 1.

ALL_PRIVILEGES: All privileges that can be made available to the user.
ALTER: Altering tables.
ALTER_ROUTINE: Altering stored routines (stored procedures and functions).
CREATE: Creating tables or indexes.
CREATE_ROUTINE: Creating stored routines.
CREATE_TEMPORARY_TABLES: Creating temporary tables.
CREATE_VIEW: Creating views.
DELETE: Deleting tables.
DROP: Removing tables or views.
EVENT: Creating, altering, dropping, or displaying events for the Event Scheduler.
EXECUTE: Executing stored routines.
INDEX: Creating and removing indexes.
INSERT: Inserting rows into the database.
LOCK_TABLES: Using LOCK TABLES statement for tables available with SELECT privilege.
SELECT: Selecting rows from tables.
Some SELECT statements can be allowed without the SELECT privilege. All statements that read column values require the SELECT privilege. See details in MySQL documentation.
SHOW_VIEW: Using the SHOW CREATE VIEW statement. Also needed for views used with EXPLAIN.
TRIGGER: Creating, removing, executing, or displaying triggers for a table.
UPDATE: Updating rows in the database.
REFERENCES: Creation of a foreign key constraint for the parent table.

ConnectionLimits

Field	Description
max_questions_per_hour	google.protobuf.Int64Value The maximum permitted number of user questions per hour. The minimum value is 0.
max_updates_per_hour	google.protobuf.Int64Value The maximum permitted number of user updates per hour. The minimum value is 0.
max_connections_per_hour	google.protobuf.Int64Value The maximum permitted number of simultaneous client connections per hour. The minimum value is 0.
max_user_connections	google.protobuf.Int64Value The maximum number of simultaneous connections permitted to any given MySQL user account. The minimum value is 0.

Update

Modifies the specified MySQL user.

rpc Update (UpdateUserRequest) returns (operation.Operation)

Metadata and response of Operation:

Operation.metadata:UpdateUserMetadata

Operation.response:User

UpdateUserRequest

Field	Description
cluster_id	string Required. ID of the MySQL cluster the user belongs to. To get the cluster ID use a ClusterService.List request. The maximum string length in characters is 50.
user_name	string Required. Name of the user to be updated. To get the name of the user use a UserService.List request. The maximum string length in characters is 63. Value must match the regular expression `[a-zA-Z0-9_]*`.
update_mask	google.protobuf.FieldMask Field mask that specifies which fields of the MySQL user should be updated.
password	string New password for the user. The string length in characters must be 8-128.
permissions[]	Permission New set of permissions for the user.
global_permissions[]	enum GlobalPermission New set of global permissions to grant to the user. `REPLICATION_CLIENT`: Enables use of the SHOW MASTER STATUS, SHOW SLAVE STATUS, and SHOW BINARY LOGS statements. `REPLICATION_SLAVE`: Enables the account to request updates that have been made to databases on the master server, using the SHOW SLAVE HOSTS, SHOW RELAYLOG EVENTS, and SHOW BINLOG EVENTS statements. `PROCESS`: Enables display of information about the threads executing within the server (that is, information about the statements being executed by sessions). The privilege enables use of SHOW PROCESSLIST or mysqladmin processlist to see threads belonging to other accounts; you can always see your own threads. The PROCESS privilege also enables use of SHOW ENGINE.
connection_limits	ConnectionLimits Set of changed user connection limits.
authentication_plugin	enum AuthPlugin New user authentication plugin. `MYSQL_NATIVE_PASSWORD`: Use Native Pluggable Authentication. `CACHING_SHA2_PASSWORD`: Use Caching SHA-2 Pluggable Authentication. `SHA256_PASSWORD`: Use SHA-256 Pluggable Authentication.

Permission

Field Description

database_name string
Name of the database that the permission grants access to.

roles[]

Field	Description
database_name	string Name of the database that the permission grants access to.
roles[]	enum Privilege Roles granted to the user within the database. The minimum number of elements is 1. `ALL_PRIVILEGES`: All privileges that can be made available to the user. `ALTER`: Altering tables. `ALTER_ROUTINE`: Altering stored routines (stored procedures and functions). `CREATE`: Creating tables or indexes. `CREATE_ROUTINE`: Creating stored routines. `CREATE_TEMPORARY_TABLES`: Creating temporary tables. `CREATE_VIEW`: Creating views. `DELETE`: Deleting tables. `DROP`: Removing tables or views. `EVENT`: Creating, altering, dropping, or displaying events for the Event Scheduler. `EXECUTE`: Executing stored routines. `INDEX`: Creating and removing indexes. `INSERT`: Inserting rows into the database. `LOCK_TABLES`: Using LOCK TABLES statement for tables available with SELECT privilege. `SELECT`: Selecting rows from tables. Some SELECT statements can be allowed without the SELECT privilege. All statements that read column values require the SELECT privilege. See details in MySQL documentation. `SHOW_VIEW`: Using the SHOW CREATE VIEW statement. Also needed for views used with EXPLAIN. `TRIGGER`: Creating, removing, executing, or displaying triggers for a table. `UPDATE`: Updating rows in the database. `REFERENCES`: Creation of a foreign key constraint for the parent table.

enum Privilege
Roles granted to the user within the database. The minimum number of elements is 1.

ALL_PRIVILEGES: All privileges that can be made available to the user.
ALTER: Altering tables.
ALTER_ROUTINE: Altering stored routines (stored procedures and functions).
CREATE: Creating tables or indexes.
CREATE_ROUTINE: Creating stored routines.
CREATE_TEMPORARY_TABLES: Creating temporary tables.
CREATE_VIEW: Creating views.
DELETE: Deleting tables.
DROP: Removing tables or views.
EVENT: Creating, altering, dropping, or displaying events for the Event Scheduler.
EXECUTE: Executing stored routines.
INDEX: Creating and removing indexes.
INSERT: Inserting rows into the database.
LOCK_TABLES: Using LOCK TABLES statement for tables available with SELECT privilege.
SELECT: Selecting rows from tables.
Some SELECT statements can be allowed without the SELECT privilege. All statements that read column values require the SELECT privilege. See details in MySQL documentation.
SHOW_VIEW: Using the SHOW CREATE VIEW statement. Also needed for views used with EXPLAIN.
TRIGGER: Creating, removing, executing, or displaying triggers for a table.
UPDATE: Updating rows in the database.
REFERENCES: Creation of a foreign key constraint for the parent table.

ConnectionLimits

Field	Description
max_questions_per_hour	google.protobuf.Int64Value The maximum permitted number of user questions per hour. The minimum value is 0.
max_updates_per_hour	google.protobuf.Int64Value The maximum permitted number of user updates per hour. The minimum value is 0.
max_connections_per_hour	google.protobuf.Int64Value The maximum permitted number of simultaneous client connections per hour. The minimum value is 0.
max_user_connections	google.protobuf.Int64Value The maximum number of simultaneous connections permitted to any given MySQL user account. The minimum value is 0.

Operation

Field	Description
id	string ID of the operation.
description	string Description of the operation. 0-256 characters long.
created_at	google.protobuf.Timestamp Creation timestamp.
created_by	string ID of the user or service account who initiated the operation.
modified_at	google.protobuf.Timestamp The time when the Operation resource was last modified.
done	bool If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
metadata	google.protobuf.Any<UpdateUserMetadata> Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
result	oneof: `error` or `response` The operation result. If `done == false` and there was no failure detected, neither `error` nor `response` is set. If `done == false` and there was a failure detected, `error` is set. If `done == true`, exactly one of `error` or `response` is set.
error	google.rpc.Status The error result of the operation in case of failure or cancellation.
response	google.protobuf.Any<User> if operation finished successfully.

UpdateUserMetadata

Field	Description
cluster_id	string ID of the MySQL cluster the user belongs to.
user_name	string Name of the user that is being updated.

User

Field	Description
name	string Name of the MySQL user.
cluster_id	string ID of the MySQL cluster the user belongs to.
permissions[]	Permission Set of permissions granted to the user.
global_permissions[]	enum GlobalPermission Set of global permissions to grant to the user. `REPLICATION_CLIENT`: Enables use of the SHOW MASTER STATUS, SHOW SLAVE STATUS, and SHOW BINARY LOGS statements. `REPLICATION_SLAVE`: Enables the account to request updates that have been made to databases on the master server, using the SHOW SLAVE HOSTS, SHOW RELAYLOG EVENTS, and SHOW BINLOG EVENTS statements. `PROCESS`: Enables display of information about the threads executing within the server (that is, information about the statements being executed by sessions). The privilege enables use of SHOW PROCESSLIST or mysqladmin processlist to see threads belonging to other accounts; you can always see your own threads. The PROCESS privilege also enables use of SHOW ENGINE.
connection_limits	ConnectionLimits Set of user connection limits.
authentication_plugin	enum AuthPlugin User authentication plugin. `MYSQL_NATIVE_PASSWORD`: Use Native Pluggable Authentication. `CACHING_SHA2_PASSWORD`: Use Caching SHA-2 Pluggable Authentication. `SHA256_PASSWORD`: Use SHA-256 Pluggable Authentication.

Permission

Field Description

database_name string
Name of the database that the permission grants access to.

roles[]

Field	Description
database_name	string Name of the database that the permission grants access to.
roles[]	enum Privilege Roles granted to the user within the database. The minimum number of elements is 1. `ALL_PRIVILEGES`: All privileges that can be made available to the user. `ALTER`: Altering tables. `ALTER_ROUTINE`: Altering stored routines (stored procedures and functions). `CREATE`: Creating tables or indexes. `CREATE_ROUTINE`: Creating stored routines. `CREATE_TEMPORARY_TABLES`: Creating temporary tables. `CREATE_VIEW`: Creating views. `DELETE`: Deleting tables. `DROP`: Removing tables or views. `EVENT`: Creating, altering, dropping, or displaying events for the Event Scheduler. `EXECUTE`: Executing stored routines. `INDEX`: Creating and removing indexes. `INSERT`: Inserting rows into the database. `LOCK_TABLES`: Using LOCK TABLES statement for tables available with SELECT privilege. `SELECT`: Selecting rows from tables. Some SELECT statements can be allowed without the SELECT privilege. All statements that read column values require the SELECT privilege. See details in MySQL documentation. `SHOW_VIEW`: Using the SHOW CREATE VIEW statement. Also needed for views used with EXPLAIN. `TRIGGER`: Creating, removing, executing, or displaying triggers for a table. `UPDATE`: Updating rows in the database. `REFERENCES`: Creation of a foreign key constraint for the parent table.

enum Privilege
Roles granted to the user within the database. The minimum number of elements is 1.

ALL_PRIVILEGES: All privileges that can be made available to the user.
ALTER: Altering tables.
ALTER_ROUTINE: Altering stored routines (stored procedures and functions).
CREATE: Creating tables or indexes.
CREATE_ROUTINE: Creating stored routines.
CREATE_TEMPORARY_TABLES: Creating temporary tables.
CREATE_VIEW: Creating views.
DELETE: Deleting tables.
DROP: Removing tables or views.
EVENT: Creating, altering, dropping, or displaying events for the Event Scheduler.
EXECUTE: Executing stored routines.
INDEX: Creating and removing indexes.
INSERT: Inserting rows into the database.
LOCK_TABLES: Using LOCK TABLES statement for tables available with SELECT privilege.
SELECT: Selecting rows from tables.
Some SELECT statements can be allowed without the SELECT privilege. All statements that read column values require the SELECT privilege. See details in MySQL documentation.
SHOW_VIEW: Using the SHOW CREATE VIEW statement. Also needed for views used with EXPLAIN.
TRIGGER: Creating, removing, executing, or displaying triggers for a table.
UPDATE: Updating rows in the database.
REFERENCES: Creation of a foreign key constraint for the parent table.

ConnectionLimits

Field	Description
max_questions_per_hour	google.protobuf.Int64Value The maximum permitted number of user questions per hour. The minimum value is 0.
max_updates_per_hour	google.protobuf.Int64Value The maximum permitted number of user updates per hour. The minimum value is 0.
max_connections_per_hour	google.protobuf.Int64Value The maximum permitted number of simultaneous client connections per hour. The minimum value is 0.
max_user_connections	google.protobuf.Int64Value The maximum number of simultaneous connections permitted to any given MySQL user account. The minimum value is 0.

Delete

Deletes the specified MySQL user.

rpc Delete (DeleteUserRequest) returns (operation.Operation)

Metadata and response of Operation:

Operation.metadata:DeleteUserMetadata

Operation.response:google.protobuf.Empty

DeleteUserRequest

Field	Description
cluster_id	string Required. ID of the MySQL cluster the user belongs to. To get the cluster ID, use a ClusterService.List request. The maximum string length in characters is 50.
user_name	string Required. Name of the user to delete. To get the name of the user, use a UserService.List request. The maximum string length in characters is 63. Value must match the regular expression `[a-zA-Z0-9_]*`.

Operation

Field	Description
id	string ID of the operation.
description	string Description of the operation. 0-256 characters long.
created_at	google.protobuf.Timestamp Creation timestamp.
created_by	string ID of the user or service account who initiated the operation.
modified_at	google.protobuf.Timestamp The time when the Operation resource was last modified.
done	bool If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
metadata	google.protobuf.Any<DeleteUserMetadata> Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
result	oneof: `error` or `response` The operation result. If `done == false` and there was no failure detected, neither `error` nor `response` is set. If `done == false` and there was a failure detected, `error` is set. If `done == true`, exactly one of `error` or `response` is set.
error	google.rpc.Status The error result of the operation in case of failure or cancellation.
response	google.protobuf.Any<google.protobuf.Empty> if operation finished successfully.

DeleteUserMetadata

Field	Description
cluster_id	string ID of the MySQL cluster the user belongs to.
user_name	string Name of the user that is being deleted.

GrantPermission

Grants a permission to the specified MySQL user.

rpc GrantPermission (GrantUserPermissionRequest) returns (operation.Operation)

Metadata and response of Operation:

Operation.metadata:GrantUserPermissionMetadata

Operation.response:User

GrantUserPermissionRequest

Field	Description
cluster_id	string Required. ID of the MySQL cluster the user belongs to. To get the cluster ID, use a ClusterService.List request. The maximum string length in characters is 50.
user_name	string Required. Name of the user to grant the permission to. To get the name of the user, use a UserService.List request. The maximum string length in characters is 63. Value must match the regular expression `[a-zA-Z0-9_]*`.
permission	Permission Required. Permission that should be granted to the specified user.

Permission

Field Description

database_name string
Name of the database that the permission grants access to.

roles[]

Field	Description
database_name	string Name of the database that the permission grants access to.
roles[]	enum Privilege Roles granted to the user within the database. The minimum number of elements is 1. `ALL_PRIVILEGES`: All privileges that can be made available to the user. `ALTER`: Altering tables. `ALTER_ROUTINE`: Altering stored routines (stored procedures and functions). `CREATE`: Creating tables or indexes. `CREATE_ROUTINE`: Creating stored routines. `CREATE_TEMPORARY_TABLES`: Creating temporary tables. `CREATE_VIEW`: Creating views. `DELETE`: Deleting tables. `DROP`: Removing tables or views. `EVENT`: Creating, altering, dropping, or displaying events for the Event Scheduler. `EXECUTE`: Executing stored routines. `INDEX`: Creating and removing indexes. `INSERT`: Inserting rows into the database. `LOCK_TABLES`: Using LOCK TABLES statement for tables available with SELECT privilege. `SELECT`: Selecting rows from tables. Some SELECT statements can be allowed without the SELECT privilege. All statements that read column values require the SELECT privilege. See details in MySQL documentation. `SHOW_VIEW`: Using the SHOW CREATE VIEW statement. Also needed for views used with EXPLAIN. `TRIGGER`: Creating, removing, executing, or displaying triggers for a table. `UPDATE`: Updating rows in the database. `REFERENCES`: Creation of a foreign key constraint for the parent table.

enum Privilege
Roles granted to the user within the database. The minimum number of elements is 1.

ALL_PRIVILEGES: All privileges that can be made available to the user.
ALTER: Altering tables.
ALTER_ROUTINE: Altering stored routines (stored procedures and functions).
CREATE: Creating tables or indexes.
CREATE_ROUTINE: Creating stored routines.
CREATE_TEMPORARY_TABLES: Creating temporary tables.
CREATE_VIEW: Creating views.
DELETE: Deleting tables.
DROP: Removing tables or views.
EVENT: Creating, altering, dropping, or displaying events for the Event Scheduler.
EXECUTE: Executing stored routines.
INDEX: Creating and removing indexes.
INSERT: Inserting rows into the database.
LOCK_TABLES: Using LOCK TABLES statement for tables available with SELECT privilege.
SELECT: Selecting rows from tables.
Some SELECT statements can be allowed without the SELECT privilege. All statements that read column values require the SELECT privilege. See details in MySQL documentation.
SHOW_VIEW: Using the SHOW CREATE VIEW statement. Also needed for views used with EXPLAIN.
TRIGGER: Creating, removing, executing, or displaying triggers for a table.
UPDATE: Updating rows in the database.
REFERENCES: Creation of a foreign key constraint for the parent table.

Operation

Field	Description
id	string ID of the operation.
description	string Description of the operation. 0-256 characters long.
created_at	google.protobuf.Timestamp Creation timestamp.
created_by	string ID of the user or service account who initiated the operation.
modified_at	google.protobuf.Timestamp The time when the Operation resource was last modified.
done	bool If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
metadata	google.protobuf.Any<GrantUserPermissionMetadata> Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
result	oneof: `error` or `response` The operation result. If `done == false` and there was no failure detected, neither `error` nor `response` is set. If `done == false` and there was a failure detected, `error` is set. If `done == true`, exactly one of `error` or `response` is set.
error	google.rpc.Status The error result of the operation in case of failure or cancellation.
response	google.protobuf.Any<User> if operation finished successfully.

GrantUserPermissionMetadata

Field	Description
cluster_id	string ID of the MySQL cluster the user belongs to. To get the cluster ID, use a ClusterService.List request.
user_name	string Name of the user that is being granted a permission.

User

Field	Description
name	string Name of the MySQL user.
cluster_id	string ID of the MySQL cluster the user belongs to.
permissions[]	Permission Set of permissions granted to the user.
global_permissions[]	enum GlobalPermission Set of global permissions to grant to the user. `REPLICATION_CLIENT`: Enables use of the SHOW MASTER STATUS, SHOW SLAVE STATUS, and SHOW BINARY LOGS statements. `REPLICATION_SLAVE`: Enables the account to request updates that have been made to databases on the master server, using the SHOW SLAVE HOSTS, SHOW RELAYLOG EVENTS, and SHOW BINLOG EVENTS statements. `PROCESS`: Enables display of information about the threads executing within the server (that is, information about the statements being executed by sessions). The privilege enables use of SHOW PROCESSLIST or mysqladmin processlist to see threads belonging to other accounts; you can always see your own threads. The PROCESS privilege also enables use of SHOW ENGINE.
connection_limits	ConnectionLimits Set of user connection limits.
authentication_plugin	enum AuthPlugin User authentication plugin. `MYSQL_NATIVE_PASSWORD`: Use Native Pluggable Authentication. `CACHING_SHA2_PASSWORD`: Use Caching SHA-2 Pluggable Authentication. `SHA256_PASSWORD`: Use SHA-256 Pluggable Authentication.

Permission

Field Description

database_name string
Name of the database that the permission grants access to.

roles[]

Field	Description
database_name	string Name of the database that the permission grants access to.
roles[]	enum Privilege Roles granted to the user within the database. The minimum number of elements is 1. `ALL_PRIVILEGES`: All privileges that can be made available to the user. `ALTER`: Altering tables. `ALTER_ROUTINE`: Altering stored routines (stored procedures and functions). `CREATE`: Creating tables or indexes. `CREATE_ROUTINE`: Creating stored routines. `CREATE_TEMPORARY_TABLES`: Creating temporary tables. `CREATE_VIEW`: Creating views. `DELETE`: Deleting tables. `DROP`: Removing tables or views. `EVENT`: Creating, altering, dropping, or displaying events for the Event Scheduler. `EXECUTE`: Executing stored routines. `INDEX`: Creating and removing indexes. `INSERT`: Inserting rows into the database. `LOCK_TABLES`: Using LOCK TABLES statement for tables available with SELECT privilege. `SELECT`: Selecting rows from tables. Some SELECT statements can be allowed without the SELECT privilege. All statements that read column values require the SELECT privilege. See details in MySQL documentation. `SHOW_VIEW`: Using the SHOW CREATE VIEW statement. Also needed for views used with EXPLAIN. `TRIGGER`: Creating, removing, executing, or displaying triggers for a table. `UPDATE`: Updating rows in the database. `REFERENCES`: Creation of a foreign key constraint for the parent table.

enum Privilege
Roles granted to the user within the database. The minimum number of elements is 1.

ALL_PRIVILEGES: All privileges that can be made available to the user.
ALTER: Altering tables.
ALTER_ROUTINE: Altering stored routines (stored procedures and functions).
CREATE: Creating tables or indexes.
CREATE_ROUTINE: Creating stored routines.
CREATE_TEMPORARY_TABLES: Creating temporary tables.
CREATE_VIEW: Creating views.
DELETE: Deleting tables.
DROP: Removing tables or views.
EVENT: Creating, altering, dropping, or displaying events for the Event Scheduler.
EXECUTE: Executing stored routines.
INDEX: Creating and removing indexes.
INSERT: Inserting rows into the database.
LOCK_TABLES: Using LOCK TABLES statement for tables available with SELECT privilege.
SELECT: Selecting rows from tables.
Some SELECT statements can be allowed without the SELECT privilege. All statements that read column values require the SELECT privilege. See details in MySQL documentation.
SHOW_VIEW: Using the SHOW CREATE VIEW statement. Also needed for views used with EXPLAIN.
TRIGGER: Creating, removing, executing, or displaying triggers for a table.
UPDATE: Updating rows in the database.
REFERENCES: Creation of a foreign key constraint for the parent table.

ConnectionLimits

Field	Description
max_questions_per_hour	google.protobuf.Int64Value The maximum permitted number of user questions per hour. The minimum value is 0.
max_updates_per_hour	google.protobuf.Int64Value The maximum permitted number of user updates per hour. The minimum value is 0.
max_connections_per_hour	google.protobuf.Int64Value The maximum permitted number of simultaneous client connections per hour. The minimum value is 0.
max_user_connections	google.protobuf.Int64Value The maximum number of simultaneous connections permitted to any given MySQL user account. The minimum value is 0.

RevokePermission

Revokes a permission from the specified MySQL user.

rpc RevokePermission (RevokeUserPermissionRequest) returns (operation.Operation)

Metadata and response of Operation:

Operation.metadata:RevokeUserPermissionMetadata

Operation.response:User

RevokeUserPermissionRequest

Field	Description
cluster_id	string Required. ID of the MySQL cluster the user belongs to. To get the cluster ID, use a ClusterService.List request. The maximum string length in characters is 50.
user_name	string Required. Name of the user to revoke a permission from. To get the name of the user, use a UserService.List request. The maximum string length in characters is 63. Value must match the regular expression `[a-zA-Z0-9_]*`.
permission	Permission Required. Permission that should be revoked from the specified user.

Permission

Field Description

database_name string
Name of the database that the permission grants access to.

roles[]

Field	Description
database_name	string Name of the database that the permission grants access to.
roles[]	enum Privilege Roles granted to the user within the database. The minimum number of elements is 1. `ALL_PRIVILEGES`: All privileges that can be made available to the user. `ALTER`: Altering tables. `ALTER_ROUTINE`: Altering stored routines (stored procedures and functions). `CREATE`: Creating tables or indexes. `CREATE_ROUTINE`: Creating stored routines. `CREATE_TEMPORARY_TABLES`: Creating temporary tables. `CREATE_VIEW`: Creating views. `DELETE`: Deleting tables. `DROP`: Removing tables or views. `EVENT`: Creating, altering, dropping, or displaying events for the Event Scheduler. `EXECUTE`: Executing stored routines. `INDEX`: Creating and removing indexes. `INSERT`: Inserting rows into the database. `LOCK_TABLES`: Using LOCK TABLES statement for tables available with SELECT privilege. `SELECT`: Selecting rows from tables. Some SELECT statements can be allowed without the SELECT privilege. All statements that read column values require the SELECT privilege. See details in MySQL documentation. `SHOW_VIEW`: Using the SHOW CREATE VIEW statement. Also needed for views used with EXPLAIN. `TRIGGER`: Creating, removing, executing, or displaying triggers for a table. `UPDATE`: Updating rows in the database. `REFERENCES`: Creation of a foreign key constraint for the parent table.

enum Privilege
Roles granted to the user within the database. The minimum number of elements is 1.

ALL_PRIVILEGES: All privileges that can be made available to the user.
ALTER: Altering tables.
ALTER_ROUTINE: Altering stored routines (stored procedures and functions).
CREATE: Creating tables or indexes.
CREATE_ROUTINE: Creating stored routines.
CREATE_TEMPORARY_TABLES: Creating temporary tables.
CREATE_VIEW: Creating views.
DELETE: Deleting tables.
DROP: Removing tables or views.
EVENT: Creating, altering, dropping, or displaying events for the Event Scheduler.
EXECUTE: Executing stored routines.
INDEX: Creating and removing indexes.
INSERT: Inserting rows into the database.
LOCK_TABLES: Using LOCK TABLES statement for tables available with SELECT privilege.
SELECT: Selecting rows from tables.
Some SELECT statements can be allowed without the SELECT privilege. All statements that read column values require the SELECT privilege. See details in MySQL documentation.
SHOW_VIEW: Using the SHOW CREATE VIEW statement. Also needed for views used with EXPLAIN.
TRIGGER: Creating, removing, executing, or displaying triggers for a table.
UPDATE: Updating rows in the database.
REFERENCES: Creation of a foreign key constraint for the parent table.

Operation

Field	Description
id	string ID of the operation.
description	string Description of the operation. 0-256 characters long.
created_at	google.protobuf.Timestamp Creation timestamp.
created_by	string ID of the user or service account who initiated the operation.
modified_at	google.protobuf.Timestamp The time when the Operation resource was last modified.
done	bool If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
metadata	google.protobuf.Any<RevokeUserPermissionMetadata> Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
result	oneof: `error` or `response` The operation result. If `done == false` and there was no failure detected, neither `error` nor `response` is set. If `done == false` and there was a failure detected, `error` is set. If `done == true`, exactly one of `error` or `response` is set.
error	google.rpc.Status The error result of the operation in case of failure or cancellation.
response	google.protobuf.Any<User> if operation finished successfully.

RevokeUserPermissionMetadata

Field	Description
cluster_id	string ID of the MySQL cluster the user belongs to.
user_name	string Name of the user whose permission is being revoked.

User

Field	Description
name	string Name of the MySQL user.
cluster_id	string ID of the MySQL cluster the user belongs to.
permissions[]	Permission Set of permissions granted to the user.
global_permissions[]	enum GlobalPermission Set of global permissions to grant to the user. `REPLICATION_CLIENT`: Enables use of the SHOW MASTER STATUS, SHOW SLAVE STATUS, and SHOW BINARY LOGS statements. `REPLICATION_SLAVE`: Enables the account to request updates that have been made to databases on the master server, using the SHOW SLAVE HOSTS, SHOW RELAYLOG EVENTS, and SHOW BINLOG EVENTS statements. `PROCESS`: Enables display of information about the threads executing within the server (that is, information about the statements being executed by sessions). The privilege enables use of SHOW PROCESSLIST or mysqladmin processlist to see threads belonging to other accounts; you can always see your own threads. The PROCESS privilege also enables use of SHOW ENGINE.
connection_limits	ConnectionLimits Set of user connection limits.
authentication_plugin	enum AuthPlugin User authentication plugin. `MYSQL_NATIVE_PASSWORD`: Use Native Pluggable Authentication. `CACHING_SHA2_PASSWORD`: Use Caching SHA-2 Pluggable Authentication. `SHA256_PASSWORD`: Use SHA-256 Pluggable Authentication.

Permission

Field Description

database_name string
Name of the database that the permission grants access to.

roles[]

Field	Description
database_name	string Name of the database that the permission grants access to.
roles[]	enum Privilege Roles granted to the user within the database. The minimum number of elements is 1. `ALL_PRIVILEGES`: All privileges that can be made available to the user. `ALTER`: Altering tables. `ALTER_ROUTINE`: Altering stored routines (stored procedures and functions). `CREATE`: Creating tables or indexes. `CREATE_ROUTINE`: Creating stored routines. `CREATE_TEMPORARY_TABLES`: Creating temporary tables. `CREATE_VIEW`: Creating views. `DELETE`: Deleting tables. `DROP`: Removing tables or views. `EVENT`: Creating, altering, dropping, or displaying events for the Event Scheduler. `EXECUTE`: Executing stored routines. `INDEX`: Creating and removing indexes. `INSERT`: Inserting rows into the database. `LOCK_TABLES`: Using LOCK TABLES statement for tables available with SELECT privilege. `SELECT`: Selecting rows from tables. Some SELECT statements can be allowed without the SELECT privilege. All statements that read column values require the SELECT privilege. See details in MySQL documentation. `SHOW_VIEW`: Using the SHOW CREATE VIEW statement. Also needed for views used with EXPLAIN. `TRIGGER`: Creating, removing, executing, or displaying triggers for a table. `UPDATE`: Updating rows in the database. `REFERENCES`: Creation of a foreign key constraint for the parent table.

enum Privilege
Roles granted to the user within the database. The minimum number of elements is 1.

ALL_PRIVILEGES: All privileges that can be made available to the user.
ALTER: Altering tables.
ALTER_ROUTINE: Altering stored routines (stored procedures and functions).
CREATE: Creating tables or indexes.
CREATE_ROUTINE: Creating stored routines.
CREATE_TEMPORARY_TABLES: Creating temporary tables.
CREATE_VIEW: Creating views.
DELETE: Deleting tables.
DROP: Removing tables or views.
EVENT: Creating, altering, dropping, or displaying events for the Event Scheduler.
EXECUTE: Executing stored routines.
INDEX: Creating and removing indexes.
INSERT: Inserting rows into the database.
LOCK_TABLES: Using LOCK TABLES statement for tables available with SELECT privilege.
SELECT: Selecting rows from tables.
Some SELECT statements can be allowed without the SELECT privilege. All statements that read column values require the SELECT privilege. See details in MySQL documentation.
SHOW_VIEW: Using the SHOW CREATE VIEW statement. Also needed for views used with EXPLAIN.
TRIGGER: Creating, removing, executing, or displaying triggers for a table.
UPDATE: Updating rows in the database.
REFERENCES: Creation of a foreign key constraint for the parent table.

ConnectionLimits

Field	Description
max_questions_per_hour	google.protobuf.Int64Value The maximum permitted number of user questions per hour. The minimum value is 0.
max_updates_per_hour	google.protobuf.Int64Value The maximum permitted number of user updates per hour. The minimum value is 0.
max_connections_per_hour	google.protobuf.Int64Value The maximum permitted number of simultaneous client connections per hour. The minimum value is 0.
max_user_connections	google.protobuf.Int64Value The maximum number of simultaneous connections permitted to any given MySQL user account. The minimum value is 0.