Skip to content

CREATE USER

Grammar Description

Create a new user in the system.

With CREATE USER, you need to have CREATE USER permission.

  • The roles that have the CREATE USER permissions by default are MOADMIN or ACCOUNTADMIN: The cluster administrator (the default account is root) and the tenant administrator created by the cluster administrator have the permissions by default.

Grammar Structure

> CREATE USER [IF NOT EXISTS]
    user auth_option [, user auth_option] ...
    [DEFAULT ROLE role]
    [COMMENT 'comment_string' | ATTRIBUTE 'json_object']
auth_option: {
    IDENTIFIED BY 'auth_string'
}

Syntax Description

The first-time user has no permissions, and the default role is NONE. To assign permissions or roles, use the GRANT statement.

The basic SQL statements of CREAT USER are as follows:

create user user_name identified by 'password';

IDENTIFIED BY auth_string

CREATE USER allows these auth_option:

  • 'auth_string': In MatrixOne, 'auth_string' is the password, which is to store the password in the account row of the mo_user system table.

DEFAULT ROLE

The DEFAULT ROLE clause defines that the role becomes active/used when the user connects to MatrixOne and authenticates, or when the user executes the SET ROLE statement during a session.

create user user_name identified by 'password' default role role role_rolename;

The DEFAULT ROLE clause allows listing one or more comma-separated role names. These roles must be created before executing CREATE USER; otherwise the statement will throw an error and the user creation fails.

Example

> create user userx identified by '111';
Query OK, 0 rows affected (0.04 sec)

limit

MatrxiOne does not support CREAT USER COMMENT and CREAT USER ATTRIBUTE.