Manage users and grant them privileges on database objects. It works by establishing a control connection to the MariaDB server using the mysql2 chef gem (automatically installed).
- create - (default) to create a user
- drop - to drop a user
- grant - to grant privileges to a user
- revoke - to revoke privileges from a user
| Name | Types | Description | Default | Required? |
|---|---|---|---|---|
ctrl_user |
String | the username of the control connection | root |
no |
ctrl_password |
String | password of the user used to connect to | node['mariadb']['server_root_password'] |
no |
ctrl_host |
String | host to connect to | localhost |
no |
ctrl_port |
String | port of the host to connect to | node['mariadb']['mysqld']['port'] |
no |
username |
String | The database user to be managed | name if not defined |
no |
host |
String | The host from which the user is allowed to connect | localhost |
no |
password |
String, HashedPassword | password the user will be asked for to connect | yes | |
privileges |
Array | [:all] |
no | |
database_name |
String | no | ||
table |
String | no | ||
grant_option |
true/false | false |
no | |
require_ssl |
true/false | false |
no | |
require_x509 |
true/false | false |
no |
Create an user but grant no privileges:
mariadb_user 'disenfranchised' do
password 'super_secret'
action :create
endCreate an user using a hashed password string instead of plain text one:
mariadb_user 'disenfranchised' do
password hashed_password('md5eacdbf8d9847a76978bd515fae200a2a')
action :create
endDrop a user:
mariadb_user 'foo_user' do
action :drop
endGrant SELECT, UPDATE, and INSERT privileges to all tables in foo db from all hosts:
mariadb_user 'foo_user' do
password 'super_secret'
database_name 'foo'
host '%'
privileges [:select, :update, :insert]
action :grant
endUse underscores when specifying grants that use spaces:
mariadb_user 'foo_user' do
password 'super_secret'
database_name 'foo'
host '%'
privileges [:reload, :process, :lock_tables, :replication_client]
action :grant
end