create role role1;
grant select any table to role1;
(8.0)
create database app_db;
CREATE ROLE 'app_developer', 'app_read', 'app_write';
GRANT ALL ON app_db.* TO 'app_developer';
GRANT SELECT ON app_db.* TO 'app_read';
GRANT INSERT, UPDATE, DELETE ON app_db.* TO 'app_write';
CREATE USER 'dev1'@'localhost' IDENTIFIED BY 'Aaa!1234';
CREATE USER 'read_user1'@'localhost' IDENTIFIED BY 'Aaa!1234';
CREATE USER 'read_user2'@'localhost' IDENTIFIED BY 'Aaa!1234';
CREATE USER 'rw_user1'@'localhost' IDENTIFIED BY 'Aaa!1234';
GRANT 'app_developer' TO 'dev1'@'localhost';
GRANT 'app_read' TO 'read_user1'@'localhost', 'read_user2'@'localhost';
GRANT 'app_read', 'app_write' TO 'rw_user1'@'localhost';
\du+
create role user1 with superuser createdb createrole login encrypted password 'user1';
create role user2 with superuser encrypted password 'user2';
create role user3 with login encrypted password 'user3';
--サーバーロール
use master
go
CREATE server ROLE serverrole1;
grant control server to serverrole1;
GO
--データベースロール
use test
go
CREATE ROLE role1 AUTHORIZATION db_securityadmin;
GO
