資料庫引擎
|
系統權限
|
資料庫角色
|
Db2 的 RDS
|
主要使用者會指派給 masterdba 群組,並指派 master_user_role 。
SYSMON 、DBADM 搭配 DATAACCESS AND ACCCESSCTRL 、BINDADD CONNECT 、CREATETAB 、CREATE_SECURE_OBJECT 、EXPLAIN IMPLICIT_SCHEMA 、LOAD 、SQLADM 、WLMADM
|
DBA ,DBA_RESTRICTED ,
DEVELOPER ,ROLE_NULLID_PACKAGES ,
ROLE_PROCEDURES ,ROLE_TABLESPACES
如需詳細資訊,請參閱 RDS適用於 Db2 的 Amazon 預設角色。
|
RDS for MariaDB
|
SELECT ,INSERT ,UPDATE ,DELETE ,
CREATE ,DROP ,RELOAD ,
PROCESS ,REFERENCES ,INDEX ,
ALTER ,SHOW DATABASES ,CREATE
TEMPORARY TABLES ,LOCK TABLES ,
EXECUTE ,REPLICATION CLIENT ,CREATE
VIEW ,SHOW VIEW ,CREATE ROUTINE ,
ALTER ROUTINE ,CREATE USER ,
EVENT ,TRIGGER ,REPLICATION
SLAVE
從 RDS for MariaDB 11.4 版開始,主要使用者也會取得 SHOW CREATE ROUTINE 權限。
|
—
|
RDS for MySQL 8.0.36 及更高版本
|
SELECT ,INSERT ,UPDATE ,
DELETE ,CREATE ,DROP ,
RELOAD ,PROCESS ,
REFERENCES ,INDEX ,ALTER ,
SHOW DATABASES ,CREATE TEMPORARY
TABLES ,LOCK TABLES ,EXECUTE ,
REPLICATION SLAVE ,REPLICATION CLIENT ,
CREATE VIEW ,SHOW VIEW ,CREATE
ROUTINE ,ALTER ROUTINE ,CREATE
USER ,EVENT ,TRIGGER ,
CREATE ROLE ,DROP ROLE ,
APPLICATION_PASSWORD_ADMIN ,
ROLE_ADMIN ,SET_USER_ID ,
XA_RECOVER_ADMIN
|
rds_superuser_role
如需 的詳細資訊rds_superuser_role ,請參閱 RDS 適用於 My 的角色型權限模型SQL 。
|
低於 8.0.36 的 RDS for MySQL 版本
|
SELECT ,INSERT ,UPDATE ,
DELETE ,CREATE ,DROP ,
RELOAD ,PROCESS ,
REFERENCES ,INDEX ,ALTER ,
SHOW DATABASES ,CREATE TEMPORARY
TABLES ,LOCK TABLES ,EXECUTE ,
REPLICATION CLIENT ,CREATE VIEW ,
SHOW VIEW ,CREATE ROUTINE ,ALTER
ROUTINE ,CREATE USER ,EVENT ,
TRIGGER ,REPLICATION
SLAVE
|
—
|
RDS for PostgreSQL
|
CREATE ROLE ,CREATE DB ,
PASSWORD VALID UNTIL INFINITY ,CREATE
EXTENSION ,ALTER EXTENSION ,DROP
EXTENSION ,CREATE TABLESPACE ,ALTER
<OBJECT> OWNER ,CHECKPOINT ,
PG_CANCEL_BACKEND() ,
PG_TERMINATE_BACKEND() ,SELECT
PG_STAT_REPLICATION ,EXECUTE
PG_STAT_STATEMENTS_RESET() ,OWN
POSTGRES_FDW_HANDLER() ,OWN
POSTGRES_FDW_VALIDATOR() ,OWN POSTGRES_FDW ,
EXECUTE PG_BUFFERCACHE_PAGES() ,SELECT
PG_BUFFERCACHE
|
RDS_SUPERUSER
如需 RDS_SUPERUSER 的詳細資訊,請參閱 了解 PostgreSQL 角色和許可 。
|
RDS for Oracle
|
ADMINISTER DATABASE TRIGGER ,ALTER DATABASE
LINK ,ALTER PUBLIC DATABASE LINK ,
AUDIT SYSTEM ,CHANGE NOTIFICATION ,
DROP ANY DIRECTORY ,EXEMPT ACCESS
POLICY ,EXEMPT IDENTITY POLICY ,EXEMPT
REDACTION POLICY ,FLASHBACK ANY TABLE ,
GRANT ANY OBJECT PRIVILEGE ,RESTRICTED
SESSION ,SELECT ANY TABLE ,UNLIMITED
TABLESPACE
|
DBA
該DBA 角色可免除下列權限:
ALTER DATABASE ,ALTER SYSTEM ,
CREATE ANY DIRECTORY ,CREATE EXTERNAL
JOB ,CREATE PLUGGABLE DATABASE ,
GRANT ANY PRIVILEGE ,GRANT ANY
ROLE ,READ ANY FILE GROUP
|
Amazon RDS for Microsoft SQL Server
|
ADMINISTER BULK OPERATIONS ,ALTER ANY CONNECTION ,ALTER ANY CREDENTIAL ,
ALTER ANY EVENT SESSION ,ALTER ANY LINKED
SERVER ,ALTER ANY LOGIN ,ALTER ANY
SERVER AUDIT ,ALTER ANY SERVER ROLE ,
ALTER SERVER STATE ,ALTER TRACE ,
CONNECT SQL ,CREATE ANY DATABASE ,
VIEW ANY DATABASE ,VIEW ANY
DEFINITION ,VIEW SERVER STATE ,ALTER ON
ROLE SQLAgentOperatorRole
|
DB_OWNER (資料庫層級角色)、PROCESSADMIN (伺服器層級角色)、SETUPADMIN (伺服器層級角色)、SQLAgentUserRole (資料庫層級角色)
|