Creating an Applier User On a Target DB System

The applier user is a user account that resides in the replica server and supplies a security context for a MySQL replication channel. The account must have the REPLICATION_APPLIER privilege, plus all required privileges to execute the transactions replicated on the channel.

HeatWave inbound replication requires an applier user which defaults to the administrator account of the DB system. If you need a more restrictive set of privileges for the applier user, you can create a separate user account, grant all required privileges to the account, and specify the account as the applier user when you create the channel.

Using a Command-Line Client

Use a command-line client such as MySQL Shell or MySQL Client to create an applier user with required privileges on the target DB system.

This task requires the following:
  • MySQL Shell 8.0.27 or higher, or a MySQL Client.
Do the following to add an applier user to the target DB system:
  1. Open MySQL Shell and connect to the target DB system.
  2. Run the following command in the SQL execution mode to create an applier user. In this example, the username for the applier user is appluser:
    CREATE USER appluser@'%' IDENTIFIED BY 'password' REQUIRE SSL;
    The password must be between 8 and 32 characters and contain at least one numeric character, one special character, one uppercase, and one lowercase character. If the username contains any special characters, such as a space or hyphen, it must also be surrounded by quotes, for example:
    CREATE USER 'appl-user'@'%' IDENTIFIED BY 'password' REQUIRE SSL;
  3. Run the following command to grant the REPLICATION_APPLIER privilege to the new applier user, appluser in this example:
    GRANT REPLICATION_APPLIER ON *.* TO appluser@'%';
  4. Run one or more commands to grant all required privileges to the new applier user. In this example, the DB system administrator role is granted to the appluser user account:
    GRANT administrator TO appluser@'%';
    Instead of the administrator role, you may grant a more restrictive set of privileges to the applier user if you want to restrict the SQL statements that can be replicated to the DB system. For example, if you use replication filter to replicate one schema only, you can restrict the privileges of the applier user to one schema with GRANT ALL ON <schema_name>.* TO appluser@'%';

The applier user is created and granted with the required privileges.