Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
package-authoring
pulumi-ai
pulumi-cdk
pulumi-cloud
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Title
t
tall-winter-40504
01/13/2021, 8:29 PMHi… I’m trying to use the API here: https://www.pulumi.com/docs/reference/pkg/mysql/grant/ to create a user and grant them some permissions for a MySQL db in an RDS instance with no luck. Any help appreciated!
b
billowy-army-68599
01/13/2021, 8:31 PMcan you share the code you have any the problem you're facing?
t
tall-winter-40504
01/13/2021, 8:32 PMI’m doing
db_user = mysql.User(
resource_name="db-user",
user="actualuser",
plaintext_password=secret_from_config,
host=rds_instance.address,
opts=mysql_opts)mysql_optsmysql_provider = mysql.Provider(
resource_name="db-provider",
endpoint=rds_instance.endpoint,
username=rds_instance.username,
password=config_secret,
)
mysql_opts = pulumi.ResourceOptions(provider=mysql_provider)In my RDS instance pulumi statement I’m creating an
adminmysqlmysql -h <http://somelongstring.us-west-2.rds.amazonaws.com|somelongstring.us-west-2.rds.amazonaws.com> -u admin -pSo I think the RDS is getting correctly set up… it’s just these other
mysqlIf I run
select user from mysql.user;actualusermysqlAlso if I connect to the db using the
adminb
billowy-army-68599
01/13/2021, 9:36 PMI suspect the issue might be related to
plaintext_passwordsecret_from_configplaintext_password👍 1
t
tall-winter-40504
01/13/2021, 9:46 PMtried with a simple string…. still can’t use the
mysqlb
billowy-army-68599
01/13/2021, 11:16 PMyou should be able to see the logs and verify the password is being set in mysql, i'd go there next
ohhh I just realized this is why:
https://www.pulumi.com/docs/reference/pkg/mysql/user/#host_nodejs
the host you've set for the user is the rds instance address, try this
db_user = mysql.User(
resource_name="db-user",
user="actualuser",
plaintext_password=secret_from_config,
host=0.0.0.0,
opts=mysql_opts)@tall-winter-40504
t
tall-winter-40504
01/13/2021, 11:19 PMWow I just noticed the same 😛
Literally seconds before you sent me that message. It’s good to get confirmation from someone else though… I haven’t tried it yet.
I also only noticed maybe I’m using the wrong host value but wasn’t sure what to put there so thanks for the
0.0.0.0Hmm still Access Denied 😞
grantNvm based on documentation doesn’t seem related.
Trying host
%THAT DID IT!
ok so it appears I do need
grant=TrueEarlier when I said I successfully got it to work… that line was left in my code from an earlier experiment…
I removed it assuming it was a failed experiment now that I had finally gotten things to work but that just broke things again.
Based on the documentation for what that parameter should be doing, this behavior seems incorrect.
Should I file a bug somewhere?
See output below with and without `grant=True`:
mysql> show grants for webserver;
+---------------------------------------------------------+
| Grants for webserver@% |
+---------------------------------------------------------+
| GRANT PROCESS ON *.* TO `webserver`@`%` |
| GRANT ALL PRIVILEGES ON `databasename`.* TO `webserver`@`%` |
+---------------------------------------------------------+
2 rows in set (0.03 sec)
mysql> show grants for webserver;
+---------------------------------------+
| Grants for webserver@% |
+---------------------------------------+
| GRANT USAGE ON *.* TO `webserver`@`%` |
+---------------------------------------+
1 row in set (0.03 sec)