The following article shows what are the minimal privileges required for monitoring only. The follow functionality WILL NOT WORK with the minimal privileges:
- add node (granting is needed)
- create users from UI
- setup replication slave
Replace ADDRESS_OF_THE_CONTROLLER,CMON_PASSWORD, and ADDRESS_OF_THE_DATA_NODE.
mysql -ucmon -p -h<ADDRESS_OF_THE_DATA_NODE>
DELETE FROM mysql.user WHERE user='cmon' AND host='ADDRESS OF CONTROLLER';
FLUSH PRIVILEGES;
GRANT SUPER, SHOW DATABASES, REPLICATION CLIENT, PROCESS, SELECT, RELOAD ON *.* TO 'cmon'@'ADDRESS_OF_THE_CONTROLLER' IDENTIFIED BY 'CMON_PASSWORD';
#Restart cmon
service cmon restart
Comments
6 comments
Thanks for Sharing a wonderful content. It was very interesting. post regular updates.
Thank You soo Much! These SQL's help me a lot
Helpful breakdown! I faced issues with replication sync earlier due to limited GRANTs. After adjusting privileges and restarting
cmon, things stabilized. Clear and effective guide—thanks!Thanks for sharing this, This is really helpful for anyone wanting to set up monitoring without giving full administrative privileges. The breakdown of minimal GRANTs makes it clear which privileges are strictly needed for monitoring Galera, standard replication, or NDB clusters. I also appreciate the reminder that some functions like adding nodes or creating users still require additional privileges, which helps prevent accidental misconfigurations.
We33 Game is an online entertainment platform that focuses on providing users with a smooth and engaging gaming experience. It is designed with a clean and modern interface that makes it easy for players to navigate through different sections and access games without difficulty. Many users appreciate its fast loading speed and responsive design, which help ensure uninterrupted gameplay on both mobile devices and desktop systems.
This was a really useful breakdown because database permission management is one of those areas where people either overcomplicate things or accidentally grant way more access than necessary. I liked how the article focused on the principle of least privilege across Galera, replication, and NDB/MySQL Cluster setups, since keeping GRANTs minimal can seriously improve both security and operational stability. It’s also refreshing to see practical examples instead of only theoretical explanations because DB admins usually need solutions they can apply immediately in production environments. In a way, it reminds me of simplifying daily routines too — whether it’s optimizing infrastructure or choosing something convenient like a Nurri Protein Shake to save time without sacrificing quality. Have you personally tested these minimal GRANT configurations in a live cluster environment yet?
Please sign in to leave a comment.