Contact UsGet started
© 2025 Direct Cursus Technology L.L.C.

Managed Service for MySQL API, REST: User.Update

Written by
Improved by
Updated at February 21, 2025

Updates a user in a cluster.

HTTP request

PATCH https://mdb.api.cloud.yandex.net/managed-mysql/v1/clusters/{clusterId}/users/{userName}

Path parameters

Field

Description

clusterId

string

Required field. ID of the cluster to update the user in.

To get this ID, make a ClusterService.List request.

userName

string

Required field. Name of the user to update.

To get this name, make a UserService.List request.

Body parameters

{
  "updateMask": "string",
  "password": "string",
  "permissions": [
    {
      "databaseName": "string",
      "roles": [
        "string"
      ]
    }
  ],
  "globalPermissions": [
    "string"
  ],
  "connectionLimits": {
    "maxQuestionsPerHour": "string",
    "maxUpdatesPerHour": "string",
    "maxConnectionsPerHour": "string",
    "maxUserConnections": "string"
  },
  "authenticationPlugin": "string",
  "generatePassword": "boolean"
}

Field

Description

updateMask

string (field-mask)

A comma-separated names off ALL fields to be updated.
Only the specified fields will be changed. The others will be left untouched.
If the field is specified in updateMask and no value for that field was sent in the request,
the field's value will be reset to the default. The default value for most fields is null or 0.

If updateMask is not sent in the request, all fields' values will be updated.
Fields specified in the request will be updated to provided values.
The rest of the fields will be reset to the default.

password

string

New password for the user.

permissions[]

Permission

A new set of permissions that should be granted to the user.

globalPermissions[]

enum (GlobalPermission)

New set of global permissions to grant to the user.

  • GLOBAL_PERMISSION_UNSPECIFIED

  • REPLICATION_CLIENT: Enables use of the SHOW MASTER STATUS, SHOW SLAVE STATUS, and SHOW BINARY LOGS statements.

  • REPLICATION_SLAVE: Enables the account to request updates that have been made to databases on the master server,
    using the SHOW SLAVE HOSTS, SHOW RELAYLOG EVENTS and SHOW BINLOG EVENTS statements.

  • PROCESS: Enables display of information about the the statements currently being performed by sessions (the set of threads executing within the server).

    The privilege enables use of SHOW PROCESSLIST or mysqladmin processlist to see threads belonging to other users.
    You can always see your own threads. The PROCESS privilege also enables use of SHOW ENGINE.

  • FLUSH_OPTIMIZER_COSTS: Enables use of the FLUSH OPTIMIZER_COSTS statement.

  • SHOW_ROUTINE: Enables a user to access definitions and properties of all stored routines (stored procedures and functions), even those for which the user is not named as the routine DEFINER.
    This access includes:
    The contents of the Information Schema ROUTINES table.
    The SHOW CREATE FUNCTION and SHOW CREATE PROCEDURE statements.
    The SHOW FUNCTION CODE and SHOW PROCEDURE CODE statements.
    The SHOW FUNCTION STATUS and SHOW PROCEDURE STATUS statements.

connectionLimits

ConnectionLimits

Set of changed user connection limits.

authenticationPlugin

enum (AuthPlugin)

New user authentication plugin.

generatePassword

boolean

Generate password using Connection Manager.

Permission

Field

Description

databaseName

string

Name of the database that the permission grants access to.

roles[]

enum (Privilege)

Roles granted to the user within the database.

See the documentation for details.

  • PRIVILEGE_UNSPECIFIED

  • ALL_PRIVILEGES: All privileges that can be made available to the user.

  • ALTER: Altering tables.

  • ALTER_ROUTINE: Altering stored routines and functions.

  • CREATE: Creating tables or indexes.

  • CREATE_ROUTINE: Creating stored routines.

  • CREATE_TEMPORARY_TABLES: Creating temporary tables.

  • CREATE_VIEW: Creating views.

  • DELETE: Deleting tables.

  • DROP: Removing tables or views.

  • EVENT: Creating, altering, dropping, or displaying events for the Event Scheduler.

  • EXECUTE: Executing stored routines.

  • INDEX: Creating and removing indexes.

  • INSERT: Inserting rows into the database.

  • LOCK_TABLES: Using LOCK TABLES statement for tables available with SELECT privilege.

  • SELECT: Selecting rows from tables.

    Some SELECT statements can be allowed without the SELECT privilege. All statements that read column values require the SELECT privilege.

    See MySQL documentation for details.

  • SHOW_VIEW: Using the SHOW CREATE VIEW statement. Also needed for views used with EXPLAIN.

  • TRIGGER: Creating, removing, executing, or displaying triggers for a table.

  • UPDATE: Updating rows in the database.

  • REFERENCES: Creation of a foreign key constraint for the parent table.

ConnectionLimits

Field

Description

maxQuestionsPerHour

string (int64)

The maximum permitted number of user questions per hour.

maxUpdatesPerHour

string (int64)

The maximum permitted number of user updates per hour.

maxConnectionsPerHour

string (int64)

The maximum permitted number of simultaneous client connections per hour.

maxUserConnections

string (int64)

The maximum number of simultaneous connections permitted to any given MySQL user account.

Response

HTTP Code: 200 - OK

{
  "id": "string",
  "description": "string",
  "createdAt": "string",
  "createdBy": "string",
  "modifiedAt": "string",
  "done": "boolean",
  "metadata": {
    "clusterId": "string",
    "userName": "string"
  },
  // Includes only one of the fields `error`, `response`
  "error": {
    "code": "integer",
    "message": "string",
    "details": [
      "object"
    ]
  },
  "response": {
    "name": "string",
    "clusterId": "string",
    "permissions": [
      {
        "databaseName": "string",
        "roles": [
          "string"
        ]
      }
    ],
    "globalPermissions": [
      "string"
    ],
    "connectionLimits": {
      "maxQuestionsPerHour": "string",
      "maxUpdatesPerHour": "string",
      "maxConnectionsPerHour": "string",
      "maxUserConnections": "string"
    },
    "authenticationPlugin": "string",
    "connectionManager": {
      "connectionId": "string"
    }
  }
  // end of the list of possible fields
}

An Operation resource. For more information, see Operation.

Field

Description

id

string

ID of the operation.

description

string

Description of the operation. 0-256 characters long.

createdAt

string (date-time)

Creation timestamp.

String in RFC3339 text format. The range of possible values is from
0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z, i.e. from 0 to 9 digits for fractions of a second.

To work with values in this field, use the APIs described in the
Protocol Buffers reference.
In some languages, built-in datetime utilities do not support nanosecond precision (9 digits).

createdBy

string

ID of the user or service account who initiated the operation.

modifiedAt

string (date-time)

The time when the Operation resource was last modified.

String in RFC3339 text format. The range of possible values is from
0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z, i.e. from 0 to 9 digits for fractions of a second.

To work with values in this field, use the APIs described in the
Protocol Buffers reference.
In some languages, built-in datetime utilities do not support nanosecond precision (9 digits).

done

boolean

If the value is false, it means the operation is still in progress.
If true, the operation is completed, and either error or response is available.

metadata

UpdateUserMetadata

Service-specific metadata associated with the operation.
It typically contains the ID of the target resource that the operation is performed on.
Any method that returns a long-running operation should document the metadata type, if any.

error

Status

The error result of the operation in case of failure or cancellation.

Includes only one of the fields error, response.

The operation result.
If done == false and there was no failure detected, neither error nor response is set.
If done == false and there was a failure detected, error is set.
If done == true, exactly one of error or response is set.

response

User

The normal response of the operation in case of success.
If the original method returns no data on success, such as Delete,
the response is google.protobuf.Empty.
If the original method is the standard Create/Update,
the response should be the target resource of the operation.
Any method that returns a long-running operation should document the response type, if any.

Includes only one of the fields error, response.

The operation result.
If done == false and there was no failure detected, neither error nor response is set.
If done == false and there was a failure detected, error is set.
If done == true, exactly one of error or response is set.

UpdateUserMetadata

Field

Description

clusterId

string

ID of the cluster the user is being updated in.

userName

string

Name of the user that is being updated.

Status

The error result of the operation in case of failure or cancellation.

Field

Description

code

integer (int32)

Error code. An enum value of google.rpc.Code.

message

string

An error message.

details[]

object

A list of messages that carry the error details.

User

An object that represents MySQL user.

See the documentation for details.

Field

Description

name

string

Name of the user.

clusterId

string

ID of the cluster the user belongs to.

permissions[]

Permission

Set of permissions granted to the user.

globalPermissions[]

enum (GlobalPermission)

Set of global permissions to grant to the user.

  • GLOBAL_PERMISSION_UNSPECIFIED

  • REPLICATION_CLIENT: Enables use of the SHOW MASTER STATUS, SHOW SLAVE STATUS, and SHOW BINARY LOGS statements.

  • REPLICATION_SLAVE: Enables the account to request updates that have been made to databases on the master server,
    using the SHOW SLAVE HOSTS, SHOW RELAYLOG EVENTS and SHOW BINLOG EVENTS statements.

  • PROCESS: Enables display of information about the the statements currently being performed by sessions (the set of threads executing within the server).

    The privilege enables use of SHOW PROCESSLIST or mysqladmin processlist to see threads belonging to other users.
    You can always see your own threads. The PROCESS privilege also enables use of SHOW ENGINE.

  • FLUSH_OPTIMIZER_COSTS: Enables use of the FLUSH OPTIMIZER_COSTS statement.

  • SHOW_ROUTINE: Enables a user to access definitions and properties of all stored routines (stored procedures and functions), even those for which the user is not named as the routine DEFINER.
    This access includes:
    The contents of the Information Schema ROUTINES table.
    The SHOW CREATE FUNCTION and SHOW CREATE PROCEDURE statements.
    The SHOW FUNCTION CODE and SHOW PROCEDURE CODE statements.
    The SHOW FUNCTION STATUS and SHOW PROCEDURE STATUS statements.

connectionLimits

ConnectionLimits

Set of user connection limits.

authenticationPlugin

enum (AuthPlugin)

User authentication plugin.

connectionManager

ConnectionManager

Connection Manager Connection and settings associated with user. Read only field.

Permission

Field

Description

databaseName

string

Name of the database that the permission grants access to.

roles[]

enum (Privilege)

Roles granted to the user within the database.

See the documentation for details.

  • PRIVILEGE_UNSPECIFIED

  • ALL_PRIVILEGES: All privileges that can be made available to the user.

  • ALTER: Altering tables.

  • ALTER_ROUTINE: Altering stored routines and functions.

  • CREATE: Creating tables or indexes.

  • CREATE_ROUTINE: Creating stored routines.

  • CREATE_TEMPORARY_TABLES: Creating temporary tables.

  • CREATE_VIEW: Creating views.

  • DELETE: Deleting tables.

  • DROP: Removing tables or views.

  • EVENT: Creating, altering, dropping, or displaying events for the Event Scheduler.

  • EXECUTE: Executing stored routines.

  • INDEX: Creating and removing indexes.

  • INSERT: Inserting rows into the database.

  • LOCK_TABLES: Using LOCK TABLES statement for tables available with SELECT privilege.

  • SELECT: Selecting rows from tables.

    Some SELECT statements can be allowed without the SELECT privilege. All statements that read column values require the SELECT privilege.

    See MySQL documentation for details.

  • SHOW_VIEW: Using the SHOW CREATE VIEW statement. Also needed for views used with EXPLAIN.

  • TRIGGER: Creating, removing, executing, or displaying triggers for a table.

  • UPDATE: Updating rows in the database.

  • REFERENCES: Creation of a foreign key constraint for the parent table.

ConnectionLimits

Field

Description

maxQuestionsPerHour

string (int64)

The maximum permitted number of user questions per hour.

maxUpdatesPerHour

string (int64)

The maximum permitted number of user updates per hour.

maxConnectionsPerHour

string (int64)

The maximum permitted number of simultaneous client connections per hour.

maxUserConnections

string (int64)

The maximum number of simultaneous connections permitted to any given MySQL user account.

ConnectionManager

Field

Description

connectionId

string

ID of Connection Manager Connection
Previous
Create
Next
Delete