MySQL

Overview

MySQL is an open-source relational database management system (RDBMS) known for its speed, reliability, and flexibility. It is widely used for web-based applications and supports SQL, the standard language for interacting with and managing data in a relational database.

Entitle can manage the following resources in MySQL:

• Servers
• Schemas
• Roles
• Views
• Tables

For more information about managed resources and roles, see here.

This page will provide you with instructions on how to integrate Entitle and MySQL.

Managed resources and roles

For more information about the managed resources and roles in the MySQL integration, please expand this section.

SELECT

SELECT, INSERT, UPDATE, DELETE

SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, PROCESS, REFERENCES,
INDEX, ALTER, SHOW_DATABASES, CREATE_TEMPORARY_TABLES, LOCK_TABLES, EXECUTE,
REPLICATION_SLAVE, REPLICATION_CLIENT, CREATE_VIEW, SHOW_VIEW, CREATE_ROUTINE, ALTER_ROUTINE,
CREATE_USER, EVENT, TRIGGER, CREATE_TABLESPACE

SELECT

SELECT, INSERT, UPDATE, DELETE

SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES,
INDEX, ALTER, CREATE_TEMPORARY_TABLES, LOCK_TABLES, CREATE_VIEW,
SHOW_VIEW, CREATE_ROUTINE, ALTER_ROUTINE, EXECUTE, EVENT, TRIGGER

SELECT

SELECT, INSERT, UPDATE, DELETE

SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES,
INDEX, ALTER, CREATE_VIEW, SHOW_VIEW, TRIGGER

SELECT

SELECT, INSERT, UPDATE, DELETE

SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES,
INDEX, ALTER, CREATE_VIEW, SHOW_VIEW, TRIGGER

General guidelines

💡

Note

• Entitle supports RDS MySQL and Non-RDS MySQL versions 5.7 and 8.0.
• Entitle does not support MySQL's native host-based authorization mechanism. Only permissions applied to all hosts will be manageable through Entitle.

• To integrate MySQL with Entitle, you need to:
  • Extract an admin user's credentials.
  • Obtain your MySQL instance's host and port.
  • Determine your MySQL version.
• Before setting up MySQL to work with Entitle, note that there are two different MySQL instances:
  1. Option 1 - RDS-managed MySQL instances that are stored in AWS and are a part of its service.
  2. Option 2 - non-RDS-managed MySQL instances that are stored anywhere in the world.

As a result, the initial steps of the integration process differ between non-RDS and RDS MySQL setups (specifically in stage 1 - creating a service account). The required permissions for the service account also vary between these two options.

Set up MySQL to work with Entitle

Stage 1: Create a service account for Entitle

• MySQL integration requires the user who is provided to have certain privileges. Follow the following steps to create a service account for Entitle and grant it the required permissions.

  Option 1: RDS-managed MySQL instances

  1. Log into your MySQL server using the command line interface.

  2. Create an administrative username and password combination in your MySQL instance, by running the following command:

     SQL

     CREATE USER 'entitle_service_account'@'%' IDENTIFIED BY 'password';
     GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, PROCESS, REFERENCES, INDEX, ALTER, SHOW DATABASES, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER ON *.* TO 'entitle_service_account'@'%' WITH GRANT OPTION;
     

  Option 2: Non-RDS-managed MySQL instances

  1. Log into your MySQL server using the command line interface.

  2. Create an administrative username and password combination in your MySQL instance, by running the following command:

     SQL

     CREATE USER 'entitle_service_account'@'%YOUR_DOMAIN%' IDENTIFIED BY 'password';
     GRANT ALL PRIVILEGES ON *.* TO 'entitle_service_account'@'%YOUR_DOMAIN%' WITH GRANT OPTION;
     FLUSH PRIVILEGES;
     

  3. Replace '%YOUR_DOMAIN%' with your MySQL instance domain.

  4. Copy the admin credentials, as you will use them later on.

Stage 2: Extract your organization’s instance host and port

1. Entitle requires your MySQL instance's host and port.
2. Copy these values, as you will use them later on.

Stage 3: Get your MySQL version

1. If you already know which MySQL version you have, you will add it to Entitle's configuration later.
2. Otherwise, run the following command in your MySQL command line interface - SELECT VERSION();.

Creating the integration in Entitle

All that is left to do is create an integration on the Entitle application.

1. Log into Entitle and navigate to the Integrations page.

2. After clicking the Add integration button, type MySQL in the Application field.

3. Don’t forget to set the Save on field with your configuration, i.e. your own hosted agent or Entitle’s cloud.

   

4. In the connection JSON, add the following information:

   1. Paste the admin's username and password to the user and password fields accordingly.
   2. Paste your instance host in the host field.
   3. Enter your host port in the port field, by default, it is set to 3306.
   4. Enter your RDS/Non-RDS MySQL version in the mysql_version field:
      1. MySQL version 5.7.x - type 5.7.
      2. MySQL version 8.0.x - type 8.0.

   Example Configuration JSON:

   JSON

   {
       "user": "<ADMIN_USERNAME>",
       "password": "<ADMIN_PASSWORD>",
       "host": "<HOST>",
       "port": 3306,
       "mysql_version": "<YOUR_MYSQL_VERSION>" (either 5.7 or 8.0)
   }
   
   

5. Finally, click Save.