Steps
Go to the SQL Console
Create a user named
KUBIT
. The Kubit team will generate and share a strong password which you should use to create the user.CREATE USER KUBIT IDENTIFIED WITH sha256_password BY '*****';
Create a role named
KUBIT_R
CREATE ROLE OR REPLACE KUBIT_R;
Create a role named
KUBIT_W
CREATE ROLE OR REPLACE KUBIT_W;
Create a database named
KUBIT_DB
CREATE DATABASE KUBIT_DB;
Grant
KUBIT_W
the permissions to read and write fromKUBIT_DB
database. This will allow us to create any auxiliary tables or views thereGRANT SELECT,INSERT,ALTER,CREATE,DROP,TRUNCATE,SHOW,CLUSTER ON KUBIT_DB.* TO KUBIT_W;
Add read-only (SELECT) permissions to the
KUBIT_R
role to the intended tables/views andKUBIT_DB
GRANT SELECT ON KUBIT_DB TO KUBIT_R; GRANT SELECT ON table/view TO KUBIT_R;
Setup IP whitelisting , Kubit IPs are available here
π Best Practice
Create one more user, roles and service for development purposes in order to isolate the impact on the production environment and avoid accidents.