CREATE USER

Description

This statement is used to create a user. The common account can be used to log in and operate Palo later.

CREATE USER user_identity
[IDENTIFIED BY 'password']
[DEFAULT ROLE 'role_name']

• user_identity

  User identity.

  'user_name'@'host'

• passwrod

  Password. Optional, default to empty.

• role

  Role. If specified, user will have the grant to change roles.

Example

1. Create a user with no password set (if host is not specified, then equivalent to jack@'%')

   CREATE USER 'jack';

2. Create a user set with password, allow login from' 172.10.1.10'

   CREATE USER jack@'172.10.1.10' IDENTIFIED BY '123456';

3. To avoid passing plaintext, use case 2 can also be created in the following way

   CREATE USER jack@'172.10.1.10' IDENTIFIED BY PASSWORD '*6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9';

   The encrypted content can be obtained by the PASSWORD function later, for example:

   SELECT PASSWORD('123456');

4. Create a user who is allowed to log in from the' 192.168' subnet and specify its role as example_role

   CREATE USER 'jack'@'192.168.%' DEFAULT ROLE 'example_role';

5. Create a user who is allowed to log in from the domain name' example_domain'

   CREATE USER 'jack'@['example_domain'] IDENTIFIED BY '12345';

6. Create a user and specify a role

   CREATE USER 'jack'@'%' IDENTIFIED BY '12345' DEFAULT ROLE 'my_role';

Keywords

CREATE, USER

Best Practices

1. Users and roles

   The role specified for creating a user must already exist, which can be used to create a role by CREATE ROLE command.