0

I am working on a rather unique requirement. I am not into databases so please pardon my ignorance.

I have a MySql database hosted on AWS. I need to create multiple databases for multiple clients (1:1). Our solution needs to provide Create/Read/Update/Delete (CRUD) rights to the client at the data level but I as the vendor/solution provider is allowed only read access and can not Create/Update/Delete data in the databases.

However, as the vendor I may need to perform database administrator level activities like start, stop, backup, migrate etc. This type of requirement is to establish the confidence in the client that they and only they can write/update/delete to the database and no one else can.

This is a unique situation where I as the host can perform administrative tasks at the database management level but not at the data level.

Are there provisions in MySql or any other RDBMS to implement such scenario out of the box? If not, any suggestions on how this requirement can be implemented will be greatly appreciated.

Stu
  • 30,392
  • 6
  • 14
  • 33
Hanzyusuf
  • 369
  • 5
  • 11
  • 4
    Not possible. If you can do admin tasks then by default you will be able to do what you want with the DB. – Charlieface May 30 '21 at 10:06
  • And basic maintenance requires admin access? Basic maintenance like restart, shutdown, backup, archive, etc. So no possible way to create a maintenance only user who cannot write on the tables itself, but perform maintenance on the database as a whole? @Charlieface – Hanzyusuf May 30 '21 at 19:44
  • 2
    An admin who has access to the physical server, or has admin rights on the operating system, by definition has carte blanche to do whatever they want. If all you need to do is backup rights, that is possible (and perhaps restart too), but as soon as you have full admin rights on the box you are unstoppable. Clients need to rely on professionalism on the part of vendors and administrators. – Charlieface May 30 '21 at 22:57
  • @Charlieface sorry, let me try to ask it this way again: I have full rights to the server, but on the individual databases, I need only read access. even if I can delete that database, it should not matter, but I should not be able to modify or add data to the tables of that database, the data is important. – Hanzyusuf Jun 01 '21 at 10:11
  • 1
    Again, if you have full rights to the server then customers should not expect that it is impossible for you to edit anything you want. Ultimately you as the database administrator needs admin rights, and you will then always be able to give yourself access to the data even if you try to lock it down. Either they rely on your professionalism, or they use something like `AlwaysEncrypted` to ensure the server-side has no access to the data. – Charlieface Jun 01 '21 at 10:34

0 Answers0