MySQL 9.1 Release Notes
SET DEFAULT ROLE
{NONE | ALL | role [, role ] ...}
TO user [, user ] ...
For each user named immediately after
the TO keyword, this statement defines which
roles become active when the user connects to the server and
authenticates, or when the user executes the
SET ROLE
DEFAULT statement during a session.
SET DEFAULT ROLE is alternative
syntax for ALTER
USER ... DEFAULT ROLE (see
Section 15.7.1.1, “ALTER USER Statement”). However,
ALTER USER can set the default
for only a single user, whereas SET DEFAULT
ROLE can set the default for multiple users. On the
other hand, you can specify CURRENT_USER as
the user name for the ALTER USER
statement, whereas you cannot for SET
DEFAULT ROLE.
SET DEFAULT ROLE requires these
privileges:
Setting the default roles for another user requires the global
CREATE USERprivilege, or theUPDATEprivilege for themysql.default_rolessystem table.Setting the default roles for yourself requires no special privileges, as long as the roles you want as the default have been granted to you.
Each role name uses the format described in Section 8.2.5, “Specifying Role Names”. For example:
SET DEFAULT ROLE 'admin', 'developer' TO 'joe'@'10.0.0.1';
The host name part of the role name, if omitted, defaults to
'%'.
The clause following the DEFAULT ROLE
keywords permits these values:
NONE: Set the default toNONE(no roles).ALL: Set the default to all roles granted to the account.role[,role] ...SET DEFAULT ROLEis executed.
Note
SET DEFAULT ROLE and
SET ROLE
DEFAULT are different statements:
SET DEFAULT ROLEdefines which account roles to activate by default within account sessions.SET ROLE DEFAULTsets the active roles within the current session to the current account default roles.
For role usage examples, see Section 8.2.10, “Using Roles”.