My Oracle Support Banner

Innodb Cluster Ignores ipAllowList option and Creates Internal Users with Wildcard only (Doc ID 2910606.1)

Last updated on SEPTEMBER 04, 2023

Applies to:

MySQL Server - Version 8.0 and later
Information in this document applies to any platform.

Symptoms

On : 8.0 version, Privilege System

ACTUAL BEHAVIOR
---------------
Creating users on InnoDB Cluster still results in accounts using a general wildcard (%) as the host name and not the specific network(s).

EXPECTED BEHAVIOR
-----------------------
When creating the InnoDB Cluster with ipAllowList specified, it should create with the list specified.

STEPS
-----------------------
The issue can be reproduced at will with the following steps:
1. Create an InnoDB Cluster using ipAllowList specified.
2. Check the internal user details.
3. Confirm that host is a single wildcard and not the ip list as specified.

BUSINESS IMPACT
-----------------------
The issue has the following business impact:
Due to this issue, users cannot restrict the access enough for the cluster which affects security compliance (e.g. CIS).

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.