MySQL 8.4 Reference Manual Including MySQL NDB Cluster 8.4
SET DEFAULT ROLE
{NONE | ALL | role [, role ] ...}
TO user [, user ] ...
For each user named immediately after
the TO keyword, this statement defines which
roles become active when the user connects to the server and
authenticates, or when the user executes the
SET ROLE
DEFAULT statement during a session.
SET DEFAULT ROLE is alternative
syntax for ALTER
USER ... DEFAULT ROLE (see
Section 15.7.1.1, “ALTER USER Statement”). However,
ALTER USER can set the default
for only a single user, whereas SET DEFAULT
ROLE can set the default for multiple users. On the
other hand, you can specify CURRENT_USER as
the user name for the ALTER USER
statement, whereas you cannot for SET
DEFAULT ROLE.
SET DEFAULT ROLE requires these
privileges:
Setting the default roles for another user requires the
global CREATE USER privilege,
or the UPDATE privilege for
the mysql.default_roles system table.
Setting the default roles for yourself requires no special privileges, as long as the roles you want as the default have been granted to you.
Each role name uses the format described in Section 8.2.5, “Specifying Role Names”. For example:
SET DEFAULT ROLE 'admin', 'developer' TO 'joe'@'10.0.0.1';
The host name part of the role name, if omitted, defaults to
'%'.
The clause following the DEFAULT ROLE
keywords permits these values:
NONE: Set the default to
NONE (no roles).
ALL: Set the default to all roles granted
to the account.
role [,
role ] ...SET DEFAULT
ROLE is executed.
SET DEFAULT ROLE and
SET ROLE
DEFAULT are different statements:
SET DEFAULT ROLE defines
which account roles to activate by default within account
sessions.
SET ROLE
DEFAULT sets the active roles within the current
session to the current account default roles.
For role usage examples, see Section 8.2.10, “Using Roles”.