Database account permissions for DTS data migration-Data Transmission Service(DTS)-阿里云帮助中心

Before you configure a DTS data migration task, create database accounts for the source and destination databases and grant the required permissions. The required permissions vary by database type and migration type (schema migration, full data migration, or incremental data migration).

The following tables list the required permissions for the source database and the destination database.

Source database account permissions

Database	Required permissions	References
ApsaraDB RDS for MySQL instance	Read permissions on the objects to migrate	Create accounts and databases and Modify the permissions of an account
Self-managed MySQL database	Schema migration: the SELECT permission on the objects to migrate Full data migration: the SELECT permission on the objects to migrate Incremental data migration: SELECT on the objects to migrate, REPLICATION CLIENT, REPLICATION SLAVE, SHOW VIEW, and CREATE permissions. DTS creates a database named `dts` to store heartbeat data.	Create an account for a self-managed MySQL database and configure binary logging
PolarDB for MySQL cluster	Read permissions on the objects to migrate	Create and manage a database account
PolarDB for Oracle cluster	Permissions of a privileged account	Create a database account
ApsaraDB RDS for MariaDB instance	Read permissions on the objects to migrate	Create a database and an account
ApsaraDB RDS for SQL Server instance	Schema migration: the SELECT permission on the objects to migrate Full data migration: the SELECT permission on the objects to migrate Incremental data migration: the owner permission on the object to migrate Note A privileged account has the required permissions.	Create a privileged account or a standard account
Self-managed SQL Server database	Schema migration: the SELECT permission on the objects to migrate Full data migration: the SELECT permission on the objects to migrate Incremental data migration: the permissions of the sysadmin role	CREATE USER
ApsaraDB RDS for PostgreSQL instance	Schema migration: the USAGE permission on pg_catalog Full data migration: the SELECT permission on the objects to migrate Incremental data migration: privileged account permissions. The account must be the database owner. Important If the source is an ApsaraDB RDS for PostgreSQL 9.4 instance and you migrate only DML operations, the account must have the REPLICATION permission.	Create an account and Create a database
Self-managed PostgreSQL database	Schema migration: the USAGE permission on pg_catalog Full data migration: the SELECT permission on the objects to migrate Incremental data migration: permissions of the superuser role	CREATE USER and GRANT
Self-managed Oracle database	Schema migration: permissions of the schema owner Full data migration: permissions of the schema owner Incremental data migration: permissions of the database administrator (DBA) Important If you cannot grant DBA permissions for incremental migration, grant fine-grained permissions instead. Migrate data from a self-managed Oracle database to an AnalyticDB for PostgreSQL instance.	CREATE USER and GRANT
ApsaraDB for MongoDB instance	Full data migration: read permissions on the source database Incremental data migration: read permissions on the source, admin, and local databases	Manage user permissions on MongoDB databases
Self-managed MongoDB database	Full data migration: read permissions on the source database Incremental data migration: read permissions on the source, admin, and local databases	db.createUser()
Tair (Redis OSS-compatible) instance	Read permissions on the objects to migrate	Create and manage database accounts
Self-managed Redis database	The source Redis database must support the `PSYNC` or `SYNC` command.	None
Self-managed TiDB database	SELECT on the objects to migrate and SHOW VIEW	Privilege Management
Self-managed Db2 database	Schema migration: the SELECT permission on the objects to migrate and the CONNECT permission Full data migration: the SELECT permission on the objects to migrate and the CONNECT permission Incremental data migration: the DBADM authority	Creating group and user IDs for a Db2 database installation and Authorities overview

Destination database account permissions

Database	Required permissions	How to authorize
ApsaraDB RDS for MySQL instance	Read and write permissions on the destination database	Create an account and Modify the permissions of an account
PolarDB for MySQL cluster	Read and write permissions on the destination database	Create and manage a database account
Self-managed MySQL database	The ALL permission on the destination database	Create an account for a self-managed MySQL database and configure binary logging
AnalyticDB for MySQL cluster	Version 2.0: DTS automatically creates and authorizes the account. No manual configuration required. Version 3.0: Read and write permissions on the destination database.	Version 3.0: Create a database account
PolarDB-X 1.0 instance	Read and write permissions on the destination database	Manage accounts
ApsaraDB RDS for MariaDB instance	Read and write permissions on the destination database	Create an account on an ApsaraDB RDS for MariaDB instance
ApsaraDB RDS for SQL Server instance	Read and write permissions on the destination database	Create a privileged account or a standard account
Self-managed SQL Server database	The ALL permission on the destination database	CREATE USER
ApsaraDB RDS for PostgreSQL instance	Schema migration: the CREATE and USAGE permissions on the migrated objects Full data migration: permissions of the schema owner Incremental data migration: the permissions of the schema owner	Create an account
Self-managed PostgreSQL database	The ALL permission on the destination database	CREATE USER and GRANT
PolarDB for Oracle cluster	Permissions of the schema owner	Create a database account
Self-managed Oracle database	Permissions of the schema owner	CREATE USER and GRANT
ApsaraDB for MongoDB instance	The dbAdminAnyDatabase permission, read/write permissions on the destination database, and read permissions on the local database	Manage user permissions on MongoDB databases
Self-managed MongoDB database	Read/write permissions on the destination database and read permissions on the local database	db.createUser()
Tair (Redis OSS-compatible) instance	If you use the instance password, no authorization is required. If you use a custom account, read/write permissions are required.	Create and manage database accounts
Self-managed Redis database	A valid database password.	None