...
- Create a new db user <stack><instance>User
- Generate a unique password for that user, important to not share passwords to decrease chances of accidently stomping on the wrong data. On windows, I use KeePass to generate a 40-bit hex key.
- Generate a unique encryption key for the user. Here use a 128-bit hex key. Update /gluster/work/platform/PasswordsAndCredentials/StackCredentials/IAMUsers/credentials.csv on sodo with appropriate security info.
- Create the schema <stack><instance>
- For staging / prod systems, grant the user ability to SELECT and INSERT on the common idGeneratorDB schema
- Grant the user all permissions except GRANT OPTION, CREATE ROUTINE, ALTER ROUTINE, and TRIGGER on their own schema
- Important: do not hand out this use to multiple instances
...