Merge pull request #303965 from Molishv/patch-7

prmerger-automator[bot] · web-flow · commit 5e9c898248d3 · 2025-08-07T13:42:52.000Z
Update best-practices-least-privileged-account.md
diff --git a/articles/migrate/best-practices-least-privileged-account.md b/articles/migrate/best-practices-least-privileged-account.md
@@ -361,10 +361,16 @@ Ensure that the user who corresponds to the added MySQL credentials has the foll
 - Select permission on `information_schema` tables
 - Select permission on `mysql.users` tables
 
+For MySQL discovery, ensure the appliance's IP or domain is allowed by configuring the necessary firewall rules and MySQL user privileges. The bind-address in my.cnf should also be set to allow external connections if needed.
+
 Use the following commands to grant the necessary privileges to the MySQL user:
 
-```sql
-GRANT USAGE ON . TO 'newuser'@'localhost'; GRANT PROCESS ON . TO 'newuser'@'localhost'; GRANT SELECT (User, Host, Super_priv, File_priv, Create_tablespace_priv, Shutdown_priv) ON mysql.user TO 'newuser'@'localhost'; FLUSH PRIVILEGES;`. .
+```Mysql
+GRANT USAGE ON *.* TO 'username@ip'; 
+GRANT PROCESS ON *.* TO 'username@ip'; 
+GRANT SELECT (User, Host, Super_priv, File_priv, Create_tablespace_priv, Shutdown_priv) ON mysql.user TO 'username@ip';
+GRANT SELECT ON information_schema.* TO 'username@ip';
+GRANT SELECT ON performance_schema.* TO username@ip';
 
 ```
 
