Notes

mysql -h***.us-west-2.rds.amazonaws.com -uroot -p*** --raw --silent -e "SELECT CONCAT('SHOW GRANTS FOR ''', user, '''@''', host, ''';') AS query FROM mysql.user" > /tmp/users.sql

This command uses the MySQL command line tool to generate a SQL file called « users.sql » in the /tmp directory. The SQL file contains a series of SHOW GRANTS statements for each user on the database.

mysql -h***.us-west-2.rds.amazonaws.com -uroot -p*** --raw --silent -e "source /tmp/users.sql" > /tmp/grants.sql ​

This command executes the SHOW GRANTS statements in the « users.sql » file and saves the output to a new SQL file called « grants.sql » in the /tmp directory.

sed -i 's/$/;/g' /tmp/grants.sql

This command uses sed to add a semicolon at the end of each line in the « grants.sql » file. This is necessary to make the file a valid SQL script.

After running these commands, the « grants.sql » file in the /tmp directory will contain a series of GRANT statements for each user on the database, allowing you to easily see the permissions granted to each user.