My SQL
Schema-driven source documentation.
MYSQL45 fields3 examples
Commonly Asked Questions
Assistant knowledge mapped to this source type from
assistant_knowledge.json.Required
Fields required for a valid configuration payload under `config.required`.
| Path | Type | Required | Description | Default | Constraints |
|---|---|---|---|---|---|
| required | object | Yes | — | — | no extra properties |
| required.host | string | Yes | MySQL host | localhost | — |
| required.port | integer | Yes | MySQL port | 3306 | min 1, max 65535 |
Masked
Sensitive fields under `config.masked` (secrets/credentials).
| Path | Type | Required | Description | Default | Constraints |
|---|---|---|---|---|---|
| masked | object | Yes | — | — | no extra properties |
| masked.password | string | Yes | Database password | — | — |
| masked.ssl_ca | string | No | PEM-encoded CA certificate for SSL/TLS verification. Paste the full certificate content (-----BEGIN CERTIFICATE----- ... -----END CERTIFICATE-----). Required when ssl_mode is VERIFY_CA or VERIFY_IDENTITY. | — | — |
| masked.username | string | Yes | Database username | — | — |
Optional
Optional configuration fields under `config.optional`.
| Path | Type | Required | Description | Default | Constraints |
|---|---|---|---|---|---|
| optional | object | No | — | — | no extra properties |
| optional.connection | object | No | Connection tuning for MySQL. | — | no extra properties |
| optional.connection.allow_public_key_retrieval | boolean | No | Allow automatic RSA public key retrieval from the server for caching_sha2_password authentication (MySQL 8+). Only needed when not using SSL and connecting to MySQL 8 servers using the default authentication plugin. | false | — |
| optional.connection.connect_timeout_seconds | integer | No | Connection timeout in seconds | 10 | min 1, max 120 |
| optional.connection.ssl_mode | enum | No | SSL/TLS connection mode. DISABLED: no TLS; PREFERRED: TLS when available (default); REQUIRED: mandate TLS without certificate verification; VERIFY_CA: mandate TLS and verify the CA certificate (requires ssl_ca); VERIFY_IDENTITY: mandate TLS, verify CA, and verify server hostname. Allowed values: DISABLED, PREFERRED, REQUIRED, VERIFY_CA, VERIFY_IDENTITY | PREFERRED | — |
| optional.scope | object | No | Database and table selection scope. | — | no extra properties |
| optional.scope.database | string | No | Single database to scan (optional when include_all_databases is true) | — | — |
| optional.scope.exclude_databases | array | No | Database denylist (exact database names) | ["information_schema","mysql","performance_schema","sys"] | — |
| optional.scope.exclude_databases[] | string | No | — | — | — |
| optional.scope.include_all_databases | boolean | No | Scan all visible databases except excluded system databases | false | — |
| optional.scope.include_tables | array | No | Optional table allowlist. Accepted forms: table or database.table | — | — |
| optional.scope.include_tables[] | string | No | — | — | — |
| optional.scope.table_limit | integer | No | Optional cap on number of table assets extracted per database | — | min 1 |
Examples
Reference payloads generated from shared source examples JSON.
Quick discovery scan
Discover all tables in the server with random row sampling — works on any MySQL instance
Schedule
{
"enabled": true,
"preset": "weekday_business",
"cron": "11 11 * * 1-5",
"timezone": "UTC"
}Config Payload
{
"type": "MYSQL",
"required": {
"host": "your-host",
"port": 3306
},
"masked": {
"username": "your-username",
"password": "your-password"
},
"optional": {
"scope": {
"include_all_databases": true
}
},
"sampling": {
"strategy": "RANDOM",
"rows_per_page": 50
}
}All databases nightly governance scan
Scan all user databases (excluding system databases) with latest-row sampling for data governance
Schedule
{
"enabled": true,
"preset": "nightly",
"cron": "43 1 * * *",
"timezone": "UTC"
}Config Payload
{
"type": "MYSQL",
"required": {
"host": "your-host",
"port": 3306
},
"masked": {
"username": "your-username",
"password": "your-password"
},
"optional": {
"scope": {
"include_all_databases": true
}
},
"sampling": {
"strategy": "LATEST",
"fallback_to_random": true,
"rows_per_page": 50
}
}PII and secrets detection
Run PII and secrets detectors on all tables — useful for GDPR or SOC 2 readiness
Schedule
{
"enabled": true,
"preset": "weekday_morning",
"cron": "37 8 * * 1-5",
"timezone": "UTC"
}Config Payload
{
"type": "MYSQL",
"required": {
"host": "your-host",
"port": 3306
},
"masked": {
"username": "your-username",
"password": "your-password"
},
"optional": {
"scope": {
"include_all_databases": true
}
},
"sampling": {
"strategy": "RANDOM",
"rows_per_page": 30
},
"detectors": [
{
"type": "SECRETS",
"enabled": true
},
{
"type": "PII",
"enabled": true
}
]
}