AWS RDS MySQL Error 1227 happens while trying to import the logical backup taken using mysqldump to an Amazon Relational Database Service (Amazon RDS) MySQL DB instance that has automated backups enabled.
Here at Ibmi Media, as part of our Server Management Services, we regularly help our Customers to perform related AWS queries.
When this issue happen, you will see an error message such as this:
Error: 1227 SQLSTATE: 42000 (ER_SPECIFIC_ACCESS_DENIED_ERROR) Access denied; you need (at least one of) the %s privilege(s) for this operation.
Basically, this error happens when the database has the binary log enabled, and the mysqldump file contains a stored object (a trigger, view, function, or event).
If any create statements don't include the "NO SQL," "READS SQL DATA," or "DETERMINISTIC" keywords, then MySQL can't create those objects, and the import fails with error 1227.
To resolve error 1227, we must change the parameter group value of log_bin_trust_function_creators to 1.
To relax this condition and allow the import of all the objects, we must set the global log_bin_trust_function_creators system variables to 1 through the Amazon RDS custom DB parameter group.
Note: We can't change values in a default parameter group. Instead, associate a custom parameter group to the DB instance if the default parameter group is currently associated with the DB instance. After we associate a new parameter group to our RDS DB instance, we must reboot your DB instance.
For custom parameter group attached to DB instance
The steps to follow are given below:
1. First, we must open the Amazon RDS console, and choose Parameter groups from the navigation pane.
2. Then choose the custom parameter group name that is associated to your DB instance.
3. After that enter log_bin_trust_function_creators in the Filter parameters field and then choose Edit Parameters.
4. Now change the Values for log_bin_trust_function_creators to 1.
5. Finally Save changes.
For default parameter group attached to RDS DB instance:
The steps to follow are given below:
1. First we must open the Amazon RDS console, and then choose Parameter groups from the navigation pane.
2. After that select Create a parameter group and then Parameter group family that matches the DB instance.
3. Now we can enter a Group name and Description, and then click Create.
4. After choosing the new parameter group name, enter log_bin_trust_function_creators in the Filter parameters field.
5. Then we must take Edit parameters, and change the Values for log_bin_trust_function_creators to 1.
6. Now Save changes.
7. And choose Databases, select the DB instance, and click Modify.
8. From the Database options we must choose the new parameter group created and click Continue.
9. Then choose Apply immediately or Apply during the next scheduled maintenance window.
10. After that Modify DB Instance.
11. Finally, we must manually reboot the DB instance so that the parameter group status is in sync.
This article covers how to fix AWS RDS MySQL Error 1227 for our customers. In order to fix this issue, you’ll need to leverage DB parameter groups. To modify parameter values in a customer-created DB parameter group, you can’t change the parameter values in a default DB parameter group. Changes to parameters in a customer-created DB parameter group are applied to all DB instances that are associated with the DB parameter group.
To modify a DB parameter group, use the AWS CLI modify-db-parameter-group command with the following required parameters:
--db-parameter-group-name
--parameters