From 36d3ac03be5ff83ed475b318557a7a453bbc888c Mon Sep 17 00:00:00 2001
From: Patrick Birch <48594400+patrickbirch@users.noreply.github.com>
Date: Fri, 30 Aug 2024 10:49:29 -0500
Subject: [PATCH] PXC-4460 Update topics for deprecated mysql_native_password

	modified:   docs/load-balance-proxysql.md
	modified:   docs/upgrade-guide.md
	modified:   docs/virtual-sandbox.md
---
 docs/load-balance-proxysql.md | 13 ++++++++++++-
 docs/upgrade-guide.md         |  6 ++++--
 docs/virtual-sandbox.md       | 30 +++++++++++++++++++++++++++++-
 3 files changed, 45 insertions(+), 4 deletions(-)

diff --git a/docs/load-balance-proxysql.md b/docs/load-balance-proxysql.md
index 38731396..2ce77fe7 100644
--- a/docs/load-balance-proxysql.md
+++ b/docs/load-balance-proxysql.md
@@ -217,10 +217,21 @@ To enable monitoring of Percona XtraDB Cluster nodes in ProxySQL,
 create a user with `USAGE` privilege on any node in the cluster
 and configure the user in ProxySQL.
 
-The following example shows how to add a monitoring user on Node 2:
+The following example adds a monitoring user on Node 2 if you are using the deprecated `mysql_native_password` authentication method:
 
 ```{.bash data-prompt="mysql@pxc2>"}
 mysql@pxc2> CREATE USER 'proxysql'@'%' IDENTIFIED WITH mysql_native_password by '$3Kr$t';
+```
+
+The following example adds a monitoring user on Node 2 if you are using the  `caching_sha2_password` authentication method:
+
+```{.bash data-prompt="mysql@pxc2>"}
+mysql@pxc2> CREATE USER 'proxysql'@'%' IDENTIFIED WITH caching_sha2_password by '$3Kr$t';
+```
+
+Grant the user account privileges:
+
+```{.bash data-prompt="mysql@pxc2>"}
 mysql@pxc2> GRANT USAGE ON *.* TO 'proxysql'@'%';
 ```
 
diff --git a/docs/upgrade-guide.md b/docs/upgrade-guide.md
index d4905ffc..d2c87af9 100644
--- a/docs/upgrade-guide.md
+++ b/docs/upgrade-guide.md
@@ -109,8 +109,10 @@ and CentOS) to the new location accordingly.
 ### caching_sha2_password is the default authentication plugin
 
 In Percona XtraDB Cluster 8.0, the default authentication plugin is
-`caching_sha2_password`. The ProxySQL option
-[–syncusers](proxysql-v2.md#pxc-proxysql-v2-admin-tool-syncusers) will not work if the Percona XtraDB Cluster user is
+`caching_sha2_password`. In ProxySQL 2.6.2 or later, use the `caching_sha2_password` authentication method.
+
+If you are using a version before ProxySQL 2.6.2, the option
+[–syncusers](proxysql-v2.md#pxc-proxysql-v2-admin-tool-syncusers) would not work if the Percona XtraDB Cluster user is
 created using `caching_sha2_password`. Use the `mysql_native_password`
 authentication plugin in these cases.
 
diff --git a/docs/virtual-sandbox.md b/docs/virtual-sandbox.md
index 0d954e35..921d52cf 100644
--- a/docs/virtual-sandbox.md
+++ b/docs/virtual-sandbox.md
@@ -309,10 +309,23 @@ elected for write requests.
 To enable monitoring of Percona XtraDB Cluster nodes in ProxySQL, create a user with `USAGE`
 privilege on any node in the cluster and configure the user in ProxySQL.
 
-The following example shows how to add a monitoring user on Node 2:
+The following example shows how to add a monitoring user on Node 2 if you are using the deprecated `mysql_native_password` authentication method:
 
 ```{.bash data-prompt="mysql>"}
 mysql> CREATE USER 'proxysql'@'%' IDENTIFIED WITH mysql_native_password BY 'ProxySQLPa55';
+```
+
+The following example adds a monitoring user on Node 2 if you are using the  `caching_sha2_password` authentication method:
+
+```{.bash data-prompt="mysql>"}
+mysql> CREATE USER 'proxysql'@'%' \
+        IDENTIFIED WITH caching_sha2_password \
+        BY 'ProxySQLPa55';
+```
+
+For either authentication method, run the following command to give the user account named 'proxysql' permission to connect to any database and perform basic actions like checking if the database is read-only. This privilege is often used for tools that need to monitor or interact with a MySQL server.
+
+```{.bash data-prompt="mysql>"}
 mysql> GRANT USAGE ON *.* TO 'proxysql'@'%';
 ```
 
@@ -448,10 +461,25 @@ root@proxysql:~# mysql -u appuser -p$3kRetp@$sW0rd -h 127.0.0.1 -P 6033
     To provide read/write access to the cluster for ProxySQL, add this user on one
     of the Percona XtraDB Cluster nodes:
 
+The following example adds an `appuser` user account, if you are using the deprecated `mysql_native_password` authentication method:
+
 ```{.bash data-prompt="mysql>"}
 mysql> CREATE USER 'appuser'@'192.168.70.74'
 IDENTIFIED WITH mysql_native_password by '$3kRetp@$sW0rd';
+```
+
+The following example adds an `appuser` user account if you are using the  `caching_sha2_password` authentication method:
+
+```{.bash data-prompt="mysql>"}
+mysql> CREATE USER 'appuser'@'192.168.70.74' \
+        IDENTIFIED WITH caching_sha2_password \
+        BY '$3kRetp@$sW0rd';
+```
+
+The following example command grants the `appuser` account all privileges on all databases and tables.
 
+
+```{.bash data-prompt="mysql>"}
 mysql> GRANT ALL ON *.* TO 'appuser'@'192.168.70.74';
 ```