Service Summary -> ERROR 1045 (28000): Access denied for user 'pmm'@'localhost' (using password: YES)

Percona Monitoring and Management (PMM)
1

Description:

In MySQL → Summary → Service Summary, I’m getting:

ERROR 1045 (28000): Access denied for user 'pmm'@'localhost' (using password: YES)
2026_02_11_13_06_44 Cannot connect to MySQL.  Check that MySQL is running and that the options after -- are correct.

In MySQL server logs, I get indeed “[Note] Access denied for user ‘pmm’@‘localhost’ (using password: YES)”.

However, everything else is working correctly in PMM - graphs are being graphed, various statistics are available, queries shown etc. Just the “Service Summary” is showing “Access denied”.

How can I debug this?

I’m using PMM 3.6.0 (both server and client sides).

Agent ID : 35caad6a-8d18-4a1c-b826-4eee562d6a5b
Node ID  : cbdceacf-6ba8-4642-ab85-e8b4d18016db
Node name: data3.staging

PMM Server:
        URL    : https://pmm.staging:443/
        Version: 3.6.0

PMM Client:
        Connected        : true
        Time drift       : 199.511µs
        Latency          : 635.952µs
        Connection uptime: 100
        pmm-admin version: 3.6.0
        pmm-agent version: 3.6.0
Agents:
        33661f34-9b6e-49fb-a0a7-7db3df727c15 mysql_perfschema_agent         Running        0
        49f8dd3c-9e38-4c8c-b9fa-52d84a4fb9c6 mysqld_exporter                Running        42000
        545f66de-561e-48d5-9593-21aae1d26c01 node_exporter                  Running        42001
        d95e69dd-dc3d-40b9-8f67-ff2ddb09740b vmagent                        Running        42002
        ee9b2e41-82f2-46ed-8b40-63fc26f43b5e proxysql_exporter              Running        42003

Edit: I found that it doesn’t show an error in MySQL → Summary → Service Summary only if I specify database root user credentials. With root speciefied as a user for pmm-admin add mysql ... --username=pmm ... it shows all the info (or, with pmm user with ALL PRIVILEGES granted).
Of course it’s insecure this way.

Even a pmm user with all possible GRANTS - GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER ON *.* TO 'pmm'@'localhost' WITH GRANT OPTION still shows the error. Only granting ALL PRIVILEGES to pmm user makes the error disappear.

But that’s insecure, so of course it can’t be solved this way. I wonder what exactly is PMM querying that it needs ALL PRIVILEGES?

2

@Tomasz_Chmielewski

The below minimal permissions:- MySQL - Percona Monitoring and Management
should be enough.

GRANT SELECT, PROCESS, REPLICATION CLIENT, RELOAD, BACKUP_ADMIN ON *.* TO 'pmm'@'localhost';

Can you please share the snapshot of the dashboard before or after fix for a more clarity ?

Is there any recent changes/upgrade happen post which you seeing this behaviour ?