We've recently added a few restrictions as to what data an analyst can retrieve - specifically the password column in a users table.
The problem is she has thousands of queries which feature SELECT * from users, or joins, etc etc, in his scripts.
Now, when she attempts to run these, MySQL returns:
SQL Error (1142): SELECT command denied to user 'foo'@'bar' for table 'users'
The RDBMS is actually AWS Aurora MySQL 5.6.10a, if this helps. The analyst is reading from a read-replica, so has no write access, but can use and create temporary tables.
Is there a MySQL setting or something we can do, rather than getting the analyst to specify every single column?