Recently we started to see a warning that Fivetran's MySQL DB user requires the EXECUTE grant on the MySQL Aurora procedure mysql.rds_kill() to clean up processes that have errored out with the Fivetran sync process. This grant will also allow the fivetran DB user the ability to globally kill any (and all) processes on a MySQL Aurora server because the mysql.rds_kill() Aurora procedure does not restrict execution to processes associated with the logged-in user. This introduces an issue where if the fivetran credentials were compromised or a bug were deployed in the connector code, key DB processes such as replication or any transaction could be accidentally or maliciously killed leaving the DB in an unstable state.

A potential solution would be to create a procedure that does a check that the user associated with a process is equal to the fivetran DB connector, or to run a scheduled MySQL procedure to kill Fivetran processes that have entered into a state where they will not terminate normally. Regardless of where this ends up eventually, I think granting global access to kill processes to the Fivetran connector is a pretty serious side-effect that is very undesirable for the risk it introduces to all of the users of your service.