Data Management (DMS) allows you to customize approval processes for different permission applications. For example, the approval of a database administrator (DBA) is required for permissions on a database in a development environment. The approval of a database owner and a DBA is required for permissions on a database in a production environment to improve data security. You can also customize approval processes so that regular users cannot apply for the query permissions on a database in a production environment. This prevents data breach in an online environment.
Procedure
This example shows how to customize an approval process for permissions on the poc_prod
database in a production environment. In this example, a security rule set named Security Rules for POC Production Databases is used for the poc_prod
database.
Configure security rules as a DMS administrator.
Log on to the DMS console V5.0 as a DMS administrator.
Move the pointer over the icon in the upper-left corner and choose
.NoteIf you use the DMS console in normal mode, choose
in the top navigation bar.On the Security Rules page, find the
Security Rules for POC Production Databases
security rule set and click Edit in the Actions column.On the Details page, click the Access apply tab.
Find the [DB-permission application] default approval Template rule and click Edit in the Actions column.
In the dialog box that appears, click Switch Approval Template.
If you use the default approval template of the system, the approval of only a DBA is required.
Find the template named
Owner-->DBA
and click Select in the Actions column.Click Submit.
Apply for permissions as a regular user to verify the customized approval process.
Log on to the DMS console V5.0 as a regular user.
Move the pointer over the icon in the upper-left corner and choose
.NoteIf you use the DMS console in normal mode, choose
in the top navigation bar.In the upper-right corner of the Access applyTickets page, choose
.On the Database Permission tab of the Security Hosting Enabled tab, enter
poc_prod
in the field in the Select Databases/Tables/Columns section and click Search.Select the database that you want to access and click Add to add the database to the Selected Databases/Tables/Columns section.
In the Select Permission section, configure the Permission, Duration, and Reason parameters. Then, click Submit.
NoteAfter you submit the ticket, wait until the application is approved by the instance owner and the DBA. You can view the status of the application on the homepage of the console.
After your application is approved, find the ticket that you submit and click Details in the Actions column. On the Ticket Details page, click View Approval Details in the Approval section to view the approval progress of the ticket.