To demonstrate solutions, you must register ApsaraDB RDS for MySQL instances that simulate development and production environments with Data Management (DMS). You must also create a DMS administrator account and a regular user account.
Prerequisites
Two ApsaraDB RDS for MySQL instances are created. For more information, see Create an ApsaraDB RDS for MySQL instance.
The ApsaraDB RDS for MySQL instance that simulates the development environment is named
POC_dev
, and the ApsaraDB RDS for MySQL instance that simulates the production environment is namedPOC_prod
.A database named
poc_dev
is created in thePOC_dev
instance, and a database namedpoc_prod
is created in thePOC_prod
instance. For more information, see Create databases and accounts for an ApsaraDB RDS for MySQL instance.A DMS administrator account is created.
DMS administrators can manage the system, manage permissions, configure development standards, and approve processes. If you are a first-time user of DMS, DMS uses your Alibaba Cloud account as the DMS administrator account.
Optional. A regular user account is created. For more information, see Add a user.
Regular users can apply for permissions on databases and query or update schemas. Regular users can be the employees of enterprises, such as R&D staff, testers, product staff, operations staff, and data analysts.
Procedure
Log on to the DMS console V5.0 as a DMS administrator.
Create two security rule sets named
Security Rules for POC Development Databases
andSecurity Rules for POC Production Databases
, and set the Engine Type parameter to mysql for the rule sets. DMS applies default settings to security rules in the rule sets. For more information, see Create security rules.Security rules use a domain-specific language (DSL) to implement fine-grained control over databases. You can use security rules to manage the development standards, permissions, and data changes of instances.
Register the
POC_dev
andPOC_prod
instances with DMS. For more information, see Register an ApsaraDB instance.For the
POC_dev
instance, select Security Collaboration as the control mode,Dev
as the environment type andSecurity Rules for POC Development Databases
as the security rule set. For thePOC_prod
instance, select Security Collaboration as the control mode,Product
as the environment type andSecurity Rules for POC Production Databases
as the security rule set. If your instances are registered with DMS, you can change the control mode and security rule sets of the instances. For more information, see Apply security rules.Security Collaboration is the most secure control mode provided by DMS and gives you access to all DMS features, such as customization of development standards, fine-grained permission control, and secure and stable data change.
The ApsaraDB RDS for MySQL instances in Security Collaboration mode are billed on a pay-as-you-go or subscription basis. For more information, see Pricing.
Grant the regular user the permissions to query and change data in the
poc_dev
andpoc_prod
databases. For more information, see Manage permissions.