All Products
Search

This Product

    Hologres:Data security

    Document Center

    Hologres:Data security

    Last Updated:Sep 29, 2024

    The Hologres console provides data security features, including SSL-encrypted transmission and HoloWeb cross-account logon.

    Prerequisites

    A Hologres instance is purchased. For more information, see Purchase a Hologres instance.

    SSL-encrypted transmission

    Hologres allows you to enable and disable SSL-encrypted transmission. For more information, see Transmission encryption.

    • After you enable SSL-encrypted transmission for a Hologres instance, you can connect to the Hologres instance over SSL connections. When you connect to the Hologres instance by using a client, you must explicitly specify whether to encrypt the connection to Hologres.

    • After you disable SSL-encrypted transmission for a Hologres instance, you can connect to the Hologres instance only over non-SSL connections.

    Important

    Each time you enable or disable SSL-encrypted transmission for an instance, the instance is restarted. Proceed with caution. By default, SSL-encrypted transmission is disabled.

    To enable SSL-encrypted transmission, perform the following steps:

    1. Log on to the Hologres console. In the upper-left corner, select a region.

    2. In the left-side navigation pane, click Instances. On the page that appears, click the ID of the desired instance.

    3. In the left-side navigation tree of the Instance Details page, click Data Security.

    4. In the SSL Encryption section of the Data Security page, turn on SSL Encryption.

    5. In the Enable SSL Encryption message, click Enable SSL encryption.

    HoloWeb cross-account logon

    Hologres allows you to enable or disable the HoloWeb cross-account logon feature.

    • After you enable the feature for an instance, you can use other Alibaba Cloud accounts or RAM users in other Alibaba Cloud accounts to connect to the instance in the HoloWeb console.

    • After you disable the feature for an instance, you can use only the current Alibaba Cloud account or RAM users that have logon permissions on the instance in the Alibaba Cloud account to connect to the instance in the HoloWeb console. Other Alibaba Cloud accounts and the RAM users in the accounts cannot connect to the instance in the HoloWeb console.

    Note

    By default, this feature is disabled for new instances. You cannot connect to a new instance by using the HoloWeb cross-account logon feature.

    Step 1: Enable the HoloWeb cross-account logon feature for an instance

    This section describes how to enable the HoloWeb cross-account logon feature for an instance of Account A.

    1. Log on to the Hologres console. In the upper-left corner, select a region.

    2. In the left-side navigation pane, click Instances. On the page that appears, click the ID of the desired instance.

    3. In the left-side navigation tree of the Instance Details page, click Data Security.

    4. In the HoloWeb login settings section of the Data Security page, turn on HoloWeb cross-account login.

    5. In the Enable HoloWeb cross-account login message, click Enable.

    Step 2: Use another account to connect to the instance in the HoloWeb console

    This section describes how to use another Alibaba Cloud account, Account B, or a RAM user in Account B to connect to the instance of Account A in the HoloWeb console. The HoloWeb cross-account logon feature is enabled for the instance.

    1. Use Account B to log on to the Hologres console. In the upper-left corner, select a region.

    2. In the left-side navigation pane, click Go to HoloWeb to go to the HoloWeb console.

    3. On the Metadata Management tab, click Instances.

    4. In the Instances dialog box, configure the parameters in the Instance Information section. The following table describes the parameters.

      Note

      You do not need to configure parameters in the Search for Instance section of the Instances dialog box.

      Parameter

      Description

      Name

      The name of the connection.

      Domain Name

      The endpoint of the Hologres instance in Account A. The HoloWeb cross-account logon feature is enabled for the instance.

      You can use Account A to log on to the Hologres console and view the endpoint of the Hologres instance in the Network Information section of the Instance Details page.

      Port

      The network port of the Hologres instance in Account A. The HoloWeb cross-account logon feature is enabled for the instance.

      You can use Account A to log on to the Hologres console and view the port of the Hologres instance in the Network Information section of the Instance Details page.

      Logon Method

      Select Password Logon.

      Username

      The AccessKey ID of Account A.

      You can obtain the AccessKey ID from the AccessKey Pair page.

      Password

      The AccessKey secret of Account A.

      Test Connectivity

      Checks whether a network connection is established.

      • If the message Test passed is displayed, a network connection is established.

      • If the message Test failed is displayed, no network connection is established.

      Logon After Connection

      Specifies whether to connect to the instance. Valid values:

      • Yes: The instance is connected and displayed in the left-side Instances Connected list.

      • No: The instance is displayed in the left-side Instances Disconnected list.

    5. After the instance is connected, click the Refresh icon on the right of Instance Management to refresh the instance lists. Click Instances Connected. Databases and tables on the instance of Account A are displayed. You can perform operations on the tables.