Unlock the Power of AI

1 million free tokens

88% Price Reduction

Activate Now
Home PageApsaraDB RDSRDS MariaDB DatabaseUser GuideAccounts and permissionsCreate an account
Search for Help Content

Create an account

Updated at: 2023-09-26 01:45
Community

This topic describes how to create an account that is used to manage the databases of an ApsaraDB RDS for MariaDB instance.

Account types

ApsaraDB RDS for MariaDB supports two types of accounts: privileged accounts and standard accounts. You can manage all accounts and databases of your RDS instance in the ApsaraDB RDS console.

Account type

Description

Account type

Description

Privileged account

  • You can create and manage privileged accounts in the ApsaraDB RDS console or by using the ApsaraDB RDS API.

  • Only one privileged account can be created for each RDS instance. A privileged account has the permissions to manage all databases and standard accounts of the RDS instance on which the privileged account is created.

  • A privileged account allows you to manage permissions at fine-grained levels based on your business requirements. For example, you can grant each standard account the permissions to query specific tables from the RDS instance on which the privileged account is created.

  • A privileged account has the permissions on all databases of the RDS instance on which the privileged account is created.

  • A privileged account has the permissions to disconnect any standard account of the RDS instance on which the privileged account is created.

  • If the username of the privileged account is the same as that of an existing standard account, the privileged account replaces the standard account.

Standard account

  • You can create and manage standard accounts by using the ApsaraDB RDS console, API operations, or SQL statements.

  • More than one standard account can be created for each RDS instance. The maximum number of standard accounts that are allowed for an RDS instance varies based on the minor engine version of the RDS instance.

  • You must grant the permissions on specific databases to standard accounts.

  • You cannot use a standard account to create, manage, or log off other accounts from the RDS instance on which the standard account is created.

Create a privileged account

  1. Log on to the ApsaraDB RDS console.

  2. In the left-side navigation pane, click Instances. In the top navigation bar, select the region of your RDS instance.

  3. Find the RDS instance and click its ID.

  4. In the left-side navigation pane, click Accounts.

  5. Click Create Account.

  6. Configure the following parameters.

    Parameter

    Description

    Parameter

    Description

    Database Account

    Enter a username for the account. The username must meet the following requirements:

    • The username must be 2 to 16 characters in length.

    • The username must start with a lowercase letter and end with a lowercase letter or digit.

    • The value can contain lowercase letters, digits, and underscores (_).

    • The name is unique.

    Note

    If the username of the privileged account is the same as that of an existing standard account, the privileged account replaces the standard account.

    Account Type

    Select Privileged Account.

    New Password

    Enter the password of the account. The password must meet the following requirements:

    • It is 8 to 32 characters in length.

    • It must contain at least three types of the following characters: uppercase letters, lowercase letters, digits, and special characters.

    • It can contain the following special characters: ! @ # $ % ^ & * ( ) _ + - =

    Confirm Password

    Enter the password for the account again.

    Description

    Enter a description that helps identify the account. The description is up to 256 characters in length.

  7. Click OK.

Note

The privileged account is activated within seconds after it is created.

Reset the permissions of a privileged account

If the permissions of a privileged account are accidentally revoked or encounter other exceptions, perform the following steps to reset the permissions:

  1. Log on to the ApsaraDB RDS console.

  2. In the left-side navigation pane, click Instances. In the top navigation bar, select the region of your RDS instance.

  3. Find the RDS instance and click its ID.

  4. In the left-side navigation pane, click Accounts.

  5. Find the privileged account and click Reset Permissions in the Actions column.

  6. In the dialog box that appears, specify a new password and click OK.

Create a standard account

  1. Log on to the ApsaraDB RDS console.

  2. In the left-side navigation pane, click Instances. In the top navigation bar, select the region of your RDS instance.

  3. Find the RDS instance and click its ID.

  4. In the left-side navigation pane, click Accounts.

  5. Click Create Account.

  6. Configure the following parameters.

    Parameter

    Description

    Parameter

    Description

    Database Account

    Enter a username for the account. The username must meet the following requirements:

    • The username must be 2 to 16 characters in length.

    • The username must start with a lowercase letter and end with a lowercase letter or digit.

    • The value can contain lowercase letters, digits, and underscores (_).

    Account Type

    Select Standard Account.

    Authorized Databases

    Specify the databases whose permissions you want to grant to the account. You can specify one or more databases.

    1. In the Unauthorized Databases section, select one or more databases. Then, click the > icon to move the selected databases to the Authorized Databases section.

    2. In the Authorized Databases section, select the Read/Write (DDL + DML), Read-only, DDL Only, or DML Only permissions for each database.

      If you want to grant the same permissions on more than one database at a time, select the databases and configure the Set All to parameter in the upper-right corner of the Authorized Database section to grant related permissions on the selected authorized databases. For example, you can set the parameter to Read/Write (DDL + DML).

      Note

      • The parameter settings in the upper-right corner change after you click them. For example, if you click the Read/Write (DDL + DML) value, the value changes to (Read-only).

      • You can leave this parameter unspecified. In this case, you can grant the permissions on specific databases to the account after the account is created.

    New Password

    Enter the password of the account. The password must meet the following requirements:

    • It is 8 to 32 characters in length.

    • It must contain at least three types of the following characters: uppercase letters, lowercase letters, digits, and special characters.

    • It can contain the following special characters: ! @ # $ % ^ & * ( ) _ + - =

    Confirm Password

    Enter the password for the account again.

    Description

    Optional. Enter a description that helps identify the account. The description is up to 256 characters in length.

  7. Click OK.

Related operations

Operation

Description

Operation

Description

CreateAccount

Creates an account on an instance.

Previous: Accounts and permissionsNext: Reset the password of an account on an ApsaraDB RDS for MariaDB instance
  • On this page (1, T)
  • Account types
  • Create a privileged account
  • Reset the permissions of a privileged account
  • Create a standard account
  • Related operations
Feedback
phone Contact Us

Chat now with Alibaba Cloud Customer Service to assist you in finding the right products and services to meet your needs.

alicare alicarealicarealicare