Before you manage accounts, visit the Alibaba Cloud official website, log on to the Lindorm Time Series Database (TSDB) console, and then select the instance that you purchased. TSDB V1.0 that uses an engine version of 2.5.13 or later supports account management. Accounts are divided into super accounts and standard accounts. You can manage all accounts in the console. Account permissions are divided into the following types: read-only, write-only, read and write, and super.
Manage accounts
On the Accounts page in the TSDB console, click Activate User Management.
On the Accounts page in the TSDB console, click Create.
On the page that appears, specify the account name and the account password.
Create a super account.
Create a standard account.
Parameters:
Account Name: The account name must be 1 to 10 characters in length and can contain letters, digits, and underscores (_). The first character of the account name must be a letter and the last character must be a letter or a digit.
Password: The password must be 6 to 20 characters in length andcan contain only letters, digits, underscores (_), at signs (@), number signs (#), and periods (.).
View the account that you created, as shown in the following figure. In this example, the account
testis created.
On the Accounts page, find the account that you want to delete and click Delete, as shown in the following figure.
On the Accounts page in the TSDB console, click Deactivate User Management.
Authenticate an account to perform read or write operations on the TSDB instance
After you create an account based on the preceding procedure, you can use the account to perform read or write operations on the TSDB instance. If you enable account management, you must authenticate your account each time you send HTTP API requests to access the TSDB instance. The policies used to define permissions on HTTP API requests vary based on the account types. For more information, see Permission policies for common API requests.
To check whether an account is available, use curl to send an api/put or api/query request based on the permissions that are granted to the account. For example, you can run the following command to send an api/put request:
curl -X POST -u ${Account name}:${Account password in the plaintext format} http://ts-xxxxxxx.hitsdb.tsdb.aliyuncs.com:8242/api?summary -d '[{"metric":"sys.cpu.nice","timestamp":1346846400,"value":18,"tags":{"host":"web01","dc":"lga"}}]'TSDBConfig object, call the basicAuth() method to specify the name of the account that you created and the account password in the plaintext format. All connections that are established by using the TSDBConfig object carry the specified account information. To access a TSDB instance for which account authentication is enabled, use TSDB SDK V0.2.7 or later.
Specify account information in non-Java applications
For applications that do not support TSDB SDK, such as Python or Go applications, you must add the Authorization field as a header to an HTTP request. The Authorization field contains a credential for basic authentication. The credential is organized in the format that is based on the RFC 2617 standard.
Only the HTTP requests that contain the Authorization field can be processed by TSDB. If an HTTP request does not contain the Authorization field, the HTTP request is rejected.
Basic {Base64-encoded authentication information}Format of Base64-encoded authentication information: %Authorization:Basic ${Account name}:${Account password}%. You must separate the fields with colons (:).
Permission policies for common API requests
API request | No credential | WriteOnly | ReadOnly | ReadWrite | Super |
|---|---|---|---|---|---|
/api/put | × | ○ | × | ○ | ○ |
/api/query | × | × | ○ | ○ | ○ |
/api/query/last | × | × | ○ | ○ | ○ |
/api/mput | × | ○ | × | ○ | ○ |
/api/mquery | × | × | ○ | ○ | ○ |
/api/query/mlast | × | × | ○ | ○ | ○ |
/api/prom_write | × | ○ | × | ○ | ○ |
/api/prom_read | × | × | ○ | ○ | ○ |
/api/suggest | × | × | ○ | ○ | ○ |
/api/dump_meta | × | × | ○ | ○ | ○ |
/api/search/lookup | × | × | ○ | ○ | ○ |
/api/ttl | × | × | × | × | ○ |
/api/delete_meta | × | ○ | × | ○ | ○ |
/api/delete_data | × | ○ | × | ○ | ○ |
/api/truncate | × | × | × | × | ○ |