All Products
Search
Document Center

Data Management:Block system databases in DMS

最終更新日:Nov 15, 2024

This topic describes how to block system databases by configuring custom security rules in DMS.

Background information

After you register instances with DMS, the system automatically collects the metadata of the databases in the instances. To protect system databases and minimize the impact caused by system databases on your business, you can block specific system databases in DMS, such as the information_schema database of MySQL instances, or databases that store sensitive business data. After the system databases are blocked, DMS does not collect the metadata of the blocked databases and you cannot view or search for these databases in DMS.

Note

If PostgreSQL instances are blocked, schemas of the PostgreSQL instances are blocked.

Prerequisites

The database instance that you want to block is managed in Security Collaboration mode.

Usage notes

If you turn on Whether to Filter System Databases, DMS blocks the system databases for which you configure the Filter System Database Configurations security rule. If you turn off Whether to Filter System Databases, DMS does not block system databases by default.

Procedure

  1. Log on to the DMS console V5.0.
  2. Move the pointer over the 2023-01-28_15-57-17.png icon in the upper-left corner and choose All functions > Security and Specifications > Security Rules.

    Note

    If you use the DMS console in normal mode, choose Security and Specifications > Security Rules in the top navigation bar.

  3. Find the rule set that you want to edit and click Edit in the Actions column.

  4. In the left-side pane of the rule set details page, choose Others > Metadata Synchronization.

  5. Find the Filter System Database Configurations rule and click Edit in the Actions column.

  6. In the Change Configuration Item dialog box, turn on Whether to Filter System Databases.

  7. Configure the system databases to be blocked by using the following methods:

    • Enter the names of the databases to be blocked in the Filter Databases field.

      Click the blank area in the Filter Databases field and enter the names of the databases to be blocked.

    • Enter a regular expression to perform a fuzzy match for the system database to be blocked.

      Enter a regular expression in the Filter Database Regex Match field. For example, if you enter test_\w+, system databases whose names start with test_ are blocked.

      Note

      You can specify the Filter Databases and Filter Database Regex Match parameters at the same time.

  8. Click Submit.

  9. Apply the security rule to database instances by using one of the following methods:

    • Manual operation

      1. Go to the Home page of the DMS console. In the left-side navigation pane, click Database instances and find the database instance to which you want to apply the security rule.

      2. Right-click the instance name and click Refresh / Sync dictionary.

    • Automatically taking effect

      DMS synchronizes metadata at 18:00 every day.

References

System databases blocked by DMS by default