Creates a database account for a PolarDB cluster.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes CreateAccount

The operation that you want to perform. Set the value to CreateAccount.

DBClusterId String Yes pc-**************

The ID of the cluster.

AccountName String Yes testacc

The name of the account. The name must meet the following requirements:

  • It must start with a lowercase letter and end with a letter or a digit.
  • It can contain lowercase letters, digits, and underscores (_).
  • It must be 2 to 16 characters in length.
  • It cannot be root, admin, or another username that is reserved by the system.
AccountPassword String Yes Test1111

The password of the account. The password must meet the following requirements:

  • It must contain at least three of the following character types: uppercase letters, lowercase letters, digits, and special characters.
  • It must be 8 to 32 characters in length.
  • Special characters include ! @ # $ % ^ & * ( ) _ + - =
AccountType String No Normal

The type of the account. Valid values:

  • Normal: a standard account
  • Super: a privileged account
Note
  • If you leave this parameter empty, the default value Super is used.
  • If the database engine of the PolarDB cluster is PolarDB for Oracle or PolarDB for PostgreSQL, you can create multiple privileged accounts for the cluster. A privileged account is granted more permissions than a standard account. For more information about how to create a database account, see Create a database account.
  • If the database engine of the PolarDB cluster is PolarDB for MySQL, only one privileged account can be created for the cluster. A privileged account is granted more permissions than a standard account. For more information about how to create a database account, see Create a database account.
AccountDescription String No testdes

The description of the account. The description must meet the following requirements:

  • It cannot start with http:// or https://.
  • It must be 2 to 256 characters in length.
DBName String No testdb

The name of the database that can be accessed by the account. To enter multiple database names, separate the names with commas (,).

Note Only standard accounts of clusters that run the engine of PolarDB for MySQL support this parameter.
AccountPrivilege String No ReadWrite

The permissions that are granted to the account. Valid values:

  • ReadWrite: read and write permissions
  • ReadOnly: read-only permissions
  • DMLOnly: The account is granted the permissions to execute only DML statements on the database.
  • DDLOnly: The account is granted the permissions to execute only DDL statements on the database.
  • ReadIndex: The account has the read and index permissions on the database.
Note
  • The AccountPrivilege parameter is valid only after you specify the DBName parameter.
  • If multiple database names are specified by the DBName parameter, you must grant permissions on the databases. Separate multiple permissions with commas (,). For example, if you want to grant the account the read and write permissions on DB1 and the read-only permissions on DB2, set DBName to DB1,DB2, and set AccountPrivilege to ReadWrite,ReadOnly.
  • Only standard accounts of clusters that run the engine PolarDB for MySQL support this parameter.
ClientToken String No 6000170000591aed949d0f54a343f1a4233c1e7d1c5c******

The client token that is used to ensure the idempotence of the request. You can use the client to generate the value, but you must ensure that it is unique among different requests. The token can only contain ASCII characters and cannot exceed 64 characters in length. The token is case-sensitive.

Response parameters

Parameter Type Example Description
RequestId String CED079B7-A408-41A1-BFF1-EC608E******

The ID of the request.

Examples

Sample requests

http(s)://polardb.aliyuncs.com/?Action=CreateAccount
&AccountName=testacc
&AccountPassword=Test1111
&DBClusterId=pc-**************
&<Common request parameters>

Sample success responses

XML format

HTTP/1.1 200 OK
Content-Type:application/xml

<CreateAccountResponse>
<RequestId>CED079B7-A408-41A1-BFF1-EC608E******</RequestId>
</CreateAccountResponse>

JSON format

HTTP/1.1 200 OK
Content-Type:application/json

{
  "RequestId" : "CED079B7-A408-41A1-BFF1-EC608E******"
}

Error codes

HTTP status code Error code Error message Description
400 LockTimeout The request processing has failed due to lock timeout. The error message returned because the request failed due to lock timeout.
400 EngineMigration.ActionDisabled Specified action is disabled while custins is in engine migration. The error message returned because the specified operation is disabled while engine migration is being performed on custins.
404 InvalidDBClusterId.NotFound The DBClusterId provided does not exist in our records. The error message returned because the specified DBClusterId does not exist in the current record.

For a list of error codes, visit the API Error Center.