This topic describes how to create a database account and reset permissions of the account.

PolarDB for PostgreSQL supports only privileged accounts and allows you to manage the accounts in the console.

Account type Description
Privileged account
  • You can only create and manage the account in the console.
  • A cluster can have only one privileged account. A privileged account can manage all standard accounts and databases.
  • A privileged account has more permissions, which allows you to perform more management operations. For example, you can grant permissions of querying different tables to different users.
  • The account has all permissions on all databases in the cluster.
  • The account can disconnect any account from the instance.

Create a privileged account

  1. Log on to the ApsaraDB for PolarDB console.
  2. Find the target cluster and click the cluster ID.
  3. In the left-side navigation pane, click Accounts.
  4. Click Create Account.
  5. In the dialog box that appears, configure the following parameters.
    Parameter Description
    Account Name

    Enter the account name. The requirements are as follows:

    • It must start with a lowercase letter and end with a letter or digit.
    • It can contain lowercase letters, digits, and underscores (_).
    • It must be 2 to 16 characters in length.
    • It cannot be system reserved usernames, such as root and admin.
    Account Type Select Privileged Account.
    Password Enter the password of the privileged account. The requirements are as follows:
    • The password must contain at least three of the following character types: uppercase letters, lowercase letters, digits, and special characters.
    • The password must be 8 to 32 characters in length.
    • Special characters include ! @ # $ % ^ & * () _ + - =
    Confirm Password Enter the password again.
    Description Enter related information about the account for account management. The requirements are as follows:
    • It cannot start with http:// or https://.
    • The description must start with an uppercase or lowercase letter.
    • The description can contain uppercase or lowercase letters, digits, underscores (_), and hyphens (-).
    • The description must be 2 to 256 characters in length.

Reset permissions of a privileged account

If the privileged account of a PolarDB for PostgreSQL cluster encounters a problem, for example, permissions are unexpectedly revoked, you can recover the account by resetting the account permissions.
  1. Log on to the ApsaraDB for PolarDB console.
  2. Find the target cluster and click the cluster ID.
  3. In the left-side navigation pane, click Accounts.
  4. Click Reset Permissions to the right of Privileged Account.
  5. In the dialog box that appears, enter the password of the privileged account to reset permissions.

Next step

View connection endpoints.

Related API operations

API Description
CreateAccount Used to create an account.
DescribeAccounts Used to list accounts.
ModifyAccountDescription Used to modify the description of an account.
t64959.html#reference_hqc_dbt_xfb Used to change the password of an account.
GrantAccountPrivilege Used to grant permissions to an account.
RevokeAccountPrivilege Used to revoke the permissions of an account.
ResetAccount Used to reset the permissions of an account.