System management roles
Data Management Service (DMS) provides various system management roles as described in the following table.
|Role ||Description ||Permission |
|Common user || |
- Common users can query and modify data and schemas of databases.
- You can assign this role to R&D engineers, test engineers, product designers, O&M engineers, and data analysts.
- By default, RAM users under an Alibaba Cloud account are common users.
- The System Management menu of the DMS console is unavailable to common users.
- Common users can access the menu items of the SQLConsole and Data Plans menus of the DMS console only after being granted the required permissions.
|Security administrator || |
- Security administrators can audit operations and set security levels for fields.
- You can assign this role to internal auditors and security administrators of your enterprise.
|In addition to the permissions of common users, security administrators can manage operations logs and sensitive data and use the data protection feature. |
|DBA || |
- Database administrators (DBAs) can manage database instances, determine R&D specifications and processes, and run tasks.
- You can assign this role to database administrators and O&M engineers of your enterprise.
|In addition to the permissions of common users, DBAs have the access to all system management features except for data protection and user management. |
|DMS administrator || |
- By default, the Alibaba Cloud account of the current tenant assumes the role of DMS administrator. You are not allowed to remove this role from the Alibaba Cloud account.
- You can set a RAM user or an Alibaba Cloud account added to the current tenant as a DMS administrator. The number of DMS administrators has no limit.
- DMS administrators approve the Admin nodes in approval processes.
- Only DMS administrators can manage users.
- DMS administrators can use all DMS features except for data protection.
Set system management roles
For more information about how to set roles for system management, see User management.