The account management feature allows you to create and delete database accounts, modify permissions, and change passwords.

Create a database account

  1. Use an Alibaba Cloud account to log on to the ApsaraDB for ClickHouse console.
  2. In the upper-left corner of the page, select the region where the cluster for which you want to apply for a public endpoint is deployed.
  3. On the Clusters page, click the ID of the cluster.
  4. In the left-side navigation pane, click Account Management. In the upper-right corner of the account management page, click Create Account.
  5. In the Create Account panel, configure the following parameters.
    Parameter Description
    Database Account The name of the database account. The name must be 2 to 16 characters in length and can contain lowercase letters, digits, and underscores (_). It must start with a lowercase letter and end with a lowercase letter or digit.
    Authorized Access Scope
    • The resources that can be accessed. Valid values: All Databases and Dictionaries
    • Partial Databases and Dictionaries

      After you select required databases or dictionaries, click the 17241501 icon to add authorized databases or dictionaries or the 17241502 icon to remove authorized databases or dictionaries.

    DML Permission
    • The permission used to perform operations by using Data Manipulation Language (DML). Valid values: Read, Write and Set Permissions: You can perform read, write, and set operations on the authorized databases and dictionaries.
    • Read and Set Permissions: You can perform only read and set operations on the authorized databases and dictionaries. You cannot write data to the authorized databases or dictionaries.
    DDL Permission
    • Specifies whether to enable Data Definition Language (DDL). Valid values: Enable DDL
    • Disable DDL
    Password The password of the database account. The password must be 8 to 32 characters in length, and must contain at least three of the following character types: uppercase letters, lowercase letters, digits, and special characters. Special characters include ! @ # $ % ^ & * () _ + - =
    Confirm Password The same password that you entered in the Password field.
    Description Optional. The description of the database account.
  6. Click OK. The database account is created. You can create up to 500 database accounts for each cluster.

Change a password

  1. In the left-side navigation pane, click Account Management. The account management page appears.
  2. Click Change Password in the Actions column that corresponds to the account for which you want to change the password.
  3. In the Change Password panel, enter and confirm the new password. Click OK.
    Note The password must contain at least three of the following character types: uppercase letters, lowercase letters, digits, and special characters. Special characters include !@ # $ % ^ & * () _ + - =

Modify permissions

Notice You can modify permissions for an account only when the status of the account is Available.
  1. In the left-side navigation pane, click Account Management. The account management page appears.
  2. Click Modify Permission in the Actions column that corresponds to the account for which you want to modify permissions.
  3. In the Modify Permission panel, modify the access scope, DML permission, and DDL permission of the account.
    Parameter Description
    Authorized Access Scope
    • The resources that can be accessed. Valid values: All Databases and Dictionaries
    • Partial Databases and Dictionaries

      After you select required databases or dictionaries, click the 17241501 icon to add authorized databases or dictionaries or the 17241502 icon to remove authorized databases or dictionaries.

    DML Permission
    • The permission used to perform operations by using DML. Valid values: Read, Write and Set Permissions: You can perform read, write, and set operations on the authorized databases and dictionaries.
    • Read and Set Permissions: You can perform only read and set operations on the authorized databases and dictionaries. You cannot write data to the authorized databases or dictionaries.
    DDL Permission
    • Specifies whether to enable DDL. Valid values: Enable DDL
    • Disable DDL
  4. After the permissions are modified, click OK.

Delete a database account

  1. In the left-side navigation pane, click Account Management. The account management page appears.
  2. Click Delete in the Actions column that corresponds to the account that you want to delete.
  3. In the Delete Account message, click OK. If you do not want to delete the account, click Cancel. 17241505