To demonstrate solutions, you must add ApsaraDB RDS for MySQL instances that simulate
development and production environments to the Data Management (DMS) console. You
must also create a DMS administrator account and a common user account.
Prerequisites
- Two ApsaraDB RDS for MySQL instances are created. One instance is used to simulate
the development environment, and the other is used to simulate the production environment.
For more information, see Create an ApsaraDB RDS for MySQL instance.
Note The ApsaraDB RDS for MySQL instance that simulates the development environment is
named POC_dev
, and the ApsaraDB RDS for MySQL instance that simulates the production environment
is named POC_prod
.
- A database named
poc_dev
is created in the POC_dev
instance, and a database named poc_prod
is created in the POC_prod
instance. For more information, see Create a database.
- A DMS administrator account is created.
Note The DMS administrator can manage the system, manage permissions, configure development
rules, and approve processes. If you are a first-time userof
DMS, DMS uses your Alibaba Cloud account as the DMS administrator account.
- A common user account is created. For more information, see Add a user
Note Common users can apply for permissions on databases and query or update data (table
schemas). Common users can be any employees of enterprises, such as R&D staff, testers,
product staff, operations staff, and data analysts.
Procedure
- Log on to the DMS console as an administrator.
- Create two security rules named
Security Rules for POC Development Databases
and Security Rules for POC Production Databases
, and set Engine Type to mysql for the rules. DMS then provides default settings for
the rules. For more information, see Create security rules.
Note Security rules use a domain-specific language (DSL) to implement fine-grained control
over databases. You can use security rules to manage the development rules, permissions,
and data changes of instances.
- Add the
POC_dev
and POC_prod
instances to the DMS console. For more information, see Register an ApsaraDB instance.
Note For the
POC_dev
instance, select
Security Collaboration as the control mode and
Security Rules for POC Development Databases
as the security rule. For the
POC_prod
instance, select
Security Collaboration as the control mode and
Security Rules for POC Production Databases
as the security rule. If your instances are already added to the DMS console, you
can change the control mode and security rule sets of the instances. For more information,
see
Change the security rules of a database instance.
- Security Collaboration is the most secure control mode provided by DMS and gives you access to all DMS features,
such as customization of development rules, fine-grained permission control, and secure
and stable data change.
- The ApsaraDB RDS for MySQL instances in Security Collaboration mode are billed on
a pay-as-you-go or subscription basis. For more information, see Product pricing.
- Grant the common user the permissions to query and change data in the
poc_dev
and poc_prod
databases. For more information, see Manage permissions of a user as a DMS administrator.