This topic describes how to access a host in an ApsaraDB for MyBase dedicated cluster from a bastion host.



  1. Log on to the Bastionhost console.
  2. Find the bastion host that you want to enable and click Run on the right to enable the bastion host.
    Enable a bastion hosts
  3. After the bastion host is enabled, return to the ApsaraDB for MyBase console. Find the dedicated cluster that you want to connect to, and go to the Bastion Hosts page. On the page that appears, find the bastion host that you want to use, and click Associate with Bastion Host.
    Associate with a bastion host
  4. Click Import Host. In the dialog box that appears, click Import.
    Select the host
  5. If no host accounts are available, create an account first.
    1. Find the host that you want to manage, and click Add an account in the Host Account column.
    2. In the Create Host Account dialog box, configure the following parameters.
      Parameter Description
      Username Enter an account name. The name must meet the following requirements:
      • It must start with a lowercase letter and end with a letter or a digit.
      • It can contain lowercase letters, digits, and underscores (_).
      • It must be 2 to 16 characters in length.
      Account Type If the dedicated cluster runs the SQL Server engine, you can select one of the following account types:
      • Normal Account: a standard account that has the permissions of the Remote Desktop Users group.
      • Administrator: a privileged account that has the permissions of the local user group Administrators in Windows.
      Password Enter a password for the account. The password must meet the following requirements:
      • It must contain at least three of the following character types: uppercase letters, lowercase letters, digits, and special characters.
      • It must be 8 to 32 characters in length.
      • It can contain the following special characters: !@#$%^&*()_+-=
    3. Click Create.
  6. Select the host for which you want to create an account and click Next.
  7. Click Create Bastion Host Account. In the dialog box that appears, specify the required information and click Create.
    Create an account
  8. Click Authorize Host in the Actions column. In the dialog box that appears, select the required host and click Authorize Host.
    Authorize a hostSelect the host
  9. After you authorize a bastion host to access the host, perform the following steps to log on to the host from the bastion host.
    1. Start Remote Desktop Connection on your local host that runs Windows.
    2. Enter <Bastionhost O&M address>:63389 and click Connect.
      Start Remote Desktop Connection
    3. In the Remote Desktop Connection dialog box, click Yes.
      Identity authentication
    4. In the Login dialog box, enter the username and password used to access Bastionhost and click Login.
      Login dialog box
    5. If multi-factor authentication (MFA) is enabled for a RAM user, enter the verification code obtained from the bound MFA device (the Alibaba Cloud app) in the Two Factor dialog box and click OK.
      Two Factor dialog box
    6. Select the Windows host.
    7. On the asset management page, double-click the host that you are authorized to access.