This topic describes how to create databases and accounts for an RDS for PPAS instance.

Before using RDS, you must create databases and accounts for your RDS instance. For PPAS instances, you must create a premier account in the RDS console. And then you can create and manage databases through a client. This topic takes the pgAdmin 4 client as an example to introduce how to create databases and accounts for PPAS instances.

Precautions

  • Databases under a single instance share all the resources of this instance. Each PPAS instance supports one premier account, countless general accounts, and countless databases. You must create and manage common accounts and databases through SQL statements.
  • To migrate your local database to an RDS instance, you must create the same databases and accounts for the RDS instance as your local database.
  • When assigning account permissions for each database, follow the minimum permission' principle and consider service roles to create accounts. Alternatively, rationally assign read-only and read/write permissions. When necessary, you can split accounts and databases into smaller units so that each account can only access data for its own services. If the account does not need to write data to a database, assign the read-only permission for the account.
  • For database security purposes, set strong passwords for the accounts and change the passwords regularly.

Procedure

  1. Log on to the RDS console.
  2. Select the target region.选择地域
  3. Find the target RDS instance and click the instance ID.
  4. In the left-side navigation pane, click Accounts.
  5. Click Create Initial Account.
  6. Enter the account information. Create Initial Account

    Parameter description:

    • Database Account: The name of the premier account. The account name must be 2 to 16 characters in length and can contain lowercase letters, numbers, and underscores (_). It must start with a letter and end with a letter or number.
    • Password: The password of the premier account. The account password must be 8 to 32 characters in length and contain at least three of the following types of characters: uppercase letters, lowercase letters, numbers, and special characters. The allowed special characters are as follows:

      ! @ # $ % ^ & * ( ) _ + - =

    • Re-enter Password: Enter the password again.
  7. Click OK.
  8. Add the IP address that is allowed to access the RDS instance to the RDS whitelist. For more information, see Configure a whitelist for an RDS for PPAS instance.
  9. Start the pgAdmin 4 client.
  10. Right-click Servers and choose Create > Server from the shortcut menu.
    Servers
  11. In the Create Server dialog box, click the General tab and enter the server name.
    Create Server - General tab
  12. Click the Connection tab and enter the information about the RDS instance to be connected.
    Connection - Connection tab

    Parameter description:

    • Host name/address: The internal or public endpoint of the RDS instance. To obtain the internal and public endpoints and ports of the RDS instance, follow these steps:
      1. Log on to the RDS console.
      2. Select the target region.
      3. Find the target RDS instance and click the instance ID.
      4. On the Basic Information page, find the Basic Information section, where you can obtain the internal and public endpoints and ports of the RDS instance.
    • Port: The internal or public port numbr of the RDS instance.
    • Username: The username of the premier account for the RDS instance.
    • Password The password of the premier account for the RDS instance.
  13. Click Save.
  14. If the connection information is correct, choose Servers > server name > Databases > edb or postgres. The following page is displayed, which indicates that the connection to the RDS instance is successful.
    Note postgres is the default system database of the RDS instance. Do not perform any operation in this database.
    View databases
  15. Double-click postgres and choose Tools > Query Tool.
    Query Tool
  16. Enter the following command on the Query-1 tab page to create a database:
    create database <database name>;
    Run commands to create databases
  17. Click Execute/Refresh, as shown in the following figure.
    Execute/Refresh

    If the execution is successful, the new database is created.

  18. Right-click Databases and choose Refresh from the shortcut menu. Then you can find the new database.
    View new databases
  19. Enter the following command on the Query-1 tab page to create an account:
    CREATE ROLE "username" CREATEDB CREATEROLE LOGIN ENCRYPTED PASSWORD 'password';
    Create accounts
  20. Click Execute/Refresh, as shown in the following figure.
    View new accounts

    If the execution is successful, the new account is created.

  21. Right-click Login/Group Roles and choose Refresh from the shortcut menu. Then you can find the new account.
    Login/Group Roles

FAQ

Can I use the new account of my RDS instance on the corresponding read-only instances?

The new account will be synchronized to the read-only instances of your RDS instance. However, you cannot manage the account in the read-only instances. The new account only has the read permissions on the read-only instances.

APIs

API Description
CreateAccount Used to create an account for an RDS instance.