edit-icon download-icon

Create accounts and databases (SQL Server 2012 or 2016)

Last Updated: Nov 26, 2018

Note: This document is applicable only to SQL Server 2012 and 2016 instances. For more information on how to create databases and accounts for other versions, see Create accounts and databases for SQL Server 2017 and Create accounts and databases for SQL Server 2008 R2.

You can create a superuser account and standard accounts through the console. The superuser account can be created only through the console.

Attention

  • When assigning account permissions for each database, follow the minimum permission’ principle and service roles to create accounts and rationally assign Read-only and Read/Write permissions. When necessary, you can split accounts and databases into smaller units so that each account can only access data for its own services. If the account does not need to write data to a database, assign Read-only permission.

  • For database security, set strong passwords for the accounts and change the passwords regularly.

Create an account on the console

  1. Log on to the RDS console.

  2. In the upper left corner, select the region where the instance is located.

  3. Click the ID of the instance to visit the Basic Information page.

  4. In the left-side navigation pane, select Accounts to visit the Accounts page.

  5. Click Create Account, and fill in the required fields.

    Parameters description:

    • Database Account: refers to the name of the account. It can have 2 to 16 characters including the lower-case letters, digits, or underscores (_). It must begin with a letter and end with a letter or digit.

    • Account Type:

      • Superuser account: You can create a superuser account only when this is the first account of the instance. The first account of the instance must be a superuser account. Each instance can have only one superuser account, which has permissions on all databases, so you do not need to authorize the superuser account to access databases.

      • Standard account: You can create standard accounts only after a superuser account has been created. An instance can have more than one standard account. You need to authorize standard accounts for them to access databases.

    • Password: refers to the password corresponding to the initial account. It can have 8 to 32 characters including at least three of the following:

      • Upper-case letters

      • Lower-case letters

      • Digits

      • Special characters (!@#$%^&*()_-+=)

    • Re-enter Password: re-enter the password to make sure the password is entered correctly.

  6. Click OK, and the account is created.

Create a database on the console

  1. Log in to the RDS console.
  2. In the upper left corner, select the region where the instance is located.

  3. Click the ID of the instance.

  4. In the left-side navigation pane, select Databases.

  5. Click Create Database.

  6. Set the following parameters and click OK.

    • Database Name: Fill in the name of the database. The name consists of 2 to 64 characters, including lower-case letters, digits, underscores, or hyphens. It must start with a letter and end with a letter or digit.

    • Supported Character Set: Select a character set. If you cannot find the character set you need, select all and select from the drop-down list.

    • Authorized Account: Select the standard accounts that need to access the database, and set Account Type to Read/Write, Read-only or Owner. If you have not created any standard accounts, you can skip this parameter.

    • Remarks: Fill in additional information so that you can identify this database later.

Create an account and a database through a client

After an account is created on the console, you can also create other accounts and databases through a client.

  1. Add the IP address to the RDS whitelist. For more information on how to set the whitelist, see Set the whitelist.

  2. Start the Microsoft SQL Server Management Studio client.

  3. Enter the connection information, as shown in the following figure.

    Parameters description:

    • Server type: select Database Engine.

    • Server name: consists of the Internet/intranet address and the correponding port number of the RDS instance. The connection address and the port number must be separated by a comma, for example, rm-bptest.sqlserver.rds.aliyuncs.com,3433. The following shows the procedure to view the connection address and the port information of the RDS instance.

      1. Log on to the RDS console.

      2. Select the region where the target instance is located.

      3. Click the ID of the instance to visit the Basic Information page.

      4. In the Basic Information area, you can find the Internet/intranet address and Internet/intranet port number of the instance, as shown in the following figure.

        View the basic information of the instance

    • Authentication: select SQL Server Authentication.

    • Login: refers to the name of an account you have created for the RDS instance.

    • Password: refers to the password of the account.

  4. Click Connect.

  5. Right-click Databases, and then select New Database.

  6. In the New Database window, select the General tab page.

  7. Enter the name of the new database in the Database name field, and then click OK.

    Name the database

  8. When the new database is created successfully, you can find it in Databases, as shown in the following figure.

    Note: We do not recommend that you do any operations in the default System Databases.

  9. Select Security, right-click Logins, and then select New Login to create a standard account, as shown in the following figure.

  10. Enter the name and password of the new account, and select the default database, as shown in the following figure.

    Note: Select SQL Server authentication and adjust the other password policies based on your business requirements.

    Enter the information of new account

  11. Click OK.

  12. When the new account is created successfully, you can find it in Security > Logins, as shown in the following figure.

  13. Double-click the new account to set its properties. You can authrorize this account on the Server Roles tab page and bind it to certain databases on the User Mapping tab page, as shown in the following figure.

    Set user's properties

  14. Click OK.

Thank you! We've received your feedback.