This topic describes how to create databases and accounts for an ApsaraDB for RDS instance running SQL Server 2012, 2014, 2016, 2017(Standard Edition) or 2019.

Note For information about how to create databases and accounts for RDS instances that run other SQL Server versions, see Create databases and accounts for an ApsaraDB for RDS instance in SQL Server 2008 R2.

Prerequisites

The RDS instance runs one of the following SQL Server versions:

  • SQL Server 2012
  • SQL Server 2014
  • SQL Server 2016
  • SQL Server 2017(Standard Edition)
  • SQL Server 2019

Create an account

You can only create a privileged account in the ApsaraDB for RDS console, whereas you can create a standard account in the ApsaraDB for RDS console or by calling an API operation.

Precautions

  • Follow the least privilege principle to create accounts and grant them appropriate read-only and read/write permissions on databases. If necessary, you can create more than one account and only grant them permissions on specific databases. If an account does not need to write data to a database, only assign the read-only permission to the account.
  • For security purposes, we recommend that you set strong passwords for the database accounts of your RDS instance and change the passwords regularly.

Procedure

  1. Log on to the ApsaradB for RDS console.
  2. In the upper-left corner of the page, select the region where the target RDS instance resides.Select a region
  3. Find the target RDS instance and click its ID.
  4. In the left-side navigation pane, click Accounts.
  5. Click Create Account.
  6. Configure the following parameters and click Create.
    Parameter Description
    Database Account Enter the name of the account. The name must be 2 to 16 characters in length and can contain lowercase letters, digits, and underscores (_). It must start with a letter and end with a letter or digit.
    Account Type
    • Privileged Account: You can only select the Privileged Account option if it is your first time to create an account for the RDS instance Each RDS instance can only have one privileged account. The privileged account of an RDS instance cannot be deleted.
    • Standard Account: You can only select the Standard Account account after a privileged account is created for the RDS instance. Each RDS instance can have more than one standard account. You must manually grant permissions on databases to standard accounts.
    Authorized Databases Select the authorized databases of the account. If no databases are created, you can leave this parameter empty.

    You can grant permissions on multiple databases to one account by following these steps:

    1. In the Unauthorized Databases section, select the databases on which you want to grant permissions to the account.
    2. Click Add to add the selected databases to the Authorized Databases section.
    3. In the Authorized Databases section, specify the permissions that the account will gain on each authorized database. The permissions are Read/Write, Read-only, or Owner. You also have the option to specify permissions on all authorized databases simultaneously by clicking the button in the upper-right corner. The button shows Set All to Read/Write, Set All to Read-only, and Set All to Owner as you click it.
      Note The account is only authorized to create tables, delete tables, and modify table schemas in a database when it has the Owner permission on that database.
      Select authorized databases
    Password

    Enter the password of the account. The password must meet the following requirements:

    • It is 8 to 32 characters in length.
    • It contains three of the following character types: uppercase letters, lowercase letters, digits, and special characters.
    • The special characters include ! @ # $ % ^ & * ( ) _ + - =
    Re-enter Password Enter the password of the account again.
    Description Enter a description that helps identify the account. The description can be up to 256 characters in length.

Create a database

  1. Log on to the ApsaradB for RDS console.
  2. In the upper-left corner of the page, select the region where the target RDS instance resides.Select a region
  3. Find the target RDS instance and click its ID.
  4. In the left-side navigation pane, click Databases.
  5. Click Create Database.
  6. Configure the following parameters and click Create.
    Parameter Description
    Database Name Enter the name of the database. The name must be 2 to 64 characters in length. It can contain lowercase letters, digits, underscores (_), and hyphens (-). It must start with a letter and end with a letter or digit.
    Supported Character Set Select the character set supported by the database. You can also select all and then select a character set from the drop-down list that appears.
    Authorized Account Select the account to which you want to grant the permissions on the database. Then, set Account Type to Read/Write, Read-only, or Owner.

    If no accounts are created, you can leave this parameter empty.

    Note The account is only authorized to create tables, delete tables, and modify table schemas in a database when it has the Owner permission on that database.
    Description Enter a description that helps identify the database. The description can be up to 256 characters in length.

Related operations

Operation Description
CreateAccount Creates an account for an ApsaraDB for RDS instance.
CreateDatabase Creates a database for an ApsaraDB for RDS instance.