This section describes the operations related to account groups in DMS.
- You have access permissions to DMS and you have logged on to the DMS console.
- Account groups are introduced to enhance the security of databases. This feature prevents staff from directly accessing database account and password information and makes it easy to maintain database security when a staff member leaves.
- Account groups allow you to maintain logon information by database type. You can grant an account group to user A so that this user can only log on to the database with the assigned account group instead of manually entering the account name and password.
- This feature effectively enhances database security. When database logon information changes, the database administrator only needs to modify the corresponding account group. Users do not need to be informed of the change as they have no direct access to logon information.
- You can create multiple account groups for different users to access the same type of database or the same database instance.
Create an account group
- Select Cloud Account Authorization > Database Account Groups, click Add Account Group, and specify parameters such as database type, account group name, and logon information.
- Click OK to create the account group.
- When adding a new user, the user authorization page is displayed. Click Add Instance to grant the user access to database instances.
- Based on the instance type you have selected, the corresponding account group information is displayed. Select an account group so that the user can access the specified database instance using the account group.
- If you have not created any account groups, users can only manually enter logon information to access the database instance. This is the default logon method.
Log on to databases
Authorized users can click Log on to Database on the resources page or RDS quick login page to log on to the database using the account group.
- Manual entry of account and password information is no longer needed.
If users cannot login, they need to contact the database administrator to update the logon information of the specified account group.
If the login is successful, users can perform database operations with granted permissions.