ApsaraDB for Redis allows you to create multiple database accounts for an instance. You can grant permissions to these accounts based on the actual usage to manage your instance and minimize user errors.

Prerequisites

The engine version of the instance is Redis 4.0 or later.

Background information

You can create accounts, delete accounts, reset passwords, and change permissions. After you create an account, you can use this account to log on to the database and use the command-line tool to manage the database with the account and granted permissions.

Create an account

Procedure

  1. Log on to the ApsaraDB for Redis console.
  2. On the top of the page, select the region where the instance is created.
  3. On the Instances page, find the instance that you want to manage, click the instance ID or Manage in the Actions column for the instance.
  4. In the left-side navigation pane, click Account Management.
    Note If Account Management is not available for an instance of Redis 4.0 or later, you can try to upgrade the minor version of the instance. For more information, see Upgrade the minor version.
  5. On the Account Management page, click Create in the upper-right corner.
  6. In the Create Account dialog box that appears, set parameters as described in the following table and click OK.
    Table 1. Set account parameters
    Parameter Description
    Account Your account must meet the following requirements:
    • The account name can contain lowercase letters, digits, underscores (_), and hyphens (-).
    • The name must start with a lowercase letter.
    • The name must be 1 to 16 characters in length.
    Privilege The permissions granted to the account. Valid values: Read-only, Read/Write, and Replicate. If you select Replicate, you are authorized to use the SYNC and PSYNC commands after you connect to an instance with this account.
    Note You can create accounts that have the replicate permission only for standard instances of Redis 4.0 or later.
    Password Settings The password of your account must meet the following requirements:
    • The password must contain at least three of the following character types: uppercase letters, lowercase letters, digits, and special characters.
    • The password must be 8 to 32 characters in length.
    Special characters include:

    ! @#$%^&*()+-=_

    Confirm Password Enter the password again.
    Description The description of an account must meet the following requirements:
    • The description can contain letters, Chinese characters, digits, underscores (_), and hyphens (-).
    • The description must start with a letter or Chinese character,
    • and cannot start with http:// or https://.
    • The description must be 2 to 256 characters in length.

    You can skip this parameter when you create an account.

Note After you create an account, the account is in the Unavailable status. After about one minute, its status changes to Available.

Use an account

Prerequisites

A database account is created for an instance. In the following example, the account created in the preceding procedure is used.

Procedure

  1. Connect to an ApsaraDB for Redis instance.
  2. Run the auth account:password command to log on to the database.
Note After an instance is created, ApsaraDB for Redis automatically creates a default database account that is named after the instance ID and grants the read/write permission to this account. You can run the auth account:password or auth password command to authenticate this account.

Related API operations