Before you start to use ApsaraDB for RDS, you must create an account for the RDS instance.

  • For instances of ApsaraDB RDS PostgreSQL 11 Cluster Edition (Standard SSD) and PostgreSQL 10 Cluster Edition (Standard SSD), you can directly create a premier account and standard account in the ApsaraDB for RDS console.
  • For instances of ApsaraDB RDS PostgreSQL 10 Cluster Edition (Local SSD), PostgreSQL 10 Basic Edition, and PostgreSQL 9.4, you can create a premier account in the ApsaraDB for RDS console.

Notes

  • Databases within the same instance share all the resources of the instance. You can create a premier account and multiple standard accounts for each ApsaraDB RDS PostgreSQL instance. You can also use SQL commands to create and manage accounts.
  • To migrate the on-premises database to ApsaraDB for RDS, you must create a database and account in the RDS instance consistent with those in the on-premises database.
  • When you create database accounts, you must assign permissions based on the principle of least privilege and the requirements of the role. You can assign the read-only or read/write permissions to different accounts. When necessary, you can create multiple database accounts and allow each of them only to access data of their own business. If an account does not need to write data to a database, assign read-only permissions to the account.
  • For database security, you must set strong account passwords and change the passwords regularly.
  • The premier account cannot be deleted after it is created.

For PostgreSQL 11 Cluster Edition (Standard SSD) and PostgreSQL 10 Cluster Edition (Standard SSD)

  1. Log on to the ApsaraDB RDS PostgreSQL console.
  2. In the upper-left corner of the page, select the region where the instance is located.
  3. Find the instance and click the instance ID.
  4. In the left-side navigation pane, click Accounts.
  5. Click Create Account.
  6. Configure the following parameters.
    Parameter Description
    Database account
    • The database account must be up to 16 characters in length.
    • It can contain lowercase letters, digits, and underscores (_).
    • It must start with a letter and end with a letter or digit.
    Account type The account type of your database. You can specify a premier or standard account.
    Password
    • The password must be 8 to 32 characters in length.
    • It must contain three of the following character types: uppercase letters, lowercase letters, digits, and special characters.
    • Special characters include ! @ # $ % ^ & * ( ) _ + - =
    Re-enter password Enter the same password again.
  7. Click OK.

For PostgreSQL 10 Cluster Edition (Local SSD), PostgreSQL 10 Basic Edition, and PostgreSQL 9.4

  1. Log on to the ApsaraDB for RDS console.
  2. In the upper-left corner of the page, select the region where the instance is located.
  3. Find the instance and click the instance ID.
  4. In the left-side navigation pane, click Accounts.
  5. Click Create Account.
  6. Configure the following parameters.
    Parameter Description
    Database account
    • The database account must be 2 to 16 characters in length.
    • It can contain lowercase letters, digits, and underscores (_).
    • It must start with a letter and end with a letter or digit.
    Password
    • The password must be 8 to 32 characters in length.
    • It must contain three of the following character types: uppercase letters, lowercase letters, digits, and special characters.
    • Special characters include ! @ # $ % ^ & * ( ) _ + - =
    Re-enter password Enter the same password again.
    Create account
  7. Click OK.
  8. In the upper-right corner of the page, click Log On to DB to enter the Quick Logon page of the DMS console.
  9. On the Quick Logon page, check the endpoint and port information displayed on the RDS Database Logon page. If the information is correct, enter the username and password of the database, as shown in the following figure.
    Parameter Description
    Network address: port The endpoint and port information to connect to the RDS instance.
    Database username The username of the account used to access the database.
    Password The password of the account used to access the database.
  10. Click Log On.
    Note If you want the Web browser to remember the password, select Remember Password and click Log On.
  11. If DMS prompts you to add the IP CIDR block of the DMS server to the RDS address whitelist, click Configure Whitelist. For more information about how to manually configure the whitelist, see Configure a whitelist.
  12. After the whitelist is configured, click Log On.
  13. After you have logged on to the RDS instance, in the top navigation bar, choose SQL Operations > SQL Window.
  14. In the SQL window, run the following statement to create a standard account: 
    CREATE USER name [ [ WITH ] option [ ... ] ]
where option can be:
   SUPERUSER | NOSUPERUSER
 | CREATEDB | NOCREATEDB
 | CREATEROLE | NOCREATEROLE
 | CREATEUSER | NOCREATEUSER
 | INHERIT | NOINHERIT
 | LOGIN | NOLOGIN
 | REPLICATION | NOREPLICATION
 | CONNECTION LIMIT connlimit
 | [ ENCRYPTED | UNENCRYPTED ] PASSWORD 'password'
 | VALID UNTIL 'timestamp'
 | IN ROLE role_name [, ...]
 | IN GROUP role_name [, ...]
 | ROLE role_name [, ...]
 | ADMIN role_name [, ...]
 | USER role_name [, ...]
 | SYSID uid

    For example, if you want to create a user account named test2 and the password 123456, run the following command: 

    create user test2 password '123456';

API reference

Operation Description
CreateAccount You can call this operation to create an account.