You can perform O&M operations on databases that run MySQL, SQL Server, and PostgreSQL. You can enable SSH tunnels and use O&M tokens to perform O&M and audit operations. In this topic, DBeaver is used to describe how to log on to a database that runs PostgreSQL and perform O&M operations.

Prerequisites

  • A database O&M tool that supports SSH tunnels is installed on the local host. For example, you can install DBeaver, DbVisualizer, Navicat Premium, or Navicat for MySQL.
  • The public O&M address of the bastion host is obtained. You can obtain the address in the Bastion Host Information section on the Overview page in the console of the bastion host. For more information, see Overview page.

Procedure

  1. Log on to the console of a bastion host or the O&M portal to obtain an O&M token.
    • If you use a RAM user, perform the following steps to obtain an O&M token:
      1. Log on to the console of a bastion host. For more information, see Log on to a bastion host.
      2. In the left-side navigation pane, choose O&M > Database O&M. Find the required database in the database list and click O&M Token in the Log On column. In the dialog box that appears, select a value from the Database Account drop-down list and click Obtain O&M Token. In the message that appears, copy the values of Database IP Address and O&M Token.
    • If you do not use a RAM user, perform the following steps to obtain an O&M token:
      1. Paste the public O&M address of the bastion host in the address bar of a browser and press Enter. On the page that appears, enter the username and password to log on to the O&M portal. In the left-side navigation pane, click Databases.
      2. In the database list, find the database on which you want to perform O&M operations and click O&M Token in the O&M Token column. In the O&M Token dialog box, select a database account and click Obtain O&M Token. In the message that appears, copy the values of Database IP Address and O&M Token.
    Note
    • The O&M token is valid for 5 minutes. Make sure that you log on to the database within the validity period.
    • The O&M token is the unique identifier of the current O&M session and can be used only once. Keep the O&M token confidential. If you test the connection to the database on the client configuration page, the O&M token becomes invalid. In this case, you must obtain a new O&M token before you log on to the database to perform O&M operations.
    • If the account of the database is not hosted on the bastion host, you must configure the basic information about the O&M token in the O&M Token dialog box before you can obtain the O&M token. For more information about how to create a database account, see Manage database accounts.
  2. Open DBeaver and establish a connection to a database that runs PostgreSQL.
    • On the Main tab, configure the database information, such as the Host Address, Port, Username, and Password parameters. Click Next.
      The following table describes the parameters.
      Parameter Description
      Host The address of the database.
      Port The port of the database.
      User Name The username that you use to log on the database.
      Password The password that you use to log on to the database. If the administrator hosts the account of the database in the bastion host, you can leave this parameter empty. Otherwise, you must configure this parameter.
      Main tab
    • On the SSH tab, select Use SSH Tunnel and configure the parameters, such as Host /IP, Port, User Name, and Password. Click Finish.
      The following table describes the parameters.
      Parameter Description
      Use SSH Tunnel Select Use SSH Tunnel.
      Host/IP Enter the public O&M address of your bastion host.
      Port Enter the O&M port of the bastion host for SSH tunnels. Default value: 60022.
      User Name Enter the username that you use to log on to your bastion host.
      Password Enter the O&M token that is obtained from Step1.
      SSH tab
  3. Double-click the newly created connection to log on to the database and perform O&M operations.