Manage user permissions on PostgreSQL databases - Data Management

In Data Management (DMS), you can manage users for PostgreSQL databases and user permissions on the databases.

Prerequisites

Native PostgreSQL or AnalyticDB for PostgreSQL databases are used.
You are a DMS administrator, a database administrator (DBA), or a regular user such as the owner of an instance. For more information, see System roles.
The database account and database password of the destination PostgreSQL database are obtained.
Important
The database account used to log on to a PostgreSQL database must be granted the permission to create users.

Log on to the DMS console V5.0.
Log on to the PostgreSQL database. For more information, see Log on to a database instance.
In the left-side navigation pane of the DMS console, right-click the instance that you want to manage and select Account Management.
Note
If you log on to the DMS console in simple mode, click Database instance in the left-side navigation pane. In the instance list that appears, right-click the instance that you want to manage and select Account Management.
On the Account Management page, click Create User in the upper-left corner.

In the Create User dialog box, perform the following steps:

Click the Basic settings tab and configure the parameters that are described in the following table.

Create User dialog box

Parameter	Description
User name	The name of the user to be created.
Password	The password that the user can use to log on to the databases in the instance.
Confirm Password	The password that the user can use to log on to the databases in the instance. Enter the password again to confirm the password.
Time When Password Expires	The expiration time of the password. For example, set this parameter to Dec 30, 2021 00:00:00. Then, the password will expire at 00:00:00 on December 30, 2021. This parameter is optional. By default, the password does not expire.
Connection Limit	The maximum number of concurrent connections that the user can establish to the databases in the current instance. For example, set this parameter to 10, which indicates that the user can establish connections on up to 10 clients at the same time. The default value is -1, which indicates that the user can establish connections without limits.
Remarks	The description of the user.

Click the Permission tab and select one or more permissions that you want to grant to the user.

Permission	Description
Allow to Log On	The permissions to log on to the databases in the instance. DMS executes the `LOGIN` statement to grant the permissions or executes the `NOLOGIN` statement to revoke the permissions. By default, the user is allowed to log on to the databases.
Allow to Create Users	The permissions to create users for the databases in the instance. DMS executes the `CREATEROLE` statement to grant the permissions or executes the `NOCREATEROLE` statement to revoke the permissions. By default, the user is allowed to create users.
Allow to Create Databases	The permissions to create databases for the instance. DMS executes the `CREATEDB` statement to grant the permissions or executes the `NOCREATEDB` statement to revoke the permissions. By default, the user is allowed to create databases.

Click Confirm.
In the Preview SQL Statement message, click Confirm.
Note
SQL statements can be generated based on the parameters that you configure. If the database instance is managed in Security Collaboration mode, the SQL statements may fail to be executed due to security rules. In this case, you can perform operations by following the on-screen instructions or contact a database administrator (DBA) or DMS administrator. For information about how to modify security rules, see FAQ of this topic.

You can modify the username, password, global permissions, and fine-grained permissions of a user that you are authorized to manage.

Log on to the DMS console V5.0.
In the left-side navigation pane of the DMS console, right-click the instance that you want to manage and select Account Management.
Note
If you log on to the DMS console in simple mode, click Database instance in the left-side navigation pane. In the instance list that appears, right-click the instance that you want to manage and select Account Management.
On the Account Management page, find the user that you want to manage and click Edit in the Operation column to modify the information about the user, or click Delete in the Operation column to delete the user.