Register a database hosted on a third-party cloud service or a self-managed database - Data Management

This topic describes how to register a database hosted on third-party cloud services or a self-managed database with Data Management (DMS).

Prerequisites

For more information about the types of databases hosted on third-party cloud services and self-managed databases that are supported by DMS, see Supported self-managed databases and databases of third-party cloud service providers.
The IP addresses and CIDR blocks of the DMS servers are added to the whitelist of a database hosted on a third-party cloud service or a self-managed database. For more information, see Configure an IP address whitelist.
One of the following network requirements is met for the database to be registered:
- The database is accessible over the Internet.
- The database is hosted on an Elastic Compute Service (ECS) instance.
- The database is added to a database gateway. For more information, see Create a database gateway.
- A network connectivity solution is purchased for the database. For more information about network connectivity solutions, see Connect a data center to a VPC.

Usage notes

To allow DMS users to manage database instances in the DMS console, you must grant permissions to the DMS users based on your business requirements. For more information about the syntax that you can use to grant permissions, see the official documentation of each type of database. The DMS users are required to have the following permissions:
- To manage all the databases on an instance, a DMS user must have permissions on all the databases.
- To manage one or more databases of an instance, a DMS user must have permissions on the specified databases.
- To insert, delete, modify, and query data in an instance and change table schemas, a DMS user must have the required DML permissions.
- To perform operations on objects, such as views, stored procedures, triggers, and functions in an instance, a DMS user must have the required permissions on these objects.
We recommend that you create a separate database account when you register a database instance.
To prevent interference, do not add spaces or special characters before or after the information that you enter when you register a database instance.
The database that is accessible over the Internet is vulnerable to attacks. If you need to access the database over the Internet, add the IP addresses used to access the database to the whitelist of the database to ensure database security.
If the database is added to a database gateway or resides in a virtual private cloud (VPC), prepare the relevant resources in advance.

Procedure

Note In this example, a self-managed MySQL database that is accessible over the Internet is used.

Log on to the DMS console V5.0.
On the Home page of the DMS console, click the icon next to Database instance in the left-side navigation pane.
Note Alternatively, in the top navigation bar, choose Data Assets > Instances. On the Instance List tab of the Instances page, click New.
In the Add Instance dialog box, click the Third-party Cloud/Self-managed tab and select MySQL.

In the Add Instance dialog box, configure the parameters described in the following table.


Section	Parameter	Description
Data Source	-	The source of the database instance. Valid values: Alibaba Cloud and Third-party Cloud/Self-managed. In this example, Third-party Cloud/Self-managed is selected.
Basic Information	Database Type	The type of the database instance.
	Network Type	The network type of the database instance. Valid values: Internet, ECS-hosted self-managed instance, Database Gateway, and VPC PrivateLink. In this example, Internet is selected.
	Instance Region	The region in which the database instance resides.
	Login Address	The IP address of the database or ID of the instance that hosts the self-managed database. If you specify Internet as Network Type, you must enter the IP address of the database. If you specify ECS-hosted self-managed instance as Network Type, you must enter the ID of the ECS instance. If you specify Database Gateway as Network Type, you must enter the ID and endpoint of the database gateway. For more information about how to obtain the ID and endpoint of a database gateway, see Create a database gateway. If you specify VPC PrivateLink as Network Type, you must enter the ID and endpoint of the VPC. For more information about how to obtain the ID and endpoint of a VPC, see Connect a data center to a VPC.
	Port	The port that is used to connect to the database.
	Database Account	The account that is used to log on to the database. You can use the specified database account to perform operations such as read and write operations on the data of the database instance in DMS. You must specify a database account that has the required permissions.
	Database password	The password of the account that is used to log on to the database.
	Control Mode	The control mode of the database instance in DMS. For more information, see Control modes.
	Security Rules	This parameter is available if you specify Security Collaboration as Control Mode. You can select the default or self-managed security rules to implement fine-grained control on the database. For more information, see Manage security rules
	Sensitive Data Protection	Specifies whether to enable the sensitive data protection feature based on your business requirements. This feature allows you to control and mask sensitive data. For more information, see Enable the sensitive data protection feature
	Classification template	If you turn on Sensitive Data Protection, the Classification template parameter appears. You can bind a classification and grading template to an instance to identify whether the fields in databases and tables in the instance comply with the identification rules of the template. If the fields comply with the identification rules, the fields are labeled for classification and grading to protect the fields with high sensitivity levels. For more information, see Manage DMS classification and grading templates.
Advanced Information	Environment type	The type of the environment in which the database instance is deployed. For more information, see Environment types.
	Instance Name	The name that you specify for the database instance. If you register the database for the first time, DMS synchronizes the database instance name. DMS does not synchronize the name when you perform subsequent operations. You can change the name of the instance when you modify the instance in the DMS console. For more information, see Modify database instances.
	Lock-free Schema Change	Specifies whether to enable lock-free schema change. For more information, see Enable the lock-free schema change feature. Open (DMS OnlineDDL first) Open (MySQL Native OnlineDDL first) Close
	Enable SSL	Specifies whether to allow DMS to connect to the database instance by using SSL connections. After this feature is enabled, DMS can connect to the database instance by using SSL connections. SSL encrypts network connections at the transport layer to improve the security and integrity of data in transit. However, SSL increases the response time of network connections. Before you use SSL connections, make sure that the SSL encryption feature is enabled for the database instance. Valid values: Default (DMS automatically checks whether self-negotiation is enabled for the database instance.): DMS automatically checks whether the SSL encryption feature is enabled for the database instance. If the SSL encryption feature is enabled, DMS connects to the database instance by using SSL connections. Otherwise, DMS connects to the database instance without encryption. Open: DMS connects to the database instance by using SSL connections. This value is invalid if you disable the SSL encryption feature for the database instance. Close: DMS does not connect to the database instance by using SSL connections. Note This parameter is required only if the database is a MySQL database.
	DBA	The DBA of the database instance. The DBA can grant permissions to users.
	query timeout(s)	The timeout period for the execution of an SQL export statement. If the execution of an SQL export statement lasts longer than the specified timeout period, the execution of the statement is terminated to protect the database.
	export timeout(s)	The timeout period for the execution of an SQL export statement. If the execution of an SQL export statement lasts longer than the specified timeout period, the execution of the statement is terminated to protect the database.

After you specify the preceding parameters, click Test connection in the lower-left corner.
Note If the connectivity test fails, check the specified parameter values based on the error message.
If the connection test is passed, click Submit.
After the preceding steps are performed, the database is registered with DMS. You can view and manage your database instance in the left-side database instance list of the DMS console.

FAQ

The DMS IP address has been added to the whitelist of Azure SQL Database. However, when I add a database in the DMS console, the following error message appears. How do I resolve this issue? error

Enter Database Account@Server Name in the Database Account field in the Add Instance dialog box. Then, connect again. For example, if the public endpoint of the Azure instance is testservername.testdatebase.windows.net and the database account is testuser, you need to enter testuser@testservername in the Database Account field.