Access a database instance over HTTPS via secure access proxy - Data Management

Send HTTPS requests to a DMS secure access proxy endpoint to execute SQL statements against your instance. All requests authenticate with your AccessKey ID and AccessKey secret.

Prerequisites

Before you begin, ensure that you have:

The secure access proxy enabled for the instance. To verify, go to Security and Specifications > Secure Access Proxy in the DMS console and check the Created tab. If the proxy is not enabled, see Enable the secure access proxy.
Authorization for the secure access proxy. To verify, open the secure access proxy details page and check your authorization status. If you are not authorized, see Apply for secure access proxy authorization.

Usage notes

Secure-collaboration instances: Queries on a secure-collaboration instance with the secure access proxy enabled are subject to security rules. Limit each query to 3,000 rows or fewer. DMS does not guarantee stability for queries that return more than 3,000 rows. To bypass security rule limitations, use the endpoint from the DMS console to access the database directly, or contact DMS technical support.
Non-secure-collaboration instances: The maximum rows per query is fixed at 3,000 and cannot be configured.

Authentication

Pass your Alibaba Cloud AccessKey ID and AccessKey secret with every request. Both credentials can be passed as query parameters or HTTP headers.

Credential	Parameter name	Query parameter example	HTTP header example
AccessKey ID	`accessId`	`?accessId=<your-access-key-id>`	`accessId: <your-access-key-id>`
AccessKey secret	`accessSecret`	`?accessSecret=<your-access-key-secret>`	`accessSecret: <your-access-key-secret>`

Request parameters

Parameter	Required	Description	How to pass
`accessId`	Yes	Your AccessKey ID	Query parameter or HTTP header
`accessSecret`	Yes	Your AccessKey secret	Query parameter or HTTP header
`schema`	No	The database name	URL path (`/server/<database-name>`) or request body (`{ "schema": "<database-name>" }`)
`sql`	Yes	The SQL statement to execute	Query parameter, plain-text body, or JSON body (`{ "sql": "<sql-statement>" }`)

Response format

All responses are JSON. The response object contains the following fields.

Top-level fields:

Field	Type	Description
`success`	Boolean	`true` if the request succeeded; `false` if it failed
`requestId`	String	The request ID, useful for troubleshooting
`msg`	String	The error message when `success` is `false`
`rowCount`	Integer	The number of rows returned by a query
`rows`	Array	The query results. Each element is a data row (key-value map)
`updateCount`	Integer	The number of rows affected by a DML statement
`columnMetas`	Array	Metadata for each column in the result set. See `columnMetas` fields below.

columnMetas fields (each element in the array):

Field	Type	Description
`columnName`	String	The column name
`columnLabel`	String	The column alias set with `AS`. Defaults to `columnName` if no alias is specified
`columnTypeName`	String	The SQL data type, such as `VARCHAR` or `BIGINT`
`precision`	Integer	The column precision. For `VARCHAR(32)`, the precision is `32`
`scale`	Integer	The number of digits to the right of the decimal point. For `DECIMAL(10,2)`, the scale is `2`
`nullable`	Boolean	`true` if the column accepts `NULL` values
`autoIncrement`	Boolean	`true` if the column auto-increments
`tableName`	String	The name of the table that contains the column

Response examples:

Successful query:

{
  "columnMetas": [
    {
      "columnName": "column1",
      "columnLabel": "column1",
      "columnTypeName": "varchar",
      "precision": 10,
      "scale": 2,
      "nullable": true,
      "autoIncrement": true,
      "tableName": "table1"
    },
    {
      "columnName": "column2",
      "columnLabel": "column2",
      "columnTypeName": "varchar",
      "precision": 10,
      "scale": 2,
      "nullable": true,
      "autoIncrement": true,
      "tableName": "table1"
    }
  ],
  "updateCount": 0,
  "requestId": "xhqej0xgcytbhc8scjopgqsywcaibi",
  "rowCount": 1,
  "rows": [
    {
      "col1": 1,
      "col2": "xxxx"
    }
  ],
  "success": true
}

Successful data update:

{
  "updateCount": 0,
  "requestId": "xhqej0xgcytbhc8scjopgqsywcaibi",
  "success": true
}

Failed request:

{
  "message": "accessId is required.",
  "requestId": "xhqej0xgcytbhc8scjopgqsywcaibi",
  "success": false
}

Examples

All examples target the proxy endpoint, pass credentials via query parameters (GET) or headers (POST), and include the database name in the URL path. The following values are used:

Placeholder	Example value
`<endpoint>`	`dpxxxx-xxxxxxxx.proxy.dms.aliyuncs.com`
`<database-name>`	`database`
`<your-access-key-id>`	`user`
`<your-access-key-secret>`	`pwd`
`<sql-statement>`	`SHOW DATABASES`

cURL

# GET request
curl 'https://<endpoint>/server/<database-name>?accessId=<your-access-key-id>&accessSecret=<your-access-key-secret>&sql=<sql-statement>'

# GET example
curl 'https://dpxxxx-xxxxxxxx.proxy.dms.aliyuncs.com/server/database?accessId=user&accessSecret=pwd&sql=SHOW%20DATABASES'

# POST request
curl 'https://<endpoint>/server/<database-name>' \
  -H 'accessId:<your-access-key-id>' \
  -H 'accessSecret:<your-access-key-secret>' \
  -H 'Content-Type:text/plain' \
  -d '<sql-statement>'

# POST example
curl 'https://dpxxxx-xxxxxxxx.proxy.dms.aliyuncs.com/server/database' \
  -H 'accessId:user' \
  -H 'accessSecret:pwd' \
  -H 'Content-Type:text/plain' \
  -d 'SHOW DATABASES'

Python

Note

This example uses Python 3.

import requests

# GET request
url = "https://<endpoint>/server/<database-name>?accessId=<your-access-key-id>&accessSecret=<your-access-key-secret>&sql=<sql-statement>"
print(requests.get(url).text)

# GET example
url = "https://dpxxxx-xxxxxxxx.proxy.dms.aliyuncs.com/server/database?accessId=user&accessSecret=pwd&sql=SHOW DATABASES"
print(requests.get(url).text)

# POST request
url = "https://<endpoint>/server/<database-name>"
headers = {
    "Content-Type": "text/plain;charset=utf-8",
    "accessId": "<your-access-key-id>",
    "accessSecret": "<your-access-key-secret>"
}
print(requests.post(url, headers=headers, data="<sql-statement>").text)

# POST example
url = "https://dpxxxx-xxxxxxxx.proxy.dms.aliyuncs.com/server/database"
headers = {
    "Content-Type": "text/plain;charset=utf-8",
    "accessId": "user",
    "accessSecret": "pwd"
}
print(requests.post(url, headers=headers, data="SHOW DATABASES").text)

Node.js

const https = require("https");

// GET request
https.get(
  "https://<endpoint>/server/<database-name>?accessId=<your-access-key-id>&accessSecret=<your-access-key-secret>&sql=SHOW DATABASES",
  (resp) => {
    resp.on("data", (data) => {
      console.log(JSON.parse(data));
    });
  }
);

// GET example
https.get(
  "https://dpxxxx-xxxxxxxx.proxy.dms.aliyuncs.com/server/database?accessId=user&accessSecret=pwd&sql=SHOW DATABASES",
  (resp) => {
    resp.on("data", (data) => {
      console.log(JSON.parse(data));
    });
  }
);

// POST request
const req = https.request(
  {
    hostname: "<endpoint>",
    port: 443,
    path: "/server/<database-name>",
    method: "POST",
    headers: {
      "Content-Type": "text/plain; charset=UTF-8",
      accessId: "<your-access-key-id>",
      accessSecret: "<your-access-key-secret>",
    },
  },
  (resp) => {
    resp.on("data", (data) => {
      console.log(JSON.parse(data));
    });
  }
);
req.write("<sql-statement>");
req.end();

// POST example
const exampleReq = https.request(
  {
    hostname: "dpxxxx-xxxxxxxx.proxy.dms.aliyuncs.com",
    port: 443,
    path: "/server/database",
    method: "POST",
    headers: {
      "Content-Type": "text/plain; charset=UTF-8",
      accessId: "user",
      accessSecret: "pwd",
    },
  },
  (resp) => {
    resp.on("data", (data) => {
      console.log(JSON.parse(data));
    });
  }
);
exampleReq.write("SHOW DATABASES");
exampleReq.end();

Postman
GET request:
POST request: