All Products
Search

This Product

    Data Management:Block system databases in DMS

    Document Center

    Data Management:Block system databases in DMS

    Last Updated:Jun 19, 2023

    This topic describes how to block system databases by configuring custom security rules in DMS.

    Background information

    After you register instances with DMS, the system automatically collects the metadata of the databases in the instances. To protect system databases and minimize the impact caused by system databases on your business, you can block specific system databases in DMS, such as the information_schema database of MySQL instances, or databases that store sensitive business data. After the system databases are blocked, DMS does not collect the metadata of the blocked databases and you cannot view or search for these databases in DMS.

    Note

    If PostgreSQL instances are blocked, schemas of the PostgreSQL instances are blocked.

    Prerequisites

    The database instance that you want to block is managed in Security Collaboration mode.

    Usage notes

    If you turn on Whether to Filter System Databases, DMS blocks the system databases for which you configure the Filter System Database Configurations security rule. If you turn off Whether to Filter System Databases, DMS does not block system databases by default.

    Procedure

    1. Log on to the DMS console V5.0.

    2. In the top navigation bar, choose Security and Specifications > Security Rules.

      Note

      If you use the DMS console in simple mode, move the pointer over the 2022-10-21_15-25-22.pngicon in the upper-left corner of the DMS console and choose All functions > Security and Specifications > Security Rules.

    3. Find the rule set that you want to edit and click Edit in the Actions column.

    4. In the left-side pane of the rule set details page, choose Others > Metadata Synchronization.

    5. Find the Filter System Database Configurations rule and click Edit in the Actions column.

    6. In the Change Configuration Item dialog box, turn on Whether to Filter System Databases.

    7. Configure the system databases to be blocked by using the following methods:

      • Enter the names of the databases to be blocked in the Filter Databases field.

        Click the blank area in the Filter Databases field and enter the names of the databases to be blocked.

      • Enter a regular expression to perform a fuzzy match for the system database to be blocked.

        Enter a regular expression in the Filter Database Regex Match field. For example, if you enter test_\w+, system databases whose names start with test_ are blocked.

        Note

        You can specify the Filter Databases and Filter Database Regex Match parameters at the same time.

    8. Click Submit.

    9. Apply the security rule to database instances by using one of the following methods:

      • Manual operation

        1. Go to the Home page of the DMS console. In the left-side navigation pane, click Database instances and find the database instance to which you want to apply the security rule.

        2. Right-click the instance name and click Refresh / Sync dictionary.

      • Automatically taking effect

        DMS synchronizes metadata at 18:00 every day.

    References

    System databases blocked by DMS by default