Data Management (DMS) provides the metadata access control feature. You can enable this feature to allow users to view and access only the database instance or database on which they have permissions. After the metadata access control feature is enabled, users cannot view or access the database instance or database on which they do not have the query, export, or change permissions. This topic describes how to enable the metadata access control feature in DMS.
Prerequisites
The database instance for which you want to enable the metadata access control feature is managed in Security Collaboration mode.
You are a database administrator (DBA) or a DMS administrator. For more information, see View system roles.
Usage notes
If the metadata access control feature is enabled for a database instance or a database, users who have no permissions on the database instance or database cannot apply for permissions on the database instance or database by submitting tickets. Only DBAs or DMS administrators can grant the permissions to users.
Procedure
- Log on to the DMS console V5.0.
Move the pointer over the
icon in the upper-left corner of the DMS console and choose . NoteIf you use the DMS console in normal mode, choose in the top navigation bar.
Enable or disable the metadata access control feature
Metadata access control for database instances
Click the Instance List tab.
Find the database instance for which you want to enable or disable metadata access control and choose in the Actions column.
In the Metadata access control dialog box, turn on or off Metadata access control and click OK.
Metadata access control for databases
Click the Database List tab.
Find the database for which you want to enable or disable metadata access control and choose in the Actions column.
In the Metadata access control dialog box, turn on or off Metadata access control and click OK.
Related operations
To grant the permissions on a database instance to a user as the DMS administrator or DBA, perform the following operations: On the Instance List tab, find the database instance that you want to manage and choose in the Actions column. Then, you can grant the permissions to the user. For more information, see the Manage permissions by using the instance management feature section of the "Manage permissions" topic.
Enable metadata access control for a user
DMS administrators can specify that a user can only view and access the database instances and databases on which the user has permissions. After you enable metadata access control for a user, the user cannot view the database instances or databases on which the user has no permissions, or apply for permissions on these database instances or databases. For more information, see the Enable access control for a user section of the "Manage users" topic.