Access control in Data Management (DMS) is used to manage user permissions for viewing and accessing databases and instances in DMS. This feature helps you ensure data security within your organization.
As a centralized data management service, DMS provides different roles that are granted different permissions. This helps you manage data in your organization in a secure manner. Metadata access control is a new feature of DMS. This feature further ensures data security in your organization. After this feature is enabled, you can ensure that a user can access only those databases on which the user has one or more permissions, and that a database is accessible only to authorized users.
In DMS, database permissions include Query, Export, and Change. If you have one of these permissions on a database, you are authorized to access the following information in DMS:
Information about the database. You can search for the database in the search box in the upper part of the left-side navigation pane or in the top navigation bar of the DMS console. Alternatively, you can search for the database in the "Select the databases, tables, or columns on which you want to apply for permissions" field on the Ticket Application page. You can query the data in the database only when you have the query permission on the database.
Information about the instance to which the database belongs. To view the information about other databases in this instance, you must have permissions on other databases.
Types of metadata access control
You can manage metadata access control on the following objects:
Users: Users can view and access only databases on which they have permissions.
Databases: Databases can be accessed only by users that have permissions on them.
Instances: Instances and all databases that belong to the instance can be accessed only by users that have permissions on the instances.
Before and after access control is enabled
Whether access control is enabled
Regular users can view and access all databases and instances.
For example, you can enter
You can view the
Regular users can view and access only databases and instances on which they have permissions.
For example, you can enter
Enable access control
This example shows the differences in the permissions of a regular user before and after access control is enabled.
Log on to the DMS console V5.0 as an administrator.
In the top navigation bar, click O&M. In the left-side navigation pane, click Users.Note
If you use the DMS console in simple mode, move the pointer over the icon in the upper-left corner of the DMS console and choose All functions > O&M > Users.
On the Users page, find the user for which you want to enable access control and choose in the Actions column.
In the User access control dialog box, turn on Metadata access control.